Weekly Vulnerabilities Reports > December 29, 2003 to January 4, 2004
Overview
433 new vulnerabilities reported during this period, including 31 critical vulnerabilities and 116 high severity vulnerabilities. This weekly summary report vulnerabilities in 348 products from 273 vendors including Microsoft, HP, SUN, BEA, and Linux. Vulnerabilities are notably categorized as "Improper Restriction of Operations within the Bounds of a Memory Buffer", "Cross-site Scripting", "Improper Input Validation", "Information Exposure", and "Path Traversal".
- 357 reported vulnerabilities are remotely exploitables.
- 3 reported vulnerabilities have public exploit available.
- 72 reported vulnerabilities are related to weaknesses in OWASP Top Ten.
- 424 reported vulnerabilities are exploitable by an anonymous user.
- Microsoft has the most reported vulnerabilities, with 25 reported vulnerabilities.
- Cisco has the most reported critical vulnerabilities, with 2 reported vulnerabilities.
VULNERABILITIES
VULNERABILITIES
VULNERABILITIES
VULNERABILITIES
VULNERABILITIES
EXPLOITABLE
EXPLOITABLE
AVAILABLE
ANONYMOUSLY
WEB APPLICATION
Vulnerability Details
The following table list reported vulnerabilities for the period covered by this report:
31 Critical Vulnerabilities
DATE | CVE | VENDOR | VULNERABILITY | CVSS |
---|---|---|---|---|
2003-12-31 | CVE-2003-1551 | Novell | Malicious Script vulnerability in Novell GroupWise WebAccess Unspecified vulnerability in Novell GroupWise 6 SP3 WebAccess before Revision F has unknown impact and attack vectors related to "malicious script." | 10.0 |
2003-12-31 | CVE-2003-1525 | MY Photo Gallery | Unspecified vulnerability in My Photo Gallery Unspecified vulnerability in My Photo Gallery 3.5, and possibly earlier versions, has unknown impact and attack vectors. | 10.0 |
2003-12-31 | CVE-2003-1509 | Realnetworks | Unspecified vulnerability in Realnetworks Realone Enterprise Desktop and Realone Player Real Networks RealOne Enterprise Desktop 6.0.11.774, RealOne Player 2.0, and RealOne Player 6.0.11.818 through RealOne Player 6.0.11.853 allows remote attackers to execute arbitrary script in the local security zone by embedding script in a temp file before the temp file is executed by the default web browser. | 10.0 |
2003-12-31 | CVE-2003-1507 | Planet Technology Corp | Unspecified vulnerability in Planet Technology Corp Wgsd-1020 and Wsw-2401 Planet Technology WGSD-1020 and WSW-2401 Ethernet switches use a default "superuser" account with the "planet" password, which allows remote attackers to gain administrative access. | 10.0 |
2003-12-31 | CVE-2003-1496 | HP | Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in HP Tru64 Unspecified vulnerability in CDE dtmailpr of HP Tru64 4.0F through 5.1B allows local users to gain privileges via unknown attack vectors. | 10.0 |
2003-12-31 | CVE-2003-1495 | HP | Permissions, Privileges, and Access Controls vulnerability in HP products Unspecified vulnerability in the non-SSL web agent in various HP Management Agent products allows local users or remote attackers to gain privileges or cause a denial of service via unknown attack vectors. | 10.0 |
2003-12-31 | CVE-2003-1487 | Phorum | Improper Input Validation vulnerability in Phorum 3.4/3.4.1/3.4.2 Multiple "command injection" vulnerabilities in Phorum 3.4 through 3.4.2 allow remote attackers to execute arbitrary commands and modify the Phorum configuration files via the (1) UserAdmin program, (2) Edit user profile, or (3) stats program. | 10.0 |
2003-12-31 | CVE-2003-1432 | Epic Games | Code Injection vulnerability in Epic Games Unreal Engine and Unreal Tournament 2003 Epic Games Unreal Engine 226f through 436 allows remote attackers to cause a denial of service (CPU consumption or crash) and possibly execute arbitrary code via (1) a packet with a negative size value, which is treated as a large positive number during memory allocation, or (2) a negative size value in a package file. | 10.0 |
2003-12-31 | CVE-2003-1425 | Cpanel | Improper Input Validation vulnerability in Cpanel 5.0 guestbook.cgi in cPanel 5.0 allows remote attackers to execute arbitrary commands via the template parameter. | 10.0 |
2003-12-31 | CVE-2003-1422 | Gentoo | Unspecified vulnerability in Gentoo Syslinux 2.0.1 Multiple unspecified vulnerabilities in the installer for SYSLINUX 2.01, when running setuid root, allow local users to gain privileges via unknown vectors. | 10.0 |
2003-12-31 | CVE-2003-1361 | IBM Veritas | Remote Code Execution vulnerability in Veritas Bare Metal Restore Unknown vulnerability in VERITAS Bare Metal Restore (BMR) of Tivoli Storage Manager (TSM) 3.1.0 through 3.2.1 allows remote attackers to gain root privileges on the BMR Main Server. | 10.0 |
2003-12-31 | CVE-2003-1357 | Replicom Microsoft | Configuration vulnerability in Replicom Proxyview ProxyView has a default administrator password of Administrator for Embedded Windows NT, which allows remote attackers to gain access. | 10.0 |
2003-12-31 | CVE-2003-1346 | D Link | Permissions, Privileges, and Access Controls vulnerability in D-Link Dwl-900Ap+ 2.2/2.3/2.5 D-Link wireless access point DWL-900AP+ 2.2, 2.3 and possibly 2.5 allows remote attackers to set factory default settings by upgrading the firmware using AirPlus Access Point Manager. | 10.0 |
2003-12-31 | CVE-2003-1339 | Ezmeeting | Buffer Errors vulnerability in Ezmeeting 3.3/3.4/3.5 Stack-based buffer overflow in eZnet.exe, as used in eZ (a) eZphotoshare, (b) eZmeeting, (c) eZnetwork, and (d) eZshare allows remote attackers to cause a denial of service (crash) or execute arbitrary code, as demonstrated via (1) a long GET request and (2) a long operation or autologin parameter to SwEzModule.dll. | 10.0 |
2003-12-31 | CVE-2003-1333 | Intersystems | Remote Security vulnerability in Cache Database Unspecified vulnerability in the Cache' Server Page (CSP) implementation in InterSystems Cache' 4.0.3 through 5.0.5 allows remote attackers to "gain complete control" of a server. | 10.0 |
2003-12-31 | CVE-2003-1322 | Atrium Software | Remote Buffer Overflow vulnerability in Atrium Software Mercur Mailserver IMAP Multiple stack-based buffer overflows in Atrium MERCUR IMAPD in MERCUR Mailserver before 4.2.15.0 allow remote attackers to execute arbitrary code via a long (1) EXAMINE, (2) DELETE, (3) SUBSCRIBE, (4) RENAME, (5) UNSUBSCRIBE, (6) LIST, (7) LSUB, (8) STATUS, (9) LOGIN, (10) CREATE, or (11) SELECT command. | 10.0 |
2003-12-31 | CVE-2003-1309 | Zonelabs | Local Device Driver IO Control Code Execution vulnerability in Zonelabs Zonealarm 3.7.202/3.7.211 The DeviceIoControl function in the TrueVector Device Driver (VSDATANT) in ZoneAlarm before 3.7.211, Pro before 4.0.146.029, and Plus before 4.0.146.029 allows local users to gain privileges via certain signals (aka "Device Driver Attack"). | 10.0 |
2003-12-31 | CVE-2003-1245 | Mambo | index2.php in Mambo 4.0.12 allows remote attackers to gain administrator access via a URL request where session_id is set to the MD5 hash of a session cookie. | 10.0 |
2003-12-31 | CVE-2003-1236 | Tanne | Unspecified vulnerability in Tanne 0.6.17 Multiple format string vulnerabilities in the logger function in netzio.c for Tanne 0.6.17 allows remote attackers to execute arbitrary code via format string specifiers in syslog. | 10.0 |
2003-12-31 | CVE-2003-1121 | Scriptlogic | Services in ScriptLogic 4.01, and possibly other versions before 4.14, process client requests at raised privileges, which allows remote attackers to (1) modify arbitrary registry entries via the ScriptLogic RPC service (SLRPC) or (2) modify arbitrary configuration via the RunAdmin services (SLRAserver.exe and SLRAclient.exe). | 10.0 |
2003-12-31 | CVE-2003-1104 | IBM | Buffer Overflow vulnerability in IBM Tivoli Firewall Toolbox 1.2 Buffer overflow in IBM Tivoli Firewall Toolbox (TFST) 1.2 allows remote attackers to execute arbitrary code via unknown vectors. | 10.0 |
2003-12-31 | CVE-2003-1096 | Cisco | Unspecified vulnerability in Cisco Leap The Cisco LEAP challenge/response authentication mechanism uses passwords in a way that is susceptible to dictionary attacks, which makes it easier for remote attackers to gain privileges via brute force password guessing attacks. | 10.0 |
2003-12-31 | CVE-2003-1083 | Tildeslash | Buffer Overrun vulnerability in Monit Overly Long HTTP Request Stack-based buffer overflow in Monit 1.4 to 4.1 allows remote attackers to execute arbitrary code via a long HTTP request. | 10.0 |
2003-12-31 | CVE-2003-1233 | Pedestalsoftware | Link Following vulnerability in Pedestalsoftware Integrity Protection Driver 1.3 Pedestal Software Integrity Protection Driver (IPD) 1.3 and earlier allows privileged attackers, such as rootkits, to bypass file access restrictions to the Windows kernel by using the NtCreateSymbolicLinkObject function to create a symbolic link to (1) \Device\PhysicalMemory or (2) to a drive letter using the subst command. | 9.8 |
2003-12-31 | CVE-2003-1398 | Cisco | Information Exposure vulnerability in Cisco IOS Cisco IOS 12.0 through 12.2, when IP routing is disabled, accepts false ICMP redirect messages, which allows remote attackers to cause a denial of service (network routing modification). | 9.3 |
2003-12-31 | CVE-2003-1388 | Opera | Classic Buffer Overflow vulnerability in Opera Browser 7.02 Buffer overflow in Opera 7.02 Build 2668 allows remote attackers to crash Opera via a long HTTP request ending in a .ZIP extension. | 9.3 |
2003-12-31 | CVE-2003-1336 | Mirc | Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in Mirc Buffer overflow in mIRC before 6.11 allows remote attackers to execute arbitrary code via a long irc:// URL. | 9.3 |
2003-12-31 | CVE-2003-1327 | Linux Washington University | Remote Stack-based Buffer Overrun vulnerability in Wu-Ftpd SockPrintf() Buffer overflow in the SockPrintf function in wu-ftpd 2.6.2 and earlier, when compiled with MAIL_ADMIN option enabled on a system that supports very long pathnames, might allow remote anonymous users to execute arbitrary code by uploading a file with a long pathname, which triggers the overflow when wu-ftpd constructs a notification message to the administrator. | 9.3 |
2003-12-31 | CVE-2003-1272 | Nullsoft | Buffer Overflow vulnerability in Nullsoft Winamp 3.0 Multiple buffer overflows in Winamp 3.0 allow remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a .b4s file containing (1) a long playlist name or (2) a long path in a file: argument to the Playstring parameter. | 9.3 |
2003-12-31 | CVE-2003-1470 | ALT N | Buffer Errors vulnerability in Alt-N Mdaemon 6.7.5 Buffer overflow in IMAP service in MDaemon 6.7.5 and earlier allows remote authenticated users to cause a denial of service (crash) and execute arbitrary code via a CREATE command with a long mailbox name. | 9.0 |
2003-12-31 | CVE-2003-1395 | Kazaa | Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in Kazaa Media Desktop 2.0/2.0.2 Buffer overflow in KaZaA Media Desktop 2.0 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a response to the ad server. | 9.0 |
116 High Vulnerabilities
DATE | CVE | VENDOR | VULNERABILITY | CVSS |
---|---|---|---|---|
2003-12-31 | CVE-2003-1378 | Microsoft | Permissions, Privileges, and Access Controls vulnerability in Microsoft Outlook and Outlook Express Microsoft Outlook Express 6.0 and Outlook 2000, with the security zone set to Internet Zone, allows remote attackers to execute arbitrary programs via an HTML email with the CODEBASE parameter set to the program, a vulnerability similar to CAN-2002-0077. | 8.8 |
2003-12-31 | CVE-2003-1393 | Gupta Technologies | Buffer Errors vulnerability in Gupta Technologies Sqlbase 8.1.0 Buffer overflow in Gupta SQLBase 8.1.0 allows remote attackers to cause a denial of service and possibly execute arbitrary code via a long EXECUTE command. | 8.5 |
2003-12-31 | CVE-2003-1364 | Aprelium Technologies | Improper Input Validation vulnerability in Aprelium Technologies Abyss web Server 1.1.2 Aprelium Technologies Abyss Web Server 1.1.2, and possibly other versions before 1.1.4, allows remote attackers to cause a denial of service (crash) via an HTTP GET message with empty (1) Connection or (2) Range fields. | 8.5 |
2003-12-31 | CVE-2003-1377 | Sircd | Buffer Errors vulnerability in Sircd 0.4.0/0.4.4 Buffer overflow in the reverse DNS lookup of Smart IRC Daemon (SIRCD) 0.4.0 and 0.4.4 allows remote attackers to execute arbitrary code via a client with a long hostname. | 8.3 |
2003-12-31 | CVE-2003-1518 | Adiscon | Buffer Errors vulnerability in Adiscon Winsyslog 4.21Sp1/5.0Beta Adiscon WinSyslog 4.21 SP1 allows remote attackers to cause a denial of service (CPU consumption) via a long syslog message. | 7.8 |
2003-12-31 | CVE-2003-1515 | Origo | Permissions, Privileges, and Access Controls vulnerability in Origo Asr-8100 and Asr-8400 Origo ASR-8100 ADSL Router 3.21 has an administration service running on port 254 that does not require a password, which allows remote attackers to cause a denial of service by restoring the factory defaults. | 7.8 |
2003-12-31 | CVE-2003-1514 | Emule | Buffer Errors vulnerability in Emule 0.29C eMule 0.29c allows remote attackers to cause a denial of service (crash) via a long password, possibly due to a buffer overflow. | 7.8 |
2003-12-31 | CVE-2003-1510 | RIT Research Labs | Remote Denial of Service vulnerability in RIT Research Labs Tinyweb 1.9 TinyWeb 1.9 allows remote attackers to cause a denial of service (CPU consumption) via a ".%00." in an HTTP GET request to the cgi-bin directory. | 7.8 |
2003-12-31 | CVE-2003-1490 | Sonicwall | Improper Input Validation vulnerability in Sonicwall Pro100, Pro200 and Pro300 SonicWall Pro running firmware 6.4.0.1 allows remote attackers to cause a denial of service (device reset) via a long HTTP POST to the internal interface, possibly due to a buffer overflow. | 7.8 |
2003-12-31 | CVE-2003-1477 | Microsoft Clearswift | Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in Clearswift Mailsweeper FOR Smtp 4.3.6/4.3.7 MAILsweeper for SMTP 4.3.6 and 4.3.7 allows remote attackers to cause a denial of service (CPU consumption) via a PowerPoint attachment that either (1) is corrupt or (2) contains "embedded objects." | 7.8 |
2003-12-31 | CVE-2003-1464 | Siemens | Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in Siemens M45 and S45 Buffer overflow in Siemens 45 series mobile phones allows remote attackers to cause a denial of service (disconnect and unavailable inbox) via a Short Message Service (SMS) message with a long image name. | 7.8 |
2003-12-31 | CVE-2003-1448 | Microsoft | Resource Management Errors vulnerability in Microsoft Windows 2000 Memory leak in the Windows 2000 kernel allows remote attackers to cause a denial of service (SMB request hang) via a NetBIOS continuation packet. | 7.8 |
2003-12-31 | CVE-2003-1367 | Great Circle Associates | Configuration vulnerability in Great Circle Associates Majordomo 1.94.4/1.94.5 The which_access variable for Majordomo 2.0 through 1.94.4, and possibly earlier versions, is set to "open" by default, which allows remote attackers to identify the email addresses of members of mailing lists via a "which" command. | 7.8 |
2003-12-31 | CVE-2003-1362 | HP | Configuration vulnerability in HP Bastille B.02.00.05 Bastille B.02.00.00 of HP-UX 11.00 and 11.11 does not properly configure the (1) NOVRFY and (2) NOEXPN options in the sendmail.cf file, which could allow remote attackers to verify the existence of system users and expand defined sendmail aliases. | 7.8 |
2003-12-31 | CVE-2003-1329 | Washington University | Denial-Of-Service vulnerability in Washington University Wu-Ftpd 2.6.2 ftpd.c in wu-ftpd 2.6.2, when running on "operating systems that only allow one non-connected socket bound to the same local address," does not close failed connections, which allows remote attackers to cause a denial of service. | 7.8 |
2003-12-31 | CVE-2003-1318 | Twilight Utilities | Remote Denial Of Service vulnerability in Twilight Webserver Twilight Webserver 1.3.3.0 allows remote attackers to cause a denial of service (application crash) via a GET request for a long URI, a different vulnerability than CVE-2004-2376. | 7.8 |
2003-12-31 | CVE-2003-1557 | Spamassassin | Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in Spamassassin Off-by-one buffer overflow in spamc of SpamAssassin 2.40 through 2.43, when using BSMTP mode ("-B"), allows remote attackers to execute arbitrary code via email containing headers with leading "." characters. | 7.6 |
2003-12-31 | CVE-2003-1319 | Smartftp | Buffer Overflow vulnerability in SmartFTP PWD Command Request Multiple buffer overflows in SmartFTP 1.0.973, and other versions before 1.0.976, allow remote attackers to execute arbitrary code via (1) a long response to a PWD command, which triggers a stack-based overflow, and (2) a long line in a response to a file LIST command, which triggers a heap-based overflow. | 7.6 |
2003-12-31 | CVE-2003-1260 | Globalscape | Buffer Overflow vulnerability in Globalscape Cuteftp 5.0 Buffer overflow in CuteFTP 5.0 allows remote attackers to execute arbitrary code via a long response to a LIST command. | 7.6 |
2004-01-03 | CVE-2004-1785 | Invision Power Services | SQL Injection vulnerability in Invision Power Board Calendar.PHP SQL injection vulnerability in calendar.php for Invision Power Board 1.3 allows remote attackers to execute arbitrary SQL commands via the m parameter, which sets the $this->chosen_month variable. | 7.5 |
