Lucene search
K

3241 matches found

CVE
CVE
added 2003/05/17 4:0 a.m.61 views

CVE-2003-0188

CVE-2003-0188: lv, a multilingual file viewer, reads a .lv configuration file from the current working directory. A crafted .lv file placed in a directory can cause lv to execute arbitrary commands as the invoking user, enabling local privilege escalation (including root) on affected systems. Pub...

7.2CVSS6.8AI score0.00442EPSS
Exploits0References5Affected Software2
exploitpack
exploitpack
added 2003/05/07 12:0 a.m.25 views

Microsoft Windows Media Player 7.1 - Skin File Code Execution

Microsoft Windows Media Player 7.1 - Skin File Code Execution source: https://www.securityfocus.com/bid/7517/info Windows Media Player is vulnerable to code execution through skin files. WMP does not properly validate URLs that are passed to initiate a skin file download and installation. This...

Exploits0
exploitpack
exploitpack
added 2003/04/17 12:0 a.m.20 views

Web Wiz Forum 6.34 - Information Disclosure

Web Wiz Forum 6.34 - Information Disclosure source: https://www.securityfocus.com/bid/7380/info Web Wiz Forum has been reported prone to sensitive information disclosure vulnerability. An attacker may make a request for and download the underlying Access database file that is used by the Forum...

7.2AI score
Exploits0
securityvulns
securityvulns
added 2003/04/15 12:0 a.m.52 views

[SECURITY] [DSA 285-1] New lprng packages fix insecure temporary file creation

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 - -------------------------------------------------------------------------- Debian Security Advisory DSA 285-1 [email protected] http://www.debian.org/security/ Martin Schulze April 14th, 2003 http://www.debian.org/security/faq -...

2.1CVSS6.1AI score0.0039EPSS
Exploits0
Cvelist
Cvelist
added 2003/04/02 5:0 a.m.20 views

CVE-2002-1014

Buffer overflow in RealJukebox 2 1.0.2.340 and 1.0.2.379, and RealOne Player Gold 6.0.10.505, allows remote attackers to execute arbitrary code via an RFS skin file whose skin.ini contains a long value in a CONTROLnImage argument, such as CONTROL1Image...

7.9AI score0.08104EPSS
Exploits0References5
Cvelist
Cvelist
added 2003/04/02 5:0 a.m.35 views

CVE-2001-1372

Oracle 9i Application Server 1.0.2 allows remote attackers to obtain the physical path of a file under the server root via a request for a non-existent .JSP file, which leaks the pathname in an error message...

8.8AI score0.06483EPSS
Exploits1References8
OSV
OSV
added 2003/03/15 12:0 a.m.35 views

DSA-262 samba - remote exploit

Bulletin has no description...

10CVSS6AI score0.87923EPSS
Exploits6
RedHat Linux
RedHat Linux
added 2003/02/26 7:46 p.m.20 views

Low: Red Hat Security Advisory: im security update

Updated Internet Message packages are available that fix the insecure handling of temporary files. Updated 9 April 2003 Added packages for Red Hat Linux Advanced Workstation, Red Hat Enterprise Linux ES, and Red Hat Enterprise Linux WS. Internet Message IM consists of a set of user interface...

2.1CVSS5.7AI score0.00371EPSS
Exploits0References3
RedHat Linux
RedHat Linux
added 2003/02/12 2:39 p.m.24 views

Low: Red Hat Security Advisory: python security update

An insecure use of a temporary file has been found in Python. Python is an interpreted, interactive, object-oriented programming language. Zack Weinberg discovered that os.execvpe from os.py in Python 2.2.1 and earlier creates temporary files with predictable names. This could allow local users t...

4.6CVSS6.1AI score0.00491EPSS
Exploits0References3
exploitpack
exploitpack
added 2003/02/09 12:0 a.m.11 views

Cedric Email Reader 0.4 - Global Configuration Script Remote File Inclusion

Cedric Email Reader 0.4 - Global Configuration Script Remote File Inclusion source: https://www.securityfocus.com/bid/6820/info It has been reported that Cedric Email Reader is prone to an issue that may allow remote attackers to include malicious files located on remote servers. This issue is...

