CVE-2002-1xxx

There are 964 CVE in this subgroup.
Last updated: 
← Back to 2002
ID Summary Flags Max Score
CVE-2002-1000 Buffer overflow in AnalogX SimpleServer:Shout 1.0 allows remote attackers to cause a denial of servi...
S
CVE-2002-1001 Buffer overflows in AnalogX Proxy before 4.12 allows remote attackers to cause a denial of service a...
E S
CVE-2002-1002 Buffer overflow in Novell iManager (eMFrame 1.2.1) allows remote attackers to cause a denial of serv...
E S
CVE-2002-1003 Buffer overflow in MyWebServer 1.02 and earlier allows remote attackers to execute arbitrary code vi...
S
CVE-2002-1004 Directory traversal vulnerability in webmail feature of ArGoSoft Mail Server Plus or Pro 1.8.1.5 and...
E S
CVE-2002-1005 ArGoSoft Mail Server 1.8.1.7 and earlier allows a webmail user to cause a denial of service (CPU con...
E
CVE-2002-1006 Cross-site scripting (XSS) vulnerability in BBC Education Text to Speech Internet Enhancer (Betsie) ...
E S
CVE-2002-1007 Cross-site scripting vulnerabilities in Blackboard 5 allow remote attackers to execute arbitrary web...
E
CVE-2002-1008 Cross-site scripting vulnerability in PowerBASIC urlcount.cgi, as included in Lil' HTTP web server, ...
E
CVE-2002-1009 Cross-site scripting vulnerability in PowerBASIC pbcgi.cgi, as included in Lil' HTTP web server, all...
E
CVE-2002-1010 Lotus Domino R4 allows remote attackers to bypass access restrictions for files in the web root via ...
CVE-2002-1011 Buffer overflow in web server for Tivoli Management Framework (TMF) Endpoint 3.6.x through 3.7.1, be...
S
CVE-2002-1012 Buffer overflow in web server for Tivoli Management Framework (TMF) ManagedNode 3.6.x through 3.7.1 ...
S
CVE-2002-1013 Buffer overflow in traffic_manager for Inktomi Traffic Server 4.0.18 through 5.2.2, Traffic Edge 1.1...
S
CVE-2002-1014 Buffer overflow in RealJukebox 2 1.0.2.340 and 1.0.2.379, and RealOne Player Gold 6.0.10.505, allows...
S
CVE-2002-1015 RealJukebox 2 1.0.2.340 and 1.0.2.379, and RealOne Player Gold 6.0.10.505, allows remote attackers t...
S
CVE-2002-1016 Adobe eBook Reader allows a user to bypass restrictions for copy, print, lend, and give operations b...
E
CVE-2002-1017 Adobe eBook Reader 2.1 and 2.2 allows a user to copy eBooks to other systems by using the backup fea...
CVE-2002-1018 The library feature for Adobe Content Server 3.0 does not verify if a customer has already checked o...
CVE-2002-1019 The library feature for Adobe Content Server 3.0 allows a remote attacker to check out an eBook for ...
CVE-2002-1020 The library feature for Adobe Content Server 3.0 allows a remote attacker to check out an eBook even...
CVE-2002-1021 BadBlue server allows remote attackers to read restricted files, such as EXT.INI, via an HTTP reques...
E
CVE-2002-1022 BadBlue server stores passwords in plaintext in the ext.ini file, which could allow local and possib...
E
CVE-2002-1023 BadBlue server allows remote attackers to cause a denial of service (crash) via an HTTP GET request ...
E
CVE-2002-1024 Cisco IOS 12.0 through 12.2, when supporting SSH, allows remote attackers to cause a denial of servi...
S
CVE-2002-1025 JRun 3.0 through 4.0 allows remote attackers to read JSP source code via an encoded null byte in an ...
E S
CVE-2002-1026 Macromedia Sitespring 1.2.0 (277.1) using Sybase runtime engine 7.0.2.1480 allows remote attackers t...
E
CVE-2002-1027 Cross-site scripting vulnerability in the default HTTP 500 error script (500error.jsp) for Macromedi...
E
CVE-2002-1028 Multiple buffer overflows in the CGI programs for Oddsock Song Requester WinAmp plugin 2.1 allow rem...
E
CVE-2002-1029 Res Manager in Worldspan for Windows Gateway 4.1 allows remote attackers to cause a denial of servic...
E
CVE-2002-1030 Race condition in Performance Pack in BEA WebLogic Server and Express 5.1.x, 6.0.x, 6.1.x and 7.0 al...
S
CVE-2002-1031 KeyFocus (KF) web server 1.0.2 allows remote attackers to list directories and read restricted files...
E S
CVE-2002-1032 Buffer overflow in KeyFocus (KF) web server 1.0.5 and earlier allows remote attackers to cause a den...
CVE-2002-1033 Directory traversal vulnerability in none.php for SunPS iRunbook 2.5.2 allows remote attackers to re...
E
CVE-2002-1034 none.php for SunPS iRunbook 2.5.2 allows remote attackers to read arbitrary files via an absolute pa...
E
CVE-2002-1035 Omnicron OmniHTTPd 2.09 allows remote attackers to cause a denial of service (crash) via an HTTP req...
CVE-2002-1036 Cross-site scripting vulnerability in search.pl for Fluid Dynamics Search Engine (FDSE) before 2.0.0...
E S
CVE-2002-1037 Cross-site scripting vulnerability in Double Choco Latte (DCL) before 20020706 allows remote attacke...
S
CVE-2002-1038 Double Choco Latte (DCL) before 20020706 does not properly verify if a file was uploaded, which allo...
S
CVE-2002-1039 Directory traversal vulnerability in Double Choco Latte (DCL) before 20020706 allows remote attacker...
S
CVE-2002-1040 Unknown vulnerability in the WebSecure (DFSWeb) configuration utilities in AIX 4.x, possibly related...
CVE-2002-1041 Unknown vulnerability in DCE (1) SMIT panels and (2) configuration commands, possibly related to rel...
CVE-2002-1042 Directory traversal vulnerability in search engine for iPlanet web server 6.0 SP2 and 4.1 SP9, and N...
E S
CVE-2002-1043 Ultrafunk Popcorn 1.20 allows remote attackers to cause a denial of service (crash) via a malformed ...
E S
CVE-2002-1044 Buffer overflow in Ultrafunk Popcorn 1.20 allows remote attackers to cause a denial of service (cras...
E S
CVE-2002-1045 Ultrafunk Popcorn 1.20 allows remote attackers to cause a denial of service (crash) via a malformed ...
E S
CVE-2002-1046 Dynamic VPN Configuration Protocol service (DVCP) in Watchguard Firebox firmware 5.x.x allows remote...
E S
CVE-2002-1047 The FTP service in Watchguard Soho Firewall 5.0.35a allows remote attackers to gain privileges with ...
CVE-2002-1048 HP JetDirect printers allow remote attackers to obtain the administrative password for the (1) web a...
CVE-2002-1049 Format string vulnerability in HylaFAX faxgetty before 4.1.3 allows remote attackers to cause a deni...
S
CVE-2002-1050 Buffer overflow in HylaFAX faxgetty before 4.1.3 allows remote attackers to cause a denial of servic...
S
CVE-2002-1051 Format string vulnerability in TrACESroute 6.0 GOLD (aka NANOG traceroute) allows local users to exe...
E S
CVE-2002-1052 Jigsaw 2.2.1 on Windows systems allows remote attackers to use MS-DOS device names in HTTP requests ...
S
CVE-2002-1053 Cross-site scripting (XSS) vulnerability in W3C Jigsaw Proxy Server before 2.2.1 allows remote attac...
S
CVE-2002-1054 Directory traversal vulnerability in Pablo FTP server 1.0 build 9 and earlier allows remote authenti...
S
CVE-2002-1055 Buffer overflow in administrative web server for Brother NC-3100h printer allows remote attackers to...
