Latest CVE Feed
-
7.5
HIGHCVE-2002-0717
PHP 4.2.0 and 4.2.1 allows remote attackers to cause a denial of service and possibly execute arbitrary code via an HTTP POST request with certain arguments in a multipart/form-data form, which generates an error condition that is not properly handled and... Read more
Affected Products : php- EPSS Score: %4.92
- Published: Jul. 26, 2002
- Modified: Apr. 03, 2025
-
7.5
HIGHCVE-2002-0663
Buffer overflow in HTTP Proxy for Symantec Norton Personal Internet Firewall 3.0.4.91 and Norton Internet Security 2001 allows remote attackers to cause a denial of service and possibly execute arbitrary code via a large outgoing HTTP request.... Read more
- EPSS Score: %2.82
- Published: Jul. 26, 2002
- Modified: Apr. 03, 2025
-
10.0
HIGHCVE-2002-0450
Buffer overflow in Talentsoft Web+ 5.0 and earlier allows remote attackers to execute arbitrary code via a long Web Markup Language (wml) file name to (1) webplus.dll or (2) webplus.exe.... Read more
Affected Products : web\+_server- EPSS Score: %6.33
- Published: Jul. 26, 2002
- Modified: Apr. 03, 2025
-
4.6
MEDIUMCVE-2002-0443
Microsoft Windows 2000 allows local users to bypass the policy that prohibits reusing old passwords by changing the current password before it expires, which does not enable the check for previous passwords.... Read more
Affected Products : windows_2000- EPSS Score: %0.44
- Published: Jul. 26, 2002
- Modified: Apr. 03, 2025
-
5.0
MEDIUMCVE-2002-0438
ZyXEL ZyWALL 10 before 3.50 allows remote attackers to cause a denial of service via an ARP packet with the firewall's IP address and an incorrect MAC address, which causes the firewall to disable the LAN interface.... Read more
Affected Products : zywall10- EPSS Score: %1.09
- Published: Jul. 26, 2002
- Modified: Apr. 03, 2025
-
5.0
MEDIUMCVE-2002-0397
Red-M 1050 (Bluetooth Access Point) publicizes its name, IP address, and other information in UDP packets to a broadcast address, which allows any system on the network to obtain potentially sensitive information about the Access Point device by monitorin... Read more
Affected Products : 1050ap_lan_acess_point- EPSS Score: %0.35
- Published: Jul. 26, 2002
- Modified: Apr. 03, 2025
-
7.5
HIGHCVE-2002-0704
The Network Address Translation (NAT) capability for Netfilter ("iptables") 1.2.6a and earlier leaks translated IP addresses in ICMP error messages.... Read more
- EPSS Score: %1.08
- Published: Jul. 26, 2002
- Modified: Apr. 03, 2025
-
10.0
HIGHCVE-2002-0432
Buffer overflow in (1) lprintf and (2) cprintf in sysdep.c of Citadel/UX 5.90 and earlier allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via attacks such as a long HELO command to the SMTP server.... Read more
Affected Products : ux- EPSS Score: %5.99
- Published: Jul. 26, 2002
- Modified: Apr. 03, 2025
-
5.0
MEDIUMCVE-2002-0445
article.php in PHP FirstPost 0.1 allows allows remote attackers to obtain the full pathname of the server via an invalid post number in the post parameter, which leaks the pathname in an error message.... Read more
Affected Products : php_firstpost- EPSS Score: %0.52
- Published: Jul. 26, 2002
- Modified: Apr. 03, 2025
-
5.0
MEDIUMCVE-2002-0433
Pi3Web 2.0.0 allows remote attackers to view restricted files via an HTTP request containing a "*" (wildcard or asterisk) character.... Read more
Affected Products : pi3web- EPSS Score: %0.68
- Published: Jul. 26, 2002
- Modified: Apr. 03, 2025
-
7.5
HIGHCVE-2002-0703
