LiveActive security incident?Get immediate response
CVE archive

June 2003

Browse CVE records published in June 2003, with severity, affected products, CWE, KEV, and source-backed vulnerability context.

Showing 50 of 121 matching CVEs · Page 1 of 3.

Unknown · CVSS Not scored

CVE-2003-1573: The PointBase 4.6 database component in the J2EE 1.4 reference implementation (J2EE/RI) allows remote attac...

The PointBase 4.6 database component in the J2EE 1.4 reference implementation (J2EE/RI) allows remote attackers to execute arbitrary programs, conduct a denial of service, and obtain sensitive information via a crafted SQL statement, related to "inadequate security settings and library bugs in sun.* and org.apache.* packages."

Published Jun 1, 2009 · Updated Aug 8, 2024

Unknown · CVSS Not scored

CVE-2003-0478: Format string vulnerability in (1) Bahamut IRCd 1.4.35 and earlier, and other IRC daemons based on Bahamut...

Format string vulnerability in (1) Bahamut IRCd 1.4.35 and earlier, and other IRC daemons based on Bahamut including (2) digatech 1.2.1, (3) methane 0.1.1, (4) AndromedeIRCd 1.2.3-Release, and (5) ircd-RU, when running in debug mode, allows remote attackers to cause a denial of service and possibly execute arbitrary code via a request containing format strings.

Published Jun 28, 2003 · Updated Aug 8, 2024

Unknown · CVSS Not scored

CVE-2003-0487: Multiple buffer overflows in Kerio MailServer 5.6.3 allow remote authenticated users to cause a denial of s...

Multiple buffer overflows in Kerio MailServer 5.6.3 allow remote authenticated users to cause a denial of service and possibly execute arbitrary code via (1) a long showuser parameter in the do_subscribe module, (2) a long folder parameter in the add_acl module, (3) a long folder parameter in the list module, and (4) a long user parameter in the do_map module.

Published Jun 28, 2003 · Updated Aug 8, 2024

Unknown · CVSS Not scored

CVE-2003-0449: Progress Database 9.1 to 9.1D06 trusts user input to find and load libraries using dlopen, which allows loc...

Progress Database 9.1 to 9.1D06 trusts user input to find and load libraries using dlopen, which allows local users to gain privileges via (1) a PATH environment variable that points to malicious libraries, as demonstrated using libjutil.so in_proapsv, or (2) the -installdir command line parameter, as demonstrated using librocket_r.so in _dbagent.

Published Jun 20, 2003 · Updated Aug 8, 2024