CVE-2002-1056 Microsoft Outlook 2000 and 2002, when configured to use Microsoft Word as the email editor, does not...
CVE-2002-1057 Buffer overflow in SmartMax MailMax POP3 daemon (popmax) 4.8 allows remote attackers to execute arbi...
S
CVE-2002-1058 Directory traversal vulnerability in splashAdmin.php for Cobalt Qube 3.0 allows local users and remo...
E S
CVE-2002-1059 Buffer overflow in Van Dyke SecureCRT SSH client before 3.4.6, and 4.x before 4.0 beta 3, allows an ...
E S
CVE-2002-1060 Cross-site scripting (XSS) vulnerability in Blue Coat Systems (formerly CacheFlow) CacheOS on Client...
E S
CVE-2002-1061 Multiple buffer overflows in Thomas Hauck Jana Server 2.x through 2.2.1, and 1.4.6 and earlier, allo...
S
CVE-2002-1062 Signedness error in Thomas Hauck Jana Server 2.x through 2.2.1, and 1.4.6 and earlier, allows remote...
S
CVE-2002-1063 Thomas Hauck Jana Server 2.x through 2.2.1, and 1.4.6 and earlier, allows remote attackers to cause ...
CVE-2002-1064 Thomas Hauck Jana Server 2.x through 2.2.1, and 1.4.6 and earlier, generates different responses for...
CVE-2002-1065 Thomas Hauck Jana Server 2.x through 2.2.1, and 1.4.6 and earlier, does not restrict the number of u...
CVE-2002-1066 Thomas Hauck Jana Server 1.4.6 and earlier allows remote attackers to cause a denial of service and ...
S
CVE-2002-1067 Administrative web interface for IC9 Pocket Print Server Firmware 7.1.30 and 7.1.36f allows remote a...
S
CVE-2002-1068 The web server for D-Link DP-300 print server allows remote attackers to cause a denial of service (...
CVE-2002-1069 The remote administration capability for the D-Link DI-804 router 4.68 allows remote attackers to by...
S
CVE-2002-1070 Cross-site scripting vulnerability in PHPWiki Postnuke wiki module allows remote attackers to execut...
S
CVE-2002-1071 ZyXEL Prestige 642R allows remote attackers to cause a denial of service in the Telnet, FTP, and DHC...
E S
CVE-2002-1072 ZyXEL Prestige 642R 2.50(FA.1) and Prestige 310 V3.25(M.01), allows remote attackers to cause a deni...
E
CVE-2002-1073 Buffer overflow in the control service for MERCUR Mailserver 4.2 allows remote attackers to execute ...
E S
CVE-2002-1075 Buffer overflow in Pegasus mail client 4.01 and earlier allows remote attackers to cause a denial of...
E S
CVE-2002-1076 Buffer overflow in the Web Messaging daemon for Ipswitch IMail before 7.12 allows remote attackers t...
E S
CVE-2002-1077 IPSwitch IMail Web Calendaring service (iwebcal) allows remote attackers to cause a denial of servic...
E
CVE-2002-1078 Abyss Web Server 1.0.3 allows remote attackers to list directory contents via an HTTP GET request th...
E S
CVE-2002-1079 Directory traversal vulnerability in Abyss Web Server 1.0.3 allows remote attackers to read arbitrar...
S
CVE-2002-1080 The Administration console for Abyss Web Server 1.0.3 before Patch 2 allows remote attackers to gain...
E S
CVE-2002-1081 The Administration console for Abyss Web Server 1.0.3 allows remote attackers to read files without ...
S
CVE-2002-1082 The Image Upload capability for ezContents 1.40 and earlier allows remote attackers to cause ezConte...
S
CVE-2002-1083 Directory traversal vulnerabilities in ezContents 1.41 and earlier allow remote attackers to cause e...
CVE-2002-1084 The VerifyLogin function in ezContents 1.41 and earlier does not properly halt program execution if ...
CVE-2002-1085 Multiple cross-site scripting vulnerabilities in ezContents 1.41 and earlier allow remote attackers ...
CVE-2002-1086 Multiple SQL injection vulnerabilities in ezContents 1.41 and earlier allow remote attackers to cond...
S
CVE-2002-1087 The scripts (1) createdir.php, (2) removedir.php and (3) uploadfile.php for ezContents 1.41 and earl...
CVE-2002-1088 Buffer overflow in Novell GroupWise 6.0.1 Support Pack 1 allows remote attackers to execute arbitrar...
S
CVE-2002-1089 rwcgi60 CGI program in Oracle Reports Server, by design, provides sensitive information such as the ...
CVE-2002-1090 Buffer overflow in read_smtp_response of protocol.c in libesmtp before 0.8.11 allows a remote SMTP s...
CVE-2002-1091 Netscape 6.2.3 and earlier, and Mozilla 1.0.1, allow remote attackers to corrupt heap memory and exe...
E S
CVE-2002-1092 Cisco VPN 3000 Concentrator 3.6(Rel) and earlier, and 2.x.x, when configured to use internal authent...
CVE-2002-1093 HTML interface for Cisco VPN 3000 Concentrator 2.x.x and 3.x.x before 3.0.3(B) allows remote attacke...
CVE-2002-1094 Information leaks in Cisco VPN 3000 Concentrator 2.x.x and 3.x.x before 3.5.4 allow remote attackers...
CVE-2002-1095 Cisco VPN 3000 Concentrator before 2.5.2(F), with encryption enabled, allows remote attackers to cau...
CVE-2002-1096 Cisco VPN 3000 Concentrator 2.2.x, and 3.x before 3.5.1, allows restricted administrators to obtain ...
CVE-2002-1097 Cisco VPN 3000 Concentrator 2.2.x, and 3.x before 3.5.2, allows restricted administrators to obtain ...
CVE-2002-1098 Cisco VPN 3000 Concentrator 2.2.x, and 3.x before 3.5.3, adds an "HTTPS on Public Inbound (XML-Auto)...
CVE-2002-1099 Cisco VPN 3000 Concentrator 2.2.x, and 3.x before 3.5.3, allows remote attackers to obtain potential...
CVE-2002-1100 Cisco VPN 3000 Concentrator 2.2.x, and 3.x before 3.5.3, allows remote attackers to cause a denial o...
CVE-2002-1101 Cisco VPN 3000 Concentrator 2.2.x, 3.6(Rel), and 3.x before 3.5.5, allows remote attackers to cause ...
CVE-2002-1102 The LAN-to-LAN IPSEC capability for Cisco VPN 3000 Concentrator 2.2.x, and 3.x before 3.5.4, allows ...
CVE-2002-1103 Cisco VPN 3000 Concentrator 2.2.x, 3.6(Rel), and 3.x before 3.5.5, allows remote attackers to cause ...
S
CVE-2002-1104 Cisco Virtual Private Network (VPN) Client software 2.x.x and 3.x before 3.0.5 allows remote attacke...
CVE-2002-1105 Cisco Virtual Private Network (VPN) Client software 2.x.x, and 3.x before 3.5.1C, allows local users...
CVE-2002-1106 Cisco Virtual Private Network (VPN) Client software 2.x.x, and 3.x before 3.5.1C, does not properly ...
CVE-2002-1107 Cisco Virtual Private Network (VPN) Client software 2.x.x, and 3.x before 3.5.2B, does not generate ...
CVE-2002-1108 Cisco Virtual Private Network (VPN) Client software 2.x.x, and 3.x before 3.6(Rel), when configured ...
CVE-2002-1109 securetar, as used in AMaViS shell script 0.2.1 and earlier, allows users to cause a denial of servi...
CVE-2002-1110 Multiple SQL injection vulnerabilities in Mantis 0.17.2 and earlier, when running without magic_quot...
S
CVE-2002-1111 print_all_bug_page.php in Mantis 0.17.3 and earlier does not verify the limit_reporters option, whic...
