High · CVSS 7.3
The xterm terminal emulator in XFree86 4.2.0 and earlier allows attackers to modify the window title via a certain character escape sequence and then insert it back to the command line in the user's terminal, e.g. when the user views a file containing the malicious sequence, which could allow the attacker to execute arbitrary commands.
Published Sep 1, 2004 · Updated Oct 29, 2024
Unknown · CVSS Not scored
secure.php in PY-Membres 4.2 and earlier allows remote attackers to bypass authentication by setting the adminpy parameter.
Published Sep 6, 2003 · Updated Sep 17, 2024
Unknown · CVSS Not scored
SQL injection vulnerability in global.php3 of AttilaPHP 3.0, and possibly earlier versions, allows remote attackers to bypass authentication via a modified cook_id parameter.
Published Sep 6, 2003 · Updated Sep 17, 2024
Unknown · CVSS Not scored
Nokia Electronic Documentation (NED) 5.0 allows remote attackers to obtain a directory listing of the WebLogic web root, and the physical path of the NED server, via a "retrieve" action with a location parameter of . (dot).
Published Sep 18, 2003 · Updated Sep 17, 2024
Unknown · CVSS Not scored
ipmasq before 3.5.12, in certain configurations, may forward packets to the external interface even if the packets are not associated with an established connection, which could allow remote attackers to bypass intended filtering.
Published Sep 23, 2003 · Updated Sep 17, 2024
Unknown · CVSS Not scored
Buffer overflow in mah-jong 1.5.6 and earlier allows remote attackers to execute arbitrary code.
Published Sep 12, 2003 · Updated Sep 17, 2024
Unknown · CVSS Not scored
Buffer overflow in the get_msg_text of chan_sip.c in the Session Initiation Protocol (SIP) protocol implementation for Asterisk releases before August 15, 2003, allows remote attackers to execute arbitrary code via certain (1) MESSAGE or (2) INFO requests.
Published Sep 12, 2003 · Updated Sep 17, 2024
Unknown · CVSS Not scored
Nokia Electronic Documentation (NED) 5.0 allows remote attackers to use NED as an open HTTP proxy via a URL in the location parameter, which NED accesses and returns to the user.
Published Sep 18, 2003 · Updated Sep 17, 2024
Unknown · CVSS Not scored
Buffer overflow in sys_cmd.c for gtkftpd 1.0.4 and earlier allows remote attackers to execute arbitrary code by creating long directory names and listing them with a LIST command.
Published Sep 6, 2003 · Updated Sep 17, 2024
Unknown · CVSS Not scored
CRLF injection vulnerability in Aprelium Abyss Web Server 1.1.2 and earlier allows remote attackers to inject arbitrary HTTP headers and possibly conduct HTTP Response Splitting attacks via CRLF sequences in the Location header.
Published Sep 23, 2007 · Updated Sep 17, 2024
Unknown · CVSS Not scored
Format string vulnerability in tsm for the bos.rte.security fileset on AIX 5.2 allows remote attackers to gain root privileges via login, and local users to gain privileges via login, su, or passwd, with a username that contains format string specifiers.
Published Sep 23, 2003 · Updated Sep 17, 2024
Unknown · CVSS Not scored
CiscoWorks Common Management Foundation (CMF) 2.1 and earlier allows the guest user to obtain restricted information and possibly gain administrative privileges by changing the "guest" user to the Admin user on the Modify or delete users pages.
Published Sep 4, 2003 · Updated Sep 17, 2024
Unknown · CVSS Not scored
Unknown vulnerability in NFS for SGI IRIX 6.5.21 and earlier may allow an NFS client to bypass read-only restrictions.
Published Sep 18, 2003 · Updated Sep 17, 2024
Unknown · CVSS Not scored
Unknown vulnerability in mah-jong 1.5.6 and earlier allows remote attackers to cause a denial of service (tight loop).
Published Sep 12, 2003 · Updated Sep 17, 2024
Unknown · CVSS Not scored
CiscoWorks Common Management Foundation (CMF) 2.1 and earlier allows the guest user to gain administrative privileges via a certain POST request to com.cisco.nm.cmf.servlet.CsAuthServlet, possibly involving the "cmd" parameter with a modifyUser value and a modified "priviledges" parameter.
Published Sep 4, 2003 · Updated Sep 16, 2024
Unknown · CVSS Not scored
SQL injection vulnerability in pass_done.php for PY-Membres 4.2 and earlier allows remote attackers to execute arbitrary SQL queries via the email parameter.
Published Sep 6, 2003 · Updated Sep 16, 2024
Unknown · CVSS Not scored
ssh on HP Tru64 UNIX 5.1B and 5.1A does not properly handle RSA signatures when digital certificates and RSA keys are used, which could allow local and remote attackers to gain privileges.
Published Sep 3, 2003 · Updated Sep 16, 2024
Unknown · CVSS Not scored
Buffer overflow in (1) foxweb.dll and (2) foxweb.exe of Foxweb 2.5 allows remote attackers to execute arbitrary code via a long URL (PATH_INFO value).
