Total
28764 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2002-1131 | 1 Squirrelmail | 1 Squirrelmail | 2008-09-05 | 7.5 HIGH | N/A |
| Cross-site scripting vulnerabilities in SquirrelMail 1.2.7 and earlier allows remote attackers to execute script as other web users via (1) addressbook.php, (2) options.php, (3) search.php, or (4) help.php. | |||||
| CVE-2002-1127 | 1 Digital | 1 Osf 1 | 2008-09-05 | 7.2 HIGH | N/A |
| Buffer overflow in uucp in Compaq Tru64/OSF1 3.x allows local users to execute arbitrary code via a long source (-s) command line parameter. | |||||
| CVE-2002-1124 | 1 Purity | 1 Purity | 2008-09-05 | 7.2 HIGH | N/A |
| Multiple buffer overflows in purity 1-16 allow local users to gain privileges and modify high scores tables. | |||||
| CVE-2002-1090 | 1 Libesmtp | 1 Libesmtp | 2008-09-05 | 7.5 HIGH | N/A |
| Buffer overflow in read_smtp_response of protocol.c in libesmtp before 0.8.11 allows a remote SMTP server to (1) execute arbitrary code via a certain response or (2) cause a denial of service via long server responses. | |||||
| CVE-2002-1089 | 1 Oracle | 2 Application Server, Reports | 2008-09-05 | 5.0 MEDIUM | N/A |
| rwcgi60 CGI program in Oracle Reports Server, by design, provides sensitive information such as the full pathname, which could enable remote attackers to use the information in additional attacks. | |||||
| CVE-2002-1088 | 1 Novell | 1 Groupwise | 2008-09-05 | 7.5 HIGH | N/A |
| Buffer overflow in Novell GroupWise 6.0.1 Support Pack 1 allows remote attackers to execute arbitrary code via a long RCPT TO command. | |||||
| CVE-2002-1087 | 1 Visualshapers | 1 Ezcontents | 2008-09-05 | 5.0 MEDIUM | N/A |
| The scripts (1) createdir.php, (2) removedir.php and (3) uploadfile.php for ezContents 1.41 and earlier do not check credentials, which allows remote attackers to create or delete directories and upload files via a direct HTTP POST request. | |||||
| CVE-2002-1086 | 1 Visualshapers | 1 Ezcontents | 2008-09-05 | 7.5 HIGH | N/A |
| Multiple SQL injection vulnerabilities in ezContents 1.41 and earlier allow remote attackers to conduct unauthorized activities. | |||||
| CVE-2002-1085 | 1 Visualshapers | 1 Ezcontents | 2008-09-05 | 7.5 HIGH | N/A |
| Multiple cross-site scripting vulnerabilities in ezContents 1.41 and earlier allow remote attackers to execute script and steal cookies via the diary and other capabilities. | |||||
| CVE-2002-1084 | 1 Visualshapers | 1 Ezcontents | 2008-09-05 | 6.4 MEDIUM | N/A |
| The VerifyLogin function in ezContents 1.41 and earlier does not properly halt program execution if a user fails to log in properly, which allows remote attackers to modify and view restricted information via HTTP POST requests. | |||||
| CVE-2002-1083 | 1 Visualshapers | 1 Ezcontents | 2008-09-05 | 5.0 MEDIUM | N/A |
| Directory traversal vulnerabilities in ezContents 1.41 and earlier allow remote attackers to cause ezContents to (1) create directories using the Maintain Images:Add New:Create Subdirectory item, or (2) list directories using the Maintain Images file listing, via .. (dot dot) sequences. | |||||
| CVE-2002-1082 | 1 Visualshapers | 1 Ezcontents | 2008-09-05 | 5.0 MEDIUM | N/A |
| The Image Upload capability for ezContents 1.40 and earlier allows remote attackers to cause ezContents to perform operations on local files as if they were uploaded. | |||||
| CVE-2002-1081 | 1 Aprelium Technologies | 1 Abyss Web Server | 2008-09-05 | 5.0 MEDIUM | N/A |
| The Administration console for Abyss Web Server 1.0.3 allows remote attackers to read files without providing login credentials via an HTTP request to a target file that ends in a "+" character. | |||||
| CVE-2002-1080 | 1 Aprelium Technologies | 1 Abyss Web Server | 2008-09-05 | 7.5 HIGH | N/A |
| The Administration console for Abyss Web Server 1.0.3 before Patch 2 allows remote attackers to gain privileges and modify server configuration via direct requests to CHL files such as (1) srvstatus.chl, (2) consport.chl, (3) general.chl, (4) srvparam.chl, and (5) advanced.chl. | |||||
| CVE-2002-1079 | 1 Aprelium Technologies | 1 Abyss Web Server | 2008-09-05 | 5.0 MEDIUM | N/A |
| Directory traversal vulnerability in Abyss Web Server 1.0.3 allows remote attackers to read arbitrary files via ..\ (dot-dot backslash) sequences in an HTTP GET request. | |||||
| CVE-2002-1078 | 1 Aprelium Technologies | 1 Abyss Web Server | 2008-09-05 | 5.0 MEDIUM | N/A |
| Abyss Web Server 1.0.3 allows remote attackers to list directory contents via an HTTP GET request that ends in a large number of / (slash) characters. | |||||
| CVE-2002-1077 | 1 Ipswitch | 1 Imail | 2008-09-05 | 5.0 MEDIUM | N/A |
| IPSwitch IMail Web Calendaring service (iwebcal) allows remote attackers to cause a denial of service (crash) via an HTTP POST request without a Content-Length field. | |||||
| CVE-2002-1076 | 1 Ipswitch | 1 Imail | 2008-09-05 | 7.5 HIGH | N/A |
| Buffer overflow in the Web Messaging daemon for Ipswitch IMail before 7.12 allows remote attackers to execute arbitrary code via a long HTTP GET request for HTTP/1.0. | |||||
| CVE-2002-1075 | 1 David Harris | 1 Pegasus Mail | 2008-09-05 | 7.5 HIGH | N/A |
| Buffer overflow in Pegasus mail client 4.01 and earlier allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via long (1) To or (2) From headers. | |||||
| CVE-2002-1073 | 1 Atrium Software | 1 Mercur Mailserver | 2008-09-05 | 7.5 HIGH | N/A |
| Buffer overflow in the control service for MERCUR Mailserver 4.2 allows remote attackers to execute arbitrary code via a long password. | |||||