Latest CVE Feed
-
7.5
HIGHCVE-2003-0632
Buffer overflow in the Oracle Applications Web Report Review (FNDWRR) CGI program (FNDWRR.exe) of Oracle E-Business Suite 11.0 and 11.5.1 through 11.5.8 may allow remote attackers to execute arbitrary code via a long URL.... Read more
- EPSS Score: %2.82
- Published: Aug. 27, 2003
- Modified: Apr. 03, 2025
-
5.0
MEDIUMCVE-2003-0187
The connection tracking core of Netfilter for Linux 2.4.20, with CONFIG_IP_NF_CONNTRACK enabled or the ip_conntrack module loaded, allows remote attackers to cause a denial of service (resource consumption) due to an inconsistency with Linux 2.4.20's supp... Read more
Affected Products : linux_kernel- EPSS Score: %0.66
- Published: Aug. 27, 2003
- Modified: Apr. 03, 2025
-
2.1
LOWCVE-2003-0670
Sustworks IPNetSentryX and IPNetMonitorX allow local users to sniff network packets via the setuid helper applications (1) RunTCPDump, which calls tcpdump, and (2) RunTCPFlow, which calls tcpflow.... Read more
- EPSS Score: %0.09
- Published: Aug. 27, 2003
- Modified: Apr. 03, 2025
-
7.5
HIGHCVE-2003-0650
Directory traversal vulnerability in GSAPAK.EXE for GameSpy Arcade, possibly versions before 1.3e, allows remote attackers to overwrite arbitrary files and execute arbitrary code via .. (dot dot) sequences in filenames in a .APK (Zip) file.... Read more
Affected Products : arcade- EPSS Score: %6.03
- Published: Aug. 27, 2003
- Modified: Apr. 03, 2025
-
7.5
HIGHCVE-2003-0634
Stack-based buffer overflow in the PL/SQL EXTPROC functionality for Oracle9i Database Release 2 and 1, and Oracle 8i, allows authenticated database users, and arbitrary database users in some cases, to execute arbitrary code via a long library name.... Read more
- EPSS Score: %2.65
- Published: Aug. 27, 2003
- Modified: Apr. 03, 2025
-
10.0
HIGHCVE-2003-0426
The installation of Apple QuickTime / Darwin Streaming Server before 4.1.3f starts the administration server with a "Setup Assistant" page that allows remote attackers to set the administrator password and gain privileges before the real administrator.... Read more
Affected Products : darwin_streaming_server- EPSS Score: %0.90
- Published: Aug. 27, 2003
- Modified: Apr. 03, 2025
-
10.0
HIGHCVE-2003-0502
Apple QuickTime / Darwin Streaming Server before 4.1.3g allows remote attackers to cause a denial of service (crash) via a .. (dot dot) sequence followed by an MS-DOS device name (e.g. AUX) in a request to HTTP port 1220, a different vulnerability than CV... Read more
Affected Products : darwin_streaming_server- EPSS Score: %1.81
- Published: Aug. 27, 2003
- Modified: Apr. 03, 2025
-
4.6
MEDIUMCVE-2003-0641
WatchGuard ServerLock for Windows 2000 before SL 2.0.3 allows local users to load arbitrary modules via the OpenProcess() function, as demonstrated using (1) a DLL injection attack, (2) ZwSetSystemInformation, and (3) API hooking in OpenProcess.... Read more
Affected Products : serverlock- EPSS Score: %0.08
- Published: Aug. 27, 2003
- Modified: Apr. 03, 2025
-
5.0
MEDIUMCVE-2003-0676
Directory traversal vulnerability in ViewLog for iPlanet Administration Server 5.1 (aka Sun ONE) allows remote attackers to read arbitrary files via "..%2f" (partially encoded dot dot) sequences.... Read more
- EPSS Score: %0.33
- Published: Aug. 27, 2003
- Modified: Apr. 03, 2025
-
7.5
HIGHCVE-2003-0646
Multiple buffer overflows in ActiveX controls used by Trend Micro HouseCall 5.5 and 5.7, and Damage Cleanup Server 1.0, allow remote attackers to execute arbitrary code via long parameter strings.... Read more