2004-01-03 | CVE-2004-1784 | Webcam Corp | Buffer Overflow vulnerability in Webcam Corp Webcam Watchdog 1.0/1.1/3.63 Buffer overflow in the web server of Webcam Watchdog 3.63 allows remote attackers to execute arbitrary code via a long HTTP GET request. | 7.5 |
2003-12-31 | CVE-2003-1533 | Phppass | SQL Injection vulnerability in PHPpass 2 SQL injection vulnerability in accesscontrol.php in PhpPass 2 allows remote attackers to execute arbitrary SQL commands via the (1) uid and (2) pwd parameters. | 7.5 |
2003-12-31 | CVE-2003-1532 | Julien Desaunay | SQL Injection vulnerability in Julien Desaunay PHPmyshop 1.00 SQL injection vulnerability in compte.php in PhpMyShop 1.00 allows remote attackers to execute arbitrary SQL commands via the (1) identifiant and (2) password parameters. | 7.5 |
2003-12-31 | CVE-2003-1530 | Phpbb | SQL Injection vulnerability in PHPbb 2.0.3 SQL injection vulnerability in privmsg.php in phpBB 2.0.3 and earlier allows remote attackers to execute arbitrary SQL commands via the mark[] parameter. | 7.5 |
2003-12-31 | CVE-2003-1523 | Dbmail | SQL Injection vulnerability in Dbmail 1.0/1.1 SQL injection vulnerability in the IMAP daemon in dbmail 1.1 allows remote attackers to execute arbitrary SQL commands via the (1) login username, (2) mailbox name, and possibly other attack vectors. | 7.5 |
2003-12-31 | CVE-2003-1504 | Goldscripts | SQL Injection vulnerability in Goldscripts Goldlink 3.0 SQL injection vulnerability in variables.php in Goldlink 3.0 allows remote attackers to execute arbitrary SQL commands via the (1) vadmin_login or (2) vadmin_pass cookie in a request to goldlink.php. | 7.5 |
2003-12-31 | CVE-2003-1491 | Kerio | Code Injection vulnerability in Kerio Personal Firewall 2.1.4 Kerio Personal Firewall (KPF) 2.1.4 has a default rule to accept incoming packets from DNS (UDP port 53), which allows remote attackers to bypass the firewall filters via packets with a source port of 53. | 7.5 |
2003-12-31 | CVE-2003-1466 | Phorum | Unspecified vulnerability in Phorum 3.4/3.4.1/3.4.2 Unspecified vulnerability in Phorum 3.4 through 3.4.2 allows remote attackers to use Phorum as a connection proxy to other sites via (1) register.php or (2) login.php. | 7.5 |
2003-12-31 | CVE-2003-1458 | Ttcms | SQL Injection vulnerability in Ttcms and Ttforum SQL injection vulnerability in Profile.php in ttCMS 2.2 and ttForum allows remote attackers to execute arbitrary SQL commands via the member name. | 7.5 |
2003-12-31 | CVE-2003-1449 | Aladdin Knowledge Systems | Configuration vulnerability in Aladdin Knowledge Systems Esafe Gateway 3.5.126.0 Aladdin Knowlege Systems eSafe Gateway 3.5.126.0 does not check the entire stream of Content Vectoring Protocol (CVP) data, which allows remote attackers to bypass virus protection. | 7.5 |
2003-12-31 | CVE-2003-1442 | Ericsson | Improper Authentication vulnerability in Ericsson Hm220Dp Adsl Modem The web administration page for the Ericsson HM220dp ADSL modem does not require authentication, which could allow remote attackers to gain access from the LAN side. | 7.5 |
2003-12-31 | CVE-2003-1435 | Francisco Burzi | SQL Injection vulnerability in Francisco Burzi PHP-Nuke 5.6/6.0 SQL injection vulnerability in PHP-Nuke 5.6 and 6.0 allows remote attackers to execute arbitrary SQL commands via the days parameter to the search module. | 7.5 |
2003-12-31 | CVE-2003-1429 | Proxomitron | Buffer Errors vulnerability in Proxomitron Naoko 4.4 Buffer overflow in Proxomitron Naoko 4.4 allows remote attackers to execute arbitrary code via a long request. | 7.5 |
2003-12-31 | CVE-2003-1406 | Adalis Infomatique | Code Injection vulnerability in Adalis Infomatique D Forum 1.0/1.10/1.11 PHP remote file inclusion vulnerability in D-Forum 1.00 through 1.11 allows remote attackers to execute arbitrary PHP code via a URL in the (1) my_header parameter to header.php3 or (2) my_footer parameter to footer.php3. | 7.5 |
2003-12-31 | CVE-2003-1405 | Dotbr | Improper Input Validation vulnerability in Dotbr Botbr 0.1 DotBr 0.1 allows remote attackers to execute arbitrary shell commands via the cmd parameter to (1) exec.php3 or (2) system.php3. | 7.5 |
2003-12-31 | CVE-2003-1404 | Dotbr | Information Exposure vulnerability in Dotbr Botbr 0.1 DotBr 0.1 stores config.inc with insufficient access control under the web document root, which allows remote attackers to obtain sensitive information such as SQL usernames and passwords. | 7.5 |
2003-12-31 | CVE-2003-1403 | Dotbr | Improper Input Validation vulnerability in Dotbr Botbr 0.1 foo.php3 in DotBr 0.1 allows remote attackers to obtain sensitive information via a direct request, which calls the phpinfo function. | 7.5 |
2003-12-31 | CVE-2003-1402 | Kietu | Improper Input Validation vulnerability in Kietu 2.0/2.3 PHP remote file inclusion vulnerability in hit.php for Kietu 2.0 and 2.3 allows remote attackers to execute arbitrary PHP code via the url_hit parameter, a different vulnerability than CVE-2006-5015. | 7.5 |
2003-12-31 | CVE-2003-1391 | Research Triangle Software | Cryptographic Issues vulnerability in Research Triangle Software Cryptobuddy 1.0/1.2 RTS CryptoBuddy 1.0 and 1.2 uses a weak encryption algorithm for the passphrase and generates predictable keys, which makes it easier for attackers to guess the passphrase. | 7.5 |
2003-12-31 | CVE-2003-1390 | Research Triangle Software | Cryptographic Issues vulnerability in Research Triangle Software Cryptobuddy 1.0/1.2 RTS CryptoBuddy 1.2 and earlier stores bytes 53 through 55 of a 55-byte passphrase in plaintext, which makes it easier for local users to guess the passphrase. | 7.5 |
2003-12-31 | CVE-2003-1389 | Research Triangle Software | Cryptographic Issues vulnerability in Research Triangle Software Cryptobuddy 1.0/1.2 RTS CryptoBuddy 1.2 and earlier truncates long passphrases without warning the user, which may make it easier to conduct certain brute force guessing attacks. | 7.5 |
2003-12-31 | CVE-2003-1387 | Opera | Classic Buffer Overflow vulnerability in Opera Browser 6.05/6.06/7.0 Buffer overflow in Opera 6.05 and 6.06, and possibly other versions, allows remote attackers to execute arbitrary code via a URL with a long username. | 7.5 |
2003-12-31 | CVE-2003-1383 | Logicworks | Permissions, Privileges, and Access Controls vulnerability in Logicworks web ERP WEB-ERP 0.1.4 and earlier allows remote attackers to obtain sensitive information via an HTTP request for the logicworks.ini file, which contains the MySQL database username and password. | 7.5 |
2003-12-31 | CVE-2003-1382 | Instantservers INC | Buffer Errors vulnerability in Instantservers Inc. Ismail 1.4.3 Buffer overflow in ISMail 1.4.3 and earlier allow remote attackers to execute arbitrary code via long domain names in (1) MAIL FROM or (2) RCPT TO fields. | 7.5 |
2003-12-31 | CVE-2003-1380 | Bisonftp | Path Traversal vulnerability in Bisonftp Server 4 R2 Directory traversal vulnerability in BisonFTP Server 4 release 2 allows remote attackers to (1) list directories above the root via an 'ls @../' command, or (2) list files above the root via a "mget @../FILE" command. | 7.5 |
2003-12-31 | CVE-2003-1355 | Electronic Arts | Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in Electronic Arts Battlefield 1942 1.2/1.3 Buffer overflow in the remote console (rcon) in Battlefield 1942 1.2 and 1.3 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a long user name and password. | 7.5 |
2003-12-31 | CVE-2003-1343 | Trend Micro | Improper Authentication vulnerability in Trend Micro Scanmail Trend Micro ScanMail for Exchange (SMEX) before 3.81 and before 6.1 might install a back door account in smg_Smxcfg30.exe, which allows remote attackers to gain access to the web management interface via the vcc parameter, possibly "3560121183d3". | 7.5 |
2003-12-31 | CVE-2003-1341 | Trend Micro | Configuration vulnerability in Trend Micro Officescan and Virus Buster The default installation of Trend Micro OfficeScan 3.0 through 3.54 and 5.x allows remote attackers to bypass authentication from cgiChkMasterPasswd.exe and gain access to the web management console via a direct request to cgiMasterPwd.exe. | 7.5 |
2003-12-31 | CVE-2003-1337 | Aprelium Technologies | Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in Aprelium Technologies Abyss web Server Heap-based buffer overflow in Aprelium Abyss Web Server 1.1.2 and earlier allows remote attackers to execute arbitrary code via a long HTTP GET request. | 7.5 |
2003-12-31 | CVE-2003-1332 | Linux Samba | Remote Security vulnerability in Samba Stack-based buffer overflow in the reply_nttrans function in Samba 2.2.7a and earlier allows remote attackers to execute arbitrary code via a crafted request, a different vulnerability than CVE-2003-0201. | 7.5 |
2003-12-31 | CVE-2003-1321 | Avant Force | Buffer Overflow vulnerability in Avant Force Avant Browser 8.2 Buffer overflow in Avant Browser 8.02 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a long URL in an HTTP request. | 7.5 |
2003-12-31 | CVE-2003-1315 | Neocrome | SQL Injection vulnerability in Neocrome Land Down Under 701 SQL injection vulnerability in auth.php in Land Down Under (LDU) v601 and earlier allows remote attackers to execute arbitrary SQL commands. | 7.5 |
2003-12-31 | CVE-2003-1314 | Eternalmart | Remote File Include vulnerability in Eternalmart Guestbook 1.1 PHP remote file inclusion vulnerability in admin/auth.php in EternalMart Guestbook (EMGB) 1.1 allows remote attackers to execute arbitrary PHP code via a URL in the emgb_admin_path parameter. | 7.5 |
2003-12-31 | CVE-2003-1313 | Eternalmart | Remote File Include vulnerability in Eternalmart Mailing List Manager 1.32 Multiple PHP remote file inclusion vulnerabilities in EternalMart Mailing List Manager (EMLM) 1.32 allow remote attackers to execute arbitrary PHP code via a URL in (1) the emml_admin_path parameter to admin/auth.php or (2) the emml_path parameter to emml_email_func.php. | 7.5 |
2003-12-31 | CVE-2003-1286 | Sambar | Open Proxy Authentication Bypass vulnerability in Sambar HTTP Proxy in Sambar Server before 6.0 beta 6, when security.ini lacks a 127.0.0.1 proxydeny entry, allows remote attackers to send proxy HTTP requests to the Sambar Server's administrative interface and external web servers, by making a "Connection: keep-alive" request before the proxy requests. | 7.5 |
2003-12-31 | CVE-2003-1283 | Kazaa | Local Zone vulnerability in Kazaa Media Desktop 2.0 KaZaA Media Desktop (KMD) 2.0 launches advertisements in the Internet Explorer (IE) local security zone, which could allow remote attackers to view local files and possibly execute arbitrary code. | 7.5 |
2003-12-31 | CVE-2003-1268 | Urlogy | SQL Injection vulnerability in Urlogy A.Shop.Kart 2.0.3 Multiple SQL injection vulnerabilities in (1) addcustomer.asp, (2) addprod.asp, and (3) process.asp in a.shopKart 2.0.3 allow remote attackers to execute arbitrary SQL and obtain sensitive information via the zip, state, country, phone, and fax parameters. | 7.5 |
2003-12-31 | CVE-2003-1259 | Globalscape | Buffer Overflow vulnerability in GlobalScape CuteFTP Long FTP Banner Buffer overflow in CuteFTP 4.2 and 5.0 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a long FTP server banner. | 7.5 |
2003-12-31 | CVE-2003-1258 | Versatilebulletinboard | Remote Security vulnerability in Versatilebulletinboard 0.9.5/0.9.6 activate.php in versatileBulletinBoard (vBB) 0.9.5 and 0.9.6 allows remote attackers to gain unauthorized administrative access via a URL request with the uid parameter set to the webmaster uid. | 7.5 |
2003-12-31 | CVE-2003-1253 | Sangwan KIM | Code Injection vulnerability in Sangwan KIM Bookmark4U 1.8.3 PHP remote file inclusion vulnerability in Bookmark4U 1.8.3 allows remote attackers to execute arbitrary PHP code viaa URL in the prefix parameter to (1) dbase.php, (2) config.php, or (3) common.load.php. | 7.5 |
2003-12-31 | CVE-2003-1252 | Kelli Shaver | Remote Command Execution vulnerability in Kelli Shaver S8Forum 3.0 register.php in S8Forum 3.0 allows remote attackers to execute arbitrary PHP commands by creating a user whose name ends in a .php extension and entering the desired commands into the E-mail field, which creates a web-accessible .php file that can be called by the attacker, as demonstrated using a "system($cmd)" E-mail address with a "any_name.php" username. | 7.5 |
2003-12-31 | CVE-2003-1251 | NX | Remote File Include vulnerability in NX N X web Content Management System 2002 Prerelease1 The (1) menu.inc.php, (2) datasets.php and (3) mass_operations.inc.php (mistakenly referred to as mass_opeations.inc.php) scripts in N/X 2002 allow remote attackers to execute arbitrary PHP code via a c_path that references a URL on a remote web server that contains the code. | 7.5 |
2003-12-31 | CVE-2003-1249 | Businessobjects | Unspecified vulnerability in Businessobjects Webintelligence 2.7.1 WebIntelligence 2.7.1 uses guessable user session cookies, which allows remote attackers to hijack sessions. | 7.5 |
2003-12-31 | CVE-2003-1248 | Positive Software | Unspecified vulnerability in Positive Software H-Sphere 2.3Rc3 H-Sphere WebShell 2.3 allows remote attackers to execute arbitrary commands via shell metacharacters in the (1) mode and (2) zipfile parameters in a URL request. | 7.5 |
2003-12-31 | CVE-2003-1247 | Positive Software | Remote Buffer Overrun vulnerability in Positive Software H-Sphere 2.3Rc3 Multiple buffer overflows in H-Sphere WebShell 2.3 allow remote attackers to execute arbitrary code via (1) a long URL content type in CGI::readFile, (2) a long path in diskusage, and (3) a long fname in flist. | 7.5 |
2003-12-31 | CVE-2003-1244 | Phpbb Group | SQL Injection vulnerability in PHPbb Group PHPbb 2.0.0/2.0.1/2.0.2 SQL injection vulnerability in page_header.php in phpBB 2.0, 2.0.1 and 2.0.2 allows remote attackers to brute force user passwords and possibly gain unauthorized access to forums via the forum_id parameter to index.php. | 7.5 |
2003-12-31 | CVE-2003-1240 | Cutephp | Code Injection vulnerability in Cutephp Cutenews 0.88 PHP remote file inclusion vulnerability in CuteNews 0.88 allows remote attackers to execute arbitrary PHP code via a URL in the cutepath parameter in (1) shownews.php, (2) search.php, or (3) comments.php. | 7.5 |
2003-12-31 | CVE-2003-1228 | Mathopd | Classic Buffer Overflow vulnerability in Mathopd Buffer overflow in the prepare_reply function in request.c for Mathopd 1.2 through 1.5b13, and possibly earlier versions, allows remote attackers to cause a denial of service (server crash) and possibly execute arbitrary code via an HTTP request with a long path. | 7.5 |
2003-12-31 | CVE-2003-1227 | Gallery Project | Code Injection vulnerability in Gallery Project Gallery 1.4/1.4Pl1 PHP remote file include vulnerability in index.php for Gallery 1.4 and 1.4-pl1, when running on Windows or in Configuration mode on Unix, allows remote attackers to inject arbitrary PHP code via a URL in the GALLERY_BASEDIR parameter, a different vulnerability than CVE-2002-1412. | 7.5 |
2003-12-31 | CVE-2003-1213 | Maxwebportal | Unspecified vulnerability in Maxwebportal 1.30 The default installation of MaxWebPortal 1.30 stores the portal database under the web document root with insecure access control, which allows remote attackers to obtain sensitive information via a direct request to database/db2000.mdb. | 7.5 |
2003-12-31 | CVE-2003-1212 | Maxwebportal | MaxWebPortal 1.30 allows remote attackers to perform unauthorized actions by modifying hidden form fields, such as the (1) news, (2) lock, or (3) allmem fields in the 'start new topic' HTML page. | 7.5 |
2003-12-31 | CVE-2003-1210 | Francisco Burzi | Downloads Module SQL Injection vulnerability in PHP-Nuke Multiple SQL injection vulnerabilities in the Downloads module for PHP-Nuke 5.x through 6.5 allow remote attackers to execute arbitrary SQL commands via the (1) lid parameter to the getit function or the (2) min parameter to the search function. | 7.5 |
2003-12-31 | CVE-2003-1180 | Advanced Poll | Unspecified vulnerability in Advanced Poll Advanced Poll 2.0.0/2.0.1/2.0.2 Directory traversal vulnerability in Advanced Poll 2.0.2 allows remote attackers to read arbitrary files or inject arbitrary local PHP files via .. | 7.5 |
2003-12-31 | CVE-2003-1179 | Advanced Poll | Remote File Include vulnerability in Advanced Poll Common.Inc.PHP Multiple PHP remote file inclusion vulnerabilities in Advanced Poll 2.0.2 allow remote attackers to execute arbitrary PHP code via the include_path parameter in (1) booth.php, (2) png.php, (3) poll_ssi.php, or (4) popup.php, the (5) base_path parameter to common.inc.php. | 7.5 |
2003-12-31 | CVE-2003-1178 | Advanced Poll | Unspecified vulnerability in Advanced Poll Advanced Poll 2.0.0/2.0.1/2.0.2 Eval injection vulnerability in comments.php in Advanced Poll 2.0.2 allows remote attackers to execute arbitrary PHP code via the (1) id, (2) template_set, or (3) action parameter. | 7.5 |
2003-12-31 | CVE-2003-1177 | Atrium Software | Remote Buffer Overflow vulnerability in Atrium Software Mercur Mailserver IMAP AUTH Buffer overflow in the base64 decoder in MERCUR Mailserver 4.2 before SP3a allows remote attackers to cause a denial of service and possibly execute arbitrary code via a long (1) AUTH command to the POP3 server or (2) AUTHENTICATE command to the IMAP server. | 7.5 |