S
CVE-2002-1112 Mantis before 0.17.4 allows remote attackers to list project bugs without authentication by modifyin...
S
CVE-2002-1113 summary_graph_functions.php in Mantis 0.17.3 and earlier allows remote attackers to execute arbitrar...
E S
CVE-2002-1114 config_inc2.php in Mantis before 0.17.4 allows remote attackers to execute arbitrary code or read ar...
S
CVE-2002-1115 Mantis 0.17.4a and earlier allows remote attackers to view private bugs by modifying the f_id bug ID...
S
CVE-2002-1116 The "View Bugs" page (view_all_bug_page.php) in Mantis 0.17.4a and earlier includes summaries of pri...
S
CVE-2002-1117 Veritas Backup Exec 8.5 and earlier requires that the "RestrictAnonymous" registry key for Microsoft...
CVE-2002-1118 TNS Listener in Oracle Net Services for Oracle 9i 9.2.x and 9.0.x, and Oracle 8i 8.1.x, allows remot...
E S
CVE-2002-1119 os._execvpe from os.py in Python 2.2.1 and earlier creates temporary files with predictable names, w...
S
CVE-2002-1120 Buffer overflow in Savant Web Server 3.1 and earlier allows remote attackers to execute arbitrary co...
E S
CVE-2002-1121 SMTP content filter engines, including (1) GFI MailSecurity for Exchange/SMTP before 7.2, (2) InterS...
CVE-2002-1122 Buffer overflow in the parsing mechanism for ISS Internet Scanner 6.2.1, when using the license bann...
S
CVE-2002-1123 Buffer overflow in the authentication function for Microsoft SQL Server 2000 and Microsoft Desktop E...
CVE-2002-1124 Multiple buffer overflows in purity 1-16 allow local users to gain privileges and modify high scores...
S
CVE-2002-1125 FreeBSD port programs that use libkvm for FreeBSD 4.6.2-RELEASE and earlier, including (1) asmon, (2...
CVE-2002-1126 Mozilla 1.1 and earlier, and Mozilla-based browsers such as Netscape and Galeon, set the document re...
E S
CVE-2002-1127 Buffer overflow in uucp in Compaq Tru64/OSF1 3.x allows local users to execute arbitrary code via a ...
S
CVE-2002-1128 Buffer overflow in inc mail utility for Compaq Tru64/OSF1 3.x allows local users to execute arbitrar...
S
CVE-2002-1129 Buffer overflow in dxterm allows local users to execute arbitrary code via a long -xrm argument....
S
CVE-2002-1131 Cross-site scripting vulnerabilities in SquirrelMail 1.2.7 and earlier allows remote attackers to ex...
E S
CVE-2002-1132 SquirrelMail 1.2.7 and earlier allows remote attackers to determine the absolute pathname of the opt...
E S
CVE-2002-1133 Encoded directory traversal vulnerability in Dino's web server 2.1 allows remote attackers to read a...
CVE-2002-1134 Unknown vulnerability in Compaq WEBES Service Tools 2.0 through WEBES 4.0 (Service Pack 5) allows lo...
S
CVE-2002-1135 modsecurity.php 1.10 and earlier, in phpWebSite 0.8.2 and earlier, allows remote attackers to execut...
CVE-2002-1137 Buffer overflow in the Database Console Command (DBCC) that handles user inputs in Microsoft SQL Ser...
E S
CVE-2002-1138 Microsoft SQL Server 7.0 and 2000, including Microsoft Data Engine (MSDE) 1.0 and Microsoft Desktop ...
CVE-2002-1139 The Compressed Folders feature in Microsoft Windows 98 with Plus! Pack, Windows Me, and Windows XP d...
CVE-2002-1140 The Sun Microsystems RPC library Services for Unix 3.0 Interix SD, as implemented on Microsoft Windo...
CVE-2002-1141 An input validation error in the Sun Microsystems RPC library Services for Unix 3.0 Interix SD, as i...
CVE-2002-1142 Heap-based buffer overflow in the Remote Data Services (RDS) component of Microsoft Data Access Comp...
CVE-2002-1143 Microsoft Word and Excel allow remote attackers to steal sensitive information via certain field cod...
E S
CVE-2002-1145 The xp_runwebtask stored procedure in the Web Tasks component of Microsoft SQL Server 7.0 and 2000, ...
CVE-2002-1146 The BIND 4 and BIND 8.2.x stub resolver libraries, and other libraries such as glibc 2.2.5 and earli...
CVE-2002-1147 The HTTP administration interface for HP Procurve 4000M Switch firmware before C.09.16, with stackin...
CVE-2002-1148 The default servlet (org.apache.catalina.servlets.DefaultServlet) in Tomcat 4.0.4 and 4.1.10 and ear...
E S
CVE-2002-1149 The installation procedure for Invision Board suggests that users install the phpinfo.php program un...
CVE-2002-1150 The Remote Desktop Sharing (RDS) Screen Saver Protection capability for Microsoft NetMeeting 3.01 th...
CVE-2002-1151 The cross-site scripting protection for Konqueror in KDE 2.2.2 and 3.0 through 3.0.3 does not proper...
S
CVE-2002-1152 Konqueror in KDE 3.0 through 3.0.2 does not properly detect the "secure" flag in an HTTP cookie, whi...
S
CVE-2002-1153 IBM Websphere 4.0.3 allows remote attackers to cause a denial of service (crash) and possibly execut...
E S
CVE-2002-1154 anlgform.pl in Analog before 5.23 does not restrict access to the PROGRESSFREQ progress update comma...
CVE-2002-1155 Buffer overflow in KON kon2 0.3.9b and earlier allows local users to execute arbitrary code via a lo...
S
CVE-2002-1156 Apache 2.0.42 allows remote attackers to view the source code of a CGI script via a POST request to ...
CVE-2002-1157 Cross-site scripting vulnerability in the mod_ssl Apache module 2.8.9 and earlier, when UseCanonical...
S
CVE-2002-1158 Buffer overflow in the irw_through function for Canna 3.5b2 and earlier allows local users to execut...
S
CVE-2002-1159 Canna 3.6 and earlier does not properly validate requests, which allows remote attackers to cause a ...
S
CVE-2002-1160 The default configuration of the pam_xauth module forwards MIT-Magic-Cookies to new X sessions, whic...
CVE-2002-1161 Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2002-1380. Reason: This candida...
R
CVE-2002-1165 Sendmail Consortium's Restricted Shell (SMRSH) in Sendmail 8.12.6, 8.11.6-15, and possibly other ver...
E S
CVE-2002-1166 Buffer overflow in John Franks WN Server 1.18.2 through 2.0.0 allows remote attackers to execute arb...
CVE-2002-1167 Cross-site scripting (XSS) vulnerability in IBM Web Traffic Express Caching Proxy Server 3.6 and 4.x...
CVE-2002-1168 Cross-site scripting (XSS) vulnerability in IBM Web Traffic Express Caching Proxy Server 3.6 and 4.x...
CVE-2002-1169 IBM Web Traffic Express Caching Proxy Server 3.6 and 4.x before 4.0.1.26 allows remote attackers to ...
E S
CVE-2002-1170 The handle_var_requests function in snmp_agent.c for the SNMP daemon in the Net-SNMP (formerly ucd-s...
S
CVE-2002-1174 Buffer overflows in Fetchmail 6.0.0 and earlier allow remote attackers to cause a denial of service ...
S
CVE-2002-1175 The getmxrecord function in Fetchmail 6.0.0 and earlier does not properly check the boundary of a pa...
S
CVE-2002-1176 Buffer overflow in Winamp 2.81 allows remote attackers to execute arbitrary code via a long Artist I...
CVE-2002-1177 Multiple buffer overflows in Winamp 3.0, when displaying an MP3 in the Media Library window, allows ...
CVE-2002-1178 Directory traversal vulnerability in the CGIServlet for Jetty HTTP server before 4.1.0 allows remote...
