Latest CVE Feed
-
5.0
MEDIUMCVE-2003-0552
Linux 2.4.x allows remote attackers to spoof the bridge Forwarding table via forged packets whose source addresses are the same as the target.... Read more
Affected Products : linux- EPSS Score: %1.52
- Published: Aug. 27, 2003
- Modified: Apr. 03, 2025
-
5.0
MEDIUMCVE-2003-0551
The STP protocol implementation in Linux 2.4.x does not properly verify certain lengths, which could allow attackers to cause a denial of service.... Read more
Affected Products : linux- EPSS Score: %0.68
- Published: Aug. 27, 2003
- Modified: Apr. 03, 2025
-
5.0
MEDIUMCVE-2003-0550
The STP protocol, as enabled in Linux 2.4.x, does not provide sufficient security by design, which allows attackers to modify the bridge topology.... Read more
Affected Products : linux- EPSS Score: %0.71
- Published: Aug. 27, 2003
- Modified: Apr. 03, 2025
-
10.0
HIGHCVE-2003-0466
Off-by-one error in the fb_realpath() function, as derived from the realpath function in BSD, may allow attackers to execute arbitrary code, as demonstrated in wu-ftpd 2.5.0 through 2.6.2 via commands that cause pathnames of length MAXPATHLEN+1 to trigger... Read more
- EPSS Score: %90.82
- Published: Aug. 27, 2003
- Modified: Apr. 03, 2025
-
2.1
LOWCVE-2003-0461
/proc/tty/driver/serial in Linux 2.4.x reveals the exact number of characters used in serial links, which could allow local users to obtain potentially sensitive information such as the length of passwords.... Read more
Affected Products : linux- EPSS Score: %0.09
- Published: Aug. 27, 2003
- Modified: Apr. 03, 2025
-
7.2
HIGHCVE-2003-0230
Microsoft SQL Server 7, 2000, and MSDE allows local users to gain privileges by hijacking a named pipe during the authentication of another user, aka the "Named Pipe Hijacking" vulnerability.... Read more
- EPSS Score: %1.40
- Published: Aug. 27, 2003
- Modified: Apr. 03, 2025
-
5.0
MEDIUMCVE-2003-0467
Unknown vulnerability in ip_nat_sack_adjust of Netfilter in Linux kernels 2.4.20, and some 2.5.x, when CONFIG_IP_NF_NAT_FTP or CONFIG_IP_NF_NAT_IRC is enabled, or the ip_nat_ftp or ip_nat_irc modules are loaded, allows remote attackers to cause a denial o... Read more
Affected Products : linux_kernel- EPSS Score: %0.66
- Published: Aug. 27, 2003
- Modified: Apr. 03, 2025
-
7.5
HIGHCVE-2003-0595
Buffer overflow in WiTango Application Server and Tango 2000 allows remote attackers to execute arbitrary code via a long cookie to Witango_UserReference.... Read more
Affected Products : wintango_application_server- EPSS Score: %10.09
- Published: Aug. 27, 2003
- Modified: Apr. 03, 2025
-
7.2
HIGHCVE-2003-0631
VMware GSX Server 2.5.1 build 4968 and earlier, and Workstation 4.0 and earlier, allows local users to gain root privileges via certain enivronment variables that are used when launching a virtual machine session.... Read more
- EPSS Score: %0.04
- Published: Aug. 27, 2003
- Modified: Apr. 03, 2025
-
7.2
HIGHCVE-2003-0609
Stack-based buffer overflow in the runtime linker, ld.so.1, on Solaris 2.6 through 9 allows local users to gain root privileges via a long LD_PRELOAD environment variable.... Read more
- EPSS Score: %0.73
- Published: Aug. 27, 2003
- Modified: Apr. 03, 2025
-
7.5
HIGHCVE-2003-1063
The patches (1) 105693-13, (2) 108800-02, (3) 105694-13, and (4) 108801-02 for cachefs on Solaris 2.6 and 7 overwrite the inetd.conf file, which may silently reenable services and allow remote attackers to bypass the intended security policy.... Read more
- EPSS Score: %0.43
- Published: Aug. 20, 2003
- Modified: Apr. 03, 2025
-
10.0
HIGHCVE-2003-1202
The checklogin function in omail.pl for omail webmail 0.98.4 and earlier allows remote attackers to execute arbitrary commands via shell metacharacters in a (1) password, (2) domainname, or (3) username.... Read more
Affected Products : omail_webmail- EPSS Score: %4.04
- Published: Aug. 19, 2003
- Modified: Apr. 03, 2025
-
5.0
MEDIUMCVE-2003-0519
Certain versions of Internet Explorer 5 and 6, in certain Windows environments, allow remote attackers to cause a denial of service (freeze) via a URL to C:\aux (MS-DOS device name) and possibly other devices.... Read more
Affected Products : internet_explorer- EPSS Score: %7.08
- Published: Aug. 18, 2003
- Modified: Apr. 03, 2025
-
7.2
HIGHCVE-2003-0580
Buffer overflow in uvadmsh in IBM U2 UniVerse 10.0.0.9 and earlier allows the uvadm user to execute arbitrary code via a long -uv.install command line argument.... Read more
Affected Products : u2_universe- EPSS Score: %0.08
- Published: Aug. 18, 2003
- Modified: Apr. 03, 2025
-
10.0
HIGHCVE-2003-0252
Off-by-one error in the xlog function of mountd in the Linux NFS utils package (nfs-utils) before 1.0.4 allows remote attackers to cause a denial of service and possibly execute arbitrary code via certain RPC requests to mountd that do not contain newline... Read more
Affected Products : nfs-utils- EPSS Score: %16.11
- Published: Aug. 18, 2003
- Modified: Apr. 03, 2025
-
7.8
HIGHCVE-2003-0578
cci_dir in IBM U2 UniVerse 10.0.0.9 and earlier creates hard links and unlinks files as root, which allows local users to gain privileges by deleting and overwriting arbitrary files.... Read more
Affected Products : u2_universe- EPSS Score: %0.03
- Published: Aug. 18, 2003
- Modified: Apr. 03, 2025
-
7.5
HIGHCVE-2003-0557
SQL injection vulnerability in login.asp for StoreFront 6.0, and possibly earlier versions, allows remote attackers to obtain sensitive user information via SQL statements in the password field.... Read more
Affected Products : storefront- EPSS Score: %1.01
- Published: Aug. 18, 2003
- Modified: Apr. 03, 2025
-
4.6
MEDIUMCVE-2003-0539
skk (Simple Kana to Kanji conversion program) 12.1 and earlier, and the ddskk package which is based on skk, creates temporary files insecurely, which allows local users to overwrite arbitrary files.... Read more
- EPSS Score: %0.07
- Published: Aug. 18, 2003
- Modified: Apr. 03, 2025
-
5.0
MEDIUMCVE-2003-0572
Unknown vulnerability in nsd in SGI IRIX 6.5.x through 6.5.20f, and possibly earlier versions, allows attackers to cause a denial of service (memory consumption).... Read more
Affected Products : irix- EPSS Score: %0.54
- Published: Aug. 18, 2003
- Modified: Apr. 03, 2025
-
10.0
HIGHCVE-2003-0522
Multiple SQL injection vulnerabilities in ProductCart 1.5 through 2 allow remote attackers to (1) gain access to the admin control panel via the idadmin parameter to login.asp or (2) gain other privileges via the Email parameter to Custva.asp.... Read more
Affected Products : productcart- EPSS Score: %0.46
- Published: Aug. 18, 2003
- Modified: Apr. 03, 2025