LiveActive security incident?Get immediate response
CVE archive

2002 CVE Archive

Browse CVE records published in 2002 CVE Archive, with severity, affected products, CWE, KEV, and source-backed vulnerability context.

Showing 50 of 2357 matching CVEs · Page 3 of 48.

Unknown · CVSS Not scored

CVE-2002-2408: Gordano Messaging Server (GMS) Mail 8 (a.k.a.

Gordano Messaging Server (GMS) Mail 8 (a.k.a. NTMail) only filters email messages for the first recipient, which allows remote attackers to bypass JUCE filters by sending a message to more than one user on the GMS server.

Published Nov 1, 2007 · Updated Sep 17, 2024

Unknown · CVSS Not scored

CVE-2002-2225: SafeNet VPN client allows remote attackers to cause a denial of service and possibly execute arbitrary code...

SafeNet VPN client allows remote attackers to cause a denial of service and possibly execute arbitrary code via crafted Internet Key Exchange (IKE) response packets, possibly involving buffer overflows using (1) a large Security Parameter Index (SPI) field, (2) a large number of payloads, or (3) a long payload.

Published Feb 27, 2007 · Updated Sep 17, 2024

Unknown · CVSS Not scored

CVE-2002-2170: Working Resources Inc.

Working Resources Inc. BadBlue Enterprise Edition 1.7 through 1.74 attempts to restrict administrator actions to the IP address of the local host, but does not provide additional authentication, which allows remote attackers to execute arbitrary code via a web page containing an HTTP POST request that accesses the dir.hts page on the localhost and adds an entire hard drive to be shared.

Published Nov 16, 2005 · Updated Sep 17, 2024

Unknown · CVSS Not scored

CVE-2002-2361: The installer in Yahoo!

The installer in Yahoo! Messenger 4.0, 5.0 and 5.5 does not verify package signatures which could allow remote attackers to install trojan programs via DNS spoofing.

Published Oct 29, 2007 · Updated Sep 17, 2024

Unknown · CVSS Not scored

CVE-2002-2137: GlobalSunTech Wireless Access Points (1) WISECOM GL2422AP-0T, and possibly OEM products such as (2) D-Link...

GlobalSunTech Wireless Access Points (1) WISECOM GL2422AP-0T, and possibly OEM products such as (2) D-Link DWL-900AP+ B1 2.1 and 2.2, (3) ALLOY GL-2422AP-S, (4) EUSSO GL2422-AP, and (5) LINKSYS WAP11-V2.2, allow remote attackers to obtain sensitive information like WEP keys, the administrator password, and the MAC filter via a "getsearch" request to UDP port 27155.

Published Nov 16, 2005 · Updated Sep 17, 2024

Unknown · CVSS Not scored

CVE-2002-1824: Microsoft Internet Explorer 6.0, when handling an expired CA-CERT in a webserver's certificate chain during...

Microsoft Internet Explorer 6.0, when handling an expired CA-CERT in a webserver's certificate chain during a SSL/TLS handshake, does not prompt the user before searching for and finding a newer certificate, which may allow attackers to perform a man-in-the-middle attack. NOTE: it is not clear whether this poses a vulnerability.

Published Jun 28, 2005 · Updated Sep 17, 2024

Unknown · CVSS Not scored

CVE-2002-2331: W3Mail 1.0.2 through 1.0.5 with server side scripting (SSI) enabled in the attachments directory does not p...

W3Mail 1.0.2 through 1.0.5 with server side scripting (SSI) enabled in the attachments directory does not properly restrict the types of files that can be uploaded as attachments, which allows remote attackers to execute arbitrary code by sending code in MIME attachments, then requesting the attachments.

Published Oct 26, 2007 · Updated Sep 17, 2024