Latest CVE Feed
-
5.1
MEDIUMCVE-2001-0828
A cross-site scripting vulnerability in Caucho Technology Resin before 1.2.4 allows a malicious webmaster to embed Javascript in a hyperlink that ends in a .jsp extension, which causes an error message that does not properly quote the Javascript.... Read more
Affected Products : resin- EPSS Score: %0.96
- Published: Dec. 06, 2001
- Modified: Apr. 03, 2025
-
4.6
MEDIUMCVE-2001-0848
join.cfm in e-Zone Media Fuse Talk allows a local user to execute arbitrary SQL code via a semi-colon (;) in a form variable.... Read more
Affected Products : fuse_talk- EPSS Score: %0.08
- Published: Dec. 06, 2001
- Modified: Apr. 03, 2025
-
7.5
HIGHCVE-2001-0719
Buffer overflow in Microsoft Windows Media Player 6.4 allows remote attackers to execute arbitrary code via a malformed Advanced Streaming Format (ASF) file.... Read more
Affected Products : windows_media_player- EPSS Score: %17.15
- Published: Dec. 06, 2001
- Modified: Apr. 03, 2025
-
7.2
HIGHCVE-2001-0833
Buffer overflow in otrcrep in Oracle 8.0.x through 9.0.1 allows local users to execute arbitrary code via a long ORACLE_HOME environment variable, aka the "Oracle Trace Collection Security Vulnerability."... Read more
Affected Products : database_server- EPSS Score: %0.45
- Published: Dec. 06, 2001
- Modified: Apr. 03, 2025
-
7.5
HIGHCVE-2001-0827
Cerberus FTP server 1.0 - 1.5 allows remote attackers to cause a denial of service (crash) via a large number of "PASV" requests.... Read more
Affected Products : ceberus_ftp_server- EPSS Score: %0.96
- Published: Dec. 06, 2001
- Modified: Apr. 23, 2025
-
10.0
HIGHCVE-2001-0808
gnatsweb.pl in GNATS GnatsWeb 2.7 through 3.95 allows remote attackers to execute arbitrary commands via certain characters in the help_file parameter.... Read more
Affected Products : gnatsweb- EPSS Score: %3.10
- Published: Dec. 06, 2001
- Modified: Apr. 03, 2025
-
10.0
HIGHCVE-2001-0840
Buffer overflow in Compaq Insight Manager XE 2.1b and earlier allows remote attackers to execute arbitrary code via (1) SNMP and (2) DMI.... Read more
Affected Products : insight_manager_xe- EPSS Score: %12.53
- Published: Dec. 06, 2001
- Modified: Apr. 03, 2025
-
2.1
LOWCVE-2001-0837
DeltaThree Pc-To-Phone 3.0.3 places sensitive data in world-readable locations in the installation directory, which allows local users to read the information in (1) temp.html, (2) the log folder, and (3) the PhoneBook folder.... Read more
Affected Products : pc-to-phone- EPSS Score: %0.07
- Published: Dec. 06, 2001
- Modified: Apr. 03, 2025
-
7.5
HIGHCVE-2001-0824
Cross-site scripting vulnerability in IBM WebSphere 3.02 and 3.5 FP2 allows remote attackers to execute Javascript by inserting the Javascript into (1) a request for a .JSP file, or (2) a request to the webapp/examples/ directory, which inserts the Javasc... Read more
Affected Products : websphere_application_server- EPSS Score: %0.84
- Published: Dec. 06, 2001
- Modified: Apr. 03, 2025
-
4.6
MEDIUMCVE-2001-0858
Buffer overflow in pppattach and other linked PPP utilities in Caldera Open Unix 8.0 and UnixWare 7.1.0 and 7.1.1 allows local users to gain privileges.... Read more
- EPSS Score: %0.08
- Published: Dec. 06, 2001
- Modified: Apr. 03, 2025
-
6.4
MEDIUMCVE-2001-1247
PHP 4.0.4pl1 and 4.0.5 in safe mode allows remote attackers to read and write files owned by the web server UID by uploading a PHP script that uses the error_log function to access the files.... Read more
Affected Products : php- EPSS Score: %0.65
- Published: Dec. 06, 2001
- Modified: Apr. 03, 2025
-
7.5
HIGHCVE-2001-0860
Terminal Services Manager MMC in Windows 2000 and XP trusts the Client Address (IP address) that is provided by the client instead of obtaining it from the packet headers, which allows clients to spoof their public IP address, e.g. through a Network Addre... Read more
- EPSS Score: %9.10
- Published: Dec. 06, 2001
- Modified: Apr. 03, 2025
-
4.6
MEDIUMCVE-2001-0845
Vulnerability in DECwindows Motif Server on OpenVMS VAX or Alpha 6.2 through 7.3, and SEVMS VAX or Alpha 6.2, allows local users to gain access to unauthorized resources.... Read more
- EPSS Score: %0.07
- Published: Dec. 06, 2001
- Modified: Apr. 03, 2025
-
7.5
HIGHCVE-2001-0844
Vulnerability in (1) Book of guests and (2) Post it! allows remote attackers to execute arbitrary code via shell metacharacters in the email parameter.... Read more
- EPSS Score: %2.31
- Published: Dec. 06, 2001
- Modified: Apr. 03, 2025
-
2.1
LOWCVE-2001-0832
Vulnerability in Oracle 8.0.x through 9.0.1 on Unix allows local users to overwrite arbitrary files, possibly via a symlink attack or incorrect file permissions in (1) the ORACLE_HOME/rdbms/log directory or (2) an alternate directory as specified in the O... Read more
Affected Products : database_server- EPSS Score: %0.24
- Published: Dec. 06, 2001
- Modified: Apr. 03, 2025
-
7.2
HIGHCVE-2001-0801
lpstat in IRIX 6.5.13f and earlier allows local users to gain root privileges by specifying a Trojan Horse nettype shared library.... Read more
Affected Products : irix- EPSS Score: %0.05
- Published: Dec. 06, 2001
- Modified: Apr. 03, 2025
-
5.0
MEDIUMCVE-2001-0843
Squid proxy server 2.4 and earlier allows remote attackers to cause a denial of service (crash) via a mkdir-only FTP PUT request.... Read more
Affected Products : squid_web_proxy- EPSS Score: %24.97
- Published: Dec. 06, 2001
- Modified: Apr. 03, 2025
-
6.4
MEDIUMCVE-2001-0722
Internet Explorer 5.5 and 6.0 allows remote attackers to read and modify user cookies via Javascript in an about: URL, aka the "First Cookie Handling Vulnerability."... Read more
Affected Products : internet_explorer- EPSS Score: %52.78
- Published: Dec. 06, 2001
- Modified: Apr. 03, 2025
-
7.5
HIGHCVE-2001-0835
Cross-site scripting vulnerability in Webalizer 2.01-06, and possibly other versions, allows remote attackers to inject arbitrary HTML tags by specifying them in (1) search keywords embedded in HTTP referrer information, or (2) host names that are retriev... Read more
Affected Products : webalizer- EPSS Score: %4.69
- Published: Dec. 06, 2001
- Modified: Apr. 03, 2025
-
5.0
MEDIUMCVE-2001-0861
Cisco 12000 with IOS 12.0 and line cards based on Engine 2 and earlier allows remote attackers to cause a denial of service (CPU consumption) by flooding the router with traffic that generates a large number of ICMP Unreachable replies.... Read more
- EPSS Score: %0.91
- Published: Dec. 06, 2001
- Modified: Apr. 03, 2025