LiveActive security incident?Get immediate response
CVE archive

February 2001

Browse CVE records published in February 2001, with severity, affected products, CWE, KEV, and source-backed vulnerability context.

Showing 50 of 166 matching CVEs · Page 2 of 4.

Unknown · CVSS Not scored

CVE-2001-0958: Buffer overflows in eManager plugin for Trend Micro InterScan VirusWall for NT 3.51 and 3.51J allow remote...

Buffer overflows in eManager plugin for Trend Micro InterScan VirusWall for NT 3.51 and 3.51J allow remote attackers to execute arbitrary code via long arguments to the CGI programs (1) register.dll, (2) ContentFilter.dll, (3) SFNofitication.dll, (4) register.dll, (5) TOP10.dll, (6) SpamExcp.dll, and (7) spamrule.dll.

Published Feb 2, 2002 · Updated Aug 8, 2024

Unknown · CVSS Not scored

CVE-2001-0955: Buffer overflow in fbglyph.c in XFree86 before 4.2.0, related to glyph clipping for large origins, allows a...

Buffer overflow in fbglyph.c in XFree86 before 4.2.0, related to glyph clipping for large origins, allows attackers to cause a denial of service and possibly gain privileges via a large number of characters, possibly through the web page search form of KDE Konqueror or from an xterm command with a long title.

Published Feb 2, 2002 · Updated Aug 8, 2024

Unknown · CVSS Not scored

CVE-2001-0996: POP3Lite before 0.2.4 does not properly quote a .

POP3Lite before 0.2.4 does not properly quote a . (dot) in an email message, which could allow a remote attacker to append arbitrary text to the end of an email message, which could then be interpreted by various mail clients as valid POP server responses or other input that could cause clients to crash or otherwise behave unexpectedly.

Published Feb 2, 2002 · Updated Aug 8, 2024

Unknown · CVSS Not scored

CVE-2001-0950: ValiCert Enterprise Validation Authority (EVA) Administration Server 3.3 through 4.2.1 uses insufficiently...

ValiCert Enterprise Validation Authority (EVA) Administration Server 3.3 through 4.2.1 uses insufficiently random data to (1) generate session tokens for HSMs using the C rand function, or (2) generate certificates or keys using /dev/urandom instead of another source which blocks when the entropy pool is low, which could make it easier for local or remote attackers to steal tokens or certificates via brute force guessing.

Published Feb 2, 2002 · Updated Aug 8, 2024

Unknown · CVSS Not scored

CVE-2001-0984: Password Safe 1.7(1) leaves cleartext passwords in memory when a user copies the password to the clipboard...

Password Safe 1.7(1) leaves cleartext passwords in memory when a user copies the password to the clipboard and minimizes Password Safe with the "Clear the password when minimized" and "Lock password database on minimize and prompt on restore" options enabled, which could allow an attacker with access to the memory (e.g. an administrator) to read the passwords.

Published Feb 2, 2002 · Updated Aug 8, 2024

Unknown · CVSS Not scored

CVE-2001-0949: Buffer overflows in forms.exe CGI program in ValiCert Enterprise Validation Authority (EVA) Administration...

Buffer overflows in forms.exe CGI program in ValiCert Enterprise Validation Authority (EVA) Administration Server 3.3 through 4.2.1 allows remote attackers to execute arbitrary code via long arguments to the parameters (1) Mode, (2) Certificate_File, (3) useExpiredCRLs, (4) listenLength, (5) maxThread, (6) maxConnPerSite, (7) maxMsgLen, (8) exitTime, (9) blockTime, (10) nextUpdatePeriod, (11) buildLocal, (12) maxOCSPValidityPeriod, (13) extension, and (14) a particular combination of parameters associated with private key generation that form a string of a certain length.

Published Feb 2, 2002 · Updated Aug 8, 2024