E S
CVE-2002-1179 Buffer overflow in the S/MIME Parsing capability in Microsoft Outlook Express 5.5 and 6.0 allows rem...
CVE-2002-1180 A typographical error in the script source access permissions for Internet Information Server (IIS) ...
S
CVE-2002-1181 Multiple cross-site scripting (XSS) vulnerabilities in the administrative web pages for Microsoft In...
S
CVE-2002-1182 IIS 5.0 and 5.1 allows remote attackers to cause a denial of service (crash) via malformed WebDAV re...
CVE-2002-1183 Microsoft Windows 98 and Windows NT 4.0 do not properly verify the Basic Constraints of digital cert...
E S
CVE-2002-1184 The system root folder of Microsoft Windows 2000 has default permissions of Everyone group with Full...
CVE-2002-1185 Internet Explorer 5.01 through 6.0 does not properly check certain parameters of a PNG file when ope...
S
CVE-2002-1186 Internet Explorer 5.01 through 6.0 does not properly perform security checks on certain encoded char...
E S
CVE-2002-1187 Cross-site scripting vulnerability (XSS) in Internet Explorer 5.01 through 6.0 allows remote attacke...
S
CVE-2002-1188 Internet Explorer 5.01 through 6.0 allows remote attackers to identify the path to the Temporary Int...
S
CVE-2002-1189 The default configuration of Cisco Unity 2.x and 3.x does not block international operator calls in ...
S
CVE-2002-1190 Cisco Unity 2.x and 3.x uses well-known default user accounts, which could allow remote attackers to...
S
CVE-2002-1191 The Sabserv client component in Sabre Desktop Reservation Software 4.2 through 4.4 allows remote att...
CVE-2002-1192 Multiple buffer overflows in rogue on NetBSD 1.6 and earlier, FreeBSD 4.6, and possibly other operat...
CVE-2002-1193 tkmail before 4.0beta9-8.1 allows local users to create or overwrite files as users via a symlink at...
S
CVE-2002-1194 Buffer overflow in talkd on NetBSD 1.6 and earlier, and possibly other operating systems, may allow ...
CVE-2002-1195 Cross-site scripting vulnerability (XSS) in the PHP interface for ht://Check 1.1 allows remote web s...
S
CVE-2002-1196 editproducts.cgi in Bugzilla 2.14.x before 2.14.4, and 2.16.x before 2.16.1, when the "usebuggroups"...
S
CVE-2002-1197 bugzilla_email_append.pl in Bugzilla 2.14.x before 2.14.4, and 2.16.x before 2.16.1, allows remote a...
CVE-2002-1198 Bugzilla 2.16.x before 2.16.1 does not properly filter apostrophes from an email address during acco...
CVE-2002-1199 The getdbm procedure in ypxfrd allows local users to read arbitrary files, and remote attackers to r...
CVE-2002-1200 Balabit Syslog-NG 1.4.x before 1.4.15, and 1.5.x before 1.5.20, when using template filenames or out...
E S
CVE-2002-1201 IBM AIX 4.3.3 and AIX 5 allows remote attackers to cause a denial of service (CPU consumption or cra...
CVE-2002-1202 Unknown vulnerability in routed for HP Tru64 UNIX V4.0F through V5.1A allows local and remote attack...
S
CVE-2002-1203 IBM SecureWay Firewall before 4.2.2 performs extra processing before determining that a packet is in...
CVE-2002-1204 Netscape Communicator 4.x allows attackers to use a link to steal a user's preferences, including po...
CVE-2002-1209 Directory traversal vulnerability in SolarWinds TFTP Server 5.0.55, and possibly earlier, allows rem...
E S
CVE-2002-1210 Qualcomm Eudora 5.1.1, 5.2, and possibly other versions stores email attachments in a predictable lo...
S
CVE-2002-1211 Prometheus 6.0 and earlier allows remote attackers to execute arbitrary PHP code via a modified PROM...
E S
CVE-2002-1212 Buffer overflow in RadioBird Software WebServer 4 Everyone 1.23 and 1.27, and other versions before ...
CVE-2002-1213 Directory traversal vulnerability in RadioBird Software WebServer 4 Everyone 1.23 and 1.27, and othe...
CVE-2002-1214 Buffer overflow in Microsoft PPTP Service on Windows XP and Windows 2000 allows remote attackers to ...
CVE-2002-1215 Multiple format string vulnerabilities in heartbeat 0.4.9 and earlier (claimed as buffer overflows i...
S
CVE-2002-1216 GNU tar 1.13.19 and other versions before 1.13.25 allows remote attackers to overwrite arbitrary fil...
S
CVE-2002-1217 Cross-Frame scripting vulnerability in the WebBrowser control as used in Internet Explorer 5.5 and 6...
E S
CVE-2002-1219 Buffer overflow in named in BIND 4 versions 4.9.10 and earlier, and 8 versions 8.3.3 and earlier, al...
S
CVE-2002-1220 BIND 8.3.x through 8.3.3 allows remote attackers to cause a denial of service (termination due to as...
S
CVE-2002-1221 BIND 8.x through 8.3.3 allows remote attackers to cause a denial of service (crash) via SIG RR eleme...
S
CVE-2002-1222 Buffer overflow in the embedded HTTP server for Cisco Catalyst switches running CatOS 5.4 through 7....
E S
CVE-2002-1223 Buffer overflow in DSC 3.0 parser from GSview, as used in KGhostView in KDE 1.1 and KDE 3.0.3a, may ...
S
CVE-2002-1224 Directory traversal vulnerability in kpf for KDE 3.0.1 through KDE 3.0.3a allows remote attackers to...
E S
CVE-2002-1225 Multiple buffer overflows in Heimdal before 0.5, possibly in both the (1) kadmind and (2) kdc server...
S
CVE-2002-1226 Unknown vulnerabilities in Heimdal before 0.5 with unknown impact, possibly in the (1) kadmind and (...
S
CVE-2002-1227 PAM 0.76 treats a disabled password as if it were an empty (null) password, which allows local and r...
S
CVE-2002-1228 Unknown vulnerability in NFS on Solaris 2.5.1 through Solaris 9 allows an NFS client to cause a deni...
CVE-2002-1229 Avaya Cajun switches P880, P882, P580, and P550R 5.2.14 and earlier contain undocumented accounts (1...
CVE-2002-1230 NetDDE Agent on Windows NT 4.0, 4.0 Terminal Server Edition, Windows 2000, and Windows XP allows loc...
CVE-2002-1231 SCO UnixWare 7.1.1 and Open UNIX 8.0.0 allows local users to cause a denial of service via an rcp ca...
CVE-2002-1232 Memory leak in ypdb_open in yp_db.c for ypserv before 2.5 in the NIS package 3.9 and earlier allows ...
S
CVE-2002-1233 A regression error in the Debian distributions of the apache-ssl package (before 1.3.9 on Debian 2.2...
CVE-2002-1234 Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2002-0180. Reason: This candida...
R
CVE-2002-1235 The kadm_ser_in function in (1) the Kerberos v4compatibility administration daemon (kadmind4) in the...
S
CVE-2002-1236 The remote management web server for Linksys BEFSR41 EtherFast Cable/DSL Router before firmware 1.42...
E S
CVE-2002-1238 Peter Sandvik's Simple Web Server 0.5.1 and earlier allows remote attackers to bypass access restric...
E
CVE-2002-1239 QNX Neutrino RTOS 6.2.0 uses the PATH environment variable to find and execute the cp program while ...
E S
CVE-2002-1242 SQL injection vulnerability in PHP-Nuke before 6.0 allows remote authenticated users to modify the d...
S
CVE-2002-1244 Format string vulnerability in Pablo FTP Server 1.5, 1.3, and possibly other versions, allows remote...
CVE-2002-1245 Maped in LuxMan 0.41 uses the user-provided search path to find and execute the gzip program, which ...
