Latest CVE Feed
-
5.0
MEDIUMCVE-2003-1012
The SMB dissector in Ethereal before 0.10.0 allows remote attackers to cause a denial of service via a malformed SMB packet that triggers a segmentation fault during processing of Selected packets.... Read more
- EPSS Score: %3.01
- Published: Jan. 05, 2004
- Modified: Apr. 03, 2025
-
5.0
MEDIUMCVE-2003-1017
Macromedia Flash Player before 7,0,19,0 stores a Flash data file in a predictable location that is accessible to web browsers such as Internet Explorer and Opera, which allows remote attackers to read restricted files via vulnerabilities in web browsers w... Read more
- EPSS Score: %11.64
- Published: Jan. 05, 2004
- Modified: Apr. 03, 2025
-
7.5
HIGHCVE-2003-0977
CVS server before 1.11.10 may allow attackers to cause the CVS server to create directories and files in the file system root directory via malformed module requests.... Read more
- EPSS Score: %1.90
- Published: Jan. 05, 2004
- Modified: Apr. 03, 2025
-
7.5
HIGHCVE-2003-1000
xchat 2.0.6 allows remote attackers to cause a denial of service (crash) via a passive DCC request with an invalid ID number, which causes a null dereference.... Read more
Affected Products : xchat- EPSS Score: %1.11
- Published: Jan. 05, 2004
- Modified: Apr. 03, 2025
-
7.5
HIGHCVE-2003-0983
Cisco Unity on IBM servers is shipped with default settings that should have been disabled by the manufacturer, which allows local or remote attackers to conduct unauthorized activities via (1) a "bubba" local user account, (2) an open TCP port 34571, or ... Read more
- EPSS Score: %0.56
- Published: Jan. 05, 2004
- Modified: Apr. 03, 2025
-
4.6
MEDIUMCVE-2003-0996
Unknown "System Security Vulnerability" in Computer Associates (CA) Unicenter Remote Control (URC) 6.0 allows attackers to gain privileges via the help interface.... Read more
Affected Products : unicenter_remote_control_host- EPSS Score: %0.06
- Published: Jan. 05, 2004
- Modified: Apr. 03, 2025
-
7.8
HIGHCVE-2003-1003
Cisco PIX firewall 5.x.x, and 6.3.1 and earlier, allows remote attackers to cause a denial of service (crash and reload) via an SNMPv3 message when snmp-server is set.... Read more
- EPSS Score: %0.59
- Published: Jan. 05, 2004
- Modified: Apr. 03, 2025
-
5.0
MEDIUMCVE-2003-0997
Unknown "Denial of Service Attack" vulnerability in Computer Associates (CA) Unicenter Remote Control (URC) 6.0 allows attackers to cause a denial of service (CPU consumption in URC host service).... Read more
Affected Products : unicenter_remote_control_host- EPSS Score: %0.42
- Published: Jan. 05, 2004
- Modified: Apr. 03, 2025
-
5.0
MEDIUMCVE-2004-1786
PortalApp places user credentials under the web root with insufficient access control, which allows remote attackers to gain access to sensitive information via a direct request to 8275.mdb.... Read more
Affected Products : portalapp- EPSS Score: %5.25
- Published: Jan. 04, 2004
- Modified: Apr. 03, 2025
-
7.5
HIGHCVE-2004-1785
SQL injection vulnerability in calendar.php for Invision Power Board 1.3 allows remote attackers to execute arbitrary SQL commands via the m parameter, which sets the $this->chosen_month variable.... Read more
Affected Products : invision_board- EPSS Score: %1.12
- Published: Jan. 03, 2004
- Modified: Apr. 03, 2025
-
7.5
HIGHCVE-2004-1784
Buffer overflow in the web server of Webcam Watchdog 3.63 allows remote attackers to execute arbitrary code via a long HTTP GET request.... Read more
Affected Products : webcam_watchdog- EPSS Score: %10.01
- Published: Jan. 03, 2004
- Modified: Apr. 03, 2025
-
5.0
MEDIUMCVE-2003-1297
Easy File Sharing (EFS) Web Server 1.2 stores the (1) option.ini (aka options.ini) file and (2) log directory under the web root with insufficient access control, which allows remote attackers to obtain sensitive information including an SMTP account user... Read more
Affected Products : efs_web_server- EPSS Score: %0.41
- Published: Dec. 31, 2003
- Modified: Apr. 03, 2025
-
5.0
MEDIUMCVE-2003-1316
mod.php in eNdonesia 8.2 allows remote attackers to obtain sensitive information via a ' (quote) value in the lng parameter, which reveals the path in an error message. NOTE: The provenance of this information is unknown; the details are obtained solely ... Read more
Affected Products : endonesia- EPSS Score: %0.50
- Published: Dec. 31, 2003
- Modified: Apr. 03, 2025
-
2.6
LOWCVE-2003-1306
Microsoft URLScan 2.5, with the RemoveServerHeader option enabled, allows remote attackers to obtain sensitive information (server name and version) via an HTTP request that generates certain errors such as 400 "Bad Request," which leak the Server header ... Read more
Affected Products : urlscan- EPSS Score: %0.38
- Published: Dec. 31, 2003
- Modified: Apr. 03, 2025
-
5.0
MEDIUMCVE-2003-1300
Baby FTP Server (BabyFTP) 1.2, and possibly other versions before May 31, 2003, allows remote attackers to cause a denial of service via a large number of connections from the same IP address, which triggers an access violation.... Read more
Affected Products : baby_ftp_server- EPSS Score: %0.89
- Published: Dec. 31, 2003
- Modified: Apr. 03, 2025
-
7.2
HIGHCVE-2003-1291
VMware ESX Server 1.5.2 before Patch 4 allows local users to execute arbitrary programs as root via certain modified VMware ESX Server environment variables.... Read more
Affected Products : esx- EPSS Score: %0.04
- Published: Dec. 31, 2003
- Modified: Apr. 03, 2025
-
4.6
MEDIUMCVE-2003-1287
Sambar Server before 6.0 beta 3 allows attackers with physical access to execute arbitrary code via a request with an MS-DOS device name such as com1.pl, con.pl, or aux.pl, which causes Perl to read the code from the associated device.... Read more
Affected Products : sambar_server- EPSS Score: %0.14
- Published: Dec. 31, 2003
- Modified: Apr. 03, 2025
-
5.0
MEDIUMCVE-2003-1269
AN HTTP 1.41e allows remote attackers to obtain the root web server path via an HTTP request with a long argument to a script, which leaks the path in an error message.... Read more
Affected Products : an-http- EPSS Score: %0.35
- Published: Dec. 31, 2003
- Modified: Apr. 03, 2025
-
7.5
HIGHCVE-2003-1530
SQL injection vulnerability in privmsg.php in phpBB 2.0.3 and earlier allows remote attackers to execute arbitrary SQL commands via the mark[] parameter.... Read more
Affected Products : phpbb- EPSS Score: %0.32
- Published: Dec. 31, 2003
- Modified: Apr. 03, 2025
-
10.0
HIGHCVE-2003-1495
Unspecified vulnerability in the non-SSL web agent in various HP Management Agent products allows local users or remote attackers to gain privileges or cause a denial of service via unknown attack vectors.... Read more
- EPSS Score: %0.72
- Published: Dec. 31, 2003
- Modified: Apr. 03, 2025