2003-12-31 | CVE-2003-1171 | MOD Security | Unspecified vulnerability in MOD Security MOD Security 1.7/1.7.1 Heap-based buffer overflow in the sec_filter_out function in mod_security 1.7RC1 through 1.7.1 in Apache 2 allows remote attackers to execute arbitrary code via a server side script that sends a large amount of data. | 7.5 |
2003-12-31 | CVE-2003-1154 | Clearswift | Unspecified vulnerability in Clearswift Mailsweeper MAILsweeper for SMTP 4.3 allows remote attackers to bypass virus protection via a mail message with a malformed zip attachment, as exploited by certain MIMAIL virus variants. | 7.5 |
2003-12-31 | CVE-2003-1131 | Activecampaign | Remote File Include vulnerability in KnowledgeBuilder PHP remote file inclusion vulnerability in index.php in KnowledgeBuilder, referred to as KnowledgeBase, allows remote attackers to execute arbitrary PHP code by modifying the page parameter to reference a URL on a remote web server that contains the code. | 7.5 |
2003-12-31 | CVE-2003-1128 | X2 Studios | Remote Command Execution vulnerability in X2 Studios Xmms Remote 0.1 XMMS.pm in X2 XMMS Remote, as obtained from the vendor server between 4 AM 11 AM PST on May 7, 2003, allows remote attackers to execute arbitrary commands via shell metacharacters in a request to TCP port 8086. | 7.5 |
2003-12-31 | CVE-2003-1123 | SUN | Unspecified vulnerability in SUN JDK and JRE Sun Java Runtime Environment (JRE) and SDK 1.4.0_01 and earlier allows untrusted applets to access certain information within trusted applets, which allows attackers to bypass the restrictions of the Java security model. | 7.5 |
2003-12-31 | CVE-2003-1118 | University OF California | Remote Buffer Overflow vulnerability in SETI@home Client Program Buffer overflow in the SETI@home client 3.03 and other versions allows remote attackers to cause a denial of service (client crash) and execute arbitrary code via a spoofed server response containing a long string followed by a \n (newline) character. | 7.5 |
2003-12-31 | CVE-2003-1117 | Realnetworks | Denial-Of-Service vulnerability in Realsystem Server Buffer overflow in RealSystem Server 6.x, 7.x and 8.x, and RealSystem Proxy 8.x, related to URL error handling, allows remote attackers to cause a denial of service and possibly execute arbitrary code. | 7.5 |
2003-12-31 | CVE-2003-1115 | Nortel | Unspecified vulnerability in Nortel Succession Communication Server 2000 The Session Initiation Protocol (SIP) implementation in Nortel Networks Succession Communication Server 2000, when using SIP-T, allows remote attackers to cause a denial of service and possibly execute arbitrary code via crafted INVITE messages, as demonstrated by the OUSPG PROTOS c07-sip test suite. | 7.5 |
2003-12-31 | CVE-2003-1114 | Mediatrix Telecom | Unspecified vulnerability in Mediatrix Telecom Voip Access Devices and Gateways Sipv2.3/Sipv2.4 The Session Initiation Protocol (SIP) implementation in Mediatrix Telecom VoIP Access Devices and Gateways running SIPv2.4 and SIPv4.3 firmware allows remote attackers to cause a denial of service or execute arbitrary code via crafted INVITE messages, as demonstrated by the OUSPG PROTOS c07-sip test suite. | 7.5 |
2003-12-31 | CVE-2003-1113 | Iptel | Unspecified vulnerability in Iptel SIP Express Router 0.8.8/0.8.9 The Session Initiation Protocol (SIP) implementation in IPTel SIP Express Router 0.8.9 and earlier allows remote attackers to cause a denial of service and possibly execute arbitrary code via crafted INVITE messages, as demonstrated by the OUSPG PROTOS c07-sip test suite. | 7.5 |
2003-12-31 | CVE-2003-1112 | Ingate | Unspecified vulnerability in Ingate Firewall and Ingate Siparator The Session Initiation Protocol (SIP) implementation in Ingate Firewall and Ingate SIParator before 3.1.3 allows remote attackers to cause a denial of service and possibly execute arbitrary code via crafted INVITE messages, as demonstrated by the OUSPG PROTOS c07-sip test suite. | 7.5 |
2003-12-31 | CVE-2003-1111 | Dynamicsoft | Unspecified vulnerability in Dynamicsoft Appengine The Session Initiation Protocol (SIP) implementation in multiple dynamicsoft products including y and certain demo products for AppEngine allows remote attackers to cause a denial of service or execute arbitrary code via crafted INVITE messages, as demonstrated by the OUSPG PROTOS c07-sip test suite. | 7.5 |
2003-12-31 | CVE-2003-1110 | Columbia University | Unspecified vulnerability in Columbia University Sipc 1.74 The Session Initiation Protocol (SIP) implementation in Columbia SIP User Agent (sipc) 1.74 and other versions before sipc 2.0 build 2003-02-21 allows remote attackers to cause a denial of service or execute arbitrary code via crafted INVITE messages, as demonstrated by the OUSPG PROTOS c07-sip test suite. | 7.5 |
2003-12-31 | CVE-2003-1109 | Cisco | Unspecified vulnerability in Cisco products The Session Initiation Protocol (SIP) implementation in multiple Cisco products including IP Phone models 7940 and 7960, IOS versions in the 12.2 train, and Secure PIX 5.2.9 to 6.2.2 allows remote attackers to cause a denial of service and possibly execute arbitrary code via crafted INVITE messages, as demonstrated by the OUSPG PROTOS c07-sip test suite. | 7.5 |
2003-12-31 | CVE-2003-1103 | Hummingbird | SQL Injection vulnerability in Hummingbird Cyberdocs 3.1/3.5.1 SQL injection vulnerability in loginact.asp for Hummingbird CyberDOCS before 3.9 allows remote attackers to execute arbitrary SQL commands. | 7.5 |
2003-12-31 | CVE-2003-1092 | Christos Zoulas | Local Memory Allocation vulnerability in File Utility Unknown vulnerability in the "Automatic File Content Type Recognition (AFCTR) Tool version of the file package before 3.41, related to "a memory allocation problem," has unknown impact. | 7.5 |
2003-12-31 | CVE-2003-1091 | Apple | Integer overflow in MP3Broadcaster for Apple QuickTime/Darwin Streaming Server 4.1.3 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via malformed ID3 tags in MP3 files. | 7.5 |
2003-12-31 | CVE-2003-0363 | Licq | Remote Security vulnerability in Licq 1.0.3/1.2.6 Format string vulnerability in LICQ 1.2.6, 1.0.3 and possibly other versions allows remote attackers to perform unknown actions via format string specifiers. | 7.5 |
2003-12-31 | CVE-2003-0317 | Iisprotect | Security Bypass vulnerability in Iisprotect 2.1/2.2 iisPROTECT 2.1 and 2.2 allows remote attackers to bypass authentication via an HTTP request containing URL-encoded characters. | 7.5 |
2003-12-29 | CVE-2003-1200 | ALT N | Buffer Overflow vulnerability in Alt-N MDaemon/WorldClient Form2Raw Raw Message Handler Stack-based buffer overflow in FORM2RAW.exe in Alt-N MDaemon 6.5.2 through 6.8.5 allows remote attackers to execute arbitrary code via a long From parameter to Form2Raw.cgi. | 7.5 |
2003-12-31 | CVE-2003-1528 | Fujitsu | Link Following vulnerability in Fujitsu Siemens Networker 6.0 nsr_shutdown in Fujitsu Siemens NetWorker 6.0 allows local users to overwrite arbitrary files via a symlink attack on the nsrsh[PID] temporary file. | 7.2 |
2003-12-31 | CVE-2003-1474 | Freebsd | Permissions, Privileges, and Access Controls vulnerability in Freebsd Slashem-Tty 0.0.6E.4F.8 slashem-tty in the FreeBSD Ports Collection is installed with write permissions for the games group, which allows local users with group games privileges to modify slashem-tty and execute arbitrary code as other users, as demonstrated using a separate vulnerability in LTris. | 7.2 |
2003-12-31 | CVE-2003-1461 | HP | Buffer Errors vulnerability in HP Hp-Ux 11.00 Buffer overflow in rwrite for HP-UX 11.0 could allow local users to execute arbitrary code via a long argument. | 7.2 |
2003-12-31 | CVE-2003-1455 | Poptop | Buffer Errors vulnerability in Poptop Pptp Server 1.1.4B1/1.1.4B2/1.1.4B3 Multiple buffer overflows in the launch_bcrelay function in pptpctrl.c in PoPToP 1.1.4-b1 through PoPToP 1.1.4-b3 allow local users to execute arbitrary code. | 7.2 |
2003-12-31 | CVE-2003-1407 | Microsoft | Buffer Errors vulnerability in Microsoft Windows NT 4.0 Buffer overflow in cmd.exe in Windows NT 4.0 may allow local users to execute arbitrary code via a long pathname argument to the cd command. | 7.2 |
2003-12-31 | CVE-2003-1375 | HP | Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in HP Hp-Ux Buffer overflow in wall for HP-UX 10.20 through 11.11 may allow local users to execute arbitrary code by calling wall with a large file as an argument. | 7.2 |
2003-12-31 | CVE-2003-1360 | HP | Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in HP Hp-Ux Buffer overflow in the setupterm function of (1) lanadmin and (2) landiag programs of HP-UX 10.0 through 10.34 allows local users to execute arbitrary code via a long TERM environment variable. | 7.2 |
2003-12-31 | CVE-2003-1359 | HP Avaya | Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in multiple products Buffer overflow in stmkfont utility of HP-UX 10.0 through 11.22 allows local users to gain privileges via a long command line argument. | 7.2 |
2003-12-31 | CVE-2003-1358 | HP | Permissions, Privileges, and Access Controls vulnerability in HP Hp-Ux rs.F300 for HP-UX 10.0 through 11.22 uses the PATH environment variable to find and execute programs such as rm while operating at raised privileges, which allows local users to gain privileges by modifying the path to point to a malicious rm program. | 7.2 |
2003-12-31 | CVE-2003-1356 | HP | Permissions, Privileges, and Access Controls vulnerability in HP Hp-Ux The "file handling" in sort in HP-UX 10.01 through 10.20, and 11.00 through 11.11 is "incorrect," which allows attackers to gain access or cause a denial of service via unknown vectors. | 7.2 |
2003-12-31 | CVE-2003-1170 | Gernot Stocker | Local Arguments Format String vulnerability in Gernot Stocker Kpopup 0.9.1/0.9.5Pre2 Format string vulnerability in main.cpp in kpopup 0.9.1 and 0.9.5pre2 allows local users to cause a denial of service (segmentation fault) and possibly execute arbitrary code via format string specifiers in command line arguments. | 7.2 |
2003-12-31 | CVE-2003-1167 | Gernot Stocker | Unspecified vulnerability in Gernot Stocker Kpopup 0.9.1/0.9.5Pre2 misc.cpp in KPopup 0.9.1 trusts the PATH variable when executing killall, which allows local users to elevate their privileges by modifying the PATH variable to reference a malicious killall program. | 7.2 |
2003-12-31 | CVE-2003-1161 | Linux | Unspecified vulnerability in Linux Kernel 2.6Test9Cvs exit.c in Linux kernel 2.6-test9-CVS, as stored on kernel.bkbits.net, was modified to contain a backdoor, which could allow local users to elevate their privileges by passing __WCLONE|__WALL to the sys_wait4 function. | 7.2 |
2003-12-31 | CVE-2003-1098 | HP | Privilege Escalation vulnerability in HP Hp-Ux 11.22 The Xserver for HP-UX 11.22 was not properly built, which introduced a vulnerability that allows local users to gain privileges. | 7.2 |
2003-12-31 | CVE-2003-1097 | HP | Remote Username Flag Local Buffer Overrun vulnerability in HP-UX RExec Buffer overflow in rexec on HP-UX B.10.20, B.11.00, and B.11.04, when setuid root, may allow local users to gain privileges via a long -l option. | 7.2 |
2003-12-31 | CVE-2003-1094 | BEA | Unspecified vulnerability in BEA Weblogic Server 7.0 BEA WebLogic Server and Express version 7.0 SP3 may follow certain code execution paths that result in an incorrect current user, such as in the frequent use of JNDI initial contexts, which could allow remote authenticated users to gain privileges. | 7.2 |
2003-12-31 | CVE-2003-1082 | SUN | Local Buffer Overflow vulnerability in Sun Solaris UTMP_Update Buffer overflow in utmp_update for Solaris 2.6 through 9 allows local users to gain root privileges, as identified by Sun BugID 4705891, a different vulnerability than CVE-2003-1068. | 7.2 |
2003-12-31 | CVE-2003-1076 | SUN | Privilege Escalation vulnerability in Sun Sendmail Forward File Unknown vulnerability in sendmail for Solaris 7, 8, and 9 allows local users to cause a denial of service (unknown impact) and possibly gain privileges via certain constructs in a .forward file. | 7.2 |
2003-12-31 | CVE-2003-0954 | IBM | Local Buffer Overrun vulnerability in IBM AIX 4.3.3/5.1/5.2 Buffer overflow in rcp for AIX 4.3.3, 5.1 and 5.2 allows local users to gain privileges. | 7.2 |
2003-12-31 | CVE-2003-1431 | Epic Games | Buffer Errors vulnerability in Epic Games Unreal Engine 226F/433/436 Buffer overflow in Epic Games Unreal Engine 226f through 436 allows remote attackers to cause a denial of service (crash) via a long host string in the Unreal URL. | 7.1 |
253 Medium Vulnerabilities
DATE | CVE | VENDOR | VULNERABILITY | CVSS |
---|---|---|---|---|
2003-12-31 | CVE-2003-1552 | Graeme | Permissions, Privileges, and Access Controls vulnerability in Graeme Uploader 1.1 Unrestricted file upload vulnerability in uploader.php in Uploader 1.1 allows remote attackers to execute arbitrary code by uploading a file with an executable extension, then accessing it via a direct request to the file in uploads/. | 6.8 |
2003-12-31 | CVE-2003-1544 | Microsoft | Denial Of Service vulnerability in Microsoft Windows MSGINA.DLL Read-Lock Unrestricted critical resource lock in Terminal Services for Windows 2000 before SP4 and Windows XP allows remote authenticated users to cause a denial of service (reboot) by obtaining a read lock on msgina.dll, which prevents msgina.dll from being loaded. | 6.8 |
2003-12-31 | CVE-2003-1520 | Fuzzymonkey | SQL Injection vulnerability in Fuzzymonkey Myclassifieds 2.11 SQL injection vulnerability in FuzzyMonkey My Classifieds 2.11 allows remote attackers to execute arbitrary SQL commands via the email parameter. | 6.8 |
2003-12-31 | CVE-2003-1516 | SUN | Cross-Site Applet Sandbox Security Model Violation vulnerability in SUN Java Plug-In 1.4.201 The org.apache.xalan.processor.XSLProcessorVersion class in Java Plug-in 1.4.2_01 allows signed and unsigned applets to share variables, which violates the Java security model and could allow remote attackers to read or write data belonging to a signed applet. | 6.8 |
2003-12-31 | CVE-2003-1475 | Netbus | Improper Authentication vulnerability in Netbus 1.5/1.6/1.7 Netbus 1.5 through 1.7 allows more than one client to be connected at the same time, but only prompts the first connection for authentication, which allows remote attackers to gain access. | 6.8 |
2003-12-31 | CVE-2003-1459 | Ttcms | Code Injection vulnerability in Ttcms and Ttforum Multiple PHP remote file inclusion vulnerabilities in ttCMS 2.2 and ttForum allow remote attackers to execute arbitrary PHP code via the (1) template parameter in News.php or (2) installdir parameter in install.php. | 6.8 |
2003-12-31 | CVE-2003-1436 | Crossnuke | Code Injection vulnerability in Crossnuke Nukebrowser PHP remote file inclusion vulnerability in nukebrowser.php in Nukebrowser 2.1 to 2.5 allows remote attackers to execute arbitrary PHP code via the filhead parameter. | 6.8 |
2003-12-31 | CVE-2003-1434 | Pete Werner | Improper Authentication vulnerability in Pete Werner Login Ldap 3.1/3.2 login_ldap 3.1 and 3.2 allows remote attackers to initiate unauthenticated bind requests if (1) bind_anon_dn is on, which allows a bind with no password provided, (2) bind_anon_cred is on, which allows a bind with no DN, or (3) bind_anon is on, which allows a bind with no DN or password. | 6.8 |
2003-12-31 | CVE-2003-1424 | Petitforum | Credentials Management vulnerability in Petitforum message.php in Petitforum does not properly authenticate users, which allows remote attackers to impersonate forum users via a modified connect cookie. | 6.8 |
2003-12-31 | CVE-2003-1415 | Visual Mining | Buffer Errors vulnerability in Visual Mining Netcharts Xbrl Server 4.0.0 NetCharts XBRL Server 4.0.0 allows remote attackers to obtain sensitive information via an HTTP request with an invalid chunked transfer encoding specification. | 6.8 |
2003-12-31 | CVE-2003-1412 | Gonicus | Code Injection vulnerability in Gonicus System Administration 1.0 PHP remote file inclusion vulnerability in index.php for GONiCUS System Administrator (GOsa) 1.0 allows remote attackers to execute arbitrary PHP code via the plugin parameter to (1) 3fax/1blocklists/index.php; (2) 6departamentadmin/index.php, (3) 5terminals/index.php, (4) 4mailinglists/index.php, (5) 3departaments/index.php, and (6) 2groupd/index.php in 2administration/; or (7) the base parameter to include/help.php. | 6.8 |
2003-12-31 | CVE-2003-1411 | Isoca | Code Injection vulnerability in Isoca Cedric Email Reader 0.4 PHP remote file inclusion vulnerability in emailreader_execute_on_each_page.inc.php in Cedric Email Reader 0.4 allows remote attackers to execute arbitrary PHP code via the emailreader_ini parameter. | 6.8 |
2003-12-31 | CVE-2003-1410 | Isoca | Code Injection vulnerability in Isoca Cedric Email Reader 0.2/0.3 PHP remote file inclusion vulnerability in email.php (aka email.php3) in Cedric Email Reader 0.2 and 0.3 allows remote attackers to execute arbitrary PHP code via the cer_skin parameter. | 6.8 |
2003-12-31 | CVE-2003-1396 | Opera | Out-of-bounds Write vulnerability in Opera Browser Heap-based buffer overflow in Opera 6.05 through 7.10 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a filename with a long extension. | 6.8 |
2003-12-31 | CVE-2003-1385 | Invision Power Services | Code Injection vulnerability in Invision Power Services Invision Power Board 1.1.1 ipchat.php in Invision Power Board 1.1.1 allows remote attackers to execute arbitrary PHP code, if register_globals is enabled, by modifying the root_path parameter to reference a URL on a remote web server that contains the code. | 6.8 |