E S
CVE-2002-1247 Buffer overflow in LISa allows local users to gain access to a raw socket via a long LOGNAME environ...
S
CVE-2002-1248 Northern Solutions Xeneo Web Server 2.1.0.0, 2.0.759.6, and other versions before 2.1.5 allows remot...
E S
CVE-2002-1250 Buffer overflow in Abuse 2.00 and earlier allows local users to gain root privileges via a long -net...
E S
CVE-2002-1251 Buffer overflow in log2mail before 0.2.5.1 allows remote attackers to execute arbitrary code via a l...
S
CVE-2002-1252 The Application Messaging Gateway for PeopleTools 8.1x before 8.19, as used in various PeopleSoft pr...
S
CVE-2002-1253 Abuse 2.00 and earlier allows local users to gain privileges via command line arguments that specify...
E S
CVE-2002-1254 Internet Explorer 5.5 and 6.0 allows remote attackers to bypass the cross-domain security model and ...
E S
CVE-2002-1255 Microsoft Outlook 2002 allows remote attackers to cause a denial of service (repeated failure) via a...
CVE-2002-1256 The SMB signing capability in the Server Message Block (SMB) protocol in Microsoft Windows 2000 and ...
CVE-2002-1257 Microsoft Virtual Machine (VM) up to and including build 5.0.3805 allows remote attackers to execute...
CVE-2002-1258 Two vulnerabilities in Microsoft Virtual Machine (VM) up to and including build 5.0.3805, as used in...
CVE-2002-1259 Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2002-1286. Reason: This candida...
R
CVE-2002-1260 The Java Database Connectivity (JDBC) APIs in Microsoft Virtual Machine (VM) 5.0.3805 and earlier al...
CVE-2002-1261 Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2002-1292. Reason: This candida...
R
CVE-2002-1262 Internet Explorer 5.5 and 6.0 does not perform complete security checks on external caching, which a...
CVE-2002-1263 Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2002-1295. Reason: This candida...
R
CVE-2002-1264 Buffer overflow in Oracle iSQL*Plus web application of the Oracle 9 database server allows remote at...
CVE-2002-1265 The Sun RPC functionality in multiple libc implementations does not provide a time-out mechanism whe...
CVE-2002-1266 Mac OS X 10.2.2 allows local users to gain privileges by mounting a disk image file that was created...
S
CVE-2002-1267 Mac OS X 10.2.2 allows remote attackers to cause a denial of service by accessing the CUPS Printing ...
S
CVE-2002-1268 Mac OS X 10.2.2 allows local users to gain privileges via a mounted ISO 9600 CD, aka "User Privilege...
S
CVE-2002-1269 Unknown vulnerability in NetInfo Manager application in Mac OS X 10.2.2 allows local users to access...
S
CVE-2002-1270 Mac OS X 10.2.2 allows local users to read files that only allow write access via the map_fd() Mach ...
S
CVE-2002-1271 The Mail::Mailer Perl module in the perl-MailTools package 1.47 and earlier uses mailx as the defaul...
CVE-2002-1272 Alcatel OmniSwitch 7700/7800 switches running AOS 5.1.1 contains a back door telnet server that was ...
S
CVE-2002-1275 Unknown vulnerability in html2ps HTML/PostScript converter 1.0, when used within LPRng, allows remot...
S
CVE-2002-1276 An incomplete fix for a cross-site scripting (XSS) vulnerability in SquirrelMail 1.2.8 calls the str...
S
CVE-2002-1277 Buffer overflow in Window Maker (wmaker) 0.80.0 and earlier may allow remote attackers to execute ar...
S
CVE-2002-1278 The mailconf module in Linuxconf 1.24, and other versions before 1.28, on Conectiva Linux 6.0 throug...
CVE-2002-1279 Multiple buffer overflows in conf.c for Masqmail 0.1.x before 0.1.17, and 0.2.x before 0.2.15, allow...
S
CVE-2002-1280 Memory leak in RealSecure Event Collector 6.5 allows attackers to cause a denial of service (memory ...
CVE-2002-1281 Unknown vulnerability in the rlogin KIO subsystem (rlogin.protocol) of KDE 2.x 2.1 and later, and KD...
S
CVE-2002-1282 Unknown vulnerability in the telnet KIO subsystem (telnet.protocol) of KDE 2.x 2.1 and later allows ...
S
CVE-2002-1283 Buffer overflow in Novell iManager (eMFrame) before 1.5 allows remote attackers to cause a denial of...
S
CVE-2002-1284 The wizard in KGPG 0.6 through 0.8.2 does not properly provide the passphrase to gpg when creating n...
CVE-2002-1285 runlpr in the LPRng package allows the local lp user to gain root privileges via certain command lin...
CVE-2002-1286 The Microsoft Java implementation, as used in Internet Explorer, allows remote attackers to steal co...
CVE-2002-1287 Stack-based buffer overflow in the Microsoft Java implementation, as used in Internet Explorer, allo...
CVE-2002-1288 The Microsoft Java implementation, as used in Internet Explorer, allows remote attackers to determin...
CVE-2002-1289 The Microsoft Java implementation, as used in Internet Explorer, allows remote attackers to read res...
CVE-2002-1290 The Microsoft Java implementation, as used in Internet Explorer, allows remote attackers to read and...
CVE-2002-1291 The Microsoft Java implementation, as used in Internet Explorer, allows remote attackers to read arb...
CVE-2002-1292 The Microsoft Java virtual machine (VM) build 5.0.3805 and earlier, as used in Internet Explorer, al...
CVE-2002-1293 The Microsoft Java implementation, as used in Internet Explorer, provides a public load0() method fo...
CVE-2002-1294 The Microsoft Java implementation, as used in Internet Explorer, can provide HTML object references ...
CVE-2002-1295 The Microsoft Java implementation, as used in Internet Explorer, allows remote attackers to cause a ...
CVE-2002-1296 Directory traversal vulnerability in priocntl system call in Solaris does allows local users to exec...
S
CVE-2002-1297 Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual w...
R
CVE-2002-1298 Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual w...
R
CVE-2002-1299 Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual w...
R
CVE-2002-1300 Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual w...
R
CVE-2002-1301 Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual w...
R
CVE-2002-1302 Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual w...
R
CVE-2002-1303 Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual w...
R
CVE-2002-1304 Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual w...
R
CVE-2002-1305 Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual w...
R
CVE-2002-1306 Multiple buffer overflows in LISa on KDE 2.x for 2.1 and later, and KDE 3.x before 3.0.4, allow (1) ...
S
CVE-2002-1307 Cross-site scripting vulnerability (XSS) in MHonArc 2.5.12 and earlier allows remote attackers to in...
S
CVE-2002-1308 Heap-based buffer overflow in Netscape and Mozilla allows remote attackers to execute arbitrary code...
CVE-2002-1309 Heap-based buffer overflow in the error-handling mechanism for the IIS ISAPI handler in Macromedia C...
E S
CVE-2002-1310 Heap-based buffer overflow in the error-handling mechanism for the IIS ISAPI handler in Macromedia J...
E S
CVE-2002-1311 Courier sqwebmail before 0.40.0 does not quickly drop privileges after startup in certain cases, whi...
S
CVE-2002-1312 Buffer overflow in the Web management interface in Linksys BEFW11S4 wireless access point router 2 a...
S
CVE-2002-1313 nullmailer 1.00RC5 and earlier allows local users to cause a denial of service via an email to a loc...
CVE-2002-1315 Cross-site scripting (XSS) vulnerability in the Admin Server for iPlanet WebServer 4.x, up to SP11, ...
E
CVE-2002-1316 importInfo in the Admin Server for iPlanet WebServer 4.x, up to SP11, allows the web administrator t...
E
CVE-2002-1317 Buffer overflow in Dispatch() routine for XFS font server (fs.auto) on Solaris 2.5.1 through 9 allow...
