Full List

Search

Recent Vulnerabilities

• CVE-2003-0323 • published on May 22, 2003 Multiple buffer overflows in ircII 20020912 allows remote malicious IRC servers to cause a denial of service (crash) and possibly execute arbitrary code via responses that are not properly fed to the my_strcat function by (1) ctcp_buffer, (2) cannot_join_channel, (3) status_make_printable for Statusbar drawing, (4) create_server_list, and possibly other functions.
• CVE-2003-0330 • published on May 22, 2003 Buffer overflow in unknown versions of Maelstrom allows local users to execute arbitrary code via a long -player command line argument.
• CVE-2003-0319 • published on May 22, 2003 Buffer overflow in the IMAP server (IMAPMax) for SmartMax MailMax 5.0.10.8 and earlier allows remote authenticated users to execute arbitrary code via a long SELECT command.
• CVE-2003-0324 • published on May 22, 2003 Buffer overflows in EPIC IRC Client (EPIC4) 1.0.1 allows remote malicious IRC servers to cause a denial of service (crash) and possibly execute arbitrary code via long replies that are not properly handled by the (1) userhost_cmd_returned function, or (2) Statusbar capability.
• CVE-2003-0326 • published on May 22, 2003 Integer overflow in parse_decode_path() of slocate may allow attackers to execute arbitrary code via a LOCATE_PATH with a large number of ":" (colon) characters, whose count is used in a call to malloc.
• CVE-2003-0329 • published on May 22, 2003 CesarFTP 0.99g stores user names and passwords in plaintext in the settings.ini file, which could allow local users to gain privileges.
• CVE-2003-0332 • published on May 22, 2003 The ISAPI extension in BadBlue 1.7 through 2.2, and possibly earlier versions, modifies the first two letters of a filename extension after performing a security check, which allows remote attackers to bypass authentication via a filename with a .ats extension instead of a .hts extension.
• CVE-2003-0188 • published on May 17, 2003 lv reads a .lv file from the current working directory, which allows local users to execute arbitrary commands as other lv users by placing malicious .lv files into other directories.
• CVE-2003-0194 • published on May 17, 2003 tcpdump does not properly drop privileges to the pcap user when starting up.
• CVE-2003-0242 • published on May 17, 2003 IPSec in Mac OS X before 10.2.6 does not properly handle certain incoming security policies that match by port, which could allow traffic that is not explicitly allowed by the policies.
• CVE-2003-0307 • published on May 17, 2003 Poster version.two allows remote authenticated users to gain administrative privileges by appending the "|" field separator and an "admin" value into the email address field.
• CVE-2003-0313 • published on May 17, 2003 Directory traversal vulnerability in Snowblind Web Server 1.0 allows remote attackers to list arbitrary directory contents via a ... (triple dot) in an HTTP request.
• CVE-2003-0303 • published on May 17, 2003 SQL injection vulnerability in one||zero (aka One or Zero) Helpdesk 1.4 rc4 allows remote attackers to modify arbitrary ticket number descriptions via the sg parameter.
• CVE-2003-0304 • published on May 17, 2003 one||zero (aka One or Zero) Helpdesk 1.4 rc4 allows remote attackers to create administrator accounts by directly calling the install.php Helpdesk Installation script.
• CVE-2003-0305 • published on May 17, 2003 The Service Assurance Agent (SAA) in Cisco IOS 12.0 through 12.2, aka Response Time Reporter (RTR), allows remote attackers to cause a denial of service (crash) via malformed RTR packets to port 1967.
• CVE-2003-0314 • published on May 17, 2003 Snowblind Web Server 1.0 allows remote attackers to cause a denial of service (crash) via a URL that ends in a "/" sequence.
• CVE-2003-0306 • published on May 17, 2003 Buffer overflow in EXPLORER.EXE on Windows XP allows attackers to execute arbitrary code as the XP user via a desktop.ini file with a long .ShellClassInfo parameter.
• CVE-2003-0308 • published on May 17, 2003 The Sendmail 8.12.3 package in Debian GNU/Linux 3.0 does not securely create temporary files, which could allow local users to gain additional privileges via (1) expn, (2) checksendmail, or (3) doublebounce.pl.
• CVE-2003-0310 • published on May 17, 2003 Cross-site scripting (XSS) vulnerability in articleview.php for eZ publish 2.2 allows remote attackers to insert arbitrary web script.
• CVE-2003-0315 • published on May 17, 2003 Snowblind Web Server 1.0 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a long HTTP request, which may trigger a buffer overflow.