Latest CVE Feed
-
4.6
MEDIUMCVE-2001-1190
The default PAM files included with passwd in Mandrake Linux 8.1 do not support MD5 passwords, which could result in a lower level of password security than intended.... Read more
Affected Products : mandrake_linux- EPSS Score: %0.07
- Published: Dec. 12, 2001
- Modified: Apr. 03, 2025
-
5.0
MEDIUMCVE-2001-1191
WebSeal in IBM Tivoli SecureWay Policy Director 3.8 allows remote attackers to cause a denial of service (crash) via a URL that ends in %2e.... Read more
Affected Products : tivoli_secureway_policy_director- EPSS Score: %0.61
- Published: Dec. 11, 2001
- Modified: Apr. 03, 2025
-
7.5
HIGHCVE-2001-1188
mailto.exe in Brian Dorricott MAILTO 1.0.9 and earlier allows remote attackers to send SPAM e-mail through remote servers by modifying the sendto, email, server, subject, and resulturl hidden form fields.... Read more
Affected Products : mailto- EPSS Score: %2.37
- Published: Dec. 11, 2001
- Modified: Apr. 03, 2025
-
7.5
HIGHCVE-2001-1187
csvform.pl 0.1 allows remote attackers to execute arbitrary commands via metacharacters in the file parameter.... Read more
- EPSS Score: %3.12
- Published: Dec. 11, 2001
- Modified: Apr. 03, 2025
-
2.1
LOWCVE-2001-0890
Certain backend drivers in the SANE library 1.0.3 and earlier, as used in frontend software such as XSane, allows local users to modify files via a symlink attack on temporary files.... Read more
- EPSS Score: %0.09
- Published: Dec. 11, 2001
- Modified: Apr. 03, 2025
-
5.0
MEDIUMCVE-2001-1186
Microsoft IIS 5.0 allows remote attackers to cause a denial of service via an HTTP request with a content-length value that is larger than the size of the request, which prevents IIS from timing out the connection.... Read more
Affected Products : internet_information_services- EPSS Score: %32.41
- Published: Dec. 11, 2001
- Modified: Apr. 03, 2025
-
6.2
MEDIUMCVE-2001-1185
Some AIO operations in FreeBSD 4.4 may be delayed until after a call to execve, which could allow a local user to overwrite memory of the new process and gain privileges.... Read more
Affected Products : freebsd- EPSS Score: %0.13
- Published: Dec. 10, 2001
- Modified: Apr. 03, 2025
-
10.0
HIGHCVE-2001-0953
Kebi WebMail allows remote attackers to access the administrator menu and gain privileges via the /a/ hidden directory, which is installed under the web document root.... Read more
Affected Products : kebi_community- EPSS Score: %1.10
- Published: Dec. 08, 2001
- Modified: Apr. 03, 2025
-
5.0
MEDIUMCVE-2001-1184
wrshdsp.exe in Denicomp Winsock RSHD/NT 2.21.00 and earlier allows remote attackers to cause a denial of service (CPU consumption) via (1) in 2.20.00 and earlier, an invalid port number such as a negative number, which causes a connection attempt to that ... Read more
Affected Products : winsock_rshd_nt- EPSS Score: %19.48
- Published: Dec. 08, 2001
- Modified: Apr. 03, 2025
-
5.0
MEDIUMCVE-2001-0951
Windows 2000 allows remote attackers to cause a denial of service (CPU consumption) by flooding Internet Key Exchange (IKE) UDP port 500 with packets that contain a large number of dot characters.... Read more
Affected Products : windows_2000- EPSS Score: %56.34
- Published: Dec. 07, 2001
- Modified: Apr. 03, 2025
-
5.0
MEDIUMCVE-2001-0952
THQ Volition Red Faction Game allows remote attackers to cause a denial of service (hang) of a client or server via packets to UDP port 7755.... Read more
Affected Products : red_faction- EPSS Score: %4.72
- Published: Dec. 07, 2001
- Modified: Apr. 03, 2025
-
5.0
MEDIUMCVE-2001-0954
Lotus Domino 5.0.5 and 5.0.8, and possibly other versions, allows remote attackers to cause a denial of service (block access to databases that have not been previously accessed) via a URL that includes the . (dot) directory.... Read more
Affected Products : domino- EPSS Score: %0.91
- Published: Dec. 07, 2001
- Modified: Apr. 03, 2025
-
7.5
HIGHCVE-2001-0719
Buffer overflow in Microsoft Windows Media Player 6.4 allows remote attackers to execute arbitrary code via a malformed Advanced Streaming Format (ASF) file.... Read more
Affected Products : windows_media_player- EPSS Score: %17.15
- Published: Dec. 06, 2001
- Modified: Apr. 03, 2025
-
7.5
HIGHCVE-2001-0844
Vulnerability in (1) Book of guests and (2) Post it! allows remote attackers to execute arbitrary code via shell metacharacters in the email parameter.... Read more
- EPSS Score: %2.31
- Published: Dec. 06, 2001
- Modified: Apr. 03, 2025
-
2.1
LOWCVE-2001-0832
Vulnerability in Oracle 8.0.x through 9.0.1 on Unix allows local users to overwrite arbitrary files, possibly via a symlink attack or incorrect file permissions in (1) the ORACLE_HOME/rdbms/log directory or (2) an alternate directory as specified in the O... Read more
Affected Products : database_server- EPSS Score: %0.24
- Published: Dec. 06, 2001
- Modified: Apr. 03, 2025
-
7.2
HIGHCVE-2001-0801
lpstat in IRIX 6.5.13f and earlier allows local users to gain root privileges by specifying a Trojan Horse nettype shared library.... Read more
Affected Products : irix- EPSS Score: %0.05
- Published: Dec. 06, 2001
- Modified: Apr. 03, 2025
-
10.0
HIGHCVE-2001-0840
Buffer overflow in Compaq Insight Manager XE 2.1b and earlier allows remote attackers to execute arbitrary code via (1) SNMP and (2) DMI.... Read more
Affected Products : insight_manager_xe- EPSS Score: %12.53
- Published: Dec. 06, 2001
- Modified: Apr. 03, 2025
-
10.0
HIGHCVE-2001-0808
gnatsweb.pl in GNATS GnatsWeb 2.7 through 3.95 allows remote attackers to execute arbitrary commands via certain characters in the help_file parameter.... Read more
Affected Products : gnatsweb- EPSS Score: %3.10
- Published: Dec. 06, 2001
- Modified: Apr. 03, 2025
-
2.1
LOWCVE-2001-0837
DeltaThree Pc-To-Phone 3.0.3 places sensitive data in world-readable locations in the installation directory, which allows local users to read the information in (1) temp.html, (2) the log folder, and (3) the PhoneBook folder.... Read more
Affected Products : pc-to-phone- EPSS Score: %0.07
- Published: Dec. 06, 2001
- Modified: Apr. 03, 2025
-
7.5
HIGHCVE-2001-0824
Cross-site scripting vulnerability in IBM WebSphere 3.02 and 3.5 FP2 allows remote attackers to execute Javascript by inserting the Javascript into (1) a request for a .JSP file, or (2) a request to the webapp/examples/ directory, which inserts the Javasc... Read more
Affected Products : websphere_application_server- EPSS Score: %0.84
- Published: Dec. 06, 2001
- Modified: Apr. 03, 2025