LiveActive security incident?Get immediate response
CVE archive

April 2002

Browse CVE records published in April 2002, with severity, affected products, CWE, KEV, and source-backed vulnerability context.

Showing 50 of 326 matching CVEs · Page 3 of 7.

Unknown · CVSS Not scored

CVE-2002-0766: OpenBSD 2.9 through 3.1 allows local users to cause a denial of service (resource exhaustion) and gain root...

OpenBSD 2.9 through 3.1 allows local users to cause a denial of service (resource exhaustion) and gain root privileges by filling the kernel's file descriptor table and closing file descriptors 0, 1, or 2 before executing a privileged process, which is not properly handled when OpenBSD fails to open an alternate descriptor.

Published Apr 2, 2003 · Updated Aug 8, 2024

Unknown · CVSS Not scored

CVE-2002-0759: bzip2 before 1.0.2 in FreeBSD 4.5 and earlier, OpenLinux 3.1 and 3.1.1, and possibly other operating system...

bzip2 before 1.0.2 in FreeBSD 4.5 and earlier, OpenLinux 3.1 and 3.1.1, and possibly other operating systems, does not use the O_EXCL flag to create files during decompression and does not warn the user if an existing file would be overwritten, which could allow attackers to overwrite files via a bzip2 archive.

Published Apr 2, 2003 · Updated Aug 8, 2024

Unknown · CVSS Not scored

CVE-2002-0760: Race condition in bzip2 before 1.0.2 in FreeBSD 4.5 and earlier, OpenLinux 3.1 and 3.1.1, and possibly othe...

Race condition in bzip2 before 1.0.2 in FreeBSD 4.5 and earlier, OpenLinux 3.1 and 3.1.1, and possibly other operating systems, decompresses files with world-readable permissions before setting the permissions to what is specified in the bzip2 archive, which could allow local users to read the files as they are being decompressed.

Published Apr 2, 2003 · Updated Aug 8, 2024

Unknown · CVSS Not scored

CVE-2002-0700: Buffer overflow in a system function that performs user authentication for Microsoft Content Management Ser...

Buffer overflow in a system function that performs user authentication for Microsoft Content Management Server (MCMS) 2001 allows attackers to execute code in the Local System context by authenticating to a web page that calls the function, aka "Unchecked Buffer in MDAC Function Could Enable SQL Server Compromise."

Published Apr 2, 2003 · Updated Aug 8, 2024