Latest CVE Feed
-
5.0
MEDIUMCVE-2003-0760
Blubster 2.5 allows remote attackers to cause a denial of service (crash) via a flood of connections to UDP port 701.... Read more
Affected Products : blubster- EPSS Score: %4.72
- Published: Sep. 17, 2003
- Modified: Apr. 03, 2025
-
5.0
MEDIUMCVE-2002-1352
Per Magne Knutsen's CartMan shopping cart (cartman.php) 1.04 and earlier allows remote attackers to modify product prices by changing the price parameter.... Read more
Affected Products : cartman- EPSS Score: %0.54
- Published: Sep. 17, 2003
- Modified: Apr. 03, 2025
-
10.0
HIGHCVE-2003-1081
Aspppls for Solaris 8 allows local users to overwrite arbitrary files via a symlink attack on the .asppp.fifo temporary file.... Read more
- EPSS Score: %2.20
- Published: Sep. 09, 2003
- Modified: Apr. 03, 2025
-
4.6
MEDIUMCVE-2003-0644
Kdbg 1.1.0 through 1.2.8 does not check permissions of the .kdbgrc file, which allows local users to execute arbitrary commands.... Read more
- EPSS Score: %0.04
- Published: Sep. 07, 2003
- Modified: Apr. 03, 2025
-
7.2
HIGHCVE-2003-0148
The default installation of MSDE via McAfee ePolicy Orchestrator 2.0 through 3.0 allows attackers to execute arbitrary code via a series of steps that (1) obtain the database administrator username and encrypted password in a configuration file from the e... Read more
Affected Products : epolicy_orchestrator- EPSS Score: %0.01
- Published: Aug. 27, 2003
- Modified: Apr. 03, 2025
-
5.0
MEDIUMCVE-2003-0511
The web server for Cisco Aironet AP1x00 Series Wireless devices running certain versions of IOS 12.2 allow remote attackers to cause a denial of service (reload) via a malformed URL.... Read more
Affected Products : ios- EPSS Score: %15.40
- Published: Aug. 27, 2003
- Modified: Apr. 03, 2025
-
5.0
MEDIUMCVE-2003-0459
KDE Konqueror for KDE 3.1.2 and earlier does not remove authentication credentials from URLs of the "user:password@host" form in the HTTP-Referer header, which could allow remote web sites to steal the credentials for pages that link to the sites.... Read more
- EPSS Score: %1.52
- Published: Aug. 27, 2003
- Modified: Apr. 03, 2025
-
5.0
MEDIUMCVE-2003-0468
Postfix 1.1.11 and earlier allows remote attackers to use Postfix to conduct "bounce scans" or DDos attacks of other hosts via an email address to the local host containing the target IP address and service name followed by a "!" string, which causes Post... Read more
- EPSS Score: %1.82
- Published: Aug. 27, 2003
- Modified: Apr. 03, 2025
-
5.0
MEDIUMCVE-2003-0460
The rotatelogs program on Apache before 1.3.28, for Windows and OS/2 systems, does not properly ignore certain control characters that are received over the pipe, which could allow remote attackers to cause a denial of service.... Read more
Affected Products : http_server- EPSS Score: %11.83
- Published: Aug. 27, 2003
- Modified: Apr. 03, 2025
-
7.2
HIGHCVE-2003-0230
Microsoft SQL Server 7, 2000, and MSDE allows local users to gain privileges by hijacking a named pipe during the authentication of another user, aka the "Named Pipe Hijacking" vulnerability.... Read more
- EPSS Score: %1.40
- Published: Aug. 27, 2003
- Modified: Apr. 03, 2025
-
4.6
MEDIUMCVE-2003-0620
Multiple buffer overflows in man-db 2.4.1 and earlier, when installed setuid, allow local users to gain privileges via (1) MANDATORY_MANPATH, MANPATH_MAP, and MANDB_MAP arguments to add_to_dirlist in manp.c, (2) a long pathname to ult_src in ult_src.c, (3... Read more
Affected Products : man- EPSS Score: %0.17
- Published: Aug. 27, 2003
- Modified: Apr. 03, 2025
-
7.5
HIGHCVE-2003-0699
The C-Media PCI sound driver in Linux before 2.4.21 does not use the get_user function to access userspace, which crosses security boundaries and may facilitate the exploitation of vulnerabilities, a different vulnerability than CVE-2003-0700.... Read more
- EPSS Score: %0.43
- Published: Aug. 27, 2003
- Modified: Apr. 03, 2025
-
5.0
MEDIUMCVE-2003-0653
The OSI networking kernel (sys/netiso) in NetBSD 1.6.1 and earlier does not use a BSD-required "PKTHDR" mbuf when sending certain error responses to the sender of an OSI packet, which allows remote attackers to cause a denial of service (kernel panic or c... Read more
Affected Products : netbsd- EPSS Score: %0.66
- Published: Aug. 27, 2003
- Modified: Apr. 03, 2025
-
7.5
HIGHCVE-2003-0546
up2date 3.0.7 and 3.1.23 does not properly verify RPM GPG signatures, which could allow remote attackers to cause unsigned packages to be installed from the Red Hat Network, if that network is compromised.... Read more
- EPSS Score: %0.64
- Published: Aug. 27, 2003
- Modified: Apr. 03, 2025
-
5.0
MEDIUMCVE-2003-0576
Unknown vulnerability in the NFS daemon (nfsd) in SGI IRIX 6.5.19f and earlier allows remote attackers to cause a denial of service (kernel panic) via certain packets that cause XDR decoding errors, a different vulnerability than CVE-2003-0619.... Read more
Affected Products : irix- EPSS Score: %0.66
- Published: Aug. 27, 2003
- Modified: Apr. 03, 2025
-
7.5
HIGHCVE-2003-0604
Windows Media Player (WMP) 7 and 8, as running on Internet Explorer and possibly other Microsoft products that process HTML, allows remote attackers to bypass zone restrictions and access or execute arbitrary files via an IFRAME tag pointing to an ASF fil... Read more
Affected Products : windows_media_player- EPSS Score: %8.39
- Published: Aug. 27, 2003
- Modified: Apr. 03, 2025
-
7.5
HIGHCVE-2003-0701
Buffer overflow in Internet Explorer 6 SP1 for certain languages that support double-byte encodings (e.g., Japanese) allows remote attackers to execute arbitrary code via the Type property of an Object tag, a variant of CVE-2003-0344.... Read more
- EPSS Score: %35.65
- Published: Aug. 27, 2003
- Modified: Apr. 03, 2025
-
5.0
MEDIUMCVE-2003-0635
Unknown vulnerability or vulnerabilities in Novell iChain 2.2 before Support Pack 1, with unknown impact, possibly related to unauthorized access to (1) NCPIP.NLM and (2) JSTCP.NLM.... Read more
Affected Products : ichain- EPSS Score: %0.27
- Published: Aug. 27, 2003
- Modified: Apr. 03, 2025
-
5.0
MEDIUMCVE-2002-1566
netris 0.5, and possibly other versions before 0.52, when running with the -w (wait) option, allows remote attackers to cause a denial of service (crash) via a long string to port 9284.... Read more
Affected Products : netris- EPSS Score: %5.82
- Published: Aug. 27, 2003
- Modified: Apr. 03, 2025
-
5.0
MEDIUMCVE-2003-0639
Unknown vulnerability in Novell iChain 2.2 before Support Pack 1 allows users to access restricted or secure pages without authentication.... Read more
Affected Products : ichain- EPSS Score: %0.28
- Published: Aug. 27, 2003
- Modified: Apr. 03, 2025