2003-12-31 | CVE-2003-1381 | Amxmod NET | USE of Externally-Controlled Format String vulnerability in Amxmod.Net AMX MOD 0.9.2 Format string vulnerability in AMX 0.9.2 and earlier, a plugin for Valve Software's Half-Life Server, allows remote attackers to execute arbitrary commands via format string specifiers in the amx_say command. | 6.8 |
2003-12-31 | CVE-2003-1373 | Phpbb Group | Path Traversal vulnerability in PHPbb Group PHPbb Directory traversal vulnerability in auth.php for PhpBB 1.4.0 through 1.4.4 allows remote attackers to read and include arbitrary files via .. | 6.8 |
2003-12-31 | CVE-2003-1369 | Save IT Software PTY | Buffer Errors vulnerability in Save IT Software PTY Bytecatcherftp 1.04B Buffer overflow in ByteCatcher FTP client 1.04b allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a long FTP server banner. | 6.8 |
2003-12-31 | CVE-2003-1323 | ELM Development Group | Remote Security vulnerability in ELM Development Group ELM 2.4 Elm ME+ 2.4 before PL109S, when installed setgid mail and the operating system lacks POSIX saved ID support, allows local users to read and modify certain files with the privileges of the mail group via unspecified vectors. | 6.8 |
2003-12-31 | CVE-2003-1317 | Endonesia | Cross-Site Scripting vulnerability in eNdonesia Mod Parameter Cross-site scripting (XSS) vulnerability in mod.php in eNdonesia 8.2 allows remote attackers to inject arbitrary web script or HTML via the mod parameter. | 6.8 |
2003-12-31 | CVE-2003-1311 | Netegrity | Remote Security vulnerability in Netegrity SiteMinder siteminderagent/SmMakeCookie.ccc in Netegrity SiteMinder does not ensure that the TARGET parameter names a valid redirection resource, which allows remote attackers to construct a URL that might trick users into visiting an arbitrary web site referenced by this parameter. | 6.8 |
2003-12-31 | CVE-2003-1256 | E Theni | Remote Include Command Execution vulnerability in E-theni aff_liste_langue.php in E-theni allows remote attackers to execute arbitrary PHP code by modifying the rep_include parameter to reference a URL on a remote web server that contains para_langue.php. | 6.8 |
2003-12-31 | CVE-2003-1211 | Maxwebportal | Cross-site scripting (XSS) vulnerability in search.asp for MaxWebPortal 1.30 and possibly earlier versions allows remote attackers to inject arbitrary web script or HTML via the Search parameter. | 6.8 |
2003-12-31 | CVE-2003-1204 | Mambo | Cross-Site Scripting vulnerability in Mambo Site Server Multiple cross-site scripting (XSS) vulnerabilities in Mambo Site Server 4.0.12 BETA and earlier allow remote attackers to execute script on other clients via (1) the link parameter in sectionswindow.php, the directory parameter in (2) gallery.php, (3) navigation.php, or (4) uploadimage.php, the path parameter in (5) view.php, (6) the choice parameter in upload.php, (7) the sitename parameter in mambosimple.php, (8) the type parameter in upload.php, or the id parameter in (9) emailarticle.php, (10) emailfaq.php, or (11) emailnews.php. | 6.8 |
2003-12-31 | CVE-2003-1175 | Synthetic Reality | Cross-Site Scripting vulnerability in Synthetic Reality Sympoll 1.5 Cross-site scripting (XSS) vulnerability in index.php in Sympoll 1.5 allows remote attackers to inject arbitrary web script or HTML via the vo parameter. | 6.8 |
2003-12-31 | CVE-2003-1392 | Research Triangle Software Microsoft | Cryptographic Issues vulnerability in multiple products CryptoBuddy 1.0 and 1.2 does not use the user-supplied passphrase to encrypt data, which could allow local users to use their own passphrase to decrypt the data. | 6.6 |
2003-12-31 | CVE-2003-1564 | Xmlsoft | XML Entity Expansion vulnerability in Xmlsoft Libxml2 libxml2, possibly before 2.5.0, does not properly detect recursion during entity expansion, which allows context-dependent attackers to cause a denial of service (memory and CPU consumption) via a crafted XML document containing a large number of nested entity references, aka the "billion laughs attack." | 6.5 |
2003-12-31 | CVE-2003-1340 | Phpnuke | SQL Injection vulnerability in PHPnuke PHP-Nuke 5.6/6.5 Multiple SQL injection vulnerabilities in Francisco Burzi PHP-Nuke 5.6 and 6.5 allow remote authenticated users to execute arbitrary SQL commands via (1) a uid (user) cookie to modules.php; and allow remote attackers to execute arbitrary SQL commands via an aid (admin) cookie to the Web_Links module in a (2) viewlink, (3) MostPopular, or (4) NewLinksDate action, different vectors than CVE-2003-0279. | 6.5 |
2003-12-31 | CVE-2003-1538 | Suse | Improper Input Validation vulnerability in Suse products susehelp in SuSE Linux 8.1, Enterprise Server 8, Office Server, and Openexchange Server 4 does not properly filter shell metacharacters, which allows remote attackers to execute arbitrary commands via CGI queries. | 6.4 |
2003-12-31 | CVE-2003-1521 | SUN | Unspecified vulnerability in SUN Java Plug-In Sun Java Plug-In 1.4 through 1.4.2_02 allows remote attackers to repeatedly access the floppy drive via the createXmlDocument method in the org.apache.crimson.tree.XmlDocument class, which violates the Java security model. | 6.4 |
2003-12-31 | CVE-2003-1501 | Gast Arbeiter | Path Traversal vulnerability in Gast Arbeiter Gast Arbeiter 1.3 Directory traversal vulnerability in the file upload CGI of Gast Arbeiter 1.3 allows remote attackers to write arbitrary files via a .. | 6.4 |
2003-12-31 | CVE-2003-1488 | Truelogik | Improper Input Validation vulnerability in Truelogik Truegalerie 1.0 The (1) verif_admin.php and (2) check_admin.php scripts in Truegalerie 1.0 allow remote attackers to gain administrator access via a request to admin.php without the connect parameter and with the loggedin parameter set to any value, such as 1. | 6.4 |
2003-12-31 | CVE-2003-1483 | Flashfxp | Cryptographic Issues vulnerability in Flashfxp 1.4 FlashFXP 1.4 uses a weak encryption algorithm for user passwords, which allows attackers to decrypt the passwords and gain access. | 6.4 |
2003-12-31 | CVE-2003-1451 | Symantec | Buffer Errors vulnerability in Symantec Norton Antivirus 2002 Buffer overflow in Symantec Norton AntiVirus 2002 allows remote attackers to execute arbitrary code via an e-mail attachment with a compressed ZIP file that contains a file with a long filename. | 6.4 |
2003-12-31 | CVE-2003-1427 | Netgear | Path Traversal vulnerability in Netgear Fm114P 1.4Betarelease17 Directory traversal vulnerability in the web configuration interface in Netgear FM114P 1.4 allows remote attackers to read arbitrary files, such as the netgear.cfg configuration file, via a hex-encoded (%2e%2e%2f) ../ (dot dot slash) in the port parameter. | 6.4 |
2003-12-31 | CVE-2003-1386 | Axis | Permissions, Privileges, and Access Controls vulnerability in Axis 2400 Video Server and 2401 Video Server AXIS 2400 Video Server 2.00 through 2.33 allows remote attackers to obtain sensitive information via an HTTP request to /support/messages, which displays the server's /var/log/messages file. | 6.4 |
2003-12-31 | CVE-2003-1368 | Electrasoft | Buffer Errors vulnerability in Electrasoft FTP Client 9.49.01 Buffer overflow in the 32bit FTP client 9.49.1 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a long FTP server banner. | 6.4 |
2003-12-31 | CVE-2003-1363 | Aprelium Technologies | Unspecified vulnerability in Aprelium Technologies Abyss web Server The remote web management interface of Aprelium Technologies Abyss Web Server 1.1.2 and earlier does not log connection attempts to the web management port (9999), which allows remote attackers to mount brute force attacks on the administration console without detection. | 6.4 |
2003-12-31 | CVE-2003-1262 | Http Fetcher | Buffer Overflow vulnerability in Http Fetcher Http Fetcher Library 1.0.0/1.0.1 Buffer overflow in the http_fetch function of HTTP Fetcher 1.0.0 and 1.0.1 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a URL request via a long (1) host, (2) referer, or (3) userAgent value. | 6.4 |
2003-12-31 | CVE-2003-1255 | Active PHP Bookmarks | Unspecified vulnerability in Active PHP Bookmarks Active PHP Bookmarks 1.1.01 add_bookmark.php in Active PHP Bookmarks (APB) 1.1.01 allows remote attackers to add arbitrary bookmarks as other users using a modified auth_user_id parameter. | 6.4 |
2003-12-31 | CVE-2003-1230 | Freebsd | The implementation of SYN cookies (syncookies) in FreeBSD 4.5 through 5.0-RELEASE-p3 uses only 32-bit internal keys when generating syncookies, which makes it easier for remote attackers to conduct brute force ISN guessing attacks and spoof legitimate traffic. | 6.4 |
2003-12-31 | CVE-2003-1176 | BDC Enterprises | Unspecified vulnerability in BDC Enterprises web WIZ Forums 6.34/7.01/7.5 post_message_form.asp in Web Wiz Forums 6.34 through 7.5, when quote mode is used, allows remote attackers to read or write to private forums by modifying the FID (forum ID) parameter. | 6.4 |
2003-12-31 | CVE-2003-0885 | Xscreensaver | Remote Security vulnerability in Xscreensaver 4.14 Xscreensaver 4.14 contains certain debugging code that should have been omitted, which causes Xscreensaver to create temporary files insecurely in the (1) apple2, (2) xanalogtv, and (3) pong screensavers, and allows local users to overwrite arbitrary files via a symlink attack. | 6.4 |
2003-12-31 | CVE-2003-1524 | Pgpi | Permissions, Privileges, and Access Controls vulnerability in Pgpi Pgpdisk 6.0.2I PGPi PGPDisk 6.0.2i does not unmount a PGP partition when the switch user function in Windows XP is used, which could allow local users to access data on another user's PGP partition. | 6.3 |
2003-12-31 | CVE-2003-1497 | Linksys | Buffer Errors vulnerability in Linksys Befsx41 1.43.3 Buffer overflow in the system log viewer of Linksys BEFSX41 1.44.3 allows remote attackers to cause a denial of service via an HTTP request with a long Log_Page_Num variable. | 6.3 |
2003-12-31 | CVE-2003-1471 | ALT N | Improper Input Validation vulnerability in Alt-N Mdaemon MDaemon POP server 6.0.7 and earlier allows remote authenticated users to cause a denial of service (crash) via a (1) DELE or (2) UIDL with a negative number. | 6.3 |
2003-12-31 | CVE-2003-1481 | Stalker | Information Exposure vulnerability in Stalker Communigate PRO CommuniGate Pro 3.1 through 4.0.6 sends the session ID in the referer field for an HTTP request for an image, which allows remote attackers to hijack mail sessions via an e-mail with an IMG tag that references a malicious URL that captures the referer. | 5.8 |
2003-12-31 | CVE-2003-1401 | PHP Board | Credentials Management vulnerability in PHP Board PHP Board 1.0 login.php in php-Board 1.0 stores plaintext passwords in $username.txt with insufficient access control under the web document root, which allows remote attackers to obtain sensitive information via a direct request. | 5.8 |
2003-12-31 | CVE-2003-1238 | Nuked Klan | Cross-Site Scripting vulnerability in Nuked-Klan Cross-site scripting vulnerability (XSS) in Nuked-Klan 1.3 beta and earlier allows remote attackers to steal authentication information via cookies by injecting arbitrary HTML or script into op of the (1) Team, (2) News, and (3) Liens modules. | 5.8 |
2003-12-31 | CVE-2003-1325 | Valve Software | Denial-Of-Service vulnerability in Half-Life Cstrike Dedicated Server The SV_CheckForDuplicateNames function in Valve Software Half-Life CSTRIKE Dedicated Server 1.1.1.0 and earlier allows remote authenticated users to cause a denial of service (infinite loop and daemon hang) via a certain connection string to UDP port 27015 that represents "absence of player informations," a related issue to CVE-2006-0734. | 5.2 |
2003-12-31 | CVE-2003-1320 | Sonicwall | Resource Management Errors vulnerability in Sonicwall Firmware SonicWALL firmware before 6.4.0.1 allows remote attackers to cause a denial of service and possibly execute arbitrary code via crafted Internet Key Exchange (IKE) response packets, possibly including (1) a large Security Parameter Index (SPI) field, (2) a large number of payloads, or (3) a long payload. | 5.1 |
2003-12-31 | CVE-2003-1232 | GNU | Local Variable Arbitrary Command Execution vulnerability in GNU Emacs 21.2.1 Emacs 21.2.1 does not prompt or warn the user before executing Lisp code in the local variables section of a text file, which allows user-assisted attackers to execute arbitrary commands, as demonstrated using the mode-name variable. | 5.1 |
2004-01-04 | CVE-2004-1786 | Iatek | Remote User Database Access vulnerability in ASPApp PortalAPP PortalApp places user credentials under the web root with insufficient access control, which allows remote attackers to gain access to sensitive information via a direct request to 8275.mdb. | 5.0 |
2003-12-31 | CVE-2003-1560 | Netscape | Information Exposure vulnerability in Netscape Navigator 4 Netscape 4 sends Referer headers containing https:// URLs in requests for http:// URLs, which allows remote attackers to obtain potentially sensitive information by reading Referer log data. | 5.0 |
2003-12-31 | CVE-2003-1559 | Microsoft | Information Exposure vulnerability in Microsoft IE and Internet Explorer Microsoft Internet Explorer 5.22, and other 5 through 6 SP1 versions, sends Referer headers containing https:// URLs in requests for http:// URLs, which allows remote attackers to obtain potentially sensitive information by reading Referer log data. | 5.0 |
2003-12-31 | CVE-2003-1558 | Fefe | Buffer Errors vulnerability in Fefe Fnord 1.6 Buffer overflow in httpd.c of fnord 1.6 allows remote attackers to create a denial of service (crash) and possibly execute arbitrary code via a long CGI request passed to the do_cgi function. | 5.0 |
2003-12-31 | CVE-2003-1555 | Scoznet | Information Exposure vulnerability in Scoznet Scozbook 1.1Beta ScozNet ScozBook 1.1 BETA allows remote attackers to obtain sensitive information via an invalid PG parameter in view.php, which reveals the installation path in an error message. | 5.0 |
2003-12-31 | CVE-2003-1550 | Xoops | Information Exposure vulnerability in Xoops XOOPS 2.0, and possibly earlier versions, allows remote attackers to obtain sensitive information via an invalid xoopsOption parameter, which reveals the installation path in an error message. | 5.0 |
2003-12-31 | CVE-2003-1548 | Myabracadaweb | Information Exposure vulnerability in Myabracadaweb MyABraCaDaWeb 1.0.2 and earlier allows remote attackers to obtain sensitive information via an invalid IDAdmin or other parameter, which reveals the installation path in an error message. | 5.0 |
2003-12-31 | CVE-2003-1545 | Nukestyles Phpnuke | Path Traversal vulnerability in multiple products Absolute path traversal vulnerability in nukestyles.com viewpage.php addon for PHP-Nuke allows remote attackers to read arbitrary files via a full pathname in the file parameter. | 5.0 |
2003-12-31 | CVE-2003-1542 | Ondrej Jombik | Path Traversal vulnerability in Ondrej Jombik PHPwebfilemanager Directory traversal vulnerability in plugins/file.php in phpWebFileManager before 0.4.4 allows remote attackers to read arbitrary files via a .. | 5.0 |
2003-12-31 | CVE-2003-1541 | Planetmoon | Permissions, Privileges, and Access Controls vulnerability in Planetmoon Guestbook Tr3.A.1 PlanetMoon Guestbook tr3.a stores sensitive information under the web root with insufficient access control, which allows remote attackers to obtain the admin script password, and other passwords, via a direct request to files/passwd.txt. | 5.0 |
2003-12-31 | CVE-2003-1540 | Wfchat | Information Exposure vulnerability in Wfchat 1.0 WF-Chat 1.0 Beta stores sensitive information under the web root with insufficient access control, which allows remote attackers to obtain authentication information via a direct request to (1) !pwds.txt and (2) !nicks.txt. | 5.0 |
2003-12-31 | CVE-2003-1537 | Postnuke Software Foundation | Path Traversal vulnerability in Postnuke Software Foundation Postnuke Directory traversal vulnerability in PostNuke 0.723 and earlier allows remote attackers to include arbitrary files named theme.php via the theme parameter to index.php. | 5.0 |
2003-12-31 | CVE-2003-1535 | Justice Media | Information Exposure vulnerability in Justice Media Guestbook 1.3 Justice Guestbook 1.3 allows remote attackers to obtain the full installation path via a direct request to cfooter.php3, which leaks the path in an error message. | 5.0 |
2003-12-31 | CVE-2003-1529 | Seagull Software Systems | Path Traversal vulnerability in Seagull Software Systems J Walk Application Server 3.2C9 Directory traversal vulnerability in Seagull Software Systems J Walk application server 3.2C9, and other versions before 3.3c4, allows remote attackers to read arbitrary files via a ".%252e" (encoded dot dot) in the URL. | 5.0 |
2003-12-31 | CVE-2003-1526 | Francisco Burzi | Information Exposure vulnerability in Francisco Burzi PHP-Nuke 7.0 PHP-Nuke 7.0 allows remote attackers to obtain the installation path via certain characters such as (1) ", (2) ', or (3) > in the search field, which reveals the path in an error message. | 5.0 |
2003-12-31 | CVE-2003-1517 | Dansie | Information Exposure vulnerability in Dansie Shopping Cart cart.pl in Dansie shopping cart allows remote attackers to obtain the installation path via an invalid db parameter, which leaks the path in an error message. | 5.0 |