Published Sep 12, 2003 · Updated Sep 16, 2024
Unknown · CVSS Not scored
Directory traversal vulnerability in sitebuilder.cgi in SiteBuilder 1.4 allows remote attackers to read arbitrary files via .. (dot dot) sequences in the selectedpage parameter.
Published Sep 6, 2003 · Updated Sep 16, 2024
Unknown · CVSS Not scored
Check Point FireWall-1 4.0 and 4.1 before SP5 allows remote attackers to obtain the IP addresses of internal interfaces via certain SecuRemote requests to TCP ports 256 or 264, which leaks the IP addresses in a reply packet.
Published Sep 6, 2003 · Updated Sep 16, 2024
Unknown · CVSS Not scored
nphpd.php in newsPHP 216 and earlier allows remote attackers to read arbitrary files via a full pathname to the target file in the nphp_config[LangFile] parameter.
Published Sep 6, 2003 · Updated Sep 16, 2024
Unknown · CVSS Not scored
Cross-site scripting (XSS) vulnerability in Nokia Electronic Documentation (NED) 5.0 allows remote attackers to execute arbitrary web script and steal cookies via a URL to the docs/ directory that contains the script.
Published Sep 18, 2003 · Updated Sep 16, 2024
Unknown · CVSS Not scored
nphpd.php in newsPHP 216 and earlier allows remote attackers to bypass authentication via an HTTP request with a modified nphp_users array, which is used for authentication.
Published Sep 6, 2003 · Updated Sep 16, 2024
Unknown · CVSS Not scored
SNMPc 6.0.8 and earlier performs authentication to the server on the client side, which allows remote attackers to gain privileges by decrypting the password that is returned by the server.
Published Sep 6, 2003 · Updated Sep 16, 2024
Unknown · CVSS Not scored
libxml2, possibly before 2.5.0, does not properly detect recursion during entity expansion, which allows context-dependent attackers to cause a denial of service (memory and CPU consumption) via a crafted XML document containing a large number of nested entity references, aka the "billion laughs attack."
Published Sep 2, 2008 · Updated Aug 8, 2024
Unknown · CVSS Not scored
Heap-based buffer overflow in Aprelium Abyss Web Server 1.1.2 and earlier allows remote attackers to execute arbitrary code via a long HTTP GET request.
Published Sep 23, 2007 · Updated Aug 8, 2024
Unknown · CVSS Not scored
Stack-based buffer overflow in eZnet.exe, as used in eZ (a) eZphotoshare, (b) eZmeeting, (c) eZnetwork, and (d) eZshare allows remote attackers to cause a denial of service (crash) or execute arbitrary code, as demonstrated via (1) a long GET request and (2) a long operation or autologin parameter to SwEzModule.dll.
Published Sep 23, 2007 · Updated Aug 8, 2024
Unknown · CVSS Not scored
The showHelp() function in Microsoft Internet Explorer 5.01, 5.5, and 6.0 supports certain types of pluggable protocols that allow remote attackers to bypass the cross-domain security model and execute arbitrary code, aka "Improper Cross Domain Security Validation with ShowHelp functionality."
Published Sep 1, 2004 · Updated Aug 8, 2024
Unknown · CVSS Not scored
Buffer overflow in mIRC before 6.11 allows remote attackers to execute arbitrary code via a long irc:// URL.
Published Sep 23, 2007 · Updated Aug 8, 2024
Unknown · CVSS Not scored
Microsoft Internet Explorer 5.5 and 6.0 allows remote attackers to bypass the cross-domain security model to run malicious script or arbitrary programs via dialog boxes, aka "Improper Cross Domain Security Validation with dialog box."
Published Sep 1, 2004 · Updated Aug 8, 2024
Unknown · CVSS Not scored
Emacs 21.2.1 does not prompt or warn the user before executing Lisp code in the local variables section of a text file, which allows user-assisted attackers to execute arbitrary commands, as demonstrated using the mode-name variable.
Published Sep 26, 2005 · Updated Aug 8, 2024
Unknown · CVSS Not scored
Buffer overflow in the VCF file information reader for KDE Personal Information Management (kdepim) suite in KDE 3.1.0 through 3.1.4 allows attackers to execute arbitrary code via a VCF file.
Published Sep 1, 2004 · Updated Aug 8, 2024
Unknown · CVSS Not scored
The GUI functionality for an interactive session in Symantec LiveUpdate 1.70.x through 1.90.x, as used in Norton Internet Security 2001 through 2004, SystemWorks 2001 through 2004, and AntiVirus and Norton AntiVirus Pro 2001 through 2004, AntiVirus for Handhelds v3.0, allows local users to gain SYSTEM privileges.
Published Sep 1, 2004 · Updated Aug 8, 2024
Unknown · CVSS Not scored
mod_access in Apache 1.3 before 1.3.30, when running big-endian 64-bit platforms, does not properly parse Allow/Deny rules using IP addresses without a netmask, which could allow remote attackers to bypass intended access restrictions.
