LiveActive security incident?Get immediate response
CVE archive

June 2002

Browse CVE records published in June 2002, with severity, affected products, CWE, KEV, and source-backed vulnerability context.

Showing 50 of 548 matching CVEs · Page 5 of 11.

Unknown · CVSS Not scored

CVE-2002-1857: jo!

jo! jo Webserver 1.0, when running on Windows, allows remote attackers to retrieve files in the WEB-INF directory, which contains Java class files and configuration information, via a request to the WEB-INF directory with a trailing dot ("WEB-INF.").

Published Jun 28, 2005 · Updated Aug 8, 2024

Unknown · CVSS Not scored

CVE-2002-1775: NOTE: this issue has been disputed by the vendor.

NOTE: this issue has been disputed by the vendor. Symantec Norton AntiVirus (NAV) 2002 allows remote attackers to bypass the initial virus scan and cause NAV to prematurely stop scanning by using a non-RFC compliant MIME header. NOTE: the vendor has disputed this issue, acknowledging that the initial scan is bypassed, but the AutoProtect feature would detect the virus before it is executed

Published Jun 21, 2005 · Updated Aug 8, 2024

Unknown · CVSS Not scored

CVE-2002-1776: NOTE: this issue has been disputed by the vendor.

NOTE: this issue has been disputed by the vendor. Symantec Norton AntiVirus 2002 allows remote attackers to bypass virus protection via a Word Macro virus with a .nch or .dbx extension, which is automatically recognized and executed as a Microsoft Office document. NOTE: the vendor has disputed this issue, acknowledging that the initial scan is bypassed, but the Office plug-in would detect the virus before it is executed

Published Jun 21, 2005 · Updated Aug 8, 2024

Unknown · CVSS Not scored

CVE-2002-1774: NOTE: this issue has been disputed by the vendor.

NOTE: this issue has been disputed by the vendor. Symantec Norton AntiVirus 2002 allows remote attackers to send viruses that bypass the e-mail scanning via a NULL character in the MIME header before the virus. NOTE: the vendor has disputed this issue, acknowledging that the initial scan is bypassed, but the AutoProtect feature would detect the virus before it is executed

Published Jun 21, 2005 · Updated Aug 8, 2024

Unknown · CVSS Not scored

CVE-2002-1757: PHProjekt 2.0 through 3.1 relies on the $PHP_SELF variable for authentication, which allows remote attacker...

PHProjekt 2.0 through 3.1 relies on the $PHP_SELF variable for authentication, which allows remote attackers to bypass authentication for scripts via a request to a .php file with "sms" in the URL, which is included in the PATH_INFO portion of the $PHP_SELF variable, as demonstrated using "mail_send.php/sms".

Published Jun 21, 2005 · Updated Aug 8, 2024