2003-12-31 | CVE-2003-1512 | Khaled Mardam BEY | Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in Khaled Mardam-Bey Mirc 6.1/6.11 Buffer overflow in mIRC 6.1 and 6.11 allows remote attackers to cause a denial of service (crash) via a long DCC SEND request. | 5.0 |
2003-12-31 | CVE-2003-1499 | Bytehoard | Path Traversal vulnerability in Bytehoard 0.7 Directory traversal vulnerability in index.php in Bytehoard 0.7 allows remote attackers to read arbitrary files via a .. | 5.0 |
2003-12-31 | CVE-2003-1494 | HP | Resource Management Errors vulnerability in HP Openview Network Node Manager 6.2/6.4 Unspecified vulnerability in HP OpenView Network Node Manager (NNM) 6.2 and 6.4 allows remote attackers to cause a denial of service (CPU consumption) via a crafted TCP packet. | 5.0 |
2003-12-31 | CVE-2003-1493 | HP | Denial Of Service vulnerability in HP OpenView Network Node Manager Memory leak in HP OpenView Network Node Manager (NNM) 6.2 and 6.4 allows remote attackers to cause a denial of service (memory exhaustion) via crafted TCP packets. | 5.0 |
2003-12-31 | CVE-2003-1492 | Mozilla Netscape | Link Following vulnerability in multiple products Netscape Navigator 7.0.2 and Mozilla allows remote attackers to access cookie information in a different domain via an HTTP request for a domain with an extra . | 5.0 |
2003-12-31 | CVE-2003-1489 | Truegalerie | Improper Authentication vulnerability in Truegalerie 1.0 upload.php in Truegalerie 1.0 allows remote attackers to read arbitrary files by specifying the target filename in the file cookie in form.php, then downloading the file from the image gallery. | 5.0 |
2003-12-31 | CVE-2003-1486 | Phorum | Information Exposure vulnerability in Phorum 3.4/3.4.1/3.4.2 Phorum 3.4 through 3.4.2 allows remote attackers to obtain the full path of the web server via an incorrect HTTP request to (1) smileys.php, (2) quick_listrss.php, (3) purge.php, (4) news.php, (5) memberlist.php, (6) forum_listrss.php, (7) forum_list_rdf.php, (8) forum_list.php, or (9) move.php, which leaks the information in an error message. | 5.0 |
2003-12-31 | CVE-2003-1485 | Clearswift | Improper Input Validation vulnerability in Clearswift Mailsweeper Clearswift MAILsweeper 4.0 through 4.3.7 allows remote attackers to bypass filtering via a file attachment that contains "multiple extensions combined with large blocks of white space." | 5.0 |
2003-12-31 | CVE-2003-1472 | Microsoft 3D FTP | Buffer Errors vulnerability in 3D-Ftp 4.0 Buffer overflow in 3D-FTP client 4.0 allows remote FTP servers to cause a denial of service (crash) and possibly execute arbitrary code via a long banner. | 5.0 |
2003-12-31 | CVE-2003-1469 | Microsoft Macromedia | Information Exposure vulnerability in Macromedia Coldfusion and Coldfusion Professional The default configuration of ColdFusion MX has the "Enable Robust Exception Information" option selected, which allows remote attackers to obtain the full path of the web server via a direct request to CFIDE/probe.cfm, which leaks the path in an error message. | 5.0 |
2003-12-31 | CVE-2003-1465 | Phorum | Path Traversal vulnerability in Phorum 3.4/3.4.1/3.4.2 Directory traversal vulnerability in download.php in Phorum 3.4 through 3.4.2 allows remote attackers to read arbitrary files. | 5.0 |
2003-12-31 | CVE-2003-1462 | MOD Survey | Denial of Service vulnerability in Mod_Survey SYSBASE Disk Resource Consumption mod_survey 3.0.0 through 3.0.15-pre6 does not check whether a survey exists before creating a subdirectory for it, which allows remote attackers to cause a denial of service (disk consumption and possible crash). | 5.0 |
2003-12-31 | CVE-2003-1454 | Linux Microsoft Unix Invision Power Services | Unspecified vulnerability in Invision Power Services Invision Board 1.0/1.0.1/1.1.1 Invision Power Services Invision Board 1.0 through 1.1.1, when a forum is password protected, stores the administrator password in a cookie in plaintext, which could allow remote attackers to gain access. | 5.0 |
2003-12-31 | CVE-2003-1450 | Bitchx | Improper Input Validation vulnerability in Bitchx BitchX 75p3 and 1.0c16 through 1.0c20cvs allows remote attackers to cause a denial of service (segmentation fault) via a malformed RPL_NAMREPLY numeric 353 message. | 5.0 |
2003-12-31 | CVE-2003-1430 | Linux Microsoft Epic Games | Path Traversal vulnerability in Epic Games Unreal Engine 226F/433/436 Directory traversal vulnerability in Unreal Tournament Server 436 and earlier allows remote attackers to access known files via a ".." (dot dot) in an unreal:// URL. | 5.0 |
2003-12-31 | CVE-2003-1423 | Linux Microsoft Unix Petitforum | Permissions, Privileges, and Access Controls vulnerability in Petitforum Petitforum stores the liste.txt data file under the web document root with insufficient access control, which allows remote attackers to obtain sensitive information such as e-mail addresses and encrypted passwords. | 5.0 |
2003-12-31 | CVE-2003-1409 | EJ3 | Information Exposure vulnerability in EJ3 Topo 1.43 TOPo 1.43 allows remote attackers to obtain sensitive information by sending an HTTP request with an invalid parameter to (1) in.php or (2) out.php, which reveals the path to the TOPo directory in the error message. | 5.0 |
2003-12-31 | CVE-2003-1408 | Lotus | Information Exposure vulnerability in Lotus Domino Server 5.0/6.0 Lotus Domino Server 5.0 and 6.0 allows remote attackers to read the source code for files via an HTTP request with a filename with a trailing dot. | 5.0 |
2003-12-31 | CVE-2003-1394 | Coffeecup Software | Credentials Management vulnerability in Coffeecup Software Coffeecup Password Wizard CoffeeCup Software Password Wizard 4.0 stores sensitive information such as usernames and passwords in a .apw file under the web document root with insufficient access control, which allows remote attackers to obtain that information via a direct request for the file. | 5.0 |
2003-12-31 | CVE-2003-1379 | Point Clark Networks | Information Exposure vulnerability in Point Clark Networks Clarkconnect 1.2 clarkconnectd in ClarkConnect Linux 1.2 allows remote attackers to obtain sensitive information about the server via the characters (1) A, which reveals the date and time, (2) F, (3) M, which reveals 'ifconfig' information, (4) P, which lists the processes, (5) Y, which reveals the snort log files, or (6) b, which reveals /var/log/messages. | 5.0 |
2003-12-31 | CVE-2003-1365 | Perl | Improper Input Validation vulnerability in Perl CGI Lite 2.0 The escape_dangerous_chars function in CGI::Lite 2.0 and earlier does not correctly remove special characters including (1) "\" (backslash), (2) "?", (3) "~" (tilde), (4) "^" (carat), (5) newline, or (6) carriage return, which could allow remote attackers to read or write arbitrary files, or execute arbitrary commands, in shell scripts that rely on CGI::Lite to filter such dangerous inputs. | 5.0 |
2003-12-31 | CVE-2003-1354 | Gamespy3D | Buffer Errors vulnerability in Gamespy3D Gamespy 3D 2.62 Multiple GameSpy 3D 2.62 compatible gaming servers generate very large UDP responses to small requests, which allows remote attackers to use the servers as an amplifier in DDoS attacks with spoofed UDP query packets, as demonstrated using Battlefield 1942. | 5.0 |
2003-12-31 | CVE-2003-1352 | Gabber | Configuration vulnerability in Gabber 0.8.7 Gabber 0.8.7 sends an email to a specific address during user login and logout, which allows remote attackers to obtain user session activity and Gabber version number by sniffing. | 5.0 |
2003-12-31 | CVE-2003-1351 | Greg Billock | Path Traversal vulnerability in Greg Billock Edittag 1.1 Directory traversal vulnerability in edittag.cgi in EditTag 1.1 allows remote attackers to read arbitrary files via a "%2F.." (encoded slash dot dot) in the file parameter. | 5.0 |
2003-12-31 | CVE-2003-1349 | Thomas Krebs | Path Traversal vulnerability in Thomas Krebs Niteserver Ftpd 1.83 Directory traversal vulnerability in NITE ftp-server (NiteServer) 1.83 allows remote attackers to list arbitrary directories via a "\.." (backslash dot dot) in the CD (CWD) command. | 5.0 |
2003-12-31 | CVE-2003-1345 | Follett Software | Path Traversal vulnerability in Follett Software Webcollection Plus 5.00 Directory traversal vulnerability in s.dll in WebCollection Plus 5.00 allows remote attackers to view arbitrary files in c:\ via a full pathname in the d parameter. | 5.0 |
2003-12-31 | CVE-2003-1344 | Trend Micro | Cryptographic Issues vulnerability in Trend Micro Virus Control System Trend Micro Virus Control System (TVCS) Log Collector allows remote attackers to obtain usernames, encrypted passwords, and other sensitive information via a URL request for getservers.exe with the action parameter set to "selects1", which returns log files. | 5.0 |
2003-12-31 | CVE-2003-1342 | Trend Micro | Resource Management Errors vulnerability in Trend Micro Virus Control System 1.8 Trend Micro Virus Control System (TVCS) 1.8 running with IIS allows remote attackers to cause a denial of service (memory consumption) in IIS via multiple URL requests for ActiveSupport.exe. | 5.0 |
2003-12-31 | CVE-2003-1335 | KAI Blankenhorn Bitfolge | Path Traversal vulnerability in KAI Blankenhorn Bitfolge Simple and Nice Index File Directory traversal vulnerability in Kai Blankenhorn Bitfolge simple and nice index file (aka snif) before 1.2.5 allows remote attackers to download files from locations above the snif directory. | 5.0 |
2003-12-31 | CVE-2003-1330 | Microsoft Clearswift Limited | Unspecified vulnerability in Clearswift Limited Mailsweeper 4.3.6Sp1 Clearswift MAILsweeper for SMTP 4.3.6 SP1 does not execute custom "on strip unsuccessful" hooks, which allows remote attackers to bypass e-mail attachment filtering policies via an attachment that MAILsweeper can detect but not remove. | 5.0 |
2003-12-31 | CVE-2003-1316 | Endonesia | Path Disclosure vulnerability in eNdonesia Mod Parameter mod.php in eNdonesia 8.2 allows remote attackers to obtain sensitive information via a ' (quote) value in the lng parameter, which reveals the path in an error message. | 5.0 |
2003-12-31 | CVE-2003-1305 | Microsoft Internet Explorer allows remote attackers to cause a denial of service (resource consumption) via a Javascript src attribute that recursively loads the current web page. | 5.0 | |
2003-12-31 | CVE-2003-1304 | Early Impact | Unspecified vulnerability in Early Impact Productcart EarlyImpact ProductCart 1.0 through 2.0 stores database/EIPC.mdb under the web root with insufficient access control, which allows remote attackers to obtain sensitive database information via a direct request. | 5.0 |
2003-12-31 | CVE-2003-1303 | PHP | Denial-Of-Service vulnerability in PHP 4.3.0/4.3.1/4.3.2 Buffer overflow in the imap_fetch_overview function in the IMAP functionality (php_imap.c) in PHP before 4.3.3 allows remote attackers to cause a denial of service (segmentation fault) and possibly execute arbitrary code via a long e-mail address in a (1) To or (2) From header. | 5.0 |
2003-12-31 | CVE-2003-1302 | PHP | Denial-Of-Service vulnerability in PHP The IMAP functionality in PHP before 4.3.1 allows remote attackers to cause a denial of service via an e-mail message with a (1) To or (2) From header with an address that contains a large number of "\" (backslash) characters. | 5.0 |
2003-12-31 | CVE-2003-1301 | SUN | Denial Of Service vulnerability in Sun Java Runtime Environment Nested Array Objects Sun Java Runtime Environment (JRE) 1.x before 1.4.2_11 and 1.5.x before 1.5.0_06, and as used in multiple web browsers, allows remote attackers to cause a denial of service (application crash) via deeply nested object arrays, which are not properly handled by the garbage collector and trigger invalid memory accesses. | 5.0 |
2003-12-31 | CVE-2003-1300 | Pablo Software Solutions | Unspecified vulnerability in Pablo Software Solutions Baby FTP Server 1.2 Baby FTP Server (BabyFTP) 1.2, and possibly other versions before May 31, 2003, allows remote attackers to cause a denial of service via a large number of connections from the same IP address, which triggers an access violation. | 5.0 |
2003-12-31 | CVE-2003-1298 | Anyportal PHP | Directory Traversal vulnerability in Anyportal PHP Anyportal PHP 0.1 Multiple directory traversal vulnerabilities in siteman.php3 in AnyPortal(php) 12 MAY 00 allow remote attackers to (1) create, (2) delete, (3) save, and (4) upload files by navigating to the root directory and entering a filename beginning with "./.." (dot slash dot dot). | 5.0 |
2003-12-31 | CVE-2003-1297 | EFS Software | Easy File Sharing (EFS) Web Server 1.2 stores the (1) option.ini (aka options.ini) file and (2) log directory under the web root with insufficient access control, which allows remote attackers to obtain sensitive information including an SMTP account username and password hash, the server configuration, and server log files. | 5.0 |
2003-12-31 | CVE-2003-1296 | EFS Software | Denial-Of-Service vulnerability in Easy File Sharing Web Server Easy File Sharing (EFS) Web Server 1.2 allows remote authenticated users to cause a denial of service via (1) an "empty symbol" in the Title field or (2) certain data in the Your Message field, possibly a long argument. | 5.0 |
2003-12-31 | CVE-2003-1292 | Ashwebstudio | Remote File Include vulnerability in Ashwebstudio Ashnews 0.83 PHP remote file include vulnerability in Derek Ashauer ashNews 0.83 allows remote attackers to include and execute arbitrary remote files via a URL in the pathtoashnews parameter to (1) ashnews.php and (2) ashheadlines.php. | 5.0 |
2003-12-31 | CVE-2003-1290 | BEA | Remote Information Disclosure vulnerability in BEA WebLogic Server and WebLogic Express MBean BEA WebLogic Server and WebLogic Express 6.1, 7.0, and 8.1, with RMI and anonymous admin lookup enabled, allows remote attackers to obtain configuration information by accessing MBeanHome via the Java Naming and Directory Interface (JNDI). | 5.0 |
2003-12-31 | CVE-2003-1288 | Vserver | Denial-Of-Service vulnerability in Vserver Linux-Vserver 1.22 Multiple race conditions in Linux-VServer 1.22 with Linux kernel 2.4.23 and SMP allow local users to cause a denial of service (kernel oops) via unknown attack vectors related to the (1) s_info and (2) ip_info data structures and the (a) forget_original_parent, (b) goodness, (c) schedule, (d) update_process_times, and (e) vc_new_s_context functions. | 5.0 |
2003-12-31 | CVE-2003-1284 | Sambar | Information Disclosure vulnerability in Sambar Server Sambar Server before 6.0 beta 6 allows remote attackers to obtain sensitive information via direct requests to the default scripts (1) environ.pl and (2) testcgi.exe. | 5.0 |
2003-12-31 | CVE-2003-1282 | IBM | Information Disclosure vulnerability in IBM Net.Data IBM Net.Data allows remote attackers to obtain sensitive information such as path names, server names and possibly user names and passwords by causing the (1) $(DTW_CURRENT_FILENAME), (2) $(DATABASE), (3) $(LOGIN), (4) $(PASSWORD), and possibly other predefined variables that can be echoed back to the user via a web form. | 5.0 |
2003-12-31 | CVE-2003-1280 | Eekim | File Corruption vulnerability in Eekim Cgihtml 1.69 Directory traversal vulnerability in cgihtml 1.69 allows remote attackers to overwrite and create arbitrary files via a .. | 5.0 |
2003-12-31 | CVE-2003-1275 | Microsoft | Denial Of Service vulnerability in Microsoft Pocket IE 3.0 Pocket Internet Explorer (PIE) 3.0 allows remote attackers to cause a denial of service (crash) via a Javascript function that uses the object.innerHTML function to recursively call that function. | 5.0 |
2003-12-31 | CVE-2003-1274 | Nullsoft | Denial-Of-Service vulnerability in Nullsoft Winamp 3.0 Winamp 3.0 allows remote attackers to cause a denial of service (crash) via .b4s file with a file: argument to the Playstring parameter that contains MS-DOS device names such as aux. | 5.0 |
2003-12-31 | CVE-2003-1270 | AN | Denial-Of-Service vulnerability in AN An-Http 1.41E AN HTTP 1.41e allows remote attackers to cause a denial of service (borken pipe) via an HTTP request to aux.cgi with a long argument, possibly triggering a buffer overflow or MS-DOS device vulnerability. | 5.0 |
2003-12-31 | CVE-2003-1269 | AN | Buffer Overflow vulnerability in AN An-Http 1.41E AN HTTP 1.41e allows remote attackers to obtain the root web server path via an HTTP request with a long argument to a script, which leaks the path in an error message. | 5.0 |
2003-12-31 | CVE-2003-1267 | Steve Poulsen | Denial-Of-Service vulnerability in Steve Poulsen Guildftpd 0.999 GuildFTPd 0.999 allows remote attackers to cause a denial of service (crash) via a GET request for MS-DOS device names such as lpt1. | 5.0 |
2003-12-31 | CVE-2003-1266 | Etype | Remote Denial Of Service vulnerability in EType EServ FTP The (1) FTP, (2) POP3, (3) SMTP, and (4) NNTP servers in EServer 2.92 through 2.97, and possibly 2.98, allow remote attackers to cause a denial of service (crash) via a large amount of data. | 5.0 |
2003-12-31 | CVE-2003-1264 | D Link Longshine Technologie | Information Disclosure vulnerability in Longshine Wireless Access Point Devices TFTP server in Longshine Wireless Access Point (WAP) LCS-883R-AC-B, and in D-Link DI-614+ 2.0 which is based on it, allows remote attackers to obtain the WEP secret and gain administrator privileges by downloading the configuration file (config.img) and other files without authentication. | 5.0 |
