Latest CVE Feed
-
6.8
MEDIUMCVE-2004-0032
Cross-site scripting (XSS) vulnerability in search.php in PHPGEDVIEW 2.61 allows remote attackers to inject arbitrary HTML and web script via the firstname parameter.... Read more
Affected Products : phpgedview- EPSS Score: %0.74
- Published: Jan. 20, 2004
- Modified: Apr. 03, 2025
-
6.0
MEDIUMCVE-2003-0904
Microsoft Exchange 2003 and Outlook Web Access (OWA), when configured to use NTLM authentication, does not properly reuse HTTP connections, which can cause OWA users to view mailboxes of other users when Kerberos has been disabled as an authentication met... Read more
- EPSS Score: %26.15
- Published: Jan. 20, 2004
- Modified: Apr. 03, 2025
-
4.3
MEDIUMCVE-2003-1025
Internet Explorer 5.01 through 6 SP1 allows remote attackers to spoof the domain of a URL via a "%01" character before an @ sign in the user@domain portion of the URL, which hides the rest of the URL, including the real site, in the address bar, aka the "... Read more
Affected Products : internet_explorer- EPSS Score: %67.17
- Published: Jan. 20, 2004
- Modified: Apr. 03, 2025
-
7.2
HIGHCVE-2003-1024
Unknown vulnerability in the ls-F builtin function in tcsh on Solaris 8 allows local users to create or delete files as other users, and gain privileges.... Read more
- EPSS Score: %0.07
- Published: Jan. 20, 2004
- Modified: Apr. 03, 2025
-
4.3
MEDIUMCVE-2004-0034
Multiple cross-site scripting (XSS) vulnerabilities in Phorum 3.4.5 and earlier allow remote attackers to inject arbitrary HTML or web script via (1) the phorum_check_xss function in common.php, (2) the EditError variable in profile.php, and (3) the Error... Read more
Affected Products : phorum- EPSS Score: %1.01
- Published: Jan. 20, 2004
- Modified: Apr. 03, 2025
-
5.0
MEDIUMCVE-2003-1028
The download function of Internet Explorer 6 SP1 allows remote attackers to obtain the cache directory name via an HTTP response with an invalid ContentType and a .htm file, which could allow remote attackers to bypass security mechanisms that rely on ran... Read more
- EPSS Score: %14.92
- Published: Jan. 20, 2004
- Modified: Apr. 03, 2025
-
5.0
MEDIUMCVE-2003-0696
The getipnodebyname() API in AIX 5.1 and 5.2 does not properly close sockets, which allows attackers to cause a denial of service (resource exhaustion).... Read more
Affected Products : aix- EPSS Score: %0.54
- Published: Jan. 20, 2004
- Modified: Apr. 03, 2025
-
10.0
HIGHCVE-2003-1027
Internet Explorer 5.01 through 6 SP1 allows remote attackers to direct drag and drop behaviors and other mouse click actions to other windows by using method caching (SaveRef) to access the window.moveBy method, which is otherwise inaccessible, as demonst... Read more
- EPSS Score: %60.93
- Published: Jan. 20, 2004
- Modified: Apr. 03, 2025
-
7.5
HIGHCVE-2004-0031
PHPGEDVIEW 2.61 allows remote attackers to reinstall the software and change the administrator password via a direct HTTP request to editconfig.php.... Read more
Affected Products : phpgedview- EPSS Score: %0.74
- Published: Jan. 20, 2004
- Modified: Apr. 03, 2025
-
7.5
HIGHCVE-2004-0014
Multiple buffer overflows in the nd WebDAV interface 0.8.2 and earlier allows remote web servers to execute arbitrary code via certain long strings.... Read more
Affected Products : nd- EPSS Score: %1.60
- Published: Jan. 20, 2004
- Modified: Apr. 03, 2025
-
7.5
HIGHCVE-2003-1022
Directory traversal vulnerability in fsp before 2.81.b18 allows remote users to access files outside the FSP root directory.... Read more
Affected Products : fsp- EPSS Score: %1.27
- Published: Jan. 20, 2004
- Modified: Apr. 03, 2025
-
7.5
HIGHCVE-2003-0969
mpg321 0.2.10 allows remote attackers to overwrite memory and possibly execute arbitrary code via an mp3 file that passes certain strings to the printf function, possibly triggering a format string vulnerability.... Read more
Affected Products : mpg321- EPSS Score: %2.47
- Published: Jan. 20, 2004
- Modified: Apr. 03, 2025
-
7.5
HIGHCVE-2003-1023
Stack-based buffer overflow in vfs_s_resolve_symlink of vfs/direntry.c for Midnight Commander (mc) 4.6.0 and earlier, and possibly later versions, allows remote attackers to execute arbitrary code during symlink conversion.... Read more
Affected Products : midnight_commander- EPSS Score: %8.28
- Published: Jan. 20, 2004
- Modified: Apr. 03, 2025
-
7.2
HIGHCVE-2003-0985
The mremap system call (do_mremap) in Linux kernel 2.4.x before 2.4.21, and possibly other versions before 2.4.24, does not properly perform bounds checks, which allows local users to cause a denial of service and possibly gain privileges by causing a rem... Read more
Affected Products : linux_kernel- EPSS Score: %0.66
- Published: Jan. 20, 2004
- Modified: Apr. 03, 2025
-
7.5
HIGHCVE-2004-0011
Buffer overflow in fsp before 2.81.b18 allows remote users to execute arbitrary code.... Read more
Affected Products : fsp- EPSS Score: %4.26
- Published: Jan. 20, 2004
- Modified: Apr. 03, 2025
-
7.5
HIGHCVE-2004-0035
SQL injection vulnerability in register.php for Phorum 3.4.5 and earlier allows remote attackers to execute arbitrary SQL commands via the hide_email parameter.... Read more
Affected Products : phorum- EPSS Score: %0.62
- Published: Jan. 20, 2004
- Modified: Apr. 03, 2025
-
4.6
MEDIUMCVE-2004-0029
Lotus Notes Domino 6.0.2 on Linux installs the notes.ini configuration file with world-writable permissions, which allows local users to modify the Notes configuration and gain privileges.... Read more
Affected Products : lotus_domino- EPSS Score: %0.05
- Published: Jan. 20, 2004
- Modified: Apr. 03, 2025
-
5.0
MEDIUMCVE-2004-0033
admin.php in PHPGEDVIEW 2.61 allows remote attackers to obtain sensitive information via an action parameter with a phpinfo command.... Read more
Affected Products : phpgedview- EPSS Score: %7.07
- Published: Jan. 20, 2004
- Modified: Apr. 03, 2025
-
9.3
HIGHCVE-2003-1026
Internet Explorer 5.01 through 6 SP1 allows remote attackers to bypass zone restrictions via a javascript protocol URL in a sub-frame, which is added to the history list and executed in the top window's zone when the history.back (back) function is called... Read more
- EPSS Score: %59.28
- Published: Jan. 20, 2004
- Modified: Apr. 03, 2025
-
7.5
HIGHCVE-2004-0037
FirstClass Desktop Client 7.1 allows remote attackers to execute arbitrary commands via hyperlinks in FirstClass RTF messages.... Read more
Affected Products : opentext_firstclass_desktop_client- EPSS Score: %1.08
- Published: Jan. 20, 2004
- Modified: Apr. 03, 2025