An interaction between the Perl MD5 module (perl-Digest-MD5) and Perl could produce incorrect MD5 checksums for UTF-8 data, which could prevent a system from properly verifying the integrity of the data.... Read more
Affected Products : digest-md5- EPSS Score: %0.59
- Published: Jul. 26, 2002
- Modified: Apr. 03, 2025
-
5.0
MEDIUMCVE-2002-0715
Vulnerability in Squid before 2.4.STABLE6 related to proxy authentication credentials may allow remote web sites to obtain the user's proxy login and password.... Read more
Affected Products : squid- EPSS Score: %0.40
- Published: Jul. 26, 2002
- Modified: Apr. 03, 2025
-
5.0
MEDIUMCVE-2002-0408
htcgibin.exe in Lotus Domino server 5.0.9a and earlier, when configured with the NoBanner setting, allows remote attackers to determine the version number of the server via a request that generates an HTTP 500 error code, which leaks the version in a hard... Read more
Affected Products : domino- EPSS Score: %1.08
- Published: Jul. 26, 2002
- Modified: Apr. 03, 2025
-
5.0
MEDIUMCVE-2002-0407
htcgibin.exe in Lotus Domino server 5.0.9a and earlier allows remote attackers to determine the physical pathname for the server via requests that contain certain MS-DOS device names such as com5, such as (1) a request with a .pl or .java extension, or (2... Read more
Affected Products : domino- EPSS Score: %1.30
- Published: Jul. 26, 2002
- Modified: Apr. 03, 2025
-
7.2
HIGHCVE-2002-0716
Format string vulnerability in crontab for SCO OpenServer 5.0.5 and 5.0.6 allows local users to gain privileges via format string specifiers in the file name argument.... Read more
Affected Products : openserver- EPSS Score: %0.08
- Published: Jul. 26, 2002
- Modified: Apr. 03, 2025
-
7.5
HIGHCVE-2002-0439
Cross-site scripting vulnerability in CaupoShop 1.30a and earlier, and possibly CaupoShopPro, allows remote attackers to execute arbitrary Javascript and steal credit card numbers or delete items by injecting the script into new customer information field... Read more
Affected Products : cauposhop- EPSS Score: %0.72
- Published: Jul. 26, 2002
- Modified: Apr. 03, 2025
-
4.6
MEDIUMCVE-2002-0031
Buffer overflows in Yahoo! Messenger 5,0,0,1064 and earlier allows remote attackers to execute arbitrary code via a ymsgr URI with long arguments to (1) call, (2) sendim, (3) getimv, (4) chat, (5) addview, or (6) addfriend.... Read more
Affected Products : messenger- EPSS Score: %21.42
- Published: Jul. 26, 2002
- Modified: Apr. 03, 2025
-
5.0
MEDIUMCVE-2002-0441
Directory traversal vulnerability in imlist.php for Php Imglist allows remote attackers to read arbitrary code via a .. (dot dot) in the cwd parameter.... Read more
Affected Products : php_imglist- EPSS Score: %3.04
- Published: Jul. 26, 2002
- Modified: Apr. 03, 2025
-
10.0
HIGHCVE-2002-0449
Buffer overflow in webpsvc.exe for Talentsoft Web+ 5.0 and earlier allows remote attackers to execute arbitrary code via a long argument to webplus.exe program, which triggers the overflow in webpsvc.exe.... Read more
Affected Products : web\+_server- EPSS Score: %13.01
- Published: Jul. 26, 2002
- Modified: Apr. 03, 2025
-
5.0
MEDIUMCVE-2002-0409
orderdetails.aspx, as made available to Microsoft .NET developers as example code and demonstrated on www.ibuyspystore.com, allows remote attackers to view the orders of other users by modifying the OrderID parameter.... Read more
Affected Products : .net_framework- EPSS Score: %34.23
- Published: Jul. 26, 2002
- Modified: Apr. 03, 2025