Latest CVE Feed
-
5.0
MEDIUMCVE-2003-1512
Buffer overflow in mIRC 6.1 and 6.11 allows remote attackers to cause a denial of service (crash) via a long DCC SEND request.... Read more
Affected Products : mirc- EPSS Score: %2.69
- Published: Dec. 31, 2003
- Modified: Apr. 03, 2025
-
7.5
HIGHCVE-2003-0249
PHP treats unknown methods such as "PoSt" as a GET request, which could allow attackers to intended access restrictions if PHP is running on a server that passes on all methods, such as Apache httpd 2.0, as demonstrated using a Limit directive. NOTE: thi... Read more
Affected Products : php- EPSS Score: %0.40
- Published: Dec. 31, 2003
- Modified: Apr. 03, 2025
-
4.6
MEDIUMCVE-2003-0857
The (1) ipq_read and (2) ipulog_read functions in iptables allow local users to cause a denial of service by sending spoofed messages as other users to the kernel netlink interface.... Read more
Affected Products : enterprise_linux- EPSS Score: %0.05
- Published: Dec. 31, 2003
- Modified: Apr. 03, 2025
-
4.3
MEDIUMCVE-2003-1285
Multiple cross-site scripting (XSS) vulnerabilities in Sambar Server before 6.0 beta 6 allow remote attackers to inject arbitrary web script or HTML via the query string to (1) isapi/testisa.dll, (2) testcgi.exe, (3) environ.pl, (4) the query parameter to... Read more
Affected Products : sambar_server- EPSS Score: %1.39
- Published: Dec. 31, 2003
- Modified: Apr. 03, 2025
-
5.0
MEDIUMCVE-2003-1298
Multiple directory traversal vulnerabilities in siteman.php3 in AnyPortal(php) 12 MAY 00 allow remote attackers to (1) create, (2) delete, (3) save, and (4) upload files by navigating to the root directory and entering a filename beginning with "./.." (do... Read more
Affected Products : anyportal_php- EPSS Score: %0.82
- Published: Dec. 31, 2003
- Modified: Apr. 03, 2025
-
4.3
MEDIUMCVE-2003-1338
CRLF injection vulnerability in Aprelium Abyss Web Server 1.1.2 and earlier allows remote attackers to inject arbitrary HTTP headers and possibly conduct HTTP Response Splitting attacks via CRLF sequences in the Location header.... Read more
Affected Products : abyss_web_server- EPSS Score: %0.32
- Published: Dec. 31, 2003
- Modified: Apr. 03, 2025
-
6.8
MEDIUMCVE-2003-1211
Cross-site scripting (XSS) vulnerability in search.asp for MaxWebPortal 1.30 and possibly earlier versions allows remote attackers to inject arbitrary web script or HTML via the Search parameter.... Read more
Affected Products : maxwebportal- EPSS Score: %1.54
- Published: Dec. 31, 2003
- Modified: Apr. 03, 2025
-
10.0
HIGHCVE-2003-1333
Unspecified vulnerability in the Cache' Server Page (CSP) implementation in InterSystems Cache' 4.0.3 through 5.0.5 allows remote attackers to "gain complete control" of a server.... Read more
Affected Products : cache_database- EPSS Score: %1.07
- Published: Dec. 31, 2003
- Modified: Apr. 03, 2025
-
5.0
MEDIUMCVE-2003-1220
BEA WebLogic Server proxy plugin for BEA Weblogic Express and Server 6.1 through 8.1 SP 1 allows remote attackers to cause a denial of service (proxy plugin crash) via a malformed URL.... Read more
Affected Products : weblogic_server- EPSS Score: %0.49
- Published: Dec. 31, 2003
- Modified: Apr. 03, 2025
-
5.0
MEDIUMCVE-2003-0900
Perl 5.8.1 on Fedora Core does not properly initialize the random number generator when forking, which makes it easier for attackers to predict random numbers.... Read more
Affected Products : perl- EPSS Score: %0.38
- Published: Dec. 31, 2003
- Modified: Apr. 03, 2025
-
6.6
MEDIUMCVE-2003-1392
