Unknown · CVSS Not scored
surfCONTROL SuperScout does not properly asign a category to web sites with a . (dot) at the end, which may allow users to bypass web access restrictions.
Published Feb 8, 2000 · Updated Aug 8, 2024
Unknown · CVSS Not scored
Buffer overflow in Yahoo Pager/Messenger client allows remote attackers to cause a denial of service via a long URL within a message.
Published Feb 4, 2000 · Updated Aug 8, 2024
Unknown · CVSS Not scored
The recover program in Solstice Backup allows local users to restore sensitive files.
Published Feb 4, 2000 · Updated Aug 8, 2024
Unknown · CVSS Not scored
The October 1998 version of the HP-UX aserver program allows local users to gain privileges by specifying an alternate PATH which aserver uses to find the ps and grep commands.
Published Feb 4, 2000 · Updated Aug 8, 2024
Unknown · CVSS Not scored
PowerScripts PlusMail CGI program allows remote attackers to execute commands via a password file with improper permissions.
Published Feb 4, 2000 · Updated Aug 8, 2024
Unknown · CVSS Not scored
Hotmail does not properly filter JavaScript code from a user's mailbox, which allows a remote attacker to execute code via the LOWSRC or DYNRC parameters in the IMG tag.
Published Feb 4, 2000 · Updated Aug 8, 2024
Unknown · CVSS Not scored
Microsoft Java Virtual Machine allows remote attackers to read files via the getSystemResourceAsStream function.
Published Feb 8, 2000 · Updated Aug 8, 2024
Unknown · CVSS Not scored
Buffer overflow in Winamp client allows remote attackers to execute commands via a long entry in a .pls file.
Published Feb 4, 2000 · Updated Aug 8, 2024
Unknown · CVSS Not scored
The SalesCart shopping cart application allows remote users to modify sensitive purchase information via hidden form fields.
Published Feb 8, 2000 · Updated Aug 8, 2024
Unknown · CVSS Not scored
Network HotSync program in Handspring Visor does not have authentication, which allows remote attackers to retrieve email and files.
Published Feb 4, 2000 · Updated Aug 8, 2024
Unknown · CVSS Not scored
glFtpD includes a default glftpd user account with a default password and a UID of 0.
Published Feb 4, 2000 · Updated Aug 8, 2024
Unknown · CVSS Not scored
resend command in Majordomo allows local users to gain privileges via shell metacharacters.
Published Feb 4, 2000 · Updated Aug 8, 2024
Unknown · CVSS Not scored
Netopia Timbuktu Pro sends user IDs and passwords in cleartext, which allows remote attackers to obtain them via sniffing.
Published Feb 4, 2000 · Updated Aug 8, 2024
Unknown · CVSS Not scored
daynad program in Intel InBusiness E-mail Station does not require authentication, which allows remote attackers to modify its configuration, delete files, or read mail.
Published Feb 4, 2000 · Updated Aug 8, 2024
Unknown · CVSS Not scored
Internet Explorer 5 does not modify the security zone for a document that is being loaded into a window until after the document has been loaded, which could allow remote attackers to execute Javascript in a different security context while the document is loading.
Published Feb 4, 2000 · Updated Aug 8, 2024
Unknown · CVSS Not scored
WebTV email client allows remote attackers to force the client to send email without the user's knowledge via HTML.
Published Feb 4, 2000 · Updated Aug 8, 2024
Unknown · CVSS Not scored
The WebSiteTool shopping cart application allows remote users to modify sensitive purchase information via hidden form fields.
Published Feb 8, 2000 · Updated Aug 8, 2024
Unknown · CVSS Not scored
Buffer overflow in Linux linuxconf package allows remote attackers to gain root privileges via a long parameter.
Published Feb 4, 2000 · Updated Aug 8, 2024
Unknown · CVSS Not scored
HP-UX aserver program allows local users to gain privileges via a symlink attack.
Published Feb 4, 2000 · Updated Aug 8, 2024
Unknown · CVSS Not scored
Internet Explorer 5.0 and 5.01 allows remote attackers to bypass the cross frame security policy and read files via the external.NavigateAndFind function.
Published Feb 4, 2000 · Updated Aug 8, 2024
Unknown · CVSS Not scored
Lotus Domino HTTP server allows remote attackers to determine the real path of the server via a request to a non-existent script in /cgi-bin.
Published Feb 4, 2000 · Updated Aug 8, 2024
Unknown · CVSS Not scored
FTPPro allows local users to read sensitive information, which is stored in plain text.
Published Feb 4, 2000 · Updated Aug 8, 2024
Unknown · CVSS Not scored
Buffer overflow in Internet Anywhere POP3 Mail Server allows remote attackers to cause a denial of service or execute commands via a long username.
Published Feb 4, 2000 · Updated Aug 8, 2024
Unknown · CVSS Not scored
IMail POP3 daemon uses weak encryption, which allows local users to read files.
Published Feb 4, 2000 · Updated Aug 8, 2024