LiveActive security incident?Get immediate response
CVE archive

April 2002

Browse CVE records published in April 2002, with severity, affected products, CWE, KEV, and source-backed vulnerability context.

Showing 50 of 326 matching CVEs · Page 1 of 7.

Unknown · CVSS Not scored

CVE-2002-1658: Buffer overflow in htdigest in Apache 1.3.26 and 1.3.27 may allow attackers to execute arbitrary code via a...

Buffer overflow in htdigest in Apache 1.3.26 and 1.3.27 may allow attackers to execute arbitrary code via a long user argument. NOTE: since htdigest is normally only locally accessible and not setuid or setgid, there are few attack vectors which would lead to an escalation of privileges, unless htdigest is executed from a CGI program. Therefore this may not be a vulnerability.

Published Apr 27, 2005 · Updated Aug 8, 2024

Unknown · CVSS Not scored

CVE-2002-1312: Buffer overflow in the Web management interface in Linksys BEFW11S4 wireless access point router 2 and BEFS...

Buffer overflow in the Web management interface in Linksys BEFW11S4 wireless access point router 2 and BEFSR11, BEFSR41, and BEFSRU31 EtherFast Cable/DSL routers with firmware before 1.43.3 with remote management enabled allows remote attackers to cause a denial of service (router crash) via a long password.

Published Apr 14, 2005 · Updated Aug 8, 2024

Unknown · CVSS Not scored

CVE-2002-1060: Cross-site scripting (XSS) vulnerability in Blue Coat Systems (formerly CacheFlow) CacheOS on Client Accele...

Cross-site scripting (XSS) vulnerability in Blue Coat Systems (formerly CacheFlow) CacheOS on Client Accelerator 4.1.06, Security Gateway 2.1.02, and Server Accelerator 4.1.06 allows remote attackers to inject arbitrary web script or HTML via a URL to a nonexistent hostname that includes the HTML, which is inserted into the resulting error page.

Published Apr 2, 2003 · Updated Aug 8, 2024

Unknown · CVSS Not scored

CVE-2002-1143: Microsoft Word and Excel allow remote attackers to steal sensitive information via certain field codes that...

Microsoft Word and Excel allow remote attackers to steal sensitive information via certain field codes that insert the information when the document is returned to the attacker, as demonstrated in Word using (1) INCLUDETEXT or (2) INCLUDEPICTURE, aka "Flaw in Word Fields and Excel External Updates Could Lead to Information Disclosure."

Published Apr 3, 2003 · Updated Aug 8, 2024

Unknown · CVSS Not scored

CVE-2002-1015: RealJukebox 2 1.0.2.340 and 1.0.2.379, and RealOne Player Gold 6.0.10.505, allows remote attackers to execu...

RealJukebox 2 1.0.2.340 and 1.0.2.379, and RealOne Player Gold 6.0.10.505, allows remote attackers to execute arbitrary script in the Local computer zone by inserting the script into the skin.ini file of an RJS archive, then referencing skin.ini from a web page after it has been extracted, which is parsed as HTML by Internet Explorer or other Microsoft-based web readers.

Published Apr 2, 2003 · Updated Aug 8, 2024