Latest CVE Feed
-
6.4
MEDIUMCVE-2003-1451
Buffer overflow in Symantec Norton AntiVirus 2002 allows remote attackers to execute arbitrary code via an e-mail attachment with a compressed ZIP file that contains a file with a long filename.... Read more
Affected Products : norton_antivirus- EPSS Score: %2.69
- Published: Dec. 31, 2003
- Modified: Apr. 03, 2025
-
6.4
MEDIUMCVE-2003-1483
FlashFXP 1.4 uses a weak encryption algorithm for user passwords, which allows attackers to decrypt the passwords and gain access.... Read more
Affected Products : flashfxp- EPSS Score: %0.17
- Published: Dec. 31, 2003
- Modified: Apr. 03, 2025
-
4.3
MEDIUMCVE-2003-1508
Buffer overflow in mIRC 6.12, when the DCC get dialog window has been minimized and the user opens the minimized window, allows remote attackers to cause a denial of service (crash) via a long filename.... Read more
Affected Products : mirc- EPSS Score: %0.76
- Published: Dec. 31, 2003
- Modified: Apr. 03, 2025
-
4.3
MEDIUMCVE-2003-1519
Cross-site scripting (XSS) vulnerability in Vivisimo clustering engine allows remote attackers to inject arbitrary web script or HTML via the query parameter to the search program.... Read more
Affected Products : clustering_engine- EPSS Score: %0.26
- Published: Dec. 31, 2003
- Modified: Apr. 03, 2025
-
6.4
MEDIUMCVE-2003-1521
Sun Java Plug-In 1.4 through 1.4.2_02 allows remote attackers to repeatedly access the floppy drive via the createXmlDocument method in the org.apache.crimson.tree.XmlDocument class, which violates the Java security model.... Read more
Affected Products : java_plug-in- EPSS Score: %2.05
- Published: Dec. 31, 2003
- Modified: Apr. 03, 2025
-
7.5
HIGHCVE-2003-1533
SQL injection vulnerability in accesscontrol.php in PhpPass 2 allows remote attackers to execute arbitrary SQL commands via the (1) uid and (2) pwd parameters.... Read more
Affected Products : phppass- EPSS Score: %0.29
- Published: Dec. 31, 2003
- Modified: Apr. 03, 2025
-
5.0
MEDIUMCVE-2003-1550
XOOPS 2.0, and possibly earlier versions, allows remote attackers to obtain sensitive information via an invalid xoopsOption parameter, which reveals the installation path in an error message.... Read more
Affected Products : xoops- EPSS Score: %6.20
- Published: Dec. 31, 2003
- Modified: Apr. 03, 2025
-
7.5
HIGHCVE-2003-1259
Buffer overflow in CuteFTP 4.2 and 5.0 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a long FTP server banner.... Read more
Affected Products : cuteftp- EPSS Score: %12.33
- Published: Dec. 31, 2003
- Modified: Apr. 03, 2025
-
4.0
MEDIUMCVE-2003-1299
Directory traversal vulnerability in Baby FTP Server 1.2, and possibly other versions before May 31, 2003 allows remote authenticated users to list arbitrary directories and possibly read files via "..." (triple dot) manipulations to the CWD command.... Read more
Affected Products : baby_ftp_server- EPSS Score: %0.55
- Published: Dec. 31, 2003
- Modified: Apr. 03, 2025
-
6.8
MEDIUMCVE-2003-1175
Cross-site scripting (XSS) vulnerability in index.php in Sympoll 1.5 allows remote attackers to inject arbitrary web script or HTML via the vo parameter.... Read more
Affected Products : sympoll- EPSS Score: %0.53
- Published: Dec. 31, 2003
- Modified: Apr. 03, 2025
-
7.5
HIGHCVE-2003-1213
The default installation of MaxWebPortal 1.30 stores the portal database under the web document root with insecure access control, which allows remote attackers to obtain sensitive information via a direct request to database/db2000.mdb.... Read more
