Latest CVE Feed
-
3.6
LOWCVE-2002-0202
PaintBBS 1.2 installs certain files and directories with insecure permissions, which allows local users to (1) obtain the encrypted server password via the world-readable oekakibbs.conf file, or (2) modify the server configuration via the world-writeable ... Read more
Affected Products : paintbbs- EPSS Score: %0.07
- Published: May. 16, 2002
- Modified: Apr. 03, 2025
-
2.1
LOWCVE-2002-0214
Compaq Intel PRO/Wireless 2011B LAN USB Device Driver 1.5.16.0 through 1.5.18.0 stores the 128-bit WEP (Wired Equivalent Privacy) key in plaintext in a registry key with weak permissions, which allows local users to decrypt network traffic by reading the ... Read more
Affected Products : intel_pro_wireless_2011b_lan_usb_device_driver- EPSS Score: %0.08
- Published: May. 16, 2002
- Modified: Apr. 03, 2025
-
5.0
MEDIUMCVE-2002-0228
Microsoft MSN Messenger allows remote attackers to use Javascript that references an ActiveX object to obtain sensitive information such as display names and web site navigation, and possibly more when the user is connected to certain Microsoft sites (or ... Read more
Affected Products : msn_messenger- EPSS Score: %28.61
- Published: May. 16, 2002
- Modified: Apr. 03, 2025
-
10.0
HIGHCVE-2002-0198
Buffer overflow in plDaniels ripMime 1.2.6 and earlier, as used in other programs such as xamime and inflex, allows remote attackers to execute arbitrary code via an attachment in a long filename.... Read more
- EPSS Score: %5.63
- Published: May. 16, 2002
- Modified: Apr. 03, 2025
-
7.5
HIGHCVE-2002-0171
IRISconsole 2.0 may allow users to log into the icadmin account with an incorrect password in some circumstances, which could allow users to gain privileges.... Read more
Affected Products : irisconsole- EPSS Score: %1.53
- Published: May. 16, 2002
- Modified: Apr. 03, 2025
-
7.5
HIGHCVE-2002-0206
index.php in Francisco Burzi PHP-Nuke 5.3.1 and earlier, and possibly other versions before 5.5, allows remote attackers to execute arbitrary PHP code by specifying a URL to the malicious code in the file parameter.... Read more
Affected Products : php-nuke- EPSS Score: %0.22
- Published: May. 16, 2002
- Modified: Apr. 03, 2025
-
5.0
MEDIUMCVE-2002-0230
Cross-site scripting vulnerability in fom.cgi of Faq-O-Matic 2.712 allows remote attackers to execute arbitrary Javascript on other clients via the cmd parameter, which causes the script to be inserted into an error message.... Read more
Affected Products : faq-o-matic- EPSS Score: %4.38
- Published: May. 16, 2002
- Modified: Apr. 03, 2025
-
7.8
HIGHCVE-2002-0184
Sudo before 1.6.6 contains an off-by-one error that can result in a heap-based buffer overflow that may allow local users to gain root privileges via special characters in the -p (prompt) argument, which are not properly expanded.... Read more
- EPSS Score: %0.21
- Published: May. 16, 2002
- Modified: Apr. 03, 2025
-
7.5
HIGHCVE-2002-0217
Cross-site scripting (CSS) vulnerabilities in the Private Message System for XOOPS 1.0 RC1 allow remote attackers to execute Javascript on other web clients via (1) the Title field or a Private Message Box or (2) the image field parameter in pmlite.php.... Read more
Affected Products : xoops- EPSS Score: %1.29
- Published: May. 16, 2002
- Modified: Apr. 03, 2025
-
7.2
HIGHCVE-2002-0173
Buffer overflow in cpr for the eoe.sw.cpr SGI Checkpoint-Restart Software package on SGI IRIX 6.5.10 and earlier may allow local users to gain root privileges.... Read more
Affected Products : irix- EPSS Score: %0.05
- Published: May. 16, 2002
- Modified: Apr. 03, 2025
-
7.2
HIGHCVE-2002-0219
Buffer overflow in (1) sastcpd in SAS/Base 8.0 and 8.1 or (2) objspawn in SAS/Integration Technologies 8.0 and 8.1 allows local users to execute arbitrary code via large command line argument.... Read more
- EPSS Score: %0.15
- Published: May. 16, 2002
- Modified: Apr. 03, 2025
-
5.0
MEDIUMCVE-2002-0209
Nortel Alteon ACEdirector WebOS 9.0, with the Server Load Balancing (SLB) and Cookie-Based Persistence features enabled, allows remote attackers to determine the real IP address of a web server with a half-closed session, which causes ACEdirector to send ... Read more
Affected Products : alteon_acedirector- EPSS Score: %6.75
- Published: May. 16, 2002
- Modified: Apr. 03, 2025
-
5.0
MEDIUMCVE-2002-0200
Cyberstop Web Server for Windows 0.1 allows remote attackers to cause a denial of service via an HTTP request for an MS-DOS device name.... Read more
Affected Products : cyberstop_web_server- EPSS Score: %2.57
- Published: May. 16, 2002
- Modified: Apr. 03, 2025
-
5.0
MEDIUMCVE-2002-0227
KICQ 2.0.0b1 allows remote attackers to cause a denial of service (crash) via a malformed message.... Read more
- EPSS Score: %4.72
- Published: May. 16, 2002
- Modified: Apr. 03, 2025
-
5.0
MEDIUMCVE-2002-1592
The ap_log_rerror function in Apache 2.0 through 2.035, when a CGI application encounters an error, sends error messages to the client that include the full path for the server, which allows remote attackers to obtain sensitive information.... Read more
Affected Products : http_server- EPSS Score: %4.84
- Published: May. 06, 2002
- Modified: Apr. 03, 2025
-
7.2
HIGHCVE-1999-1570
Buffer overflow in sar for OpenServer 5.0.5 allows local users to gain root privileges via a long -o parameter.... Read more
Affected Products : openserver- EPSS Score: %0.05
- Published: May. 01, 2002
- Modified: Apr. 03, 2025
-
4.6
MEDIUMCVE-2002-1602
Buffer overflow in the Braille module for GNU screen 3.9.11, when HAVE_BRAILLE is defined, allows local users to execute arbitrary code.... Read more
Affected Products : screen- EPSS Score: %0.12
- Published: Apr. 23, 2002
- Modified: Apr. 03, 2025
-
7.5
HIGHCVE-2002-0153
Internet Explorer 5.1 for Macintosh allows remote attackers to bypass security checks and invoke local AppleScripts within a specific HTML element, aka the "Local Applescript Invocation" vulnerability.... Read more
Affected Products : ie- EPSS Score: %42.80
- Published: Apr. 22, 2002
- Modified: Apr. 03, 2025
-
7.5
HIGHCVE-2002-0149
Buffer overflow in ASP Server-Side Include Function in IIS 4.0, 5.0 and 5.1 allows remote attackers to cause a denial of service and possibly execute arbitrary code via long file names.... Read more
- EPSS Score: %36.77
- Published: Apr. 22, 2002
- Modified: Apr. 03, 2025
-
5.0
MEDIUMCVE-2002-0041
Unknown vulnerability in Mail for SGI IRIX 6.5 through 6.5.15f, and possibly earlier versions, when running with the -R option, allows local and remote attackers to cause a core dump.... Read more
Affected Products : irix- EPSS Score: %1.10
- Published: Apr. 22, 2002
- Modified: Apr. 03, 2025