S
CVE-2002-1318 Buffer overflow in samba 2.2.2 through 2.2.6 allows remote attackers to cause a denial of service an...
S
CVE-2002-1319 The Linux kernel 2.4.20 and earlier, and 2.5.x, when running on x86 systems, allows local users to c...
S
CVE-2002-1320 Pine 4.44 and earlier allows remote attackers to cause a denial of service (core dump and failed res...
E S
CVE-2002-1321 Multiple buffer overflows in RealOne and RealPlayer allow remote attackers to execute arbitrary code...
CVE-2002-1322 Rational ClearCase 4.1, 2002.05, and possibly other versions allows remote attackers to cause a deni...
CVE-2002-1323 Safe.pm 2.0.7 and earlier, when used in Perl 5.8.0 and earlier, may allow attackers to break out of ...
S
CVE-2002-1325 Microsoft Virtual Machine (VM) build 5.0.3805 and earlier allows remote attackers to determine a loc...
CVE-2002-1327 Buffer overflow in the Windows Shell function in Microsoft Windows XP allows remote attackers to exe...
CVE-2002-1334 Cross-site scripting (XSS) vulnerability in BizDesign ImageFolio 3.01 and earlier allows remote atta...
CVE-2002-1335 Cross-site scripting (XSS) vulnerability in w3m 0.3.2 does not escape an HTML tag in a frame, which ...
S
CVE-2002-1336 TightVNC before 1.2.6 generates the same challenge string for multiple connections, which allows rem...
CVE-2002-1337 Buffer overflow in Sendmail 5.79 to 8.12.7 allows remote attackers to execute arbitrary code via cer...
E S
CVE-2002-1338 The Load method in the Chart component of Office Web Components (OWC) 9 and 10 generates an exceptio...
E S
CVE-2002-1339 The "XMLURL" property in the Spreadsheet component of Office Web Components (OWC) 10 follows redirec...
E S
CVE-2002-1340 The "ConnectionFile" property in the DataSourceControl component in Office Web Components (OWC) 10 a...
E S
CVE-2002-1341 Cross-site scripting (XSS) vulnerability in read_body.php for SquirrelMail 1.2.10, 1.2.9, and earlie...
S
CVE-2002-1342 Unknown vulnerability in smb2www 980804-16 and earlier allows remote attackers to execute arbitrary ...
S
CVE-2002-1344 Directory traversal vulnerability in wget before 1.8.2-4 allows a remote FTP server to create or ove...
S
CVE-2002-1345 Directory traversal vulnerabilities in multiple FTP clients on UNIX systems allow remote malicious F...
S
CVE-2002-1347 Multiple buffer overflows in Cyrus SASL library 2.1.9 and earlier allow remote attackers to cause a ...
S
CVE-2002-1348 w3m before 0.3.2.2 does not properly escape HTML tags in the ALT attribute of an IMG tag, which coul...
S
CVE-2002-1349 Buffer overflow in pop3trap.exe for PC-cillin 2000, 2002, and 2003 allows local users to execute arb...
S
CVE-2002-1350 The BGP decoding routines in tcpdump 3.6.x before 3.7 do not properly copy data, which allows remote...
S
CVE-2002-1351 Buffer overflow in Melange Chat System 1.10 allows remote attackers to cause a denial of service (ch...
E
CVE-2002-1352 Per Magne Knutsen's CartMan shopping cart (cartman.php) 1.04 and earlier allows remote attackers to ...
E
CVE-2002-1353 LocalWEB2000 HTTP server 2.1.0 stores passwords in plain text under the web document root in users.l...
CVE-2002-1354 Directory traversal vulnerability in TYPSoft FTP Server 0.99.8 allows local users to list the conten...
S
CVE-2002-1355 Multiple integer signedness errors in the BGP dissector in Ethereal 0.9.7 and earlier allow remote a...
S
CVE-2002-1356 Ethereal 0.9.7 and earlier allows remote attackers to cause a denial of service (crash) and possibly...
S
CVE-2002-1357 Multiple SSH2 servers and clients do not properly handle packets or data elements with incorrect len...
CVE-2002-1358 Multiple SSH2 servers and clients do not properly handle lists with empty elements or strings, which...
CVE-2002-1359 Multiple SSH2 servers and clients do not properly handle large packets or large fields, which may al...
CVE-2002-1360 Multiple SSH2 servers and clients do not properly handle strings with null characters in them when t...
CVE-2002-1361 overflow.cgi CGI script in Sun Cobalt RaQ 4 with the SHP (Security Hardening Patch) installed allows...
S
CVE-2002-1362 mICQ 0.4.9 and earlier allows remote attackers to cause a denial of service (crash) via malformed IC...
S
CVE-2002-1363 Portable Network Graphics (PNG) library libpng 1.2.5 and earlier does not correctly calculate offset...
S
CVE-2002-1364 Buffer overflow in the get_origin function in traceroute-nanog allows attackers to execute arbitrary...
E S
CVE-2002-1365 Heap-based buffer overflow in Fetchmail 6.1.3 and earlier does not account for the "@" character whe...
S
CVE-2002-1366 Common Unix Printing System (CUPS) 1.1.14 through 1.1.17 allows local users with lp privileges to cr...
CVE-2002-1367 Common Unix Printing System (CUPS) 1.1.14 through 1.1.17 allows remote attackers to add printers wit...
E
CVE-2002-1368 Common Unix Printing System (CUPS) 1.1.14 through 1.1.17 allows remote attackers to cause a denial o...
E
CVE-2002-1369 jobs.c in Common Unix Printing System (CUPS) 1.1.14 through 1.1.17 does not properly use the strncat...
E
CVE-2002-1370 Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2002-1367. Reason: This CAN was...
R
CVE-2002-1371 filters/image-gif.c in Common Unix Printing System (CUPS) 1.1.14 through 1.1.17 does not properly ch...
E
CVE-2002-1372 Common Unix Printing System (CUPS) 1.1.14 through 1.1.17 does not properly check the return values o...
E
CVE-2002-1373 Signed integer vulnerability in the COM_TABLE_DUMP package for MySQL 3.23.x before 3.23.54 allows re...
S
CVE-2002-1374 The COM_CHANGE_USER command in MySQL 3.x before 3.23.54, and 4.x before 4.0.6, allows remote attacke...
E S
CVE-2002-1375 The COM_CHANGE_USER command in MySQL 3.x before 3.23.54, and 4.x to 4.0.6, allows remote attackers t...
S
CVE-2002-1376 libmysqlclient client library in MySQL 3.x to 3.23.54, and 4.x to 4.0.6, does not properly verify le...
S
CVE-2002-1377 vim 6.0 and 6.1, and possibly other versions, allows attackers to execute arbitrary commands using t...
S
CVE-2002-1378 Multiple buffer overflows in OpenLDAP2 (OpenLDAP 2) 2.2.0 and earlier allow remote attackers to exec...
S
CVE-2002-1379 OpenLDAP2 (OpenLDAP 2) 2.2.0 and earlier allows remote or local attackers to execute arbitrary code ...
S
CVE-2002-1380 Linux kernel 2.2.x allows local users to cause a denial of service (crash) by using the mmap() funct...
E S
CVE-2002-1381 Format string vulnerability in daemon.c for Exim 4.x through 4.10, and 3.x through 3.36, allows exim...
E S
CVE-2002-1382 Macromedia Flash Player before 6.0.65.0 allows remote attackers to execute arbitrary code via certai...
CVE-2002-1383 Multiple integer overflows in Common Unix Printing System (CUPS) 1.1.14 through 1.1.17 allow remote ...
E S
CVE-2002-1384 Integer overflow in pdftops, as used in Xpdf 2.01 and earlier, xpdf-i, and CUPS before 1.1.18, allow...
E S
CVE-2002-1385 openwebmail_init in Open WebMail 1.81 and earlier allows local users to execute arbitrary code via ....
S
CVE-2002-1386 Buffer overflow in traceroute-nanog (aka traceroute-ng) may allow local users to execute arbitrary c...
