Latest CVE Feed
-
9.8
CRITICALCVE-2003-0791
The Script.prototype.freeze/thaw functionality in Mozilla 1.4 and earlier allows attackers to execute native methods by modifying the string used as input to the script.thaw JavaScript function, which is then deserialized and executed.... Read more
- EPSS Score: %1.15
- Published: Oct. 07, 2003
- Modified: Apr. 03, 2025
-
5.0
MEDIUMCVE-2003-0827
The DB2 Discovery Service for IBM DB2 before FixPak 10a allows remote attackers to cause a denial of service (crash) via a long packet to UDP port 523.... Read more
Affected Products : db2_universal_database- EPSS Score: %0.79
- Published: Oct. 06, 2003
- Modified: Apr. 03, 2025
-
7.5
HIGHCVE-2003-0785
ipmasq before 3.5.12, in certain configurations, may forward packets to the external interface even if the packets are not associated with an established connection, which could allow remote attackers to bypass intended filtering.... Read more
Affected Products : ipmasq- EPSS Score: %0.31
- Published: Oct. 06, 2003
- Modified: Apr. 03, 2025
-
7.2
HIGHCVE-2003-0783
Multiple buffer overflows in hztty 2.0 allow local users to gain root privileges.... Read more
Affected Products : hztty- EPSS Score: %0.20
- Published: Oct. 06, 2003
- Modified: Apr. 03, 2025
-
7.5
HIGHCVE-2003-0681
A "potential buffer overflow in ruleset parsing" for Sendmail 8.12.9, when using the nonstandard rulesets (1) recipient (2), final, or (3) mailer-specific envelope recipients, has unknown consequences.... Read more
Affected Products : aix hp-ux mac_os_x mac_os_x_server netbsd openbsd sendmail linux turbolinux_server turbolinux_workstation +4 more products- EPSS Score: %12.88
- Published: Oct. 06, 2003
- Modified: Apr. 03, 2025
-
7.5
HIGHCVE-2003-0826
lsh daemon (lshd) does not properly return from certain functions in (1) read_line.c, (2) channel_commands.c, or (3) client_keyexchange.c when long input is provided, which could allow remote attackers to execute arbitrary code via a heap-based buffer ove... Read more
Affected Products : lsh- EPSS Score: %27.29
- Published: Oct. 06, 2003
- Modified: Apr. 03, 2025
-
7.5
HIGHCVE-2003-0695
Multiple "buffer management errors" in OpenSSH before 3.7.1 may allow attackers to cause a denial of service or execute arbitrary code using (1) buffer_init in buffer.c, (2) buffer_free in buffer.c, or (3) a separate function in channels.c, a different vu... Read more
Affected Products : openssh- EPSS Score: %1.17
- Published: Oct. 06, 2003
- Modified: Apr. 03, 2025
-
10.0
HIGHCVE-2003-0694
The prescan function in Sendmail 8.12.9 allows remote attackers to execute arbitrary code via buffer overflow attacks, as demonstrated using the parseaddr function in parseaddr.c.... Read more
- EPSS Score: %76.08
- Published: Oct. 06, 2003
- Modified: Apr. 03, 2025
-
7.5
HIGHCVE-2003-0692
KDM in KDE 3.1.3 and earlier uses a weak session cookie generation algorithm that does not provide 128 bits of entropy, which allows attackers to guess session cookies via brute force methods and gain access to the user session.... Read more
Affected Products : kde- EPSS Score: %1.21
- Published: Oct. 06, 2003
- Modified: Apr. 03, 2025
-
7.5
HIGHCVE-2003-0805
Multiple buffer overflows in UMN gopher daemon (gopherd) 2.x and 3.x before 3.0.6 allows attackers to execute arbitrary code via (1) a long filename as a result of a LIST command, and (2) the GSisText function, which calculates the view-type.... Read more
Affected Products : gopherd- EPSS Score: %5.56
