Full List

Search

Recent Vulnerabilities

• CVE-2003-0108 • published on September 1, 2004 isakmp_sub_print in tcpdump 3.6 through 3.7.1 allows remote attackers to cause a denial of service (CPU consumption) via a certain malformed ISAKMP packet to UDP port 500, which causes tcpdump to enter an infinite loop.
• CVE-2003-0073 • published on September 1, 2004 Double-free vulnerability in mysqld for MySQL before 3.23.55 allows attackers with MySQL access to cause a denial of service (crash) via mysql_change_user.
• CVE-2003-0081 • published on September 1, 2004 Format string vulnerability in packet-socks.c of the SOCKS dissector for Ethereal 0.8.7 through 0.9.9 allows remote attackers to execute arbitrary code via SOCKS packets containing format string specifiers.
• CVE-2003-0087 • published on September 1, 2004 Buffer overflow in libIM library (libIM.a) for National Language Support (NLS) on AIX 4.3 through 5.2 allows local users to gain privileges via several possible attack vectors, including a long -im argument to aixterm.
• CVE-2003-0095 • published on September 1, 2004 Buffer overflow in ORACLE.EXE for Oracle Database Server 9i, 8i, 8.1.7, and 8.0.6 allows remote attackers to execute arbitrary code via a long username that is provided during login, as exploitable through client applications that perform their own authentication, as demonstrated using LOADPSP.
• CVE-2003-0103 • published on September 1, 2004 Format string vulnerability in Nokia 6210 handset allows remote attackers to cause a denial of service (crash, lockup, or restart) via a Multi-Part vCard with fields containing a large number of format string specifiers.
• CVE-2003-0104 • published on September 1, 2004 Directory traversal vulnerability in PeopleTools 8.10 through 8.18, 8.40, and 8.41 allows remote attackers to overwrite arbitrary files via the SchedulerTransfer servlet.
• CVE-2003-0122 • published on September 1, 2004 Buffer overflow in Notes server before Lotus Notes R4, R5 before 5.0.11, and early R6 allows remote attackers to execute arbitrary code via a long distinguished name (DN) during NotesRPC authentication and an outer field length that is less than that of the DN field.
• CVE-2003-0123 • published on September 1, 2004 Buffer overflow in Web Retriever client for Lotus Notes/Domino R4.5 through R6 allows remote malicious web servers to cause a denial of service (crash) via a long HTTP status line.
• CVE-2003-0125 • published on September 1, 2004 Buffer overflow in the web interface for SOHO Routefinder 550 before firmware 4.63 allows remote attackers to cause a denial of service (reboot) and execute arbitrary code via a long GET /OPTIONS value.
• CVE-2003-0143 • published on September 1, 2004 The pop_msg function in qpopper 4.0.x before 4.0.5fc2 does not null terminate a message buffer after a call to Qvsnprintf, which could allow authenticated users to execute arbitrary code via a buffer overflow in a mdef command with a long macro name.
• CVE-2003-0903 • published on September 1, 2004 Buffer overflow in a component of Microsoft Data Access Components (MDAC) 2.5 through 2.8 allows remote attackers to execute arbitrary code via a malformed UDP response to a broadcast request.
• CVE-2003-0825 • published on September 1, 2004 The Windows Internet Naming Service (WINS) for Microsoft Windows Server 2003, and possibly Windows NT and Server 2000, does not properly validate the length of certain packets, which allows attackers to cause a denial of service and possibly execute arbitrary code.
• CVE-2003-0905 • published on September 1, 2004 Unknown vulnerability in Windows Media Station Service and Windows Media Monitor Service components of Windows Media Services 4.1 allows remote attackers to cause a denial of service (disallowing new connections) via a certain sequence of TCP/IP packets.
• CVE-2003-0924 • published on September 1, 2004 netpbm 9.25 and earlier does not properly create temporary files, which allows local users to overwrite arbitrary files.
• CVE-2003-0966 • published on September 1, 2004 Buffer overflow in the frm command in elm 2.5.6 and earlier, and possibly later versions, allows remote attackers to execute arbitrary code via a long Subject line.
• CVE-2003-0988 • published on September 1, 2004 Buffer overflow in the VCF file information reader for KDE Personal Information Management (kdepim) suite in KDE 3.1.0 through 3.1.4 allows attackers to execute arbitrary code via a VCF file.
• CVE-2003-0991 • published on September 1, 2004 Unknown vulnerability in the mail command handler in Mailman before 2.0.14 allows remote attackers to cause a denial of service (crash) via malformed e-mail commands.
• CVE-2003-1022 • published on September 1, 2004 Directory traversal vulnerability in fsp before 2.81.b18 allows remote users to access files outside the FSP root directory.
• CVE-2003-0969 • published on September 1, 2004 mpg321 0.2.10 allows remote attackers to overwrite memory and possibly execute arbitrary code via an mp3 file that passes certain strings to the printf function, possibly triggering a format string vulnerability.