Weekly Vulnerabilities Reports > May 7 to 13, 2001
4 new vulnerabilities reported during this period, including 0 critical vulnerabilities and 1 high severity vulnerabilities. This weekly summary report vulnerabilities in 3 products from 3 vendors including Easy Software Products, Apache, and Microsoft. Vulnerabilities are notably categorized as .
- 3 reported vulnerabilities are remotely exploitables.
- 4 reported vulnerabilities are exploitable by an anonymous user.
- Easy Software Products has the most reported vulnerabilities, with 2 reported vulnerabilities.
The following table list reported vulnerabilities for the period covered by this report:
0 Critical Vulnerabilities
1 High Vulnerabilities
|2001-05-10||CVE-2001-1332||Easy Software Products|| Remote Security vulnerability in CUPS |
Buffer overflows in Linux CUPS before 1.1.6 may allow remote attackers to execute arbitrary code.
1 Medium Vulnerabilities
|2001-05-12||CVE-2001-1342||Apache|| Unspecified vulnerability in Apache Http Server |
Apache before 1.3.20 on Windows and OS/2 systems allows remote attackers to cause a denial of service (GPF) via an HTTP request for a URI that contains a large number of / (slash) or other characters, which causes certain functions to dereference a null pointer.
2 Low Vulnerabilities
|2001-05-11||CVE-2001-1450||Microsoft|| Unspecified vulnerability in Microsoft Internet Explorer |
Microsoft Internet Explorer 5.0 through 6.0 allows attackers to cause a denial of service (browser crash) via a crafted FTP URL such as "/.#./".
|2001-05-10||CVE-2001-1333||Easy Software Products|| Local Security vulnerability in CUPS |
Linux CUPS before 1.1.6 does not securely handle temporary files, possibly due to a symlink vulnerability that could allow local users to overwrite files.