0.1AI score
Exploits0
NVD
NVD
added 2002/12/31 5:0 a.m.21 views

CVE-2002-1869

Heysoft EventSave 5.1 and 5.2 and Heysoft EventSave+ 5.1 and 5.2 does not check whether the log file can be written to, which allows attackers to prevent events from being recorded by opening the log file using an application such as Microsoft's Event Viewer...

3.3CVSS4AI score0.00315EPSS
Exploits0References4
NVD
NVD
added 2002/12/31 5:0 a.m.13 views

CVE-2002-2051

The processorweb plugin for ModLogAn 0.5.0 through 0.7.11, when used with the splitby option, allows local users to overwrite arbitrary files via a symlink attack on files specified as hostnames in a log file...

2.1CVSS6.4AI score0.00338EPSS
Exploits0References3
NVD
NVD
added 2002/12/31 5:0 a.m.18 views

CVE-2002-1695

Norton Internet Security 2001 opens log files with FILESHAREREAD and FILESHAREWRITE permissions, which could allow remote attackers to modify the log file contents while Norton Internet Security is running...

5CVSS6.7AI score0.13637EPSS
Exploits0References3
NVD
NVD
added 2002/12/31 5:0 a.m.18 views

CVE-2002-2187

Unknown "file disclosure" vulnerability in Macromedia JRun 3.0, 3.1, and 4.0, related to a log file or jrun.ini, with unknown impact...

5CVSS6.5AI score0.0115EPSS
Exploits0References3
NVD
NVD
added 2002/12/26 5:0 a.m.21 views

CVE-2002-1327

Buffer overflow in the Windows Shell function in Microsoft Windows XP allows remote attackers to execute arbitrary code via an .MP3 or .WMA audio file with a corrupt custom attribute, aka "Unchecked Buffer in Windows Shell Could Enable System Compromise."...

7.5CVSS7.7AI score0.23419EPSS
Exploits0References6
NVD
NVD
added 2002/12/11 5:0 a.m.17 views

CVE-2002-1185

Internet Explorer 5.01 through 6.0 does not properly check certain parameters of a PNG file when opening it, which allows remote attackers to cause a denial of service crash by triggering a heap-based buffer overflow using invalid length codes during decompression, aka "Malformed PNG Image File...

5CVSS7.1AI score0.21342EPSS
Exploits0References8
NVD
NVD
added 2002/11/29 5:0 a.m.16 views

CVE-2002-1279

Multiple buffer overflows in conf.c for Masqmail 0.1.x before 0.1.17, and 0.2.x before 0.2.15, allow local users to gain privileges via certain entries in the configuration file -C option...

7.2CVSS6.7AI score0.00403EPSS
Exploits0References5
securityvulns
securityvulns
added 2002/11/29 12:0 a.m.32 views

Bogofilter symbolic links problem

file /tmp/bogopass.$$ is created without symbolic link check...

1.4AI score
Exploits0References1Affected Software1
exploitpack
exploitpack
added 2002/10/02 12:0 a.m.17 views

MySimpleNews 1.0 - Remote Readable Administrator Password

MySimpleNews 1.0 - Remote Readable Administrator Password source: https://www.securityfocus.com/bid/5866/info MySimpleNews stores the administrative password in clear text in a remotely viewable HTML file. Any remote user can view the contents of the HTML file to determine the administrator...

7.5AI score
Exploits0
NVD
NVD
added 2002/08/12 4:0 a.m.21 views

CVE-2002-0428

Check Point FireWall-1 SecuRemote/SecuClient 4.0 and 4.1 allows clients to bypass the "authentication timeout" by modifying the toexpire or expire values in the client's users.C configuration file...

7.5CVSS6.5AI score0.01574EPSS
Exploits1References3
Rows per page
Query Builder