Unknown · CVSS Not scored
Simple WAIS (SWAIS) 1.11 allows remote attackers to execute arbitrary commands via the shell metacharacters in the search field, as demonstrated using the "|" (pipe) character.
Published Oct 31, 2007 · Updated Sep 17, 2024
Unknown · CVSS Not scored
Certain patches for QNX Neutrino realtime operating system (RTOS) 6.2.0 set insecure permissions for the files (1) /sbin/io-audio by OS Update Patch A, (2) /bin/shutdown, (3) /sbin/fs-pkg, and (4) phshutdown by QNX experimental patches, (5) cpim, (6) vpim, (7) phrelaycfg, and (8) columns, (9) othello, (10) peg, (11) solitaire, and (12) vpoker in the games pack 2.0.3, which allows local users to gain privileges by modifying the files before permissions are changed.
Published Nov 1, 2007 · Updated Sep 17, 2024
Unknown · CVSS Not scored
Eraser 5.3 does not clear Windows alternate data streams that are attached to files on NTFS file systems, which allows attackers to recover sensitive information that was supposed to be deleted.
Published Jul 14, 2005 · Updated Sep 17, 2024
Unknown · CVSS Not scored
search.cgi in AGH HTMLsearch 1.0 allows remote attackers to execute arbitrary commands via shell metacharacters in the template parameter.
Published Aug 5, 2005 · Updated Sep 17, 2024
Unknown · CVSS Not scored
East-Tec Eraser 2002 does not clear Windows alternate data streams that are attached to files on NTFS file systems, which allows attackers to recover sensitive information that was supposed to be deleted.
Published Jul 14, 2005 · Updated Sep 17, 2024
Unknown · CVSS Not scored
Directory traversal vulnerability in AOL Instant Messenger (AIM) 4.8.2790 allows remote attackers to execute arbitrary programs by specifying the program in the href attribute of a link.
Published Jun 28, 2005 · Updated Sep 17, 2024
Unknown · CVSS Not scored
PHP, when installed on Windows with Apache and ScriptAlias for /php/ set to c:/php/, allows remote attackers to read arbitrary files and possibly execute arbitrary programs via an HTTP request for php.exe with a filename in the query string.
Published Jul 14, 2005 · Updated Sep 17, 2024
Unknown · CVSS Not scored
SQL injection vulnerability in the LDAP and MySQL authentication patch for Cyrus SASL 1.5.24 and 1.5.27 allows remote attackers to execute arbitrary SQL commands and log in as arbitrary POP mail users via the password.
Published Jul 14, 2005 · Updated Sep 17, 2024
Unknown · CVSS Not scored
The POP3 proxy service (POPROXY.EXE) in Norton AntiVirus 2001 allows local users to cause a denial of service (CPU consumption and crash) via a long username with multiple /localhost entries.
Published Nov 16, 2005 · Updated Sep 17, 2024
Unknown · CVSS Not scored
Kerio Personal Firewall (KPF) 2.1.4 and earlier allows remote attackers to cause a denial of service (hang and CPU consumption) via a SYN packet flood.
Published Nov 16, 2005 · Updated Sep 17, 2024
Unknown · CVSS Not scored
The Czech edition of Software602's Web Server before 2002.0.02.0916 allows remote attackers to gain administrator privileges via direct HTTP requests to the /admin/ directory, which is not password protected.
Published Nov 16, 2005 · Updated Sep 17, 2024
Unknown · CVSS Not scored
Cross-site scripting (XSS) vulnerability in Oracle Java Server Page (OJSP) demo files (1) hellouser.jsp, (2) welcomeuser.jsp and (3) usebean.jsp in Oracle 9i Application Server 9.0.2, 1.0.2.2, 1.0.2.1s and 1.0.2 allows remote attackers to inject arbitrary web script or HTML via the text entry field.
Published Oct 29, 2007 · Updated Sep 17, 2024
Unknown · CVSS Not scored
Unknown vulnerability in Sun Solaris 8.0 allows local users to cause a denial of service (kernel panic) via a program that uses /dev/poll, triggering a NULL pointer dereference.
Published Nov 16, 2005 · Updated Sep 17, 2024
Unknown · CVSS Not scored
SGI IRIX 6.5 through 6.5.14 applies a umask of 022 to root core dumps, which allows local users to read the core dumps and possibly obtain sensitive information.
Published Jun 28, 2005 · Updated Sep 17, 2024
Unknown · CVSS Not scored
D-Link DWL-900AP+ Access Point 2.1 and 2.2 allows remote attackers to access the TFTP server without authentication and read the config.img file, which contains sensitive information such as the administrative password, the WEP encryption keys, and network configuration information.
Published Jun 28, 2005 · Updated Sep 17, 2024
Unknown · CVSS Not scored
Buffer overflow in Links 2.0 pre4 allows remote attackers to crash client browsers and possibly execute arbitrary code via gamma tables in large 16-bit PNG images.
