6323 matches found
CVE-2002-0033
Solaris cachefsd (cachefs daemon) is affected by CVE-2002-0033 due to a heap-based overflow in the cfsd_calloc function. An unauthenticated remote attacker can trigger a remote code execution by sending a crafted RPC request with a long directory and cache name, potentially gaining the privileges...
EUVD-2002-0806
Buffer overflow in VMware Authorization Service for VMware GSX Server 2.0.0 build-2050 allows remote authenticated users to execute arbitrary code via a long GLOBAL argument...
CVE-2002-1076
Buffer overflow in the Web Messaging daemon for Ipswitch IMail before 7.12 allows remote attackers to execute arbitrary code via a long HTTP GET request for HTTP/1.0...
CVE-2002-0906
CVE-2002-0906 describes a buffer overflow in Sendmail before 8.12.5 when configured to use a custom DNS map to query TXT records. A malicious DNS server could trigger the overflow, allowing a remote attacker to cause a denial of service and, potentially, execute arbitrary code on the affected hos...
CVE-2002-1536
Molly IRC bot 0.5 allows remote attackers to execute arbitrary commands via shell metacharacters in 1 the $host variable for nslookup.pl, 2 the $to, $from, or $message variables in pop.pl, 3 the $words or $text variables in sms.pl, or 4 the $server or $printer variables in hpled.pl...
CVE-2002-1522
CVE-2002-1522 concerns a buffer overflow in PowerFTP FTP server 2.24 (and possibly other versions). The vulnerability allows a remote attacker to cause a denial of service and, potentially, execute arbitrary code by sending a long USER argument. The available documents consistently describe the i...
MS02-032: Cumulative patch for Windows Media Player (320920)
The remote version of Windows Media Player is affected by various flaws : - A remote attacker may be able to execute arbitrary code when sending a badly formed file. - A local attacker may gain SYSTEM privileges. %NASLMINLEVEL 999999 C Tenable Network Security, Inc. Fixed in Windows XP SP1...
CuteNews 0.88 - 'search.php' Remote File Inclusion
source: https://www.securityfocus.com/bid/6935/info CuteNews is prone to an issue that may allow remote attackers to include files located on remote servers. Under some circumstances, it is possible for remote attackers to influence the include path for several include files to point to an extern...
Oracle9i Database contains remotely exploitable buffer overflow in "BFILENAME" function
Overview A remotely exploitable buffer overflow vulnerability exists in Oracle9i Database. Description A buffer overflow vulnerability exists on all platforms in the following versions of Oracle 9i Database: Oracle9i Database Release 2 9i Release 1 8i 8.1.7 8.0.6 A buffer overflow exists in...
Cedric Email Reader 0.2/0.3 - Skin Configuration Script Remote File Inclusion
source: https://www.securityfocus.com/bid/6818/info It has been reported that Cedric Email Reader is prone to an issue that may allow remote attackers to include malicious files located on remote servers. This issue is present in the 'email.php' script. Under some circumstances, it is possible fo...
CVE-2003-0003
Buffer overflow in the RPC Locator service for Microsoft Windows NT 4.0, Windows NT 4.0 Terminal Server Edition, Windows 2000, and Windows XP allows local users to execute arbitrary code via an RPC call to the service containing certain parameter information...
WinRAR buffer overflow vulnerability
Hello everybody. We found vulnerability in WinRAR 3.10 or lower version, and reported details to Author of this Software at 2003/01/12. Fixed version 3.11 of WinRAR was released, so we release the Information about this vulnerability. ----------------------------------------------------------...
DSA-239 kdesdk - several vulnerabilities
Bulletin has no description...
CVE-2002-1403
dhcpcd DHCP client daemon 1.3.22 and earlier allows local users to execute arbitrary code via shell metacharacters that are fed from a dhcpd .info script into a .exe script...
Lotus Domino web server vulnerable to buffer overflow via long HTTP authentication header containing non-ASCII characters
Overview A remotely exploitable buffer overflow exists in versions of IBM's Lotus Domino web server prior to R5.0.10. Description A remotely exploitable buffer overflow exists in the Lotus Domino web server. The overflow can occur as the result of an overly long HTTP Authenticate header containin...
CVE-2002-2099
Buffer overflow in the GNU DataDisplay Debugger DDD 3.3.1 allows local users to execute arbitrary code and possibly gain privileges via a long HOME environment variable. NOTE: since DDD is not installed setuid or setgid, perhaps this issue should not be included in CVE...
CVE-2002-2168
SQL injection vulnerability in Thorsten Korner 123tkShop before 0.3.1 allows remote attackers to execute arbitrary SQL queries via various programs including functiondescribeitem1.inc.php...
CVE-2002-1158
Buffer overflow in the irwthrough function for Canna 3.5b2 and earlier allows local users to execute arbitrary code as the bin user...
Microsoft Java implementation allows execution of malicious code
Overview A class in Microsoft's Java virtual machine VM does not properly validate trusted applets, allowing untrusted applets to exploit native methods and execute arbitrary code. Description Microsoft's Java VM is installed on Windows 98, NT, 2000, and xp. It is used by Internet Explorer and...
CVE-2002-0960
Multiple cross-site scripting vulnerabilities in Voxel Dot Net CBMS 0.7 and earlier allows remote attackers to execute arbitrary script as other CBMS users...