Latest CVE Feed
-
7.5
HIGHCVE-2002-0149
Buffer overflow in ASP Server-Side Include Function in IIS 4.0, 5.0 and 5.1 allows remote attackers to cause a denial of service and possibly execute arbitrary code via long file names.... Read more
- EPSS Score: %36.77
- Published: Apr. 22, 2002
- Modified: Apr. 03, 2025
-
5.0
MEDIUMCVE-2002-0041
Unknown vulnerability in Mail for SGI IRIX 6.5 through 6.5.15f, and possibly earlier versions, when running with the -R option, allows local and remote attackers to cause a core dump.... Read more
Affected Products : irix- EPSS Score: %1.10
- Published: Apr. 22, 2002
- Modified: Apr. 03, 2025
-
7.5
HIGHCVE-2002-0075
Cross-site scripting vulnerability for Internet Information Server (IIS) 4.0, 5.0 and 5.1 allows remote attackers to execute arbitrary script as other web users via the error message used in a URL redirect (""302 Object Moved") message.... Read more
- EPSS Score: %41.78
- Published: Apr. 22, 2002
- Modified: Apr. 03, 2025
-
5.0
MEDIUMCVE-2002-0073
The FTP service in Internet Information Server (IIS) 4.0, 5.0 and 5.1 allows attackers who have established an FTP session to cause a denial of service via a specially crafted status request containing glob characters.... Read more
- EPSS Score: %42.81
- Published: Apr. 22, 2002
- Modified: Apr. 03, 2025
-
7.5
HIGHCVE-2002-0170
Zope 2.2.0 through 2.5.1 does not properly verify the access for objects with proxy roles, which could allow some users to access documents in violation of the intended configuration.... Read more
Affected Products : zope- EPSS Score: %0.74
- Published: Apr. 22, 2002
- Modified: Apr. 03, 2025
-
7.2
HIGHCVE-2002-0064
Funk Software Proxy Host 3.x is installed with insecure permissions for the registry and the file system.... Read more
- EPSS Score: %0.11
- Published: Apr. 22, 2002
- Modified: Apr. 03, 2025
-
7.5
HIGHCVE-2002-0159
Format string vulnerability in the administration function in Cisco Secure Access Control Server (ACS) for Windows, 2.6.x and earlier and 3.x through 3.01 (build 40), allows remote attackers to crash the CSADMIN module only (denial of service of administ... Read more
Affected Products : secure_access_control_server- EPSS Score: %2.34
- Published: Apr. 22, 2002
- Modified: Apr. 03, 2025
-
4.6
MEDIUMCVE-2002-0175
libsafe 2.0-11 and earlier allows attackers to bypass protection against format string vulnerabilities via format strings that use the "'" and "I" characters, which are implemented in libc but not libsafe.... Read more
Affected Products : libsafe- EPSS Score: %0.08
- Published: Apr. 22, 2002
- Modified: Apr. 03, 2025
-
7.5
HIGHCVE-2002-0153
Internet Explorer 5.1 for Macintosh allows remote attackers to bypass security checks and invoke local AppleScripts within a specific HTML element, aka the "Local Applescript Invocation" vulnerability.... Read more
Affected Products : ie- EPSS Score: %42.80
- Published: Apr. 22, 2002
- Modified: Apr. 03, 2025
-
7.5
HIGHCVE-2002-0180
Buffer overflow in Webalizer 2.01-06, when configured to use reverse DNS lookups, allows remote attackers to execute arbitrary code by connecting to the monitored web server from an IP address that resolves to a long hostname.... Read more
- EPSS Score: %4.98
- Published: Apr. 22, 2002
- Modified: Apr. 03, 2025
-
7.5
HIGHCVE-2002-0179
Buffer overflow in xpilot-server for XPilot 4.5.0 and earlier allows remote attackers to execute arbitrary code.... Read more
Affected Products : xpilot- EPSS Score: %3.21
- Published: Apr. 22, 2002
- Modified: Apr. 03, 2025
-
4.6
MEDIUMCVE-2002-0176
The printf wrappers in libsafe 2.0-11 and earlier do not properly handle argument indexing specifiers, which could allow attackers to exploit certain function calls through arguments that are not verified by libsafe.... Read more
Affected Products : libsafe- EPSS Score: %0.16
- Published: Apr. 22, 2002
- Modified: Apr. 03, 2025
-
5.0
MEDIUMCVE-2002-0072
The w3svc.dll ISAPI filter in Front Page Server Extensions and ASP.NET for Internet Information Server (IIS) 4.0, 5.0, and 5.1 does not properly handle the error condition when a long URL is provided, which allows remote attackers to cause a denial of ser... Read more
- EPSS Score: %26.61
- Published: Apr. 22, 2002
- Modified: Apr. 03, 2025
-
7.5
HIGHCVE-2002-0079
Buffer overflow in the chunked encoding transfer mechanism in Internet Information Server (IIS) 4.0 and 5.0 Active Server Pages allows attackers to cause a denial of service or execute arbitrary code.... Read more
- EPSS Score: %77.56
- Published: Apr. 22, 2002
- Modified: Apr. 03, 2025
-
7.5
HIGHCVE-2002-1591
AOL Instant Messenger (AIM) 4.7.2480 adds free.aol.com to the Trusted Sites Zone in Internet Explorer without user approval, which could allow code from free.aol.com to bypass intended access restrictions.... Read more
Affected Products : instant_messenger- EPSS Score: %0.57
- Published: Apr. 08, 2002
- Modified: Apr. 03, 2025
-
4.6
MEDIUMCVE-2002-1598
Buffer overflows in Computer Associates MLink (CA-MLink) 6.5 and earlier may allow local users to execute arbitrary code via long command line arguments to (1) mlclear or (2) mllock.... Read more
Affected Products : mlink- EPSS Score: %0.16
- Published: Apr. 05, 2002
- Modified: Apr. 03, 2025
-
7.2
HIGHCVE-2002-0151
Buffer overflow in Multiple UNC Provider (MUP) in Microsoft Windows operating systems allows local users to cause a denial of service or possibly gain SYSTEM privileges via a long UNC request.... Read more
- EPSS Score: %2.81
- Published: Apr. 04, 2002
- Modified: Apr. 03, 2025
-
7.8
HIGHCVE-2002-0051
Windows 2000 allows local users to prevent the application of new group policy settings by opening Group Policy files with exclusive-read access.... Read more
Affected Products : windows_2000- EPSS Score: %1.24
- Published: Apr. 04, 2002
- Modified: Apr. 03, 2025
-
7.5
HIGHCVE-2002-0017
Buffer overflow in SNMP daemon (snmpd) on SGI IRIX 6.5 through 6.5.15m allows remote attackers to execute arbitrary code via an SNMP request.... Read more
Affected Products : irix- EPSS Score: %6.06
- Published: Apr. 03, 2002
- Modified: Apr. 03, 2025
-
7.2
HIGHCVE-2002-0165
LogWatch 2.5 allows local users to gain root privileges via a symlink attack, a different vulnerability than CVE-2002-0162.... Read more
- EPSS Score: %0.06
- Published: Apr. 03, 2002
- Modified: Apr. 03, 2025