LiveActive security incident?Get immediate response
CVE archive

June 2001

Browse CVE records published in June 2001, with severity, affected products, CWE, KEV, and source-backed vulnerability context.

Showing 50 of 153 matching CVEs · Page 2 of 4.

Unknown · CVSS Not scored

CVE-2001-1130: Sdbsearch.cgi in SuSE Linux 6.0-7.2 could allow remote attackers to execute arbitrary commands by uploading...

Sdbsearch.cgi in SuSE Linux 6.0-7.2 could allow remote attackers to execute arbitrary commands by uploading a keylist.txt file that contains filenames with shell metacharacters, then causing the file to be searched using a .. in the HTTP referer (from the HTTP_REFERER variable) to point to the directory that contains the keylist.txt file.

Published Jun 25, 2002 · Updated Aug 8, 2024

Unknown · CVSS Not scored

CVE-2001-1088: Microsoft Outlook 8.5 and earlier, and Outlook Express 5 and earlier, with the "Automatically put people I...

Microsoft Outlook 8.5 and earlier, and Outlook Express 5 and earlier, with the "Automatically put people I reply to in my address book" option enabled, do not notify the user when the "Reply-To" address is different than the "From" address, which could allow an untrusted remote attacker to spoof legitimate addresses and intercept email from the client that is intended for another user.

Published Jun 25, 2002 · Updated Aug 8, 2024