Latest CVE Feed
-
7.2
HIGHCVE-2003-0954
Buffer overflow in rcp for AIX 4.3.3, 5.1 and 5.2 allows local users to gain privileges.... Read more
Affected Products : aix- EPSS Score: %0.08
- Published: Dec. 31, 2003
- Modified: Apr. 03, 2025
-
2.6
LOWCVE-2003-1129
Buffer overflow in the Yahoo! Audio Conferencing (aka Voice Chat) ActiveX control before 1,0,0,45 allows remote attackers to cause a denial of service and possibly execute arbitrary code via a URL with a long hostname to Yahoo! Messenger or Yahoo! Chat.... Read more
Affected Products : audio_conferencing_activex_control- EPSS Score: %19.57
- Published: Dec. 31, 2003
- Modified: Apr. 03, 2025
-
7.5
HIGHCVE-2003-1383
WEB-ERP 0.1.4 and earlier allows remote attackers to obtain sensitive information via an HTTP request for the logicworks.ini file, which contains the MySQL database username and password.... Read more
Affected Products : web_erp- EPSS Score: %0.66
- Published: Dec. 31, 2003
- Modified: Apr. 03, 2025
-
5.0
MEDIUMCVE-2003-1555
ScozNet ScozBook 1.1 BETA allows remote attackers to obtain sensitive information via an invalid PG parameter in view.php, which reveals the installation path in an error message.... Read more
Affected Products : scozbook- EPSS Score: %4.21
- Published: Dec. 31, 2003
- Modified: Apr. 03, 2025
-
6.3
MEDIUMCVE-2003-1497
Buffer overflow in the system log viewer of Linksys BEFSX41 1.44.3 allows remote attackers to cause a denial of service via an HTTP request with a long Log_Page_Num variable.... Read more
Affected Products : befsx41- EPSS Score: %0.86
- Published: Dec. 31, 2003
- Modified: Apr. 03, 2025
-
5.0
MEDIUMCVE-2003-1456
Album.pl 6.1 allows remote attackers to execute arbitrary commands, when an alternative configuration file is used, via unknown attack vectors.... Read more
- EPSS Score: %4.33
- Published: Dec. 31, 2003
- Modified: Apr. 03, 2025
-
2.1
LOWCVE-2003-1225
The default CredentialMapper for BEA WebLogic Server and Express 7.0 and 7.0.0.1 stores passwords in cleartext on disk, which allows local users to extract passwords.... Read more
Affected Products : weblogic_server- EPSS Score: %0.06
- Published: Dec. 31, 2003
- Modified: Apr. 03, 2025
-
5.0
MEDIUMCVE-2003-1379
clarkconnectd in ClarkConnect Linux 1.2 allows remote attackers to obtain sensitive information about the server via the characters (1) A, which reveals the date and time, (2) F, (3) M, which reveals 'ifconfig' information, (4) P, which lists the processe... Read more
Affected Products : clarkconnect- EPSS Score: %0.25
- Published: Dec. 31, 2003
- Modified: Apr. 03, 2025
-
10.0
HIGHCVE-2003-1425
guestbook.cgi in cPanel 5.0 allows remote attackers to execute arbitrary commands via the template parameter.... Read more
Affected Products : cpanel- EPSS Score: %3.68
- Published: Dec. 31, 2003
- Modified: Apr. 03, 2025
-
5.8
MEDIUMCVE-2003-1481
CommuniGate Pro 3.1 through 4.0.6 sends the session ID in the referer field for an HTTP request for an image, which allows remote attackers to hijack mail sessions via an e-mail with an IMG tag that references a malicious URL that captures the referer.... Read more
Affected Products : communigate_pro- EPSS Score: %2.62
- Published: Dec. 31, 2003
- Modified: Apr. 03, 2025
-
5.0
MEDIUMCVE-2003-1469
The default configuration of ColdFusion MX has the "Enable Robust Exception Information" option selected, which allows remote attackers to obtain the full path of the web server via a direct request to CFIDE/probe.cfm, which leaks the path in an error mes... Read more
- EPSS Score: %1.50
- Published: Dec. 31, 2003
- Modified: Apr. 03, 2025
-
4.6
MEDIUMCVE-2003-1215
SQL injection vulnerability in groupcp.php for phpBB 2.0.6 and earlier allows group moderators to perform unauthorized activities via the sql_in parameter.... Read more
Affected Products : phpbb- EPSS Score: %0.06
- Published: Dec. 29, 2003
- Modified: Apr. 03, 2025
-
7.5
HIGHCVE-2003-1200
Stack-based buffer overflow in FORM2RAW.exe in Alt-N MDaemon 6.5.2 through 6.8.5 allows remote attackers to execute arbitrary code via a long From parameter to Form2Raw.cgi.... Read more
Affected Products : mdaemon- EPSS Score: %59.89
- Published: Dec. 29, 2003
- Modified: Apr. 03, 2025
-
5.0
MEDIUMCVE-2003-1198
connection.c in Cherokee web server before 0.4.6 allows remote attackers to cause a denial of service via an HTTP POST request without a Content-Length header field.... Read more
Affected Products : cherokee_httpd- EPSS Score: %0.80
- Published: Dec. 26, 2003
- Modified: Apr. 03, 2025
-
5.0
MEDIUMCVE-2003-0795
The vty layer in Quagga before 0.96.4, and Zebra 0.93b and earlier, does not verify that sub-negotiation is taking place when processing the SE marker, which allows remote attackers to cause a denial of service (crash) via a malformed telnet command to th... Read more
- EPSS Score: %8.01
- Published: Dec. 15, 2003
- Modified: Apr. 03, 2025
-
7.5
HIGHCVE-2003-0962
Heap-based buffer overflow in rsync before 2.5.7, when running in server mode, allows remote attackers to execute arbitrary code and possibly escape the chroot jail.... Read more
- EPSS Score: %41.86
- Published: Dec. 15, 2003
- Modified: Apr. 03, 2025
-
7.5
HIGHCVE-2003-0812
Stack-based buffer overflow in a logging function for Windows Workstation Service (WKSSVC.DLL) allows remote attackers to execute arbitrary code via RPC calls that cause long entries to be written to a debug log file ("NetSetup.LOG"), as demonstrated usin... Read more
- EPSS Score: %81.92
- Published: Dec. 15, 2003
- Modified: Apr. 03, 2025
-
7.2
HIGHCVE-2003-0938
vos24u.c in SAP database server (SAP DB) 7.4.03.27 and earlier allows local users to gain SYSTEM privileges via a malicious "NETAPI32.DLL" in the current working directory, which is found and loaded by SAP DB before the real DLL, as demonstrated using the... Read more
Affected Products : sap_db- EPSS Score: %0.05
- Published: Dec. 15, 2003
- Modified: Apr. 03, 2025
-
7.5
HIGHCVE-2003-0951
Partition Manager (parmgr) in HP-UX B.11.23 does not properly validate certificates that are provided by the cimserver, which allows attackers to obtain sensitive data or gain privileges.... Read more
Affected Products : hp-ux- EPSS Score: %0.36
- Published: Dec. 15, 2003
- Modified: Apr. 03, 2025
-
7.2
HIGHCVE-2003-0947
Buffer overflow in iwconfig, when installed setuid, allows local users to execute arbitrary code via a long OUT environment variable.... Read more
Affected Products : wireless_tools- EPSS Score: %0.09
- Published: Dec. 15, 2003
- Modified: Apr. 03, 2025