LiveActive security incident?Get immediate response
CVE archive

July 2002

Browse CVE records published in July 2002, with severity, affected products, CWE, KEV, and source-backed vulnerability context.

Showing 50 of 177 matching CVEs · Page 1 of 4.

Unknown · CVSS Not scored

CVE-2002-2040: The (1) phrafx and (2) phgrafx-startup programs in QNX realtime operating system (RTOS) 4.25 and 6.1.0 do n...

The (1) phrafx and (2) phgrafx-startup programs in QNX realtime operating system (RTOS) 4.25 and 6.1.0 do not properly drop privileges before executing the system command, which allows local users to execute arbitrary commands by modifying the PATH environment variable to reference a malicious crttrap program.

Published Jul 14, 2005 · Updated Sep 17, 2024

Unknown · CVSS Not scored

CVE-2002-2007: The default installations of Apache Tomcat 3.2.3 and 3.2.4 allows remote attackers to obtain sensitive syst...

The default installations of Apache Tomcat 3.2.3 and 3.2.4 allows remote attackers to obtain sensitive system information such as directory listings and web root path, via erroneous HTTP requests for Java Server Pages (JSP) in the (1) test/jsp, (2) samples/jsp and (3) examples/jsp directories, or the (4) test/realPath.jsp servlet, which leaks pathnames in error messages.

Published Jul 14, 2005 · Updated Sep 17, 2024