LiveActive security incident?Get immediate response
CVE archive

December 2003

Browse CVE records published in December 2003, with severity, affected products, CWE, KEV, and source-backed vulnerability context.

Showing 45 of 45 matching CVEs · Page 1 of 1.

Unknown · CVSS Not scored

CVE-2003-0983: Cisco Unity on IBM servers is shipped with default settings that should have been disabled by the manufactu...

Cisco Unity on IBM servers is shipped with default settings that should have been disabled by the manufacturer, which allows local or remote attackers to conduct unauthorized activities via (1) a "bubba" local user account, (2) an open TCP port 34571, or (3) when a local DHCP server is unavailable, a DHCP server on the manufacturer's test network.

Published Dec 11, 2003 · Updated Sep 16, 2024

Unknown · CVSS Not scored

CVE-2003-1288: Multiple race conditions in Linux-VServer 1.22 with Linux kernel 2.4.23 and SMP allow local users to cause...

Multiple race conditions in Linux-VServer 1.22 with Linux kernel 2.4.23 and SMP allow local users to cause a denial of service (kernel oops) via unknown attack vectors related to the (1) s_info and (2) ip_info data structures and the (a) forget_original_parent, (b) goodness, (c) schedule, (d) update_process_times, and (e) vc_new_s_context functions.

Published Dec 4, 2005 · Updated Aug 8, 2024

Unknown · CVSS Not scored

CVE-2003-0980: Cross-site scripting (XSS) vulnerability in FreeScripts VisitorBook LE (visitorbook.pl) allows remote attac...

Cross-site scripting (XSS) vulnerability in FreeScripts VisitorBook LE (visitorbook.pl) allows remote attackers to inject arbitrary HTML or web script via (1) the "do" parameter, (2) via the "user" parameter from a host with a malicious reverse DNS name, (3) via quote marks or ampersands in other parameters.

Published Dec 11, 2003 · Updated Aug 8, 2024

Unknown · CVSS Not scored

CVE-2003-0979: FreeScripts VisitorBook LE (visitorbook.pl) does not properly escape line breaks in input, which allows rem...

FreeScripts VisitorBook LE (visitorbook.pl) does not properly escape line breaks in input, which allows remote attackers to (1) use VisitorBook as an open mail relay, when $mailuser is 1, via extra headers in the email field, or (2) cause the guestbook database to be deleted via a large number of line breaks that exceeds the $max_posts variable.

Published Dec 11, 2003 · Updated Aug 8, 2024