LiveActive security incident?Get immediate response
CVE archive

2002 CVE Archive

Browse CVE records published in 2002 CVE Archive, with severity, affected products, CWE, KEV, and source-backed vulnerability context.

Showing 50 of 2357 matching CVEs · Page 5 of 48.

Unknown · CVSS Not scored

CVE-2002-1846: Yet Another Bulletin Board (YaBB) 1.40 and 1.41 does not require a user to submit the correct password befo...

Yet Another Bulletin Board (YaBB) 1.40 and 1.41 does not require a user to submit the correct password before changing it to a new password, which allows remote attackers to modify passwords by stealing the cookie of another user, modifying the expiretime setting, and submitting the change in a profile2 action to index.php.

Published Jun 28, 2005 · Updated Sep 16, 2024

Unknown · CVSS Not scored

CVE-2002-2313: Eudora email client 5.1.1, with "use Microsoft viewer" enabled, allows remote attackers to execute arbitrar...

Eudora email client 5.1.1, with "use Microsoft viewer" enabled, allows remote attackers to execute arbitrary programs via an HTML email message containing a META refresh tag that references an embedded .mhtml file with ActiveX controls that execute a second embedded program, which is processed by Internet Explorer.

Published Oct 26, 2007 · Updated Sep 16, 2024

Unknown · CVSS Not scored

CVE-2002-2148: Lucent Ascend MAX Router 5.0 and earlier, Lucent Ascend Pipeline Router 6.0.2 and earlier and Lucent DSLTer...

Lucent Ascend MAX Router 5.0 and earlier, Lucent Ascend Pipeline Router 6.0.2 and earlier and Lucent DSLTerminator allows remote attackers to obtain sensitive information such as hostname, MAC, and IP address of the Ethernet interface via a discard (UDP port 9) packet, which causes the device to leak the information in the response.

Published Nov 16, 2005 · Updated Sep 16, 2024