Latest CVE Feed
-
5.0
MEDIUMCVE-2003-1559
Microsoft Internet Explorer 5.22, and other 5 through 6 SP1 versions, sends Referer headers containing https:// URLs in requests for http:// URLs, which allows remote attackers to obtain potentially sensitive information by reading Referer log data.... Read more
- EPSS Score: %39.88
- Published: Dec. 31, 2003
- Modified: Apr. 03, 2025
-
5.0
MEDIUMCVE-2003-1560
Netscape 4 sends Referer headers containing https:// URLs in requests for http:// URLs, which allows remote attackers to obtain potentially sensitive information by reading Referer log data.... Read more
Affected Products : navigator- EPSS Score: %0.25
- Published: Dec. 31, 2003
- Modified: Apr. 03, 2025
-
5.0
MEDIUMCVE-2003-1250
Efficient Networks 5861 DSL router, when running firmware 5.3.80 configured to block incoming TCP SYN, packets allows remote attackers to cause a denial of service (crash) via a flood of TCP SYN packets to the WAN interface using a port scanner such as nm... Read more
Affected Products : 5861_dsl_router- EPSS Score: %1.27
- Published: Dec. 31, 2003
- Modified: Apr. 03, 2025
-
10.0
HIGHCVE-2003-1525
Unspecified vulnerability in My Photo Gallery 3.5, and possibly earlier versions, has unknown impact and attack vectors.... Read more
Affected Products : my_photo_gallery- EPSS Score: %0.33
- Published: Dec. 31, 2003
- Modified: Apr. 03, 2025
-
6.8
MEDIUMCVE-2003-1520
SQL injection vulnerability in FuzzyMonkey My Classifieds 2.11 allows remote attackers to execute arbitrary SQL commands via the email parameter.... Read more
Affected Products : myclassifieds- EPSS Score: %0.28
- Published: Dec. 31, 2003
- Modified: Apr. 03, 2025
-
5.0
MEDIUMCVE-2003-1558
Buffer overflow in httpd.c of fnord 1.6 allows remote attackers to create a denial of service (crash) and possibly execute arbitrary code via a long CGI request passed to the do_cgi function.... Read more
Affected Products : fnord- EPSS Score: %2.11
- Published: Dec. 31, 2003
- Modified: Apr. 03, 2025
-
10.0
HIGHCVE-2003-1507
Planet Technology WGSD-1020 and WSW-2401 Ethernet switches use a default "superuser" account with the "planet" password, which allows remote attackers to gain administrative access.... Read more
- EPSS Score: %0.84
- Published: Dec. 31, 2003
- Modified: Apr. 03, 2025
-
5.0
MEDIUMCVE-2003-1489
upload.php in Truegalerie 1.0 allows remote attackers to read arbitrary files by specifying the target filename in the file cookie in form.php, then downloading the file from the image gallery.... Read more
Affected Products : truegalerie- EPSS Score: %0.22
- Published: Dec. 31, 2003
- Modified: Apr. 03, 2025
-
4.3
MEDIUMCVE-2003-1484
Microsoft Internet Explorer 6.0 SP1 allows remote attackers to cause a denial of service (crash) by creating a DHTML link that uses the AnchorClick "A" object with a blank href attribute.... Read more
Affected Products : ie- EPSS Score: %27.62
- Published: Dec. 31, 2003
- Modified: Apr. 03, 2025
-
5.0
MEDIUMCVE-2003-1485
Clearswift MAILsweeper 4.0 through 4.3.7 allows remote attackers to bypass filtering via a file attachment that contains "multiple extensions combined with large blocks of white space."... Read more
Affected Products : mailsweeper- EPSS Score: %0.16
- Published: Dec. 31, 2003
- Modified: Apr. 03, 2025
-
2.1
LOWCVE-2003-1476
Cerberus FTP Server 2.1 stores usernames and passwords in plaintext, which could allow local users to gain access.... Read more
Affected Products : ftp_server- EPSS Score: %0.06
- Published: Dec. 31, 2003
- Modified: Apr. 03, 2025
-
4.6
MEDIUMCVE-2003-1473
Buffer overflow in LTris 1.0.1 of FreeBSD Ports Collection 2003-02-25 and earlier allows local users to execute arbitrary code with gid "games" permission via a long HOME environment variable.... Read more
Affected Products : ltris- EPSS Score: %0.16
- Published: Dec. 31, 2003
- Modified: Apr. 03, 2025
-
4.6
MEDIUMCVE-2003-1457
Auerswald COMsuite CTI ControlCenter 3.1 creates a default "runasositron" user account with an easily guessable password, which allows local users or remote attackers to gain access.... Read more
Affected Products : comsuite_cti_controlcenter- EPSS Score: %0.26
- Published: Dec. 31, 2003
- Modified: Apr. 03, 2025
-
1.9
LOWCVE-2003-1447
IBM WebSphere Advanced Server Edition 4.0.4 uses a weak encryption algorithm (XOR and base64 encoding), which allows local users to decrypt passwords when the configuration file is exported to XML.... Read more
Affected Products : websphere_application_server- EPSS Score: %0.04
- Published: Dec. 31, 2003
- Modified: Apr. 03, 2025
-
4.4
MEDIUMCVE-2003-1444
Kaspersky Antivirus (KAV) 4.0.9.0 allows local users to cause a denial of service (CPU consumption or crash) and prevent malicious code from being detected via a file with a long pathname.... Read more
Affected Products : kaspersky_anti-virus- EPSS Score: %0.05
- Published: Dec. 31, 2003
- Modified: Apr. 03, 2025
-
4.3
MEDIUMCVE-2003-1277
Cross-site scripting (XSS) vulnerabilities in Yet Another Bulletin Board (YaBB) 1.5.0 allow remote attackers to execute arbitrary script as other users and possibly steal authentication information via cookies by injecting arbitrary HTML or script into (1... Read more
Affected Products : yabb- EPSS Score: %0.68
- Published: Dec. 31, 2003
- Modified: Apr. 03, 2025
-
7.5
HIGHCVE-2003-1406
PHP remote file inclusion vulnerability in D-Forum 1.00 through 1.11 allows remote attackers to execute arbitrary PHP code via a URL in the (1) my_header parameter to header.php3 or (2) my_footer parameter to footer.php3.... Read more
Affected Products : d_forum- EPSS Score: %0.95
- Published: Dec. 31, 2003
- Modified: Apr. 03, 2025
-
5.0
MEDIUMCVE-2003-1257
find_theni_home.php in E-theni allows remote attackers to obtain sensitive system information via a URL request which executes phpinfo.... Read more
Affected Products : e-theni- EPSS Score: %0.67
- Published: Dec. 31, 2003
- Modified: Apr. 03, 2025
-
4.6
MEDIUMCVE-2003-1324
Race condition in the can_open function in Elm ME+ 2.4, when installed setgid mail and the operating system lacks POSIX saved ID support, allows local users to read and modify certain files with the privileges of the mail group.... Read more
Affected Products : elm_me\+- EPSS Score: %0.06
- Published: Dec. 31, 2003
- Modified: Apr. 03, 2025
-
5.0
MEDIUMCVE-2003-1305
Microsoft Internet Explorer allows remote attackers to cause a denial of service (resource consumption) via a Javascript src attribute that recursively loads the current web page.... Read more
Affected Products : internet_explorer- EPSS Score: %0.56
- Published: Dec. 31, 2003
- Modified: Apr. 03, 2025