CryptoBuddy 1.0 and 1.2 does not use the user-supplied passphrase to encrypt data, which could allow local users to use their own passphrase to decrypt the data.... Read more
- EPSS Score: %0.77
- Published: Dec. 31, 2003
- Modified: Apr. 03, 2025
-
10.0
HIGHCVE-2003-1096
The Cisco LEAP challenge/response authentication mechanism uses passwords in a way that is susceptible to dictionary attacks, which makes it easier for remote attackers to gain privileges via brute force password guessing attacks.... Read more
Affected Products : leap- EPSS Score: %40.94
- Published: Dec. 31, 2003
- Modified: Apr. 03, 2025
-
5.0
MEDIUMCVE-2003-1116
The communications protocol for the Report Review Agent (RRA), aka FND File Server (FNDFS) program, in Oracle E-Business Suite 10.7, 11.0, and 11.5.1 to 11.5.8 allows remote attackers to bypass authentication and obtain sensitive information from the Orac... Read more
Affected Products : e-business_suite- EPSS Score: %1.69
- Published: Dec. 31, 2003
- Modified: Apr. 03, 2025
-
2.6
LOWCVE-2003-1135
Buffer overflow in Yahoo! Messenger 5.6 allows remote attackers to cause a denial of service (crash) via a file send request (sendfile) with a large number of "%" (percent) characters after the Yahoo ID.... Read more
Affected Products : messenger- EPSS Score: %3.34
- Published: Dec. 31, 2003
- Modified: Apr. 03, 2025
-
4.6
MEDIUMCVE-2003-1155
X-CD-Roast 0.98 alpha10 through alpha14 allows local users to overwrite arbitrary files via a symlink attack on an unknown file.... Read more
Affected Products : x-cd-roast- EPSS Score: %0.07
- Published: Dec. 31, 2003
- Modified: Apr. 03, 2025
-
5.0
MEDIUMCVE-2003-1158
Multiple buffer overflows in the FTP service in Plug and Play Web Server 1.0002c allow remote attackers to cause a denial of service (crash) via long (1) dir, (2) ls, (3) delete, (4) mkdir, (5) DELE, (6) RMD, or (7) MKD commands.... Read more
Affected Products : plug_and_play_web_server- EPSS Score: %4.66
- Published: Dec. 31, 2003
- Modified: Apr. 03, 2025
-
5.0
MEDIUMCVE-2003-1173
Centrinity FirstClass 7.1 allows remote attackers to access sensitive information by appending search to the end of the URL and checking all of the search option checkboxes and leaving the text field blank, which will return all files in the searched dire... Read more
Affected Products : centrinity_firstclass- EPSS Score: %8.56
- Published: Dec. 31, 2003
- Modified: Apr. 03, 2025
-
7.5
HIGHCVE-2003-1180
Directory traversal vulnerability in Advanced Poll 2.0.2 allows remote attackers to read arbitrary files or inject arbitrary local PHP files via .. sequences in the base_path or pollvars[lang] parameters to the admin files (1) index.php, (2) admin_tpl_new... Read more
Affected Products : advanced_poll- EPSS Score: %1.17
- Published: Dec. 31, 2003
- Modified: Apr. 03, 2025
-
7.5
HIGHCVE-2003-1248
H-Sphere WebShell 2.3 allows remote attackers to execute arbitrary commands via shell metacharacters in the (1) mode and (2) zipfile parameters in a URL request.... Read more
Affected Products : h-sphere- EPSS Score: %1.85
- Published: Dec. 31, 2003
- Modified: Apr. 03, 2025
-
6.4
MEDIUMCVE-2003-1262
Buffer overflow in the http_fetch function of HTTP Fetcher 1.0.0 and 1.0.1 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a URL request via a long (1) host, (2) referer, or (3) userAgent value.... Read more
Affected Products : http_fetcher_library- EPSS Score: %3.09
- Published: Dec. 31, 2003
- Modified: Apr. 03, 2025