Latest CVE Feed
-
5.0
MEDIUMCVE-2003-0839
Directory traversal vulnerability in the "Shell Folders" capability in Microsoft Windows Server 2003 allows remote attackers to read arbitrary files via .. (dot dot) sequences in a "shell:" link.... Read more
Affected Products : windows_2003_server- EPSS Score: %31.32
- Published: Nov. 17, 2003
- Modified: Apr. 03, 2025
-
7.2
HIGHCVE-2003-0840
Buffer overflow in dtprintinfo on HP-UX 11.00, and possibly other operating systems, allows local users to gain root privileges via a long DISPLAY environment variable.... Read more
Affected Products : hp-ux- EPSS Score: %0.19
- Published: Nov. 17, 2003
- Modified: Apr. 03, 2025
-
4.6
MEDIUMCVE-2003-0848
Heap-based buffer overflow in main.c of slocate 2.6, and possibly other versions, may allow local users to gain privileges via a modified slocate database that causes a negative "pathlen" value to be used.... Read more
Affected Products : slocate- EPSS Score: %0.29
- Published: Nov. 17, 2003
- Modified: Apr. 03, 2025
-
7.5
HIGHCVE-2003-0865
Heap-based buffer overflow in readstring of httpget.c for mpg123 0.59r and 0.59s allows remote attackers to execute arbitrary code via a long request.... Read more
Affected Products : mpg123- EPSS Score: %19.50
- Published: Nov. 17, 2003
- Modified: Apr. 03, 2025
-
2.1
LOWCVE-2001-1412
nidump on MacOS X before 10.3 allows local users to read the encrypted passwords from the password file by specifying passwd as a command line argument.... Read more
Affected Products : mac_os_x- EPSS Score: %0.23
- Published: Nov. 17, 2003
- Modified: Apr. 03, 2025
-
5.0
MEDIUMCVE-2003-0853
An integer overflow in ls in the fileutils or coreutils packages may allow local users to cause a denial of service or execute arbitrary code via a large -w value, which could be remotely exploited via applications that use ls, such as wu-ftpd.... Read more
- EPSS Score: %2.44
- Published: Nov. 17, 2003
- Modified: Apr. 03, 2025
-
2.1
LOWCVE-2003-0854
ls in the fileutils or coreutils packages allows local users to consume a large amount of memory via a large -w value, which can be remotely exploited via applications that use ls, such as wu-ftpd.... Read more
- EPSS Score: %0.23
- Published: Nov. 17, 2003
- Modified: Apr. 03, 2025
-
5.0
MEDIUMCVE-2003-0792
Fetchmail 6.2.4 and earlier does not properly allocate memory for long lines, which allows remote attackers to cause a denial of service (crash) via a certain email.... Read more
Affected Products : fetchmail- EPSS Score: %1.34
- Published: Nov. 17, 2003
- Modified: Apr. 03, 2025
-
7.5
HIGHCVE-2002-1569
gv 3.5.8, and possibly earlier versions, allows remote attackers to execute arbitrary commands via shell metacharacters in the filename for (1) a PDF file or (2) a gzip file.... Read more
- EPSS Score: %2.51
- Published: Nov. 17, 2003
- Modified: Apr. 03, 2025
-
7.1
HIGHCVE-2003-0844
mod_gzip 1.3.26.1a and earlier, and possibly later official versions, when running in debug mode without the Apache log, allows local users to overwrite arbitrary files via (1) a symlink attack on predictable temporary filenames on Unix systems, or (2) an... Read more
Affected Products : mod_gzip- EPSS Score: %0.09
- Published: Nov. 17, 2003
- Modified: Apr. 03, 2025
-
7.5
HIGHCVE-2003-0845
Unknown vulnerability in the HSQLDB component in JBoss 3.2.1 and 3.0.8 on Java 1.4.x platforms, when running in the default configuration, allows remote attackers to conduct unauthorized activities and possibly execute arbitrary code via certain SQL state... Read more
Affected Products : jboss- EPSS Score: %16.70
- Published: Nov. 17, 2003
- Modified: Apr. 03, 2025
-
5.0
MEDIUMCVE-2003-0841
The grid option in PeopleSoft 8.42 stores temporary .xls files in guessable directories under the web document root, which allows remote attackers to steal search results by directly accessing the files via a URL request.... Read more
Affected Products : peopletools- EPSS Score: %0.32
- Published: Nov. 17, 2003
- Modified: Apr. 03, 2025
-
2.1
LOWCVE-2003-0794
GDM 2.4.4.x before 2.4.4.4, and 2.4.1.x before 2.4.1.7, does not limit the number or duration of commands and uses a blocking socket connection, which allows attackers to cause a denial of service (resource exhaustion) by sending commands and not reading ... Read more
Affected Products : gdm- EPSS Score: %0.08
- Published: Nov. 17, 2003
- Modified: Apr. 03, 2025
-
9.3
HIGHCVE-2003-0662
Buffer overflow in Troubleshooter ActiveX Control (Tshoot.ocx) in Microsoft Windows 2000 SP4 and earlier allows remote attackers to execute arbitrary code via an HTML document with a long argument to the RunQuery2 method.... Read more
Affected Products : windows_2000- EPSS Score: %54.78
- Published: Nov. 17, 2003
- Modified: Apr. 03, 2025
-
7.5
HIGHCVE-2003-0660
The Authenticode capability in Microsoft Windows NT through Server 2003 does not prompt the user to download and install ActiveX controls when the system is low on memory, which could allow remote attackers to execute arbitrary code without user approval.... Read more
- EPSS Score: %29.44
- Published: Nov. 17, 2003
- Modified: Apr. 03, 2025
-
7.2
HIGHCVE-2003-0659
Buffer overflow in a function in User32.dll on Windows NT through Server 2003 allows local users to execute arbitrary code via long (1) LB_DIR messages to ListBox or (2) CB_DIR messages to ComboBox controls in a privileged application.... Read more
- EPSS Score: %3.66
- Published: Nov. 17, 2003
- Modified: Apr. 03, 2025
-
7.5
HIGHCVE-2003-0714
The Internet Mail Service in Exchange Server 5.5 and Exchange 2000 allows remote attackers to cause a denial of service (memory exhaustion) by directly connecting to the SMTP service and sending a certain extended verb request, possibly triggering a buffe... Read more
Affected Products : exchange_server- EPSS Score: %65.88
- Published: Nov. 17, 2003
- Modified: Apr. 03, 2025
-
7.5
HIGHCVE-2003-0843
Format string vulnerability in mod_gzip_printf for mod_gzip 1.3.26.1a and earlier, and possibly later official versions, when running in debug mode and using the Apache log, allows remote attackers to execute arbitrary code via format string characters in... Read more
Affected Products : mod_gzip- EPSS Score: %1.73
- Published: Nov. 17, 2003
- Modified: Apr. 03, 2025
-
7.5
HIGHCVE-2003-0870
Heap-based buffer overflow in Opera 7.11 and 7.20 allows remote attackers to execute arbitrary code via an HREF with a large number of escaped characters in the server name.... Read more
Affected Products : opera_browser- EPSS Score: %11.66
- Published: Nov. 17, 2003
- Modified: Apr. 03, 2025
-
7.5
HIGHCVE-2003-0850
The TCP reassembly functionality in libnids before 1.18 allows remote attackers to cause "memory corruption" and possibly execute arbitrary code via "overlarge TCP packets."... Read more
- EPSS Score: %2.76
- Published: Nov. 17, 2003
- Modified: Apr. 03, 2025