Full List

Search

Recent Vulnerabilities

• CVE-2001-0526 • published on March 9, 2002 Buffer overflow in the Xview library as used by mailtool in Solaris 8 and earlier allows a local attacker to gain privileges via the OPENWINHOME environment variable.
• CVE-2001-0527 • published on March 9, 2002 DCScripts DCForum versions 2000 and earlier allow a remote attacker to gain additional privileges by inserting pipe symbols (|) and newlines into the last name in the registration form, which will create an extra entry in the registration database.
• CVE-2001-0530 • published on March 9, 2002 Spearhead NetGAP 200 and 300 before build 78 allow a remote attacker to bypass file blocking and content inspection via specially encoded URLs which include '%' characters.
• CVE-2001-0541 • published on March 9, 2002 Buffer overflow in Microsoft Windows Media Player 7.1 and earlier allows remote attackers to execute arbitrary commands via a malformed Windows Media Station (.NSC) file.
• CVE-2001-0560 • published on March 9, 2002 Buffer overflow in Vixie cron 3.0.1-56 and earlier could allow a local attacker to gain additional privileges via a long username ( 20 characters).
• CVE-2001-0564 • published on March 9, 2002 APC Web/SNMP Management Card prior to Firmware 310 only supports one telnet connection, which allows a remote attacker to create a denial of service via repeated failed logon attempts which temporarily locks the card.
• CVE-2001-0565 • published on March 9, 2002 Buffer overflow in mailx in Solaris 8 and earlier allows a local attacker to gain additional privileges via a long '-F' command line option.
• CVE-2001-0585 • published on March 9, 2002 Gordano NTMail 6.0.3c allows a remote attacker to create a denial of service via a long (= 255 characters) URL request to port 8000 or port 9000.
• CVE-2001-0463 • published on March 9, 2002 Directory traversal vulnerability in cal_make.pl in PerlCal allows remote attackers to read arbitrary files via a .. (dot dot) in the p0 parameter.
• CVE-2001-0487 • published on March 9, 2002 AIX SNMP server snmpd allows remote attackers to cause a denial of service via a RST during the TCP connection.
• CVE-2001-0500 • published on March 9, 2002 Buffer overflow in ISAPI extension (idq.dll) in Index Server 2.0 and Indexing Service 2000 in IIS 6.0 beta and earlier allows remote attackers to execute arbitrary commands via a long argument to Internet Data Administration (.ida) and Internet Data Query (.idq) files such as default.ida, as commonly exploited by Code Red.
• CVE-2001-0504 • published on March 9, 2002 Vulnerability in authentication process for SMTP service in Microsoft Windows 2000 allows remote attackers to use incorrect credentials to gain privileges and conduct activities such as mail relaying.
• CVE-2001-0507 • published on March 9, 2002 IIS 5.0 uses relative paths to find system files that will run in-process, which allows local users to gain privileges via a Trojan horse file, aka the "System file listing privilege elevation" vulnerability.
• CVE-2001-0514 • published on March 9, 2002 SNMP service in Atmel 802.11b VNET-B Access Point 1.3 and earlier, as used in Netgear ME102 and Linksys WAP11, accepts arbitrary community strings with requested MIB modifications, which allows remote attackers to obtain sensitive information such as WEP keys, cause a denial of service, or gain access to the network.
• CVE-2001-0518 • published on March 9, 2002 Oracle listener before Oracle 9i allows attackers to cause a denial of service by repeatedly sending the first portion of a fragmented Oracle command without sending the remainder of the command, which causes the listener to hang.
• CVE-2001-0533 • published on March 9, 2002 Buffer overflow in libi18n library in IBM AIX 5.1 and 4.3.x allows local users to gain root privileges via a long LANG environmental variable.
• CVE-2001-0538 • published on March 9, 2002 Microsoft Outlook View ActiveX Control in Microsoft Outlook 2002 and earlier allows remote attackers to execute arbitrary commands via a malicious HTML e-mail message or web page.
• CVE-2001-0544 • published on March 9, 2002 IIS 5.0 allows local users to cause a denial of service (hang) via by installing content that produces a certain invalid MIME Content-Type header, which corrupts the File Type table.
• CVE-2001-0549 • published on March 9, 2002 Symantec LiveUpdate 1.5 stores proxy passwords in cleartext in a registry key, which could allow local users to obtain the passwords.
• CVE-2001-0567 • published on March 9, 2002 Digital Creations Zope 2.3.2 and earlier allows a local attacker to gain additional privileges via the changing of ZClass permission mappings for objects and methods in the ZClass.