CVE-2002-1387 The spray mode in traceroute-nanog (aka traceroute-ng) may allow local users to overwrite arbitrary ...
CVE-2002-1388 Cross-site scripting (XSS) vulnerability in MHonArc before 2.5.14 allows remote attackers to inject ...
S
CVE-2002-1389 Buffer overflow in typespeed 0.4.2 and earlier allows local users to gain privileges via long input....
S
CVE-2002-1390 The daemon for GeneWeb before 4.09 does not properly handle requested paths, which allows remote att...
S
CVE-2002-1391 Buffer overflow in cnd-program for mgetty before 1.1.29 allows remote attackers to cause a denial of...
CVE-2002-1392 faxspool in mgetty before 1.1.29 uses a world-writable spool directory for outgoing faxes, which all...
CVE-2002-1393 Multiple vulnerabilities in KDE 2 and KDE 3.x through 3.0.5 do not quote certain parameters that are...
S
CVE-2002-1394 Apache Tomcat 4.0.5 and earlier, when using both the invoker servlet and the default servlet, allows...
CVE-2002-1395 Internet Message (IM) 141-18 and earlier uses predictable file and directory names, which allows loc...
S
CVE-2002-1396 Heap-based buffer overflow in the wordwrap function in PHP after 4.1.2 and before 4.3.0 may allow at...
S
CVE-2002-1397 Vulnerability in the cash_words() function for PostgreSQL 7.2 and earlier allows local users to caus...
CVE-2002-1398 Buffer overflow in the date parser for PostgreSQL before 7.2.2 allows attackers to cause a denial of...
CVE-2002-1399 Unknown vulnerability in cash_out and possibly other functions in PostgreSQL 7.2.1 and earlier, and ...
CVE-2002-1400 Heap-based buffer overflow in the repeat() function for PostgreSQL before 7.2.2 allows attackers to ...
CVE-2002-1401 Buffer overflows in (1) circle_poly, (2) path_encode and (3) path_add (also incorrectly identified a...
S
CVE-2002-1402 Buffer overflows in the (1) TZ and (2) SET TIME ZONE enivronment variables for PostgreSQL 7.2.1 and ...
CVE-2002-1403 dhcpcd DHCP client daemon 1.3.22 and earlier allows local users to execute arbitrary code via shell ...
S
CVE-2002-1404 Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2002-1348. Reason: This candida...
R
CVE-2002-1405 CRLF injection vulnerability in Lynx 2.8.4 and earlier allows remote attackers to inject false HTTP ...
S
CVE-2002-1406 Unknown vulnerability in passwd for VVOS HP-UX 11.04, with unknown impact, related to "Unexpected be...
S
CVE-2002-1407 TinySSL 1.02 and earlier does not verify the Basic Constraints for an intermediate CA-signed certifi...
E S
CVE-2002-1408 Unknown vulnerability or vulnerabilities in HP OpenView EMANATE 14.2 snmpModules allow the SNMP read...
E S
CVE-2002-1409 ptrace on HP-UX 11.00 through 11.11 allows local users to cause a denial of service (data page fault...
E S
CVE-2002-1410 Easy Guestbook CGI programs do not authenticate the administrator, which allows remote attackers to ...
E S
CVE-2002-1411 Directory traversal vulnerability in update.dpgs in Duma Photo Gallery System (DPGS) 0.99.4 allows r...
E
CVE-2002-1412 Gallery photo album package before 1.3.1 allows local and possibly remote attackers to execute arbit...
E S
CVE-2002-1413 RCONAG6 for Novell Netware SP2, while running RconJ in secure mode, allows remote attackers to bypas...
S
CVE-2002-1414 Buffer overflow in qmailadmin allows local users to gain privileges via a long QMAILADMIN_TEMPLATEDI...
E S
CVE-2002-1415 Format string vulnerability in SMTP service for WebEasyMail 3.4.2.2 and earlier allows remote attack...
E
CVE-2002-1416 The POP3 service for WebEasyMail 3.4.2.2 and earlier generates diffferent error messages for valid a...
E
CVE-2002-1417 Directory traversal vulnerability in Novell NetBasic Scripting Server (NSN) for Netware 5.1 and 6, a...
S
CVE-2002-1418 Buffer overflow in the interpreter for Novell NetBasic Scripting Server (NSN) for Netware 5.1 and 6,...
S
CVE-2002-1419 The upgrade of IRIX on Origin 3000 to 6.5.13 through 6.5.16 changes the MAC address of the system, w...
E S
CVE-2002-1420 Integer signedness error in select() on OpenBSD 3.1 and earlier allows local users to overwrite arbi...
S
CVE-2002-1421 SQL injection vulnerabilities in FUDforum before 2.2.0 allow remote attackers to perform unauthorize...
E S
CVE-2002-1422 admbrowse.php in FUDforum before 2.2.0 allows remote attackers to create or delete files via URL-enc...
E S
CVE-2002-1423 tmp_view.php in FUDforum before 2.2.0 allows remote attackers to read arbitrary files via an absolut...
E S
CVE-2002-1424 Buffer overflow in munpack in mpack 1.5 and earlier allows remote attackers to cause a denial of ser...
E S
CVE-2002-1425 Directory traversal vulnerability in munpack in mpack 1.5 and earlier allows remote attackers to cre...
S
CVE-2002-1426 HP ProCurve Switch 4000M C.07.23 allows remote attackers to cause a denial of service (crash) via an...
E
CVE-2002-1427 The print_html_to_file function in edit.cgi for Easy Homepage Creator 1.0 does not check user creden...
E S
CVE-2002-1428 index.php in dotProject 0.2.1.5 allows remote attackers to bypass authentication via a cookie or URL...
E
CVE-2002-1429 Cross-site scripting vulnerability in board.php of endity.com ShoutBOX allows remote attackers to in...
E S
CVE-2002-1430 Unknown vulnerability in Sympoll 1.2 allows remote attackers to read arbitrary files when register_g...
E S
CVE-2002-1431 Belkin F5D5230-4 4-Port Cable/DSL Gateway Router 1.20.000 modifies the source IP address of internal...
CVE-2002-1432 MidiCart stores the midicart.mdb database file under the Web document root, which allows remote atta...
E S
CVE-2002-1433 Kerio MailServer 5.0 allows remote attackers to cause a denial of service (hang) via SYN packets to ...
S
CVE-2002-1434 Multiple cross-site scripting (XSS) vulnerabilities in the Web mail module of Kerio MailServer 5.0 a...
E S
CVE-2002-1435 class.atkdateattribute.js.php in Achievo 0.7.0 through 0.9.1, except 0.8.2, allows remote attackers ...
E S
CVE-2002-1436 The web handler for Perl 5.003 on Novell NetWare 5.1 and NetWare 6 allows remote attackers to execut...
E S
CVE-2002-1437 Directory traversal vulnerability in the web handler for Perl 5.003 on Novell NetWare 5.1 and NetWar...
S
CVE-2002-1438 The web handler for Perl 5.003 on Novell NetWare 5.1 and NetWare 6 allows remote attackers to obtain...
S
CVE-2002-1439 Unknown vulnerability related to stack corruption in the TGA daemon for HP-UX 11.04 (VVOS) Virtualva...
S
CVE-2002-1440 The Gateway GS-400 server has a default root password of "0001n" that can not be changed via the adm...
CVE-2002-1441 Multiple buffer overflows in Tomahawk SteelArrow before 4.5 allow remote attackers to execute arbitr...
CVE-2002-1442 The Google toolbar 1.1.58 and earlier allows remote web sites to perform unauthorized toolbar operat...
E S
CVE-2002-1443 The Google toolbar 1.1.58 and earlier allows remote web sites to monitor a user's input into the too...
E S
CVE-2002-1444 The Google toolbar 1.1.60, when running on Internet Explorer 5.5 and 6.0, allows remote attackers to...