- Published: Oct. 06, 2003
- Modified: Apr. 03, 2025
-
7.5
HIGHCVE-2003-0682
"Memory bugs" in OpenSSH 3.7.1 and earlier, with unknown impact, a different set of vulnerabilities than CVE-2003-0693 and CVE-2003-0695.... Read more
Affected Products : openssh- EPSS Score: %0.42
- Published: Oct. 06, 2003
- Modified: Apr. 03, 2025
-
7.5
HIGHCVE-2003-0803
Nokia Electronic Documentation (NED) 5.0 allows remote attackers to use NED as an open HTTP proxy via a URL in the location parameter, which NED accesses and returns to the user.... Read more
Affected Products : electronic_documentation- EPSS Score: %2.01
- Published: Oct. 06, 2003
- Modified: Apr. 03, 2025
-
7.2
HIGHCVE-2003-0758
Buffer overflow in db2dart in IBM DB2 Universal Data Base 7.2 before Fixpak 10 allows local users to gain root privileges via a long command line argument.... Read more
Affected Products : db2_universal_database- EPSS Score: %0.15
- Published: Oct. 06, 2003
- Modified: Apr. 03, 2025
-
7.2
HIGHCVE-2003-0742
SCO Internet Manager (mana) allows local users to execute arbitrary programs by setting the REMOTE_ADDR environment variable to cause menu.mana to run as if it were called from ncsa_httpd, then modifying the PATH environment variable to point to a malicio... Read more
Affected Products : openserver- EPSS Score: %0.08
- Published: Oct. 06, 2003
- Modified: Apr. 03, 2025
-
10.0
HIGHCVE-2003-0784
Format string vulnerability in tsm for the bos.rte.security fileset on AIX 5.2 allows remote attackers to gain root privileges via login, and local users to gain privileges via login, su, or passwd, with a username that contains format string specifiers.... Read more
Affected Products : aix- EPSS Score: %1.20
- Published: Oct. 06, 2003
- Modified: Apr. 03, 2025
-
6.8
MEDIUMCVE-2002-1567
Cross-site scripting (XSS) vulnerability in Apache Tomcat 4.1 allows remote attackers to execute arbitrary web script and steal cookies via a URL with encoded newlines followed by a request to a .jsp file whose name contains the script.... Read more
Affected Products : tomcat- EPSS Score: %48.22
- Published: Oct. 06, 2003
- Modified: Apr. 03, 2025
-
10.0
HIGHCVE-2003-0690
KDM in KDE 3.1.3 and earlier does not verify whether the pam_setcred function call succeeds, which may allow attackers to gain root privileges by triggering error conditions within PAM modules, as demonstrated in certain configurations of the MIT pam_krb5... Read more
Affected Products : kde- EPSS Score: %2.08
- Published: Oct. 06, 2003
- Modified: Apr. 03, 2025
-
4.3
MEDIUMCVE-2003-0801
Cross-site scripting (XSS) vulnerability in Nokia Electronic Documentation (NED) 5.0 allows remote attackers to execute arbitrary web script and steal cookies via a URL to the docs/ directory that contains the script.... Read more
Affected Products : electronic_documentation- EPSS Score: %0.31
- Published: Oct. 06, 2003
- Modified: Apr. 03, 2025
-
7.5
HIGHCVE-2003-0680
Unknown vulnerability in NFS for SGI IRIX 6.5.21 and earlier may allow an NFS client to bypass read-only restrictions.... Read more
Affected Products : irix- EPSS Score: %0.49
- Published: Oct. 06, 2003
- Modified: Apr. 03, 2025
-
7.2
HIGHCVE-2003-0759
Buffer overflow in db2licm in IBM DB2 Universal Data Base 7.2 before Fixpak 10a allows local users to gain root privileges via a long command line argument.... Read more
Affected Products : db2_universal_database- EPSS Score: %0.16
- Published: Oct. 06, 2003
- Modified: Apr. 03, 2025