Latest CVE Feed
-
5.3
MEDIUMCVE-2001-1533
Microsoft Internet Security and Acceleration (ISA) Server 2000 allows remote attackers to cause a denial of service via a flood of fragmented UDP packets. NOTE: the vendor disputes this issue, saying that it requires high bandwidth to exploit, and the se... Read more
Affected Products : isa_server- EPSS Score: %26.89
- Published: Dec. 31, 2001
- Modified: Apr. 03, 2025
-
6.4
MEDIUMCVE-2001-1569
Openwave WAP gateway does not verify the fully qualified domain name URL with X.509 certificates from root certificate authorities, which allows remote attackers to spoof SSL certificates via a man-in-the-middle attack.... Read more
Affected Products : openwave_wap_gateway- EPSS Score: %0.37
- Published: Dec. 31, 2001
- Modified: Apr. 03, 2025
-
2.1
LOWCVE-2001-1548
ZoneAlarm 2.1 through 2.6 and ZoneAlarm Pro 2.4 and 2.6 allows local users to bypass filtering via non-standard TCP packets created with non-Windows protocol adapters.... Read more
Affected Products : zonealarm- EPSS Score: %0.05
- Published: Dec. 31, 2001
- Modified: Apr. 03, 2025
-
2.1
LOWCVE-2001-1518
RunAs (runas.exe) in Windows 2000 only creates one session instance at a time, which allows local users to cause a denial of service (RunAs hang) by creating a named pipe session with the authentication server without any request for service. NOTE: the v... Read more
Affected Products : windows_2000- EPSS Score: %0.61
- Published: Dec. 31, 2001
- Modified: Apr. 03, 2025
-
4.6
MEDIUMCVE-2001-1576
Buffer overflow in cron in Caldera UnixWare 7 allows local users to execute arbitrary code via a command line argument.... Read more
Affected Products : unixware- EPSS Score: %0.09
- Published: Dec. 31, 2001
- Modified: Apr. 03, 2025
-
10.0
HIGHCVE-2001-1573
Buffer overflow in smtpscan.dll for Trend Micro InterScan VirusWall 3.51 for Windows NT has allows remote attackers to execute arbitrary code via a certain configuration parameter.... Read more
Affected Products : interscan_viruswall- EPSS Score: %1.95
- Published: Dec. 31, 2001
- Modified: Apr. 03, 2025
-
7.5
HIGHCVE-2001-1480
Java Runtime Environment (JRE) and SDK 1.2 through 1.3.0_04 allows untrusted applets to access the system clipboard.... Read more
- EPSS Score: %0.54
- Published: Dec. 31, 2001
- Modified: Apr. 03, 2025
-
4.3
MEDIUMCVE-2001-1524
Cross-site scripting (XSS) vulnerability in PHP-Nuke 5.3.1 and earlier allows remote attackers to inject arbitrary web script or HTML via the (1) uname parameter in user.php, (2) ttitle, letter and file parameters in modules.php, (3) subject, story and st... Read more
Affected Products : php-nuke- EPSS Score: %0.11
- Published: Dec. 31, 2001
- Modified: Apr. 03, 2025
-
5.0
MEDIUMCVE-2001-1488
Open Projects Network Internet Relay Chat (IRC) daemon u2.10.05.18 does not perform a double-reverse DNS lookup, which allows remote attackers to spoof any valid hostname on the Internet. NOTE: a followup post suggests that this is not an issue in the da... Read more
Affected Products : open_projects_network_ircd- EPSS Score: %0.38
- Published: Dec. 31, 2001
- Modified: Apr. 03, 2025
-
5.0
MEDIUMCVE-2001-1499
Check Point VPN-1 4.1SP4 using SecuRemote returns different error messages for valid and invalid users, with prompts that vary depending on the authentication method being used, which makes it easier for remote attackers to conduct brute force attacks.... Read more
Affected Products : vpn-1- EPSS Score: %0.70