Affected Products : maxwebportal- EPSS Score: %8.02
- Published: Dec. 31, 2003
- Modified: Apr. 03, 2025
-
4.3
MEDIUMCVE-2003-1293
Multiple cross-site scripting (XSS) vulnerabilities in NukedWeb GuestBookHost allow remote attackers to inject arbitrary web script or HTML via the (1) Name, (2) Email and (3) Message fields when signing the guestbook.... Read more
Affected Products : guestbookhost- EPSS Score: %0.30
- Published: Dec. 31, 2003
- Modified: Apr. 03, 2025
-
4.3
MEDIUMCVE-2003-1219
Cross-site scripting (XSS) vulnerability in the tep_href_link function in html_output.php for osCommerce before 2.2-MS3 allows remote attackers to inject arbitrary web script or HTML via the osCsid parameter.... Read more
Affected Products : oscommerce- EPSS Score: %0.58
- Published: Dec. 31, 2003
- Modified: Apr. 03, 2025
-
2.1
LOWCVE-2003-1174
Buffer overflow in NullSoft Shoutcast Server 1.9.2 allows local users to cause a denial of service via (1) icy-name followed by a long server name or (2) icy-url followed by a long URL.... Read more
Affected Products : shoutcast_server- EPSS Score: %0.46
- Published: Dec. 31, 2003
- Modified: Apr. 03, 2025
-
4.6
MEDIUMCVE-2003-1169
DATEV Nutzungskontrolle 2.1 and 2.2 has insecure write permissions for critical registry keys, which allows local users to bypass access restrictions by importing NukoInfo values in certain DATEV keys, which disables Nutzungskontrolle.... Read more
Affected Products : nutzungskontrolle- EPSS Score: %0.30
- Published: Dec. 31, 2003
- Modified: Apr. 03, 2025
-
7.2
HIGHCVE-2003-1356
The "file handling" in sort in HP-UX 10.01 through 10.20, and 11.00 through 11.11 is "incorrect," which allows attackers to gain access or cause a denial of service via unknown vectors.... Read more
Affected Products : hp-ux- EPSS Score: %0.05
- Published: Dec. 31, 2003
- Modified: Apr. 03, 2025
-
2.1
LOWCVE-2003-1294
Xscreensaver before 4.15 creates temporary files insecurely in (1) driver/passwd-kerberos.c, (2) driver/xscreensaver-getimage-video, (3) driver/xscreensaver.kss.in, and the (4) vidwhacker and (5) webcollage screensavers, which allows local users to overwr... Read more
Affected Products : xscreensaver- EPSS Score: %0.10
- Published: Dec. 31, 2003
- Modified: Apr. 03, 2025
-
7.6
HIGHCVE-2003-1562
sshd in OpenSSH 3.6.1p2 and earlier, when PermitRootLogin is disabled and using PAM keyboard-interactive authentication, does not insert a delay after a root login attempt with the correct password, which makes it easier for remote attackers to use timing... Read more
Affected Products : openssh- EPSS Score: %1.42
- Published: Dec. 31, 2003
- Modified: Apr. 03, 2025
-
5.0
MEDIUMCVE-2003-1087
Unknown vulnerability in diagmond and possibly other applications in HP9000 Series 700/800 running HP-UX B.11.00, B.11.04, B.11.11, and B.11.22 allows remote attackers to cause a denial of service (program failure) via certain network traffic.... Read more
Affected Products : hp-ux- EPSS Score: %0.91
- Published: Dec. 31, 2003
- Modified: Apr. 03, 2025
-
5.0
MEDIUMCVE-2003-1165
Buffer overflow in BRS WebWeaver 1.06 and earlier allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via an HTTP request with a long User-Agent header.... Read more
Affected Products : webweaver- EPSS Score: %8.17
- Published: Dec. 31, 2003
- Modified: Apr. 03, 2025