Published Jul 14, 2005 · Updated Sep 17, 2024
Unknown · CVSS Not scored
Cross-site scripting (XSS) vulnerability in PHP(Reactor) 1.2.7 pl1 allows remote attackers to inject arbitrary web script or HTML via Javascript in the style attribute of an HTML tag.
Published Nov 1, 2007 · Updated Sep 17, 2024
Unknown · CVSS Not scored
Buffer overflow in the diagnostics library in AIX allows local users to "cause data and instructions to be overwritten" via a long DIAGNOSTICS environment variable.
Published Jun 21, 2005 · Updated Sep 17, 2024
Unknown · CVSS Not scored
The default installations of Apache Tomcat 3.2.3 and 3.2.4 allows remote attackers to obtain sensitive system information such as directory listings and web root path, via erroneous HTTP requests for Java Server Pages (JSP) in the (1) test/jsp, (2) samples/jsp and (3) examples/jsp directories, or the (4) test/realPath.jsp servlet, which leaks pathnames in error messages.
Published Jul 14, 2005 · Updated Sep 17, 2024
Unknown · CVSS Not scored
Cross-site scripting (XSS) vulnerability in article.php module for phpWebSite 0.8.3 allows remote attackers to execute arbitrary Javascript script via the sid parameter, as demonstrated using an IMG tag.
Published Nov 16, 2005 · Updated Sep 17, 2024
Unknown · CVSS Not scored
MailEnable 1.5 015 through 1.5 018 allows remote attackers to cause a denial of service (crash) via a long USER string, possibly due to a buffer overflow.
Published Oct 29, 2007 · Updated Sep 17, 2024
Unknown · CVSS Not scored
Buffer overflow in the Log function in util.c in GazTek ghttpd 1.4 through 1.4.3 allows remote attackers to execute arbitrary code via a long HTTP GET request.
Published Jun 28, 2005 · Updated Sep 17, 2024
Unknown · CVSS Not scored
sastcpd in SAS/Base 8.0 might allow local users to gain privileges by setting the netencralg environment variable, which causes a segmentation fault.
Published Jul 14, 2005 · Updated Sep 17, 2024
Unknown · CVSS Not scored
Buffer overflow in efstools in Bonobo, when installed setuid, allows local users to execute arbitrary code via long command line arguments.
Published Jun 28, 2005 · Updated Sep 17, 2024
Unknown · CVSS Not scored
ICQ client 2001b, 2002a and 2002b allows remote attackers to cause a denial of service (CPU consumption or crash) via a message with a large number of emoticons.
Published Oct 26, 2007 · Updated Sep 17, 2024
Unknown · CVSS Not scored
Buffer overflow in AN HTTPd 1.38 through 1.4.1c allows remote attackers to execute arbitrary code via a SOCKS4 request with a long username.
Published Jun 28, 2005 · Updated Sep 17, 2024
Unknown · CVSS Not scored
Norton Personal Firewall 2002 4.0, when configured to automatically block attacks, allows remote attackers to block IP addresses and cause a denial of service via spoofed packets.
Published Oct 29, 2007 · Updated Sep 17, 2024
Unknown · CVSS Not scored
Resin 2.0.5 through 2.1.2 allows remote attackers to reveal physical path information via a URL request for the example Java class file HelloServlet.
Published Jul 14, 2005 · Updated Sep 17, 2024
Unknown · CVSS Not scored
Ultimate PHP Board (UPB) 1.0 and 1.0b allows remote authenticated users to gain privileges and perform unauthorized actions via direct requests to (1) admin_members.php, (2) admin_config.php, (3) admin_cat.php, or (4) admin_forum.php.
Published Jun 28, 2005 · Updated Sep 17, 2024
Unknown · CVSS Not scored
Microsoft MSN Messenger Service 1.0 through 4.6 allows remote attackers to cause a denial of service (crash) via an invite request that contains hex-encoded spaces (%20) in the Invitation-Cookie field.
Published Jun 28, 2005 · Updated Sep 17, 2024
Unknown · CVSS Not scored
Microsoft Internet Explorer 5.0.1 through 6.0 on Windows 2000 or Windows XP allows remote attackers to cause a denial of service (crash) via an OBJECT tag that contains a crafted CLASSID (CLSID) value of "CLSID:00022613-0000-0000-C000-000000000046".
Published Jun 28, 2005 · Updated Sep 17, 2024
Unknown · CVSS Not scored
Buffer overflow in Enceladus Server Suite 3.9 allows remote attackers to execute arbitrary code via a long CD (CWD) command.
Published Oct 14, 2007 · Updated Sep 17, 2024
Unknown · CVSS Not scored
Photon microGUI in QNX Neutrino realtime operating system (RTOS) 6.1.0 and 6.2.0 allows attackers to read user clipboard information via a direct request to the 1.TEXT file in a directory whose name is a hex-encoded user ID.
Published Nov 1, 2007 · Updated Sep 16, 2024
Unknown · CVSS Not scored
Buffer overflow in Trillian 0.73 allows remote IRC servers to execute arbitrary code via a long PING response.