- EPSS Score: %3.08
- Published: Aug. 27, 2003
- Modified: Apr. 03, 2025
-
7.2
HIGHCVE-2003-0671
Format string vulnerability in tcpflow, when used in a setuid context, allows local users to execute arbitrary code via the device name argument, as demonstrated in Sustworks IPNetSentryX and IPNetMonitorX the setuid program RunTCPFlow.... Read more
Affected Products : tcpflow- EPSS Score: %0.06
- Published: Aug. 27, 2003
- Modified: Apr. 03, 2025
-
5.0
MEDIUMCVE-2003-0468
Postfix 1.1.11 and earlier allows remote attackers to use Postfix to conduct "bounce scans" or DDos attacks of other hosts via an email address to the local host containing the target IP address and service name followed by a "!" string, which causes Post... Read more
- EPSS Score: %1.82
- Published: Aug. 27, 2003
- Modified: Apr. 03, 2025
-
5.0
MEDIUMCVE-2003-0459
KDE Konqueror for KDE 3.1.2 and earlier does not remove authentication credentials from URLs of the "user:password@host" form in the HTTP-Referer header, which could allow remote web sites to steal the credentials for pages that link to the sites.... Read more
- EPSS Score: %1.52
- Published: Aug. 27, 2003
- Modified: Apr. 03, 2025
-
7.2
HIGHCVE-2003-0148
The default installation of MSDE via McAfee ePolicy Orchestrator 2.0 through 3.0 allows attackers to execute arbitrary code via a series of steps that (1) obtain the database administrator username and encrypted password in a configuration file from the e... Read more
Affected Products : epolicy_orchestrator- EPSS Score: %0.01
- Published: Aug. 27, 2003
- Modified: Apr. 03, 2025
-
5.0
MEDIUMCVE-2003-0511
The web server for Cisco Aironet AP1x00 Series Wireless devices running certain versions of IOS 12.2 allow remote attackers to cause a denial of service (reload) via a malformed URL.... Read more
Affected Products : ios- EPSS Score: %15.40
- Published: Aug. 27, 2003
- Modified: Apr. 03, 2025
-
5.0
MEDIUMCVE-2003-0460
The rotatelogs program on Apache before 1.3.28, for Windows and OS/2 systems, does not properly ignore certain control characters that are received over the pipe, which could allow remote attackers to cause a denial of service.... Read more
Affected Products : http_server- EPSS Score: %11.83
- Published: Aug. 27, 2003
- Modified: Apr. 03, 2025
-
7.5
HIGHCVE-2003-0636
Novell iChain 2.2 before Support Pack 1 does not properly verify that URL redirects match the DNS name of an accelerator, which allows attackers to redirect URLs to malicious web sites.... Read more
Affected Products : ichain- EPSS Score: %0.23
- Published: Aug. 27, 2003
- Modified: Apr. 03, 2025
-
7.2
HIGHCVE-2003-0631
VMware GSX Server 2.5.1 build 4968 and earlier, and Workstation 4.0 and earlier, allows local users to gain root privileges via certain enivronment variables that are used when launching a virtual machine session.... Read more
- EPSS Score: %0.04
- Published: Aug. 27, 2003
- Modified: Apr. 03, 2025
-
7.2
HIGHCVE-2003-0609
Stack-based buffer overflow in the runtime linker, ld.so.1, on Solaris 2.6 through 9 allows local users to gain root privileges via a long LD_PRELOAD environment variable.... Read more
- EPSS Score: %0.73
- Published: Aug. 27, 2003
- Modified: Apr. 03, 2025
-
10.0
HIGHCVE-2003-0575
Heap-based buffer overflow in the name services daemon (nsd) in SGI IRIX 6.5.x through 6.5.21f, and possibly earlier versions, allows attackers to gain root privileges via the AUTH_UNIX gid list.... Read more
Affected Products : irix- EPSS Score: %3.45
- Published: Aug. 27, 2003
- Modified: Apr. 03, 2025