Latest CVE Feed
-
7.5
HIGHCVE-2003-0776
saned in sane-backends 1.0.7 and earlier does not properly "check the validity of the RPC numbers it gets before getting the parameters," with unknown consequences.... Read more
- EPSS Score: %0.74
- Published: Sep. 22, 2003
- Modified: Apr. 03, 2025
-
5.0
MEDIUMCVE-2003-0777
saned in sane-backends 1.0.7 and earlier, when debug messages are enabled, does not properly handle dropped connections, which can prevent strings from being null terminated and cause a denial of service (segmentation fault).... Read more
- EPSS Score: %0.83
- Published: Sep. 22, 2003
- Modified: Apr. 03, 2025
-
7.5
HIGHCVE-2003-0772
Multiple buffer overflows in WS_FTP 3 and 4 allow remote authenticated users to cause a denial of service and possibly execute arbitrary code via long (1) APPE (append) or (2) STAT (status) arguments.... Read more
- EPSS Score: %83.20
- Published: Sep. 22, 2003
- Modified: Apr. 03, 2025
-
6.8
MEDIUMCVE-2003-0768
Microsoft ASP.Net 1.1 allows remote attackers to bypass the Cross-Site Scripting (XSS) and Script Injection protection feature via a null character in the beginning of a tag name.... Read more
Affected Products : asp.net- EPSS Score: %17.17
- Published: Sep. 22, 2003
- Modified: Apr. 03, 2025
-
5.0
MEDIUMCVE-2003-0764
Escapade Scripting Engine (ESP) allows remote attackers to obtain sensitive path information via a malformed request, which leaks the information in an error message, as demonstrated using the PAGE parameter.... Read more
Affected Products : escapade- EPSS Score: %0.50
- Published: Sep. 17, 2003
- Modified: Apr. 03, 2025
-
10.0
HIGHCVE-2003-0715
Heap-based buffer overflow in the Distributed Component Object Model (DCOM) interface in the RPCSS Service allows remote attackers to execute arbitrary code via a malformed DCERPC DCOM object activation request packet with modified length fields, a differ... Read more
- EPSS Score: %61.98
- Published: Sep. 17, 2003
- Modified: Apr. 03, 2025
-
7.5
HIGHCVE-2003-0721
Integer signedness error in rfc2231_get_param from strings.c in PINE before 4.58 allows remote attackers to execute arbitrary code via an email that causes an out-of-bounds array access using a negative number.... Read more
Affected Products : pine- EPSS Score: %2.82
- Published: Sep. 17, 2003
- Modified: Apr. 03, 2025
-
7.5
HIGHCVE-2003-0762
Buffer overflow in (1) foxweb.dll and (2) foxweb.exe of Foxweb 2.5 allows remote attackers to execute arbitrary code via a long URL (PATH_INFO value).... Read more
Affected Products : foxweb- EPSS Score: %4.24
- Published: Sep. 17, 2003
- Modified: Apr. 03, 2025
-
4.3
MEDIUMCVE-2003-0763
Cross-site scripting (XSS) vulnerability in Escapade Scripting Engine (ESP) allows remote attackers to inject arbitrary script via the method parameter, as demonstrated using the PAGE parameter.... Read more
Affected Products : escapade- EPSS Score: %0.40
- Published: Sep. 17, 2003
- Modified: Apr. 03, 2025
-
7.5
HIGHCVE-2003-0705
Buffer overflow in mah-jong 1.5.6 and earlier allows remote attackers to execute arbitrary code.... Read more
Affected Products : mah-jong- EPSS Score: %4.58
- Published: Sep. 17, 2003
- Modified: Apr. 03, 2025
-
5.0
MEDIUMCVE-2003-0541
gtkhtml before 1.1.10, as used in Evolution, allows remote attackers to cause a denial of service (crash) via a malformed message that causes a null pointer dereference.... Read more
- EPSS Score: %1.11
- Published: Sep. 17, 2003
- Modified: Apr. 03, 2025
-
7.5
HIGHCVE-2003-0720
Buffer overflow in PINE before 4.58 allows remote attackers to execute arbitrary code via a malformed message/external-body MIME type.... Read more
Affected Products : pine- EPSS Score: %19.29
- Published: Sep. 17, 2003
- Modified: Apr. 03, 2025
-
7.2
HIGHCVE-2003-0703
KisMAC before 0.05d trusts user-supplied variables to load arbitrary kernels or kernel modules, which allows local users to gain privileges via the $DRIVER_KEXT environment variable as used in (1) viha_driver.sh, (2) macjack_load.sh, or (3) airojack_load.... Read more
Affected Products : kismac- EPSS Score: %0.05
- Published: Sep. 17, 2003
- Modified: Apr. 03, 2025
-
7.2
HIGHCVE-2003-0704
KisMAC before 0.05d trusts user-supplied variables when chown'ing files or directories, which allows local users to gain privileges via the $DRIVER_KEXT environment variable in (1) viha_driver.sh, (2) macjack_load.sh, (3) airojack_load.sh, (4) setuid_enab... Read more
Affected Products : kismac- EPSS Score: %0.05
- Published: Sep. 17, 2003
- Modified: Apr. 03, 2025
-
5.0
MEDIUMCVE-2003-0706
Unknown vulnerability in mah-jong 1.5.6 and earlier allows remote attackers to cause a denial of service (tight loop).... Read more
Affected Products : mah-jong- EPSS Score: %3.93
- Published: Sep. 17, 2003
- Modified: Apr. 03, 2025
-
10.0
HIGHCVE-2003-0528
Heap-based buffer overflow in the Distributed Component Object Model (DCOM) interface in the RPCSS Service allows remote attackers to execute arbitrary code via a malformed RPC request with a long filename parameter, a different vulnerability than CVE-200... Read more
- EPSS Score: %67.37
- Published: Sep. 17, 2003
- Modified: Apr. 03, 2025
-
7.5
HIGHCVE-2003-0765
The IN_MIDI.DLL plugin 3.01 and earlier, as used in Winamp 2.91, allows remote attackers to execute arbitrary code via a MIDI file with a large "Track data size" value.... Read more
Affected Products : winamp- EPSS Score: %4.45
- Published: Sep. 17, 2003
- Modified: Apr. 03, 2025
-
5.0
MEDIUMCVE-2002-1352
Per Magne Knutsen's CartMan shopping cart (cartman.php) 1.04 and earlier allows remote attackers to modify product prices by changing the price parameter.... Read more
Affected Products : cartman- EPSS Score: %0.54
- Published: Sep. 17, 2003
- Modified: Apr. 03, 2025
-
5.0
MEDIUMCVE-2003-0760
Blubster 2.5 allows remote attackers to cause a denial of service (crash) via a flood of connections to UDP port 701.... Read more
Affected Products : blubster- EPSS Score: %4.72
- Published: Sep. 17, 2003
- Modified: Apr. 03, 2025
-
7.5
HIGHCVE-2003-0761
Buffer overflow in the get_msg_text of chan_sip.c in the Session Initiation Protocol (SIP) protocol implementation for Asterisk releases before August 15, 2003, allows remote attackers to execute arbitrary code via certain (1) MESSAGE or (2) INFO requests... Read more
Affected Products : asterisk- EPSS Score: %0.13
- Published: Sep. 17, 2003
- Modified: Apr. 03, 2025