Full List

Search

Recent Vulnerabilities

• CVE-1999-1107 • published on September 12, 2001 Buffer overflow in kppp in KDE allows local users to gain root access via a long PATH environmental variable.
• CVE-1999-1128 • published on September 12, 2001 Internet Explorer 3.01 on Windows 95 allows remote malicious web sites to execute arbitrary commands via a .isp file, which is automatically downloaded and executed without prompting the user.
• CVE-1999-1083 • published on September 12, 2001 Directory traversal vulnerability in Jana proxy web server 1.45 allows remote attackers to ready arbitrary files via a .. (dot dot) attack.
• CVE-1999-1084 • published on September 12, 2001 The "AEDebug" registry key is installed with insecure permissions, which allows local users to modify the key to specify a Trojan Horse debugger which is automatically executed on a system crash.
• CVE-1999-1086 • published on September 12, 2001 Novell 5 and earlier, when running over IPX with a packet signature level less than 3, allows remote attackers to gain administrator privileges by spoofing the MAC address in IPC fragmented packets that make NetWare Core Protocol (NCP) calls.
• CVE-1999-1088 • published on September 12, 2001 Vulnerability in chsh command in HP-UX 9.X through 10.20 allows local users to gain privileges.
• CVE-1999-1096 • published on September 12, 2001 Buffer overflow in kscreensaver in KDE klock allows local users to gain root privileges via a long HOME environmental variable.
• CVE-1999-1125 • published on September 12, 2001 Oracle Webserver 2.1 and earlier runs setuid root, but the configuration file is owned by the oracle account, which allows any local or remote attacker who obtains access to the oracle account to gain privileges or modify arbitrary files by modifying the configuration file.
• CVE-1999-1141 • published on September 12, 2001 Ascom Timeplex router allows remote attackers to obtain sensitive information or conduct unauthorized activities by entering debug mode through a sequence of CTRL-D characters.
• CVE-1999-1091 • published on September 12, 2001 UNIX news readers tin and rtin create the /tmp/.tin_log file with insecure permissions and follow symlinks, which allows attackers to modify the permissions of files writable by the user via a symlink attack.
• CVE-1999-1095 • published on September 12, 2001 sort creates temporary files and follows symbolic links, which allows local users to modify arbitrary files that are writable by the user running sort, as observed in updatedb and other programs that use sort.
• CVE-1999-1110 • published on September 12, 2001 Windows Media Player ActiveX object as used in Internet Explorer 5.0 returns a specific error code when a file does not exist, which allows remote malicious web sites to determine the existence of files on the client.
• CVE-1999-1124 • published on September 12, 2001 HTTP Client application in ColdFusion allows remote attackers to bypass access restrictions for web pages on other ports by providing the target page to the mainframeset.cfm application, which requests the page from the server, making it look like the request is coming from the local host.
• CVE-1999-1135 • published on September 12, 2001 Vulnerability in VUE 3.0 in HP 9.x allows local users to gain root privileges, as fixed by PHSS_4994 and PHSS_5438.
• CVE-1999-1089 • published on September 12, 2001 Buffer overflow in chfn command in HP-UX 9.X through 10.20 allows local users to gain privileges via a long command line argument.
• CVE-1999-1092 • published on September 12, 2001 tin 1.40 creates the .tin directory with insecure permissions, which allows local users to read passwords from the .inputhistory file.
• CVE-1999-1112 • published on September 12, 2001 Buffer overflow in IrfanView32 3.07 and earlier allows attackers to execute arbitrary commands via a long string after the "8BPS" image type in a Photo Shop image header.
• CVE-1999-1113 • published on September 12, 2001 Buffer overflow in Eudora Internet Mail Server (EIMS) 2.01 and earlier on MacOS systems allows remote attackers to cause a denial of service via a long USER command to port 106.
• CVE-1999-1123 • published on September 12, 2001 The installation of Sun Source (sunsrc) tapes allows local users to gain root privileges via setuid root programs (1) makeinstall or (2) winstall.
• CVE-1999-1126 • published on September 12, 2001 Cisco Resource Manager (CRM) 1.1 and earlier creates certain files with insecure permissions that allow local users to obtain sensitive configuration information including usernames, passwords, and SNMP community strings, from (1) swim_swd.log, (2) swim_debug.log, (3) dbi_debug.log, and (4) temporary files whose names begin with "DPR_".