Published Nov 16, 2005 · Updated Sep 16, 2024
Unknown · CVSS Not scored
zenTrack 2.0.3 and earlier allows remote attackers to obtain the full path to the web root via an invalid ticket ID, which leaks the path in an error message.
Published Nov 16, 2005 · Updated Sep 16, 2024
Unknown · CVSS Not scored
The "System Restore" directory and subdirectories, and possibly other subdirectories in the "System Volume Information" directory on Windows XP Professional, have insecure access control list (ACL) permissions, which allows local users to access restricted files and modify registry settings.
Published Oct 26, 2007 · Updated Sep 16, 2024
Unknown · CVSS Not scored
Off-by-one buffer overflow in NEC SOCKS5 1.0 r11 and earlier allows remote attackers to cause a denial of service and possibly execute arbitrary code via a long hostname.
Published Oct 31, 2007 · Updated Sep 16, 2024
Unknown · CVSS Not scored
The DNS resolver in unspecified versions of Fujitsu UXP/V, when resolving recursive DNS queries for arbitrary hosts, allows remote attackers to conduct DNS cache poisoning via a birthday attack that uses a large number of open queries for the same resource record (RR) combined with spoofed responses, which increases the possibility of successfully spoofing a response in a way that is more efficient than brute force methods.
Published May 23, 2006 · Updated Sep 16, 2024
Unknown · CVSS Not scored
Buffer overflow in FtpXQ 2.5 allows remote attackers to cause a denial of service (crash) via a MKD command with a long directory name.
Published Jun 28, 2005 · Updated Sep 16, 2024
Unknown · CVSS Not scored
SnortCenter 0.9.5, when configured to push Snort rules, stores the rules in a temporary file with world-readable and world-writable permissions, which allows local users to obtain usernames and passwords for the alert database servers.
Published Jun 28, 2005 · Updated Sep 16, 2024
Unknown · CVSS Not scored
Buffer overflow in the IRC module of Trillian 0.725 and 0.73 allowing remote attackers to execute arbitrary code via a long DCC Chat message.
Published Nov 16, 2005 · Updated Sep 16, 2024
Unknown · CVSS Not scored
SQL injection vulnerability in RealityScape MyLogin 2000 1.0.0 and earlier allows remote attackers to execute arbitrary SQL commands via the (1) Username or (2) Password in the login form.
Published Jul 14, 2005 · Updated Sep 16, 2024
Unknown · CVSS Not scored
The IMHO Webmail module 0.97.3 and earlier for Roxen leaks the REFERER from the browser's previous login session in an error page, which allows local users to read another user's inbox.
Published Nov 16, 2005 · Updated Sep 16, 2024
Unknown · CVSS Not scored
Sybase Enterprise Application Server 4.0, when running on Windows, allows remote attackers to retrieve files in the WEB-INF directory, which contains Java class files and configuration information, via a request to the WEB-INF directory with a trailing dot ("WEB-INF.").
Published Jun 28, 2005 · Updated Sep 16, 2024
Unknown · CVSS Not scored
Multiple buffer overflows in (1) tetrinet_inmessage, (2) speclist_add and (3) config-getthemeinfo of GTetrinet 0.4.3 and earlier allow remote attackers to casue a denial of service and possibly execute arbitrary code.
Published Oct 31, 2007 · Updated Sep 16, 2024
Unknown · CVSS Not scored
Cross-site scripting (XSS) vulnerability in Bodo Bauer BBGallery 1.0 allows remote attackers to inject arbitrary web script or HTML via image tags.
Published Jun 28, 2005 · Updated Sep 16, 2024
Unknown · CVSS Not scored
java.security.AccessController in Sun Java Virtual Machine (JVM) in JRE 1.2.2 and 1.3.1 allows remote attackers to cause a denial of service (JVM crash) via a Java program that calls the doPrivileged method with a null argument.
Published Jul 14, 2005 · Updated Sep 16, 2024
Unknown · CVSS Not scored
WebSite Pro 3.1.11.0 on Windows allows remote attackers to read script source code for files with extensions greater than 3 characters via a URL request that uses the equivalent 8.3 file name.
Published Nov 1, 2007 · Updated Sep 16, 2024
Unknown · CVSS Not scored
Cross-site scripting (XSS) vulnerability in global.php in Jelsoft vBulletin 2.0.0 through 2.2.8 allows remote attackers to inject arbitrary web script or HTML via the (1) $scriptpath or (2) $url variables.
Published Jun 28, 2005 · Updated Sep 16, 2024
Unknown · CVSS Not scored
Microsoft SQL Server 2000 through SQL Server 2000 SP2 allows the "public" role to execute the (1) sp_MSSetServerProperties or (2) sp_MSsetalertinfo stored procedures, which allows attackers to modify configuration including SQL server startup and alert settings.
Published Jun 28, 2005 · Updated Sep 16, 2024