LiveActive security incident?Get immediate response
CVE archive

October 2003

Browse CVE records published in October 2003, with severity, affected products, CWE, KEV, and source-backed vulnerability context.

Showing 50 of 269 matching CVEs · Page 1 of 6.

Unknown · CVSS Not scored

CVE-2003-1432: Epic Games Unreal Engine 226f through 436 allows remote attackers to cause a denial of service (CPU consump...

Epic Games Unreal Engine 226f through 436 allows remote attackers to cause a denial of service (CPU consumption or crash) and possibly execute arbitrary code via (1) a packet with a negative size value, which is treated as a large positive number during memory allocation, or (2) a negative size value in a package file.

Published Oct 23, 2007 · Updated Aug 8, 2024

Unknown · CVSS Not scored

CVE-2003-1426: Openwebmail in cPanel 5.0, when run using suid Perl, adds the directory in the SCRIPT_FILENAME environment...

Openwebmail in cPanel 5.0, when run using suid Perl, adds the directory in the SCRIPT_FILENAME environment variable to Perl's @INC include array, which allows local users to execute arbitrary code by modifying SCRIPT_FILENAME to reference a directory containing a malicious openwebmail-shared.pl executable.

Published Oct 20, 2007 · Updated Aug 8, 2024

Unknown · CVSS Not scored

CVE-2003-1509: Real Networks RealOne Enterprise Desktop 6.0.11.774, RealOne Player 2.0, and RealOne Player 6.0.11.818 thro...

Real Networks RealOne Enterprise Desktop 6.0.11.774, RealOne Player 2.0, and RealOne Player 6.0.11.818 through RealOne Player 6.0.11.853 allows remote attackers to execute arbitrary script in the local security zone by embedding script in a temp file before the temp file is executed by the default web browser.

Published Oct 25, 2007 · Updated Aug 8, 2024

Unknown · CVSS Not scored

CVE-2003-1412: PHP remote file inclusion vulnerability in index.php for GONiCUS System Administrator (GOsa) 1.0 allows rem...

PHP remote file inclusion vulnerability in index.php for GONiCUS System Administrator (GOsa) 1.0 allows remote attackers to execute arbitrary PHP code via the plugin parameter to (1) 3fax/1blocklists/index.php; (2) 6departamentadmin/index.php, (3) 5terminals/index.php, (4) 4mailinglists/index.php, (5) 3departaments/index.php, and (6) 2groupd/index.php in 2administration/; or (7) the base parameter to include/help.php.

Published Oct 20, 2007 · Updated Aug 8, 2024