- Published: Dec. 31, 2001
- Modified: Apr. 03, 2025
-
7.5
HIGHCVE-2001-1504
Lotus Notes R5 Client 4.6 allows remote attackers to execute arbitrary commands via a Lotus Notes object with code in an event, which is automatically executed when the user processes the e-mail message.... Read more
Affected Products : lotus_notes- EPSS Score: %2.99
- Published: Dec. 31, 2001
- Modified: Apr. 03, 2025
-
7.2
HIGHCVE-2001-1541
Buffer overflow in Unix-to-Unix Copy Protocol (UUCP) in BSDI BSD/OS 3.0 through 4.2 allows local users to execute arbitrary code via a long command line argument.... Read more
Affected Products : bsd_os- EPSS Score: %0.26
- Published: Dec. 31, 2001
- Modified: Apr. 03, 2025
-
2.1
LOWCVE-2001-1497
Microsoft Internet Explorer 4.0 through 6.0 could allow local users to differentiate between alphanumeric and non-alphanumeric characters used in a password by pressing certain control keys that jump between non-alphanumeric characters, which makes it eas... Read more
- EPSS Score: %0.56
- Published: Dec. 31, 2001
- Modified: Apr. 03, 2025
-
2.1
LOWCVE-2001-1549
Tiny Personal Firewall 1.0 and 2.0 allows local users to bypass filtering via non-standard TCP packets created with non-Windows protocol adapters.... Read more
Affected Products : tiny_personal_firewall- EPSS Score: %0.14
- Published: Dec. 31, 2001
- Modified: Apr. 03, 2025
-
7.5
HIGHCVE-2001-1484
Alcatel ADSL modems allow remote attackers to access the Trivial File Transfer Protocol (TFTP) to modify firmware and configuration via a bounce attack from a system on the local area network (LAN) side, which is allowed to access TFTP without authenticat... Read more
- EPSS Score: %2.88
- Published: Dec. 31, 2001
- Modified: Apr. 03, 2025
-
2.1
LOWCVE-2001-1503
The finger daemon (in.fingerd) in Sun Solaris 2.5 through 8 and SunOS 5.5 through 5.8 allows remote attackers to list all accounts on a host by typing finger 'a b c d e f g h'@host.... Read more
- EPSS Score: %0.22
- Published: Dec. 31, 2001
- Modified: Apr. 03, 2025
-
7.5
HIGHCVE-2001-1563
Unknown vulnerability in Tomcat 3.2.1 running on HP Secure OS for Linux 1.0 allows attackers to access servlet resources. NOTE: due to the vagueness of the vendor advisory, it is not clear whether this issue is already covered by other CVE identifiers.... Read more
- EPSS Score: %4.98
- Published: Dec. 31, 2001
- Modified: Apr. 03, 2025
-
6.4
MEDIUMCVE-2001-1512
Unknown vulnerability in Allaire JRun 3.1 allows remote attackers to directly access the WEB-INF and META-INF directories and execute arbitrary JavaServer Pages (JSP), a variant of CVE-2000-1050.... Read more
Affected Products : jrun- EPSS Score: %0.38
- Published: Dec. 31, 2001
- Modified: Apr. 03, 2025
-
7.5
HIGHCVE-2001-1529
Buffer overflow in rpc.yppasswdd (yppasswd server) in AIX allows attackers to gain unauthorized access via a long string. NOTE: due to lack of details in the vendor advisory, it is not clear if this is the same issue as CVE-2001-0779.... Read more
Affected Products : aix- EPSS Score: %0.60
- Published: Dec. 31, 2001
- Modified: Apr. 03, 2025
-
5.0
MEDIUMCVE-2001-1532
WebX stores authentication information in the HTTP_REFERER variable, which is included in URL links within bulletin board messages posted by users, which could allow remote attackers to hijack user sessions.... Read more
Affected Products : webx- EPSS Score: %0.47
- Published: Dec. 31, 2001
- Modified: Apr. 03, 2025