2003-12-31 | CVE-2003-1263 | Brown Bear Software | Denial Of Service vulnerability in Brown Bear Software Ical 3.7 ICAL.EXE in iCal 3.7 allows remote attackers to cause a denial of service (crash) via a malformed HTTP request, possibly due to an invalid method name. | 5.0 |
2003-12-31 | CVE-2003-1257 | E Theni | Remote Security vulnerability in E-theni find_theni_home.php in E-theni allows remote attackers to obtain sensitive system information via a URL request which executes phpinfo. | 5.0 |
2003-12-31 | CVE-2003-1254 | Active PHP Bookmarks | File Include vulnerability in Active PHP Bookmarks Active PHP Bookmarks (APB) 1.1.01 allows remote attackers to execute arbitrary PHP code via (1) head.php, (2) apb_common.php, or (3) apb_view_class.php by modifying the APB_SETTINGS parameter to reference a URL on a remote web server that contains the code. | 5.0 |
2003-12-31 | CVE-2003-1250 | Efficient Networks | Denial Of Service vulnerability in Efficient Networks 5861 DSL Router 5.3.80Firmware Efficient Networks 5861 DSL router, when running firmware 5.3.80 configured to block incoming TCP SYN, packets allows remote attackers to cause a denial of service (crash) via a flood of TCP SYN packets to the WAN interface using a port scanner such as nmap. | 5.0 |
2003-12-31 | CVE-2003-1242 | Sage | Path Disclosure vulnerability in Sage Content Management System Sage 1.0 b3 allows remote attackers to obtain the root web server path via a URL request for a non-existent module, which returns the path in an error message. | 5.0 |
2003-12-31 | CVE-2003-1239 | Wihphoto | Unspecified vulnerability in Wihphoto 0.86 Directory traversal vulnerability in sendphoto.php in WihPhoto 0.86 allows remote attackers to read arbitrary files via .. | 5.0 |
2003-12-31 | CVE-2003-1235 | BRS | Information Disclosure vulnerability in BRS WebWeaver BRW WebWeaver 1.03 allows remote attackers to obtain sensitive server environment information via a URL request for testcgi.exe, which lists the values of environment variables and the current working directory. | 5.0 |
2003-12-31 | CVE-2003-1223 | BEA | Denial of Service and Information Disclosure vulnerability in Multiple BEA WebLogic Server/Express The Node Manager for BEA WebLogic Express and Server 6.1 through 8.1 SP 1 allows remote attackers to cause a denial of service (Node Manager crash) via malformed data to the Node Manager's port, as demonstrated by nmap. | 5.0 |
2003-12-31 | CVE-2003-1222 | BEA | Denial of Service and Information Disclosure vulnerability in BEA Weblogic Server 8.1 BEA Weblogic Express and Server 8.0 through 8.1 SP 1, when using a foreign Java Message Service (JMS) provider, echoes the password for the foreign provider to the console and stores it in cleartext in config.xml, which could allow attackers to obtain the password. | 5.0 |
2003-12-31 | CVE-2003-1221 | BEA | Denial of Service and Information Disclosure vulnerability in BEA Weblogic Server 7.0/7.0.0.1/8.1 BEA WebLogic Express and Server 7.0 through 8.1 SP 1, under certain circumstances when a request to use T3 over SSL (t3s) is made to the insecure T3 port, may use a non-SSL connection for the communication, which could allow attackers to sniff sessions. | 5.0 |
2003-12-31 | CVE-2003-1220 | BEA | Denial of Service and Information Disclosure vulnerability in Multiple BEA WebLogic Server/Express BEA WebLogic Server proxy plugin for BEA Weblogic Express and Server 6.1 through 8.1 SP 1 allows remote attackers to cause a denial of service (proxy plugin crash) via a malformed URL. | 5.0 |
2003-12-31 | CVE-2003-1209 | Monkey Project | Improper Input Validation vulnerability in Monkey-Project Monkey The Post_Method function in Monkey HTTP Daemon before 0.6.2 allows remote attackers to cause a denial of service (crash) via a POST request without a Content-Type header. | 5.0 |
2003-12-31 | CVE-2003-1173 | Centrinity | Centrinity FirstClass 7.1 allows remote attackers to access sensitive information by appending search to the end of the URL and checking all of the search option checkboxes and leaving the text field blank, which will return all files in the searched directory. | 5.0 |
2003-12-31 | CVE-2003-1172 | Apache | Directory Traversal vulnerability in Apache Cocoon 2.1/2.1.2/2.2 Directory traversal vulnerability in the view-source sample file in Apache Software Foundation Cocoon 2.1 and 2.2 allows remote attackers to access arbitrary files via a .. | 5.0 |
2003-12-31 | CVE-2003-1168 | Http Commander | Path Disclosure vulnerability in HTTP Commander HTTP Commander 4.0 allows remote attackers to obtain sensitive information via an HTTP request that contains a . | 5.0 |
2003-12-31 | CVE-2003-1166 | Http Commander | Directory Traversal vulnerability in Http Commander Http Commander 4.0 Directory traversal vulnerability in (1) Openfile.aspx and (2) Html.aspx in HTTP Commander 4.0 allows remote attackers to view arbitrary files via a .. | 5.0 |
2003-12-31 | CVE-2003-1165 | BRS | Remote Denial of Service vulnerability in BRS WebWeaver httpd `User-Agent` Buffer overflow in BRS WebWeaver 1.06 and earlier allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via an HTTP request with a long User-Agent header. | 5.0 |
2003-12-31 | CVE-2003-1163 | Ganglia | Remote Denial of Service vulnerability in Ganglia gmond Malformed Packet hash.c in Ganglia gmond 2.5.3 allows remote attackers to cause a denial of service (segmentation fault) via a UDP packet that contains a single-byte name string, which is used as an out-of-bounds array index. | 5.0 |
2003-12-31 | CVE-2003-1162 | Tritanium Scripts | Unspecified vulnerability in Tritanium Scripts Tritanium Bulletin Board index.php in Tritanium Bulletin Board 1.2.3 allows remote attackers to read and reply to arbitrary messages by modifying the thread_id, forum_id, and sid parameters. | 5.0 |
2003-12-31 | CVE-2003-1158 | Plug AND Play Software | Buffer Overflow vulnerability in Plug and Play Software Plug and Play web Server 1.0.002C Multiple buffer overflows in the FTP service in Plug and Play Web Server 1.0002c allow remote attackers to cause a denial of service (crash) via long (1) dir, (2) ls, (3) delete, (4) mkdir, (5) DELE, (6) RMD, or (7) MKD commands. | 5.0 |
2003-12-31 | CVE-2003-1153 | Bytehoard | Unspecified vulnerability in Bytehoard 0.7/0.71 byteHoard 0.7 and 0.71 allows remote attackers to list arbitrary files and directories via a direct request to files.inc.php. | 5.0 |
2003-12-31 | CVE-2003-1152 | Infrontech | Unspecified vulnerability in Infrontech Webtide 7.0.4 WebTide 7.04 allows remote attackers to list arbitrary directories via an HTTP request for %3f.jsp (encoded "?"). | 5.0 |
2003-12-31 | CVE-2003-1132 | Cisco | Denial-Of-Service vulnerability in Cisco products The DNS server for Cisco Content Service Switch (CSS) 11000 and 11500, when prompted for a nonexistent AAAA record, responds with response code 3 (NXDOMAIN or "Name Error") instead of response code 0 ("No Error"), which allows remote attackers to cause a denial of service (inaccessible domain) by forcing other DNS servers to send and cache a request for a AAAA record to the vulnerable server. | 5.0 |
2003-12-31 | CVE-2003-1127 | Whale Communications | Unspecified vulnerability in Whale Communications E-Gap 2.5 Whale Communications e-Gap 2.5 on Windows 2000 allows remote attackers to obtain the source code for the login page via the HTTP TRACE method, which bypasses the preprocessor. | 5.0 |
2003-12-31 | CVE-2003-1126 | SUN | Denial-Of-Service vulnerability in SUN ONE web Server 6.0 Unknown vulnerability in SunOne/iPlanet Web Server SP3 through SP5 on Windows platforms allows remote attackers to cause a denial of service. | 5.0 |
2003-12-31 | CVE-2003-1125 | SUN | Denial-Of-Service vulnerability in SUN ONE Directory Server 4.16/5.0/5.1 Unknown vulnerability in ns-ldapd for Sun ONE Directory Server 4.16, 5.0, and 5.1 allows LDAP clients to cause a denial of service (service halt). | 5.0 |
2003-12-31 | CVE-2003-1119 | SSH | Denial-Of-Service vulnerability in SSH Secure Shell 3.1/3.2 SSH Secure Shell before 3.2.9 allows remote attackers to cause a denial of service via malformed BER/DER packets. | 5.0 |
2003-12-31 | CVE-2003-1116 | Oracle | Unspecified vulnerability in Oracle E-Business Suite The communications protocol for the Report Review Agent (RRA), aka FND File Server (FNDFS) program, in Oracle E-Business Suite 10.7, 11.0, and 11.5.1 to 11.5.8 allows remote attackers to bypass authentication and obtain sensitive information from the Oracle Applications Concurrent Manager by spoofing requests to the TNS Listener. | 5.0 |
2003-12-31 | CVE-2003-1108 | Alcatel Lucent | Unspecified vulnerability in Alcatel-Lucent Omnipcx 5.0 The Session Initiation Protocol (SIP) implementation in Alcatel OmniPCX Enterprise 5.0 Lx allows remote attackers to cause a denial of service and possibly execute arbitrary code via crafted INVITE messages, as demonstrated by the OUSPG PROTOS c07-sip test suite. | 5.0 |
2003-12-31 | CVE-2003-1106 | Microsoft | Denial of Service vulnerability in Microsoft SMTP Service Invalid FILETIME The SMTP service in Microsoft Windows 2000 before SP4 allows remote attackers to cause a denial of service (crash or hang) via an e-mail message with a malformed time stamp in the FILETIME attribute. | 5.0 |
2003-12-31 | CVE-2003-1102 | Hummingbird | Remote Security vulnerability in Hummingbird CyberDOCS Hummingbird CyberDOCS 3.5, 3.9, and 4.0, when running on IIS, uses insecure permissions for script source code files, which allows remote attackers to read the source code. | 5.0 |
2003-12-31 | CVE-2003-1101 | Hummingbird | Path Disclosure vulnerability in Hummingbird Cyberdocs 3.5.1/3.9/4.0 Hummingbird CyberDOCS 3.5.1, 3.9, and 4.0 allows remote attackers to obtain the full path of the DM Web Server via invalid login credentials, which reveals the path in an error message. | 5.0 |
2003-12-31 | CVE-2003-1089 | Phpoutsourcing | Path Disclosure vulnerability in PHPoutsourcing Zorum 3.4 index.php for Zorum 3.4 allows remote attackers to determine the full path of the web root via invalid parameter names, which reveals the path in a PHP error message. | 5.0 |
2003-12-31 | CVE-2003-1087 | HP | Network Traffic Denial Of Service vulnerability in HP-UX Unknown vulnerability in diagmond and possibly other applications in HP9000 Series 700/800 running HP-UX B.11.00, B.11.04, B.11.11, and B.11.22 allows remote attackers to cause a denial of service (program failure) via certain network traffic. | 5.0 |
2003-12-31 | CVE-2003-1085 | Thomson | Remote Denial Of Service vulnerability in Thomson Cable Modem The HTTP server in the Thomson TWC305, TWC315, and TCW690 cable modem ST42.03.0a allows remote attackers to cause a denial of service (unstable service) via a long GET request, possibly caused by a buffer overflow. | 5.0 |
2003-12-31 | CVE-2003-1066 | SUN | Buffer Overflow Denial Of Service vulnerability in Sun Solaris Syslogd UDP Packet Buffer overflow in the syslog daemon for Solaris 2.6 through 9 allows remote attackers to cause a denial of service (syslogd crash) and possibly execute arbitrary code via long syslog UDP packets. | 5.0 |
2003-12-31 | CVE-2003-1005 | Apple | Remote Denial Of Service vulnerability in Apple MacOS X ASN.1 Decoding The PKI functionality in Mac OS X 10.2.8 and 10.3.2 allows remote attackers to cause a denial of service (service crash) via malformed ASN.1 sequences. | 5.0 |
2003-12-31 | CVE-2003-0900 | Larry Wall | Remote Security vulnerability in Larry Wall Perl 5.8.1 Perl 5.8.1 on Fedora Core does not properly initialize the random number generator when forking, which makes it easier for attackers to predict random numbers. | 5.0 |
2003-12-31 | CVE-2003-0627 | Peoplesoft | Denial of Service vulnerability in PeopleSoft PeopleBooks psdoccgi.exe psdoccgi.exe in PeopleSoft PeopleTools 8.4 through 8.43 allows remote attackers to cause a denial of service (application crash), possibly via the headername and footername arguments. | 5.0 |
2003-12-31 | CVE-2003-1446 | Rogue | Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in Rogue 5.22/985.0 Buffer overflow in the save_into_file function in save.c for Rogue 5.2-2 allows local users to execute arbitrary code with games group privileges by setting a long HOME environment variable and invoking the save game function with a ~ (tilde). | 4.9 |
2003-12-31 | CVE-2003-1428 | Linux Bharat Mediratta | Unspecified vulnerability in Bharat Mediratta Gallery 1.3.3 Gallery 1.3.3 creates directories with insecure permissions, which allows local users to read, modify, or delete photos. | 4.8 |
2003-12-31 | CVE-2003-1502 | Snert COM | Local Shared Memory Corruption vulnerability in Snert.Com MOD Throttle 3.0 mod_throttle 3.0 allows local users with Apache privileges to access shared memory that points to a file that is writable by the apache user, which could allow local users to gain privileges. | 4.6 |
2003-12-31 | CVE-2003-1482 | Microsoft | Credentials Management vulnerability in Microsoft Mn-500 Wireless Base Station The backup configuration file for Microsoft MN-500 wireless base station stores administrative passwords in plaintext, which allows local users to gain access. | 4.6 |
2003-12-31 | CVE-2003-1473 | Lgames | Buffer Errors vulnerability in Lgames Ltris 1.0.1 Buffer overflow in LTris 1.0.1 of FreeBSD Ports Collection 2003-02-25 and earlier allows local users to execute arbitrary code with gid "games" permission via a long HOME environment variable. | 4.6 |
2003-12-31 | CVE-2003-1457 | Auerswald | Configuration vulnerability in Auerswald Comsuite CTI Controlcenter 3.1 Auerswald COMsuite CTI ControlCenter 3.1 creates a default "runasositron" user account with an easily guessable password, which allows local users or remote attackers to gain access. | 4.6 |
2003-12-31 | CVE-2003-1445 | Rarlab | Buffer Errors vulnerability in Rarlab FAR Manager 1.65/1.70Beta1/1.70Beta4 Stack-based buffer overflow in Far Manager 1.70beta1 and earlier allows local users to cause a denial of service (crash) and possibly execute arbitrary code via a long pathname. | 4.6 |
2003-12-31 | CVE-2003-1376 | Winzip | Credentials Management vulnerability in Winzip 8.0 WinZip 8.0 uses weak random number generation for password protected ZIP files, which allows local users to brute force the encryption keys and extract the data from the zip file by guessing the state of the stream coder. | 4.6 |
2003-12-31 | CVE-2003-1374 | HP | Buffer Errors vulnerability in HP Hp-Ux 11 Buffer overflow in disable of HP-UX 11.0 may allow local users to execute arbitrary code via a long argument to the (1) -r or (2)-c options. | 4.6 |
2003-12-31 | CVE-2003-1324 | Elmme Mailer | Local Security vulnerability in Elmme-Mailer ELM Me+ 2.4 Race condition in the can_open function in Elm ME+ 2.4, when installed setgid mail and the operating system lacks POSIX saved ID support, allows local users to read and modify certain files with the privileges of the mail group. | 4.6 |
2003-12-31 | CVE-2003-1310 | Symantec | Unspecified vulnerability in Symantec Norton Antivirus 2002/2003 The DeviceIoControl function in the Norton Device Driver (NAVAP.sys) in Symantec Norton AntiVirus 2002 allows local users to gain privileges by overwriting memory locations via certain control codes (aka "Device Driver Attack"). | 4.6 |
2003-12-31 | CVE-2003-1308 | Fvwm | Local Security vulnerability in FVWM CRLF injection vulnerability in fvwm-menu-directory for fvwm 2.5.x before 2.5.10 and 2.4.x before 2.4.18 allows local users to execute arbitrary commands via carriage returns in a filename. | 4.6 |
2003-12-31 | CVE-2003-1287 | Sambar | Denial-Of-Service vulnerability in Server Sambar Server before 6.0 beta 3 allows attackers with physical access to execute arbitrary code via a request with an MS-DOS device name such as com1.pl, con.pl, or aux.pl, which causes Perl to read the code from the associated device. | 4.6 |
2003-12-31 | CVE-2003-1279 | Insightful | S-PLUS 6.0 allows local users to overwrite arbitrary files and possibly elevate privileges via a symlink attack on (1) /tmp/__F8499 by Sqpe, (2) /tmp/PRINT.$$.out by PRINT, (3) /tmp/SUBST$PID.TXT and /tmp/ed.cmds$PID by mustfix.hlinks, (4) /tmp/file.1 and /tmp/file.2 by sas_get, (5) /tmp/file.1 by sas_vars, and (6) /tmp/sgml2html$$tmp /tmp/sgml2html$$tmp1 /tmp/sgml2html$$tmp2 by sglm2html. | 4.6 |
2003-12-31 | CVE-2003-1276 | Nettelephone | Local Security vulnerability in Nettelephone 3.5.6 Netfone.exe of NetTelephone 3.5.6 uses weak encryption for user PIN's and stores user account numbers in plaintext in the HKEY_CURRENT_USER\Software\MediaRing.com\SDK\NetTelephone\settings registry key, which could allow local users to gain unauthorized access to NetTelephone accounts. | 4.6 |
2003-12-31 | CVE-2003-1169 | Datev | Unspecified vulnerability in Datev Nutzungskontrolle 2.1/2.2 DATEV Nutzungskontrolle 2.1 and 2.2 has insecure write permissions for critical registry keys, which allows local users to bypass access restrictions by importing NukoInfo values in certain DATEV keys, which disables Nutzungskontrolle. | 4.6 |
2003-12-31 | CVE-2003-1156 | SUN | File Corruption vulnerability in SUN JDK and JRE Java Runtime Environment (JRE) and Software Development Kit (SDK) 1.4.2 through 1.4.2_02 allows local users to overwrite arbitrary files via a symlink attack on (1) unpack.log, as created by the unpack program, or (2) .mailcap1 and .mime.types1, as created by the RPM program. | 4.6 |
2003-12-31 | CVE-2003-1155 | X CD Roast | Local Insecure File Creation Symlink vulnerability in X-CD-Roast X-CD-Roast 0.98 alpha10 through alpha14 allows local users to overwrite arbitrary files via a symlink attack on an unknown file. | 4.6 |
