LiveActive security incident?Get immediate response
CVE archive

September 2003

Browse CVE records published in September 2003, with severity, affected products, CWE, KEV, and source-backed vulnerability context.

Showing 50 of 193 matching CVEs · Page 1 of 4.

High · CVSS 7.3

CVE-2003-0063: The xterm terminal emulator in XFree86 4.2.0 and earlier allows attackers to modify the window title via a...

The xterm terminal emulator in XFree86 4.2.0 and earlier allows attackers to modify the window title via a certain character escape sequence and then insert it back to the command line in the user's terminal, e.g. when the user views a file containing the malicious sequence, which could allow the attacker to execute arbitrary commands.

Published Sep 1, 2004 · Updated Oct 29, 2024

Unknown · CVSS Not scored

CVE-2003-1339: Stack-based buffer overflow in eZnet.exe, as used in eZ (a) eZphotoshare, (b) eZmeeting, (c) eZnetwork, and...

Stack-based buffer overflow in eZnet.exe, as used in eZ (a) eZphotoshare, (b) eZmeeting, (c) eZnetwork, and (d) eZshare allows remote attackers to cause a denial of service (crash) or execute arbitrary code, as demonstrated via (1) a long GET request and (2) a long operation or autologin parameter to SwEzModule.dll.

Published Sep 23, 2007 · Updated Aug 8, 2024

Unknown · CVSS Not scored

CVE-2003-0994: The GUI functionality for an interactive session in Symantec LiveUpdate 1.70.x through 1.90.x, as used in N...

The GUI functionality for an interactive session in Symantec LiveUpdate 1.70.x through 1.90.x, as used in Norton Internet Security 2001 through 2004, SystemWorks 2001 through 2004, and AntiVirus and Norton AntiVirus Pro 2001 through 2004, AntiVirus for Handhelds v3.0, allows local users to gain SYSTEM privileges.

Published Sep 1, 2004 · Updated Aug 8, 2024

Unknown · CVSS Not scored

CVE-2003-0985: The mremap system call (do_mremap) in Linux kernel 2.4.x before 2.4.21, and possibly other versions before...

The mremap system call (do_mremap) in Linux kernel 2.4.x before 2.4.21, and possibly other versions before 2.4.24, does not properly perform bounds checks, which allows local users to cause a denial of service and possibly gain privileges by causing a remapping of a virtual memory area (VMA) to create a zero length VMA, a different vulnerability than CAN-2004-0077.

Published Sep 1, 2004 · Updated Aug 8, 2024

Unknown · CVSS Not scored

CVE-2003-1016: Multiple content security gateway and antivirus products allow remote attackers to bypass content restricti...

Multiple content security gateway and antivirus products allow remote attackers to bypass content restrictions via MIME messages that use malformed quoting in MIME headers, parameters, and values, including (1) fields that should not be quoted, (2) duplicate quotes, or (3) missing leading or trailing quote characters, which may be interpreted differently by mail clients.

Published Sep 24, 2004 · Updated Aug 8, 2024

Unknown · CVSS Not scored

CVE-2003-0743: Heap-based buffer overflow in smtp_in.c for Exim 3 (exim3) before 3.36 and Exim 4 (exim4) before 4.21 may a...

Heap-based buffer overflow in smtp_in.c for Exim 3 (exim3) before 3.36 and Exim 4 (exim4) before 4.21 may allow remote attackers to execute arbitrary code via an invalid (1) HELO or (2) EHLO argument with a large number of spaces followed by a NULL character and a newline, which is not properly trimmed before the "(no argument given)" string is appended to the buffer.

Published Sep 6, 2003 · Updated Aug 8, 2024