Published Sep 1, 2004 · Updated Aug 8, 2024
Unknown · CVSS Not scored
Directory traversal vulnerability in fsp before 2.81.b18 allows remote users to access files outside the FSP root directory.
Published Sep 1, 2004 · Updated Aug 8, 2024
Unknown · CVSS Not scored
mpg321 0.2.10 allows remote attackers to overwrite memory and possibly execute arbitrary code via an mp3 file that passes certain strings to the printf function, possibly triggering a format string vulnerability.
Published Sep 1, 2004 · Updated Aug 8, 2024
Unknown · CVSS Not scored
Multiple content security gateway and antivirus products allow remote attackers to bypass content restrictions via MIME messages that use whitespace in an unusual fashion, which may be interpreted differently by mail clients.
Published Sep 24, 2004 · Updated Aug 8, 2024
Unknown · CVSS Not scored
The mremap system call (do_mremap) in Linux kernel 2.4.x before 2.4.21, and possibly other versions before 2.4.24, does not properly perform bounds checks, which allows local users to cause a denial of service and possibly gain privileges by causing a remapping of a virtual memory area (VMA) to create a zero length VMA, a different vulnerability than CAN-2004-0077.
Published Sep 1, 2004 · Updated Aug 8, 2024
Unknown · CVSS Not scored
Multiple content security gateway and antivirus products allow remote attackers to bypass content restrictions via MIME messages that use malformed quoting in MIME headers, parameters, and values, including (1) fields that should not be quoted, (2) duplicate quotes, or (3) missing leading or trailing quote characters, which may be interpreted differently by mail clients.
Published Sep 24, 2004 · Updated Aug 8, 2024
Unknown · CVSS Not scored
Unknown vulnerability in the mail command handler in Mailman before 2.0.14 allows remote attackers to cause a denial of service (crash) via malformed e-mail commands.
Published Sep 1, 2004 · Updated Aug 8, 2024
Unknown · CVSS Not scored
Multiple content security gateway and antivirus products allow remote attackers to bypass content restrictions via MIME messages that use multiple MIME fields with the same name, which may be interpreted differently by mail clients.
Published Sep 24, 2004 · Updated Aug 8, 2024
Unknown · CVSS Not scored
Buffer overflow in the frm command in elm 2.5.6 and earlier, and possibly later versions, allows remote attackers to execute arbitrary code via a long Subject line.
Published Sep 1, 2004 · Updated Aug 8, 2024
Unknown · CVSS Not scored
netpbm 9.25 and earlier does not properly create temporary files, which allows local users to overwrite arbitrary files.
Published Sep 1, 2004 · Updated Aug 8, 2024
Unknown · CVSS Not scored
Unknown vulnerability in Windows Media Station Service and Windows Media Monitor Service components of Windows Media Services 4.1 allows remote attackers to cause a denial of service (disallowing new connections) via a certain sequence of TCP/IP packets.
Published Sep 1, 2004 · Updated Aug 8, 2024
Unknown · CVSS Not scored
Buffer overflow in a component of Microsoft Data Access Components (MDAC) 2.5 through 2.8 allows remote attackers to execute arbitrary code via a malformed UDP response to a broadcast request.
Published Sep 1, 2004 · Updated Aug 8, 2024
Unknown · CVSS Not scored
KDM in KDE 3.1.3 and earlier uses a weak session cookie generation algorithm that does not provide 128 bits of entropy, which allows attackers to guess session cookies via brute force methods and gain access to the user session.
Published Sep 18, 2003 · Updated Aug 8, 2024
Unknown · CVSS Not scored
saned in sane-backends 1.0.7 and earlier, and possibly later versions, does not properly allocate memory in certain cases, which could allow attackers to cause a denial of service (memory consumption).
Published Sep 12, 2003 · Updated Aug 8, 2024
Unknown · CVSS Not scored
The SSH1 PAM challenge response authentication in OpenSSH 3.7.1 and 3.7.1p1, when Privilege Separation is disabled, does not check the result of the authentication attempt, which can allow remote attackers to gain privileges.
Published Sep 25, 2003 · Updated Aug 8, 2024
Unknown · CVSS Not scored
Heap-based buffer overflow in smtp_in.c for Exim 3 (exim3) before 3.36 and Exim 4 (exim4) before 4.21 may allow remote attackers to execute arbitrary code via an invalid (1) HELO or (2) EHLO argument with a large number of spaces followed by a NULL character and a newline, which is not properly trimmed before the "(no argument given)" string is appended to the buffer.
Published Sep 6, 2003 · Updated Aug 8, 2024
Unknown · CVSS Not scored
Integer signedness error in rfc2231_get_param from strings.c in PINE before 4.58 allows remote attackers to execute arbitrary code via an email that causes an out-of-bounds array access using a negative number.
Published Sep 12, 2003 · Updated Aug 8, 2024