2003-12-31 | CVE-2003-1124 | SUN | Unspecified vulnerability in SUN Management+Center 2.1.1/3.0/3.0Revenuerelease Unknown vulnerability in Sun Management Center (SunMC) 2.1.1, 3.0, and 3.0 Revenue Release (RR), when installed and run by root, allows local users to create or modify arbitrary files. | 4.6 |
2003-12-31 | CVE-2003-1093 | BEA | Unspecified vulnerability in BEA Weblogic Server 6.1/7.0/7.0.0.1 BEA WebLogic Server 6.1, 7.0 and 7.0.0.1, when routing messages to a JMS target domain that is inaccessible, may leak the user's password when it throws a ResourceAllocationException. | 4.6 |
2003-12-31 | CVE-2003-0857 | Redhat | Permissions, Privileges, and Access Controls vulnerability in Redhat Enterprise Linux 2.1/3.0 The (1) ipq_read and (2) ipulog_read functions in iptables allow local users to cause a denial of service by sending spoofed messages as other users to the kernel netlink interface. | 4.6 |
2003-12-29 | CVE-2003-1215 | Phpbb Group | SQL Injection vulnerability in phpBB GroupCP.PHP SQL injection vulnerability in groupcp.php for phpBB 2.0.6 and earlier allows group moderators to perform unauthorized activities via the sql_in parameter. | 4.6 |
2003-12-31 | CVE-2003-1444 | Kaspersky LAB | Improper Input Validation vulnerability in Kaspersky LAB Kaspersky Anti-Virus 4.0.9.0 Kaspersky Antivirus (KAV) 4.0.9.0 allows local users to cause a denial of service (CPU consumption or crash) and prevent malicious code from being detected via a file with a long pathname. | 4.4 |
2003-12-31 | CVE-2003-1443 | Kaspersky LAB | Improper Input Validation vulnerability in Kaspersky LAB Kaspersky Anti-Virus 4.0.9.0 Kaspersky Antivirus (KAV) 4.0.9.0 does not detect viruses in files with MS-DOS device names in their filenames, which allows local users to bypass virus protection, as demonstrated using aux.vbs and aux.com. | 4.4 |
2003-12-31 | CVE-2003-1417 | Ncipher | Credentials Management vulnerability in Ncipher Support Software 6.00 nCipher Support Software 6.00, when using generatekey KeySafe to import keys, does not delete the temporary copies of the key, which may allow local users to gain access to the key by reading the (1) key.pem or (2) key.der files. | 4.4 |
2003-12-31 | CVE-2003-1561 | Opera | Information Disclosure vulnerability in Opera Opera, probably before 7.50, sends Referer headers containing https:// URLs in requests for http:// URLs, which allows remote attackers to obtain potentially sensitive information by reading Referer log data. | 4.3 |
2003-12-31 | CVE-2003-1556 | CGI City | Cross-Site Scripting vulnerability in CGI City CC Guestbook Cross-site scripting (XSS) vulnerability in cc_guestbook.pl in CGI City CC GuestBook allows remote attackers to inject arbitrary web script or HTML via the (1) name and (2) homepage_title (webpage title) parameters. | 4.3 |
2003-12-31 | CVE-2003-1554 | Scoznet | Cross-Site Scripting vulnerability in Scoznet Scozbook 1.1Beta Cross-site scripting (XSS) vulnerability in scozbook/add.php in ScozNet ScozBook 1.1 BETA allows remote attackers to inject arbitrary web script or HTML via the (1) username, (2) useremail, (3) aim, (4) msn, (5) sitename and (6) siteaddy variables. | 4.3 |
2003-12-31 | CVE-2003-1553 | Sips | Information Exposure vulnerability in Sips 0.2.2 Haakon Nilsen Simple Internet Publishing System (SIPS) 0.2.2 stores sensitive information under the web root with insufficient access control, which allows remote attackers to obtain password and other user information via a direct request to a user-specific configuration directory. | 4.3 |
2003-12-31 | CVE-2003-1549 | Myabracadaweb | Cross-Site Scripting vulnerability in Myabracadaweb Cross-site scripting (XSS) vulnerability in header.php in MyABraCaDaWeb 1.0.2 and earlier allows remote attackers to inject arbitrary web script or HTML via the ma_kw parameter. | 4.3 |
2003-12-31 | CVE-2003-1547 | Francisco Burzi | Cross-Site Scripting vulnerability in Francisco Burzi PHP-Nuke Cross-site scripting (XSS) vulnerability in block-Forums.php in the Splatt Forum module for PHP-Nuke 6.x allows remote attackers to inject arbitrary web script or HTML via the subject parameter. | 4.3 |
2003-12-31 | CVE-2003-1546 | Filebased | Cross-Site Scripting vulnerability in Filebased Guestbook 1.1.3 Cross-site scripting (XSS) vulnerability in gbook.php in Filebased guestbook 1.1.3 allows remote attackers to inject arbitrary web script or HTML via the comment section. | 4.3 |
2003-12-31 | CVE-2003-1543 | Bajie | Cross-Site Scripting vulnerability in Bajie Java Http Server 0.95 Cross-site scripting (XSS) vulnerability in Bajie Http Web Server 0.95zxe, 0.95zxc, and possibly others, allows remote attackers to inject arbitrary web script or HTML via the query string, which is reflected in an error message. | 4.3 |
2003-12-31 | CVE-2003-1539 | Onedotoh | Cross-Site Scripting vulnerability in Onedotoh Simple File Manager Cross-site scripting (XSS) vulnerability in ONEdotOH Simple File Manager (SFM) before 0.21 allows remote attackers to inject arbitrary web script or HTML via (1) file names and (2) directory names. | 4.3 |
2003-12-31 | CVE-2003-1536 | DCP Portal | Cross-Site Scripting vulnerability in Dcp-Portal 5.3.1 Multiple cross-site scripting (XSS) vulnerabilities in Codeworx Technologies DCP-Portal 5.3.1 allow remote attackers to inject arbitrary web script or HTML via (1) the q parameter to search.php and (2) the year parameter to calendar.php. | 4.3 |
2003-12-31 | CVE-2003-1534 | Justice Media | Cross-Site Scripting vulnerability in Justice Media Guestbook Cross-site scripting (XSS) vulnerability in jgb.php3 in Justice Guestbook 1.3 allows remote attackers to inject arbitrary web script or HTML via the (1) name, (2) homepage, (3) aim, (4) yim, (5) location, and (6) comment variables. | 4.3 |
2003-12-31 | CVE-2003-1531 | Lilikoi | Cross-Site Scripting vulnerability in Lilikoi Ceilidh Cross-site scripting (XSS) vulnerability in testcgi.exe in Lilikoi Software Ceilidh 2.70 and earlier allows remote attackers to inject arbitrary web script or HTML via the query string. | 4.3 |
2003-12-31 | CVE-2003-1527 | IBM ISS | BlackICE Defender 2.9.cap and Server Protection 3.5.cdf, when configured to automatically block attacks, allows remote attackers to block IP addresses and cause a denial of service via spoofed packets. | 4.3 |
2003-12-31 | CVE-2003-1522 | Pscs | Cross-Site Scripting vulnerability in Pscs Vpop3 web Mail Server 2.0E/2.0F Cross-site scripting (XSS) vulnerability in PSCS VPOP3 Web Mail server 2.0e and 2.0f allows remote attackers to inject arbitrary web script or HTML via the redirect parameter to the admin/index.html page. | 4.3 |
2003-12-31 | CVE-2003-1519 | Vivisimo | Cross-Site Scripting vulnerability in Vivisimo Clustering Engine 0 Cross-site scripting (XSS) vulnerability in Vivisimo clustering engine allows remote attackers to inject arbitrary web script or HTML via the query parameter to the search program. | 4.3 |
2003-12-31 | CVE-2003-1513 | Caucho Technology | Cross-Site Scripting vulnerability in Caucho Technology Resin Multiple cross-site scripting (XSS) vulnerabilities in example scripts in Caucho Technology Resin 2.0 through 2.1.2 allow remote attackers to inject arbitrary web script or HTML via (1) env.jsp, (2) form.jsp, (3) session.jsp, (4) the move parameter to tictactoe.jsp, or the (5) name or (6) comment fields to guestbook.jsp. | 4.3 |
2003-12-31 | CVE-2003-1511 | Bajie | Cross-Site Scripting vulnerability in Bajie Java Http Server 0.95 Cross-site scripting (XSS) vulnerability in Bajie Java HTTP Server 0.95 through 0.95zxv4 allows remote attackers to inject arbitrary web script or HTML via (1) the query string to test.txt, (2) the guestName parameter to the custMsg servlet, or (3) the cookiename parameter to the CookieExample servlet. | 4.3 |
2003-12-31 | CVE-2003-1508 | Mirc | Buffer Errors vulnerability in Mirc 6.12 Buffer overflow in mIRC 6.12, when the DCC get dialog window has been minimized and the user opens the minimized window, allows remote attackers to cause a denial of service (crash) via a long filename. | 4.3 |
2003-12-31 | CVE-2003-1506 | Daniel Barron | Cross-Site Scripting vulnerability in Daniel Barron Dansguardian Cross-site scripting (XSS) vulnerability in dansguardian.pl in Adelix CensorNet 3.0 through 3.2 allows remote attackers to execute arbitrary script as other users by injecting arbitrary HTML or script into the DENIEDURL parameter. | 4.3 |
2003-12-31 | CVE-2003-1505 | Microsoft | Unspecified vulnerability in Microsoft Internet Explorer 6 Microsoft Internet Explorer 6.0 allows remote attackers to cause a denial of service (crash) by creating a web page or HTML e-mail with a textarea in a div element whose scrollbar-base-color is modified by a CSS style, which is then moved. | 4.3 |
2003-12-31 | CVE-2003-1498 | Wrensoft | Cross-Site Scripting vulnerability in Wrensoft Zoom Search Engine Cross-site scripting (XSS) vulnerability in search.php for WRENSOFT Zoom Search Engine 2.0 Build 1018 and earlier allows remote attackers to inject arbitrary web script or HTML via the zoom_query parameter. | 4.3 |
2003-12-31 | CVE-2003-1484 | Microsoft | Buffer Errors vulnerability in Microsoft IE 6.0 Microsoft Internet Explorer 6.0 SP1 allows remote attackers to cause a denial of service (crash) by creating a DHTML link that uses the AnchorClick "A" object with a blank href attribute. | 4.3 |
2003-12-31 | CVE-2003-1480 | Mysql Oracle | Cryptographic Issues vulnerability in multiple products MySQL 3.20 through 4.1.0 uses a weak algorithm for hashed passwords, which makes it easier for attackers to decrypt the password via brute force methods. | 4.3 |
2003-12-31 | CVE-2003-1479 | Darkwet | Cross-Site Scripting vulnerability in Darkwet Webcam XP 1.02.432/1.02.535 Cross-site scripting (XSS) vulnerability in webcamXP 1.02.432 and 1.02.535 allows remote attackers to inject arbitrary web script or HTML via the message field. | 4.3 |
2003-12-31 | CVE-2003-1478 | KDE | Buffer Errors vulnerability in KDE Konqueror 3.0.3 Konqueror in KDE 3.0.3 allows remote attackers to cause a denial of service (core dump) via a web page that begins with a "xFFxFE" byte sequence and a large number of CRLF sequences, as demonstrated using freeze.htm. | 4.3 |
2003-12-31 | CVE-2003-1468 | Francisco Burzi | Information Exposure vulnerability in Francisco Burzi PHP-Nuke The Web_Links module in PHP-Nuke 6.0 through 6.5 final allows remote attackers to obtain the full web server path via an invalid cid parameter that is non-numeric or null, which leaks the pathname in an error message. | 4.3 |
2003-12-31 | CVE-2003-1467 | Linux Microsoft Unix Phorum | Cross-Site Scripting vulnerability in Phorum Multiple cross-site scripting (XSS) vulnerabilities in (1) login.php, (2) register.php, (3) post.php, and (4) common.php in Phorum before 3.4.3 allow remote attackers to inject arbitrary web script or HTML via unknown attack vectors. | 4.3 |
2003-12-31 | CVE-2003-1453 | Xoops | Cross-Site Scripting vulnerability in Xoops Cross-site scripting (XSS) vulnerability in the MytextSanitizer function in XOOPS 1.3.5 through 1.3.9 and XOOPS 2.0 through 2.0.1 allows remote attackers to inject arbitrary web script or HTML via a javascript: URL in an IMG tag. | 4.3 |
2003-12-31 | CVE-2003-1441 | Posadis | Improper Input Validation vulnerability in Posadis Posadis 0.50.4 through 0.50.8 allows remote attackers to cause a denial of service (crash) via a DNS message without a question section, which triggers null dereference. | 4.3 |
2003-12-31 | CVE-2003-1440 | Burton Computer Corporation | Improper Input Validation vulnerability in Burton Computer Corporation Spamprobe 0.8A SpamProbe 0.8a allows remote attackers to cause a denial of service (crash) via HTML e-mail with newline characters within an href tag, which is not properly handled by certain regular expressions. | 4.3 |
2003-12-31 | CVE-2003-1439 | Silc | Credentials Management vulnerability in Silc Secure Internet Live Conferencing 0.9.11/0.9.12 Secure Internet Live Conferencing (SILC) 0.9.11 and 0.9.12 stores passwords and sessions in plaintext in memory, which could allow local users to obtain sensitive information. | 4.3 |
2003-12-31 | CVE-2003-1438 | BEA | Race Condition vulnerability in BEA Weblogic Server Race condition in BEA WebLogic Server and Express 5.1 through 7.0.0.1, when using in-memory session replication or replicated stateful session beans, causes the same buffer to be provided to two users, which could allow one user to see session data that was intended for another user. | 4.3 |
2003-12-31 | CVE-2003-1433 | Epic Games | Improper Authentication vulnerability in Epic Games Unreal Engine 226F/433/436 Epic Games Unreal Engine 226f through 436 does not validate the challenge key, which allows remote attackers to exhaust the player limit by joining the game multiple times. | 4.3 |
2003-12-31 | CVE-2003-1421 | Suckbot | Resource Management Errors vulnerability in Suckbot 0.006 Unspecified vulnerability in mod_mysql_logger shared object in SuckBot 0.006 allows remote attackers to cause a denial of service (seg fault) via unknown attack vectors. | 4.3 |
2003-12-31 | CVE-2003-1420 | Opera | Cross-site Scripting vulnerability in Opera Browser Cross-site scripting (XSS) vulnerability in Opera 6.0 through 7.0 with automatic redirection disabled allows remote attackers to inject arbitrary web script or HTML via the HTTP Location header. | 4.3 |
2003-12-31 | CVE-2003-1419 | Netscape | Improper Input Validation vulnerability in Netscape Navigator 7.0 Netscape 7.0 allows remote attackers to cause a denial of service (crash) via a web page with an invalid regular expression argument to the JavaScript reformatDate function. | 4.3 |
2003-12-31 | CVE-2003-1418 | Apache | Information Exposure vulnerability in Apache Http Server Apache HTTP Server 1.3.22 through 1.3.27 on OpenBSD allows remote attackers to obtain sensitive information via (1) the ETag header, which reveals the inode number, or (2) multipart MIME boundary, which reveals child process IDs (PID). | 4.3 |
2003-12-31 | CVE-2003-1416 | Bisonftp | Improper Input Validation vulnerability in Bisonftp Server 4 R2 BisonFTP Server 4 release 2 allows remote attackers to cause a denial of service (CPU consumption) via a long (1) ls or (2) cwd command. | 4.3 |
2003-12-31 | CVE-2003-1414 | Apple | Path Traversal vulnerability in Apple products Directory traversal vulnerability in parse_xml.cg Apple Darwin Streaming Server 4.1.2 and Apple Quicktime Streaming Server 4.1.1 allows remote attackers to read arbitrary files via a ... | 4.3 |
2003-12-31 | CVE-2003-1413 | Apple | Path Traversal vulnerability in Apple products parse_xml.cgi in Apple Darwin Streaming Server 4.1.1 allows remote attackers to determine the existence of arbitrary files by using ".." sequences in the filename parameter and comparing the resulting error messages. | 4.3 |
2003-12-31 | CVE-2003-1400 | Francisco Burzi | Cross-Site Scripting vulnerability in Francisco Burzi PHP-Nuke Cross-site scripting (XSS) vulnerability in the Your_Account module for PHP-Nuke 5.0 through 6.0 allows remote attackers to inject arbitrary web script or HTML via the user_avatar parameter. | 4.3 |
2003-12-31 | CVE-2003-1397 | Opera | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Opera Browser 6.05/7.0/7.01 The PluginContext object of Opera 6.05 and 7.0 allows remote attackers to cause a denial of service (crash) via an HTTP request containing a long string that gets passed to the ShowDocument method. | 4.3 |
2003-12-31 | CVE-2003-1384 | PY Software | Cross-Site Scripting vulnerability in PY Software Py-Livredor 1.0 Cross-site scripting (XSS) vulnerability in index.php in PY-Livredor 1.0 allows remote attackers to insert arbitrary web script or HTML via the (1) titre, (2) Votre pseudo, (3) Votre e-mail, or (4) Votre message fields. | 4.3 |
2003-12-31 | CVE-2003-1372 | Linux Microsoft Unix Myphpnuke | Cross-Site Scripting vulnerability in Myphpnuke 1.8.8 Cross-site scripting (XSS) vulnerability in links.php script in myPHPNuke 1.8.8, and possibly earlier versions, allows remote attackers to inject arbitrary HTML and web script via the (1) ratenum or (2) query parameters. | 4.3 |
2003-12-31 | CVE-2003-1371 | Nuked Klan | Cross-Site Scripting vulnerability in Nuked-Klan 1.3Beta Nuked-Klan 1.3b, and possibly earlier versions, allows remote attackers to obtain sensitive server information via an op parameter set to phpinfo for the (1) Team, (2) News, or (3) Liens modules. | 4.3 |
2003-12-31 | CVE-2003-1370 | Nuked Klan | Cross-Site Scripting vulnerability in Nuked-Klan 1.2Beta Multiple cross-site scripting (XSS) vulnerabilities in Nuked-Klan 1.2b allow remote attackers to inject arbitrary HTML or web script via (1) the Author field in the Guestbook module, (2) the Titre or Pseudo fields in the Forum module, or (3) "La Tribune Libre" in the Shoutbox module. | 4.3 |
2003-12-31 | CVE-2003-1353 | Lanifex | Cross-Site Scripting vulnerability in Lanifex Outreach Project Tool 0.946B Multiple cross-site scripting (XSS) vulnerabilities in Outreach Project Tool (OPT) 0.946b allow remote attackers to inject arbitrary web script or HTML, as demonstrated using the news field. | 4.3 |
2003-12-31 | CVE-2003-1350 | List Site PRO | Improper Input Validation vulnerability in List Site PRO List Site PRO 2.0 List Site Pro 2.0 allows remote attackers to hijack user accounts by inserting a "|" (pipe), which is used as a field delimiter, into the bannerurl field. | 4.3 |
