LiveActive security incident?Get immediate response
CVE archive

October 2002

Browse CVE records published in October 2002, with severity, affected products, CWE, KEV, and source-backed vulnerability context.

Showing 50 of 214 matching CVEs · Page 1 of 5.

Unknown · CVSS Not scored

CVE-2002-2361: The installer in Yahoo!

The installer in Yahoo! Messenger 4.0, 5.0 and 5.5 does not verify package signatures which could allow remote attackers to install trojan programs via DNS spoofing.

Published Oct 29, 2007 · Updated Sep 17, 2024

Unknown · CVSS Not scored

CVE-2002-2331: W3Mail 1.0.2 through 1.0.5 with server side scripting (SSI) enabled in the attachments directory does not p...

W3Mail 1.0.2 through 1.0.5 with server side scripting (SSI) enabled in the attachments directory does not properly restrict the types of files that can be uploaded as attachments, which allows remote attackers to execute arbitrary code by sending code in MIME attachments, then requesting the attachments.

Published Oct 26, 2007 · Updated Sep 17, 2024

Unknown · CVSS Not scored

CVE-2002-2313: Eudora email client 5.1.1, with "use Microsoft viewer" enabled, allows remote attackers to execute arbitrar...

Eudora email client 5.1.1, with "use Microsoft viewer" enabled, allows remote attackers to execute arbitrary programs via an HTML email message containing a META refresh tag that references an embedded .mhtml file with ActiveX controls that execute a second embedded program, which is processed by Internet Explorer.

Published Oct 26, 2007 · Updated Sep 16, 2024