2003-12-31 | CVE-2003-1348 | Ftls | Cross-Site Scripting vulnerability in Ftls Guestbook 1.1 Cross-site scripting (XSS) vulnerability in guestbook.cgi in ftls.org Guestbook 1.1 allows remote attackers to inject arbitrary web script or HTML via the (1) comment, (2) name, or (3) title field. | 4.3 |
2003-12-31 | CVE-2003-1347 | Geeklog | Cross-Site Scripting vulnerability in Geeklog 1.3.7 Multiple cross-site scripting (XSS) vulnerabilities in Geeklog 1.3.7 allow remote attackers to inject arbitrary web script or HTML via the (1) cid parameter to comment.php, (2) uid parameter to profiles.php, (3) uid to users.php, and (4) homepage field. | 4.3 |
2003-12-31 | CVE-2003-1338 | Aprelium Technologies | Unspecified vulnerability in Aprelium Technologies Abyss web Server CRLF injection vulnerability in Aprelium Abyss Web Server 1.1.2 and earlier allows remote attackers to inject arbitrary HTTP headers and possibly conduct HTTP Response Splitting attacks via CRLF sequences in the Location header. | 4.3 |
2003-12-31 | CVE-2003-1334 | KAI Blankenhorn Bitfolge | Cross-Site Scripting vulnerability in KAI Blankenhorn Bitfolge Simple and Nice Index File Cross-site scripting (XSS) vulnerability in Kai Blankenhorn Bitfolge simple and nice index file (aka snif) before 1.2.7 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. | 4.3 |
2003-12-31 | CVE-2003-1312 | Netegrity | Remote Security vulnerability in Netegrity SiteMinder siteminderagent/SmMakeCookie.ccc in Netegrity SiteMinder places a session ID string in the value of the SMSESSION parameter in a URL, which might allow remote attackers to obtain the ID by sniffing, reading Referer logs, or other methods. | 4.3 |
2003-12-31 | CVE-2003-1293 | Nukedweb | HTML Injection vulnerability in Multiple GuestBookHost Multiple cross-site scripting (XSS) vulnerabilities in NukedWeb GuestBookHost allow remote attackers to inject arbitrary web script or HTML via the (1) Name, (2) Email and (3) Message fields when signing the guestbook. | 4.3 |
2003-12-31 | CVE-2003-1285 | Sambar | Unspecified vulnerability in Sambar Server Multiple cross-site scripting (XSS) vulnerabilities in Sambar Server before 6.0 beta 6 allow remote attackers to inject arbitrary web script or HTML via the query string to (1) isapi/testisa.dll, (2) testcgi.exe, (3) environ.pl, (4) the query parameter to samples/search.dll, (5) the price parameter to mortgage.pl, (6) the query string in dumpenv.pl, (7) the query string to dumpenv.pl, and (8) the E-Mail field of the guestbook script (book.pl). | 4.3 |
2003-12-31 | CVE-2003-1278 | Infopop | HTML Injection vulnerability in Infopop Opentopic 2.3.1 Cross-site scripting vulnerability (XSS) in OpenTopic 2.3.1 allows remote attackers to execute arbitrary script as other users and possibly steal authentication information via cookies by injecting arbitrary HTML or script into IMG tags. | 4.3 |
2003-12-31 | CVE-2003-1277 | Yabb | Cross-Site Scripting vulnerability in Yabb 1.5.0 Cross-site scripting (XSS) vulnerabilities in Yet Another Bulletin Board (YaBB) 1.5.0 allow remote attackers to execute arbitrary script as other users and possibly steal authentication information via cookies by injecting arbitrary HTML or script into (1) news_icon of news_template.php, and (2) threadid and subject of index.html | 4.3 |
2003-12-31 | CVE-2003-1271 | AN | Cross-Site Scripting vulnerability in AN An-Http 1.41E Cross-site scripting vulnerability (XSS) in AN HTTP 1.41e allows remote attackers to execute arbitrary web script or HTML as other users via a URL containing the script. | 4.3 |
2003-12-31 | CVE-2003-1243 | Sage | Cross-Site Scripting vulnerability in Sage Content Management System Cross-site scripting vulnerability (XSS) in Sage 1.0 b3 allows remote attackers to insert arbitrary HTML or web script via the mod parameter. | 4.3 |
2003-12-31 | CVE-2003-1241 | Levcgi COM | HTML Injection vulnerability in Levcgi.Com Myguestbook 3.0 Cross-site scripting vulnerability (XSS) in (1) admin_index.php, (2) admin_pass.php, (3) admin_modif.php, and (4) admin_suppr.php in MyGuestbook 3.0 allows remote attackers to execute arbitrary PHP code by modifying the location parameter to reference a URL on a remote web server that contains file.php via script injected into the pseudo, email, and message parameters. | 4.3 |
2003-12-31 | CVE-2003-1237 | Matt Wright | HTML Injection vulnerability in WWWBoard Cross-site scripting vulnerability (XSS) in WWWBoard 2.0A2.1 and earlier allows remote attackers to inject arbitrary HTML or web script via a message post. | 4.3 |
2003-12-31 | CVE-2003-1231 | ECW Shop | Cross-Site Scripting vulnerability in Ecw-Shop 5.01/5.5 Cross-site scripting (XSS) vulnerability in index.php in ECW-Shop 5.5 allows remote attackers to inject arbitrary web script or HTML via the cat parameter. | 4.3 |
2003-12-31 | CVE-2003-1164 | Mldonkey | Cross-Site Scripting vulnerability in Mldonkey 2.5.4 Cross-site scripting (XSS) vulnerability in Mldonkey 2.5-4 allows remote attackers to inject arbitrary web script or HTML via the URI, which is injected into the HTML error page. | 4.3 |
2003-12-31 | CVE-2003-1157 | Citrix | Cross-Site Scripting vulnerability in Citrix Metaframe 1.0 Cross-site scripting (XSS) vulnerability in login.asp in Citrix MetaFrame XP Server 1.0 allows remote attackers to inject arbitrary web script or HTML via the NFuse_Message parameter. | 4.3 |
2003-12-31 | CVE-2003-1100 | Hummingbird | Cross-Site Scripting vulnerability in Hummingbird Cyberdocs 3.5.1/3.9/4.0 Multiple cross-site scripting (XSS) vulnerabilities in Hummingbird CyberDOCS 3.5.1, 3.9, and 4.0 allow remote attackers to inject arbitrary web script or HTML via certain vectors. | 4.3 |
2003-12-31 | CVE-2003-1563 | SUN | Denial Of Service vulnerability in Sun Cluster TCP Port Conflict Sun Cluster 2.2 through 3.2 for Oracle Parallel Server / Real Application Clusters (OPS/RAC) allows local users to cause a denial of service (cluster node panic or abort) by launching a daemon listening on a TCP port that would otherwise be used by the Distributed Lock Manager (DLM), possibly involving this daemon responding in a manner that spoofs a cluster reconfiguration. | 4.0 |
2003-12-31 | CVE-2003-1331 | Oracle | Buffer Overrun vulnerability in MySQL libmysqlclient Library mysql_real_connect() Stack-based buffer overflow in the mysql_real_connect function in the MySql client library (libmysqlclient) 4.0.13 and earlier allows local users to execute arbitrary code via a long socket name, a different vulnerability than CVE-2001-1453. | 4.0 |
2003-12-31 | CVE-2003-1299 | Pablo Software Solutions | Directory Traversal vulnerability in Pablo Software Solutions Baby FTP Server 1.2 Directory traversal vulnerability in Baby FTP Server 1.2, and possibly other versions before May 31, 2003 allows remote authenticated users to list arbitrary directories and possibly read files via "..." (triple dot) manipulations to the CWD command. | 4.0 |
33 Low Vulnerabilities
DATE | CVE | VENDOR | VULNERABILITY | CVSS |
---|---|---|---|---|
2003-12-31 | CVE-2003-1120 | SSH | Unspecified vulnerability in SSH Tectia Server 4.0.3/4.0.4 Race condition in SSH Tectia Server 4.0.3 and 4.0.4 for Unix, when the password change plugin (ssh-passwd-plugin) is enabled, allows local users to obtain the server's private key. | 3.7 |
2003-12-31 | CVE-2003-1460 | Ralf Hoffmann | Permissions, Privileges, and Access Controls vulnerability in Ralf Hoffmann Worker Filemanager Worker Filemanager 1.0 through 2.7 sets the permissions on the destination directory to world-readable and executable while copying data, which could allow local users to obtain sensitive information. | 3.6 |
2003-12-31 | CVE-2003-1452 | Qualcomm | Configuration vulnerability in Qualcomm Qpopper Untrusted search path vulnerability in Qualcomm qpopper 4.0 through 4.05 allows local users to execute arbitrary code by modifying the PATH environment variable to reference a malicious smbpasswd program. | 3.6 |
2003-12-31 | CVE-2003-1234 | Freebsd | Integer Overflow vulnerability in FreeBSD System Call f_count Integer overflow in the f_count counter in FreeBSD before 4.2 through 5.0 allows local users to cause a denial of service (crash) and possibly execute arbitrary code via multiple calls to (1) fpathconf and (2) lseek, which do not properly decrement f_count through a call to fdrop. | 3.6 |
2003-12-31 | CVE-2003-1463 | Microsoft ALT N | Improper Input Validation vulnerability in Alt-N Webadmin 2.0.0/2.0.1/2.0.2 Absolute path traversal vulnerability in Alt-N Technologies WebAdmin 2.0.0 through 2.0.2 allows remote attackers with administrator privileges to (1) determine the installation path by reading the contents of the Name parameter in a link, and (2) read arbitrary files via an absolute path in the Name parameter. | 3.5 |
2003-12-31 | CVE-2003-1426 | Cpanel | Configuration vulnerability in Cpanel 5.0 Openwebmail in cPanel 5.0, when run using suid Perl, adds the directory in the SCRIPT_FILENAME environment variable to Perl's @INC include array, which allows local users to execute arbitrary code by modifying SCRIPT_FILENAME to reference a directory containing a malicious openwebmail-shared.pl executable. | 3.3 |
2003-12-31 | CVE-2003-1366 | Openbsd | Information Exposure vulnerability in Openbsd chpass in OpenBSD 2.0 through 3.2 allows local users to read portions of arbitrary files via a hard link attack on a temporary file used to store user database information. | 3.3 |
2003-12-31 | CVE-2003-1306 | Microsoft | Microsoft URLScan 2.5, with the RemoveServerHeader option enabled, allows remote attackers to obtain sensitive information (server name and version) via an HTTP request that generates certain errors such as 400 "Bad Request," which leak the Server header in the response. | 2.6 |
2003-12-31 | CVE-2003-1135 | Yahoo | Buffer Overrun vulnerability in Yahoo Messenger 5.6 Buffer overflow in Yahoo! Messenger 5.6 allows remote attackers to cause a denial of service (crash) via a file send request (sendfile) with a large number of "%" (percent) characters after the Yahoo ID. | 2.6 |
2003-12-31 | CVE-2003-1129 | Yahoo | Buffer Overflow vulnerability in Yahoo Audio Conferencing Activex Control 1.0.0.43 Buffer overflow in the Yahoo! Audio Conferencing (aka Voice Chat) ActiveX control before 1,0,0,45 allows remote attackers to cause a denial of service and possibly execute arbitrary code via a URL with a long hostname to Yahoo! Messenger or Yahoo! Chat. | 2.6 |
2003-12-31 | CVE-2003-1105 | Microsoft | Unspecified vulnerability in Microsoft IE and Internet Explorer Unknown vulnerability in Internet Explorer 5.01 SP3 through 6.0 SP1 allows remote attackers to cause a denial of service (browser or Outlook Express crash) via HTML with certain input tags that are not properly rendered. | 2.6 |
2003-12-31 | CVE-2003-1476 | Cerberus | Unspecified vulnerability in Cerberus FTP Server 2.1 Cerberus FTP Server 2.1 stores usernames and passwords in plaintext, which could allow local users to gain access. | 2.1 |
2003-12-31 | CVE-2003-1437 | HP IBM Microsoft Redhat SUN BEA | Unspecified vulnerability in BEA Weblogic Server 7.0/7.0.0.1 BEA WebLogic Express and WebLogic Server 7.0 and 7.0.0.1, stores passwords in plaintext when a keystore is used to store a private key or trust certificate authorities, which allows local users to gain access. | 2.1 |
2003-12-31 | CVE-2003-1295 | Redhat Suse | Multiple vulnerability in SuSE XScreenSaver Package Unspecified vulnerability in xscreensaver 4.12, and possibly other versions, allows attackers to cause xscreensaver to crash via unspecified vectors "while verifying the user-password." | 2.1 |
2003-12-31 | CVE-2003-1294 | Xscreensaver | Multiple vulnerability in SuSE XScreenSaver Package Xscreensaver before 4.15 creates temporary files insecurely in (1) driver/passwd-kerberos.c, (2) driver/xscreensaver-getimage-video, (3) driver/xscreensaver.kss.in, and the (4) vidwhacker and (5) webcollage screensavers, which allows local users to overwrite arbitrary files via a symlink attack. | 2.1 |
2003-12-31 | CVE-2003-1289 | Freebsd Netbsd | Local Security vulnerability in BSD IBCS2 The iBCS2 system call translator for statfs in NetBSD 1.5 through 1.5.3 and FreeBSD 4 up to 4.8-RELEASE-p2 and 5 up to 5.1-RELEASE-p1 allows local users to read portions of kernel memory (memory disclosure) via a large length parameter, which copies additional kernel memory into userland memory. | 2.1 |
2003-12-31 | CVE-2003-1281 | Eekim | Unspecified vulnerability in Eekim Cgihtml 1.69 cgihtml 1.69 allows local users to overwrite arbitrary files via a symlink attack on certain temporary files. | 2.1 |
2003-12-31 | CVE-2003-1273 | Nullsoft | Denial Of Service vulnerability in Nullsoft Winamp 3.0 Winamp 3.0 allows remote attackers to cause a denial of service (crash) via a .b4s file with a playlist name that contains some non-English characters, e.g. | 2.1 |
2003-12-31 | CVE-2003-1265 | Mozilla Netscape | Netscape 7.0 and Mozilla 5.0 do not immediately delete messages in the trash folder when users select the 'Empty Trash' option, which could allow local users to access deleted messages. | 2.1 |
2003-12-31 | CVE-2003-1261 | Globalscape | Buffer Overflow vulnerability in GlobalScape CuteFTP Clipboard URL Buffer overflow in CuteFTP 5.0 and 5.0.1 allows local users to cause a denial of service (crash) by copying a long URL into a clipboard. | 2.1 |
2003-12-31 | CVE-2003-1246 | Pedestal Software | Symbolic Link Bypass vulnerability in Pedestal Software Integrity Protection Driver 1.2/1.3 NtCreateSymbolicLinkObject in ntdll.dll in Integrity Protection Driver (IPD) 1.2 and 1.3 allows local users to create and overwrite arbitrary files via a symlink attack on \winnt\system32\drivers using the subst command. | 2.1 |
2003-12-31 | CVE-2003-1226 | BEA | Password Storage vulnerability in BEA Weblogic Server 7.0/7.0.0.1 BEA WebLogic Server and Express 7.0 and 7.0.0.1 stores certain secrets concerning password encryption insecurely in config.xml, filerealm.properties, and weblogic-rar.xml, which allows local users to learn those secrets and decrypt passwords. | 2.1 |
2003-12-31 | CVE-2003-1225 | BEA | Password Storage vulnerability in BEA Weblogic Server 7.0/7.0.0.1 The default CredentialMapper for BEA WebLogic Server and Express 7.0 and 7.0.0.1 stores passwords in cleartext on disk, which allows local users to extract passwords. | 2.1 |
2003-12-31 | CVE-2003-1224 | BEA | Password Storage vulnerability in BEA Weblogic Server 7.0/7.0.0.1 Weblogic.admin for BEA WebLogic Server and Express 7.0 and 7.0.0.1 displays the JDBCConnectionPoolRuntimeMBean password to the screen in cleartext, which allows attackers to read a user's password by physically observing ("shoulder surfing") the screen. | 2.1 |
2003-12-31 | CVE-2003-1174 | Nullsoft | Unspecified vulnerability in Nullsoft Shoutcast Server 1.9.2 Buffer overflow in NullSoft Shoutcast Server 1.9.2 allows local users to cause a denial of service via (1) icy-name followed by a long server name or (2) icy-url followed by a long URL. | 2.1 |
2003-12-31 | CVE-2003-1134 | SUN | Denial Of Service vulnerability in SUN Java 1.3.1/1.4.1/1.4.2 Sun Java 1.3.1, 1.4.1, and 1.4.2 allows local users to cause a denial of service (JVM crash), possibly by calling the ClassDepth function with a null parameter, which causes a crash instead of generating a null pointer exception. | 2.1 |
2003-12-31 | CVE-2003-1133 | Ritlabs | Unspecified vulnerability in Ritlabs the BAT Rit Research Labs The Bat! 1.0.11 through 2.0 creates new accounts with insecure ACLs, which allows local users to read other users' email messages. | 2.1 |
2003-12-31 | CVE-2003-1122 | Scriptlogic | Unspecified vulnerability in Scriptlogic 4.01 ScriptLogic 4.01, and possibly other versions before 4.14, uses insecure permissions for the LOGS$ share, which allows users to modify log records and possibly execute arbitrary code. | 2.1 |
2003-12-31 | CVE-2003-1099 | HP | shar on HP-UX B.11.00, B.11.04, and B.11.11 creates temporary files with predictable names in /tmp, which allows local users to cause a denial of service and possibly execute arbitrary code via a symlink attack. | 2.1 |
2003-12-31 | CVE-2003-0887 | Angus Mackay | Local Security vulnerability in ez-Ipupdate 3.0.11B5/3.0.11B7 ez-ipupdate 3.0.11b7 and earlier creates insecure temporary cache files, which allows local users to conduct unauthorized operations via a symlink attack on the ez-ipupdate.cache file. | 2.1 |
2003-12-31 | CVE-2003-1447 | IBM | Cryptographic Issues vulnerability in IBM Websphere Application Server 4.0.4 IBM WebSphere Advanced Server Edition 4.0.4 uses a weak encryption algorithm (XOR and base64 encoding), which allows local users to decrypt passwords when the configuration file is exported to XML. | 1.9 |
2003-12-31 | CVE-2003-1399 | Eject | Information Disclosure vulnerability in Eject 2.0.10/2.0.11/2.0.12 eject 2.0.10, when installed setuid on systems such as SuSE Linux 7.3, generates different error messages depending on whether a specified file exists or not, which allows local users to obtain sensitive information. | 1.9 |
2003-12-31 | CVE-2003-1073 | SUN | Unspecified vulnerability in SUN Solaris and Sunos A race condition in the at command for Solaris 2.6 through 9 allows local users to delete arbitrary files via the -r argument with .. | 1.2 |