E
CVE-2002-1445 Cross-site scripting (XSS) vulnerability in CERN Proxy Server allows remote attackers to execute scr...
E
CVE-2002-1446 The error checking routine used for the C_Verify call on a symmetric verification key in the nCipher...
S
CVE-2002-1447 Buffer overflow in the vpnclient program for UNIX VPN Client before 3.5.2 allows local users to gain...
E
CVE-2002-1448 An undocumented SNMP read/write community string ('NoGaH$@!') in Avaya P330, P130, and M770-ATM Caju...
S
CVE-2002-1449 eUpload 1.0 stores the password.txt password file in plaintext under the web document root, which al...
E S
CVE-2002-1450 IBM UniVerse with UV/ODBC allows attackers to cause a denial of service (client crash or server CPU ...
CVE-2002-1451 Blazix before 1.2.2 allows remote attackers to read source code of JSP scripts or list restricted we...
E
CVE-2002-1452 Buffer overflow in the search capability for MyWebServer 1.0.2 allows remote attackers to execute ar...
E
CVE-2002-1453 Cross-site scripting (XSS) vulnerability in MyWebServer 1.0.2 allows remote attackers to insert scri...
E
CVE-2002-1454 MyWebServer 1.0.2 allows remote attackers to determine the absolute path of the web document root vi...
E
CVE-2002-1455 Multiple cross-site scripting (XSS) vulnerabilities in OmniHTTPd allow remote attackers to insert sc...
E
CVE-2002-1456 Buffer overflow in mIRC 6.0.2 and earlier allows remote attackers to execute arbitrary code via a lo...
S
CVE-2002-1457 SQL injection vulnerability in search.php for L-Forum 2.40 allows remote attackers to execute arbitr...
E S
CVE-2002-1458 Cross-site scripting vulnerability in L-Forum 2.40 and earlier, when the "Enable HTML in messages" o...
S
CVE-2002-1459 Cross-site scripting vulnerability in L-Forum 2.40 and earlier, when the "Enable HTML in messages" o...
S
CVE-2002-1460 L-Forum 2.40 and earlier does not properly verify whether a file was uploaded or if the associated v...
S
CVE-2002-1461 Web Shop Manager 1.1 allows remote attackers to execute arbitrary commands via shell metacharacters ...
E
CVE-2002-1462 details2.php in OrganicPHP PHP-affiliate 1.0, and possibly later versions, allows remote attackers t...
S
CVE-2002-1463 Symantec Raptor Firewall 6.5 and 6.5.3, Enterprise Firewall 6.5.2 and 7.0, VelociRaptor Models 500/7...
S
CVE-2002-1464 Cross-site scripting (XSS) vulnerability in CafeLog b2 Weblog Tool allows remote attackers to insert...
E S
CVE-2002-1465 SQL injection vulnerability in CafeLog b2 Weblog Tool allows remote attackers to execute arbitrary S...
E S
CVE-2002-1466 CafeLog b2 Weblog Tool 2.06pre4, with allow_fopen_url enabled, allows remote attackers to execute ar...
E S
CVE-2002-1467 Macromedia Flash Plugin before 6,0,47,0 allows remote attackers to bypass the same-domain restrictio...
E S
CVE-2002-1468 Buffer overflow in errpt in AIX 4.3.3 allows local users to execute arbitrary code as root....
CVE-2002-1469 scponly does not properly verify the path when finding the (1) scp or (2) sftp-server programs, whic...
E S
CVE-2002-1470 SHOUTcast 1.8.9 and earlier allows local users to obtain the cleartext administrative password via a...
E S
CVE-2002-1471 The camel component for Ximian Evolution 1.0.x and earlier does not verify certificates when it esta...
E S
CVE-2002-1472 Untrusted search path vulnerability in libX11.so in xfree86, when used in setuid or setgid programs,...
S
CVE-2002-1473 Multiple buffer overflows in lp subsystem for HP-UX 10.20 through 11.11 (11i) allow local users to c...
S
CVE-2002-1474 Unknown vulnerability or vulnerabilities in TCP/IP component for HP Tru64 UNIX 4.0f, 4.0g, and 5.0a ...
S
CVE-2002-1475 Unknown vulnerability in the ARP component for HP Tru64 UNIX 4.0f, 4.0g, and 5.0a allows remote atta...
S
CVE-2002-1476 Buffer overflow in setlocale in libc on NetBSD 1.4.x through 1.6, and possibly other operating syste...
S
CVE-2002-1477 graphs.php in Cacti before 0.6.8 allows remote authenticated Cacti administrators to execute arbitra...
E S
CVE-2002-1478 Cacti before 0.6.8 allows attackers to execute arbitrary commands via the "Data Input" option in con...
E S
CVE-2002-1479 Cacti before 0.6.8 stores a MySQL username and password in plaintext in config.php, which has world-...
E S
CVE-2002-1480 Cross-site scripting (XSS) vulnerability in phpGB before 1.20 allows remote attackers to inject arbi...
E S
CVE-2002-1481 savesettings.php in phpGB 1.20 and earlier does not require authentication, which allows remote atta...
E S
CVE-2002-1482 SQL injection vulnerability in login.php for phpGB 1.20 and earlier, when magic_quotes_gpc is not en...
E S
CVE-2002-1483 db4web_c and db4web_c.exe programs in DB4Web 3.4 and 3.6 allow remote attackers to read arbitrary fi...
S
CVE-2002-1484 DB4Web server, when configured to use verbose debug messages, allows remote attackers to use DB4Web ...
E S
CVE-2002-1485 The AIM component of Trillian 0.73 and 0.74 allows remote attackers to cause a denial of service (cr...
S
CVE-2002-1486 Multiple buffer overflows in the IRC component of Trillian 0.73 and 0.74 allows remote malicious IRC...
E S
CVE-2002-1487 The IRC component of Trillian 0.73 and 0.74 allows remote malicious IRC servers to cause a denial of...
E S
CVE-2002-1488 The IRC component of Trillian 0.73 and 0.74 allows remote malicious IRC servers to cause a denial of...
E S
CVE-2002-1489 Buffer overflow in PlanetDNS PlanetWeb 1.14 and earlier allows remote attackers to execute arbitrary...
E S
CVE-2002-1490 NetBSD 1.4 through 1.6 beta allows local users to cause a denial of service (kernel panic) via a ser...
S
CVE-2002-1491 The Cisco VPN 5000 Client for MacOS before 5.2.2 records the most recently used login password in pl...
S
CVE-2002-1492 Buffer overflows in the Cisco VPN 5000 Client before 5.2.7 for Linux, and VPN 5000 Client before 5.2...
E S
CVE-2002-1493 Cross-site scripting (XSS) vulnerability in Lycos HTMLGear guestbook allows remote attackers to inje...
E
CVE-2002-1494 Cross-site scripting (XSS) vulnerabilities in Aestiva HTML/OS allows remote attackers to insert arbi...
E
CVE-2002-1495 Cross-site scripting (XSS) vulnerability in JAWmail 1.0-rc1 allows remote attackers to insert arbitr...
E S
CVE-2002-1496 Heap-based buffer overflow in Null HTTP Server 0.5.0 and earlier allows remote attackers to execute ...
E S
CVE-2002-1497 Cross-site scripting (XSS) vulnerability in Null HTTP Server 0.5.0 and earlier allows remote attacke...
CVE-2002-1498 Directory traversal vulnerability in SWServer 2.2 and earlier allows remote attackers to read arbitr...
E S
CVE-2002-1499 Multiple SQL injection vulnerabilities in FactoSystem CMS allows remote attackers to perform unautho...
E
CVE-2002-1500 Buffer overflow in (1) mrinfo, (2) mtrace, and (3) pppd in NetBSD 1.4.x through 1.6 allows local use...
S
CVE-2002-1501 The MPS functionality in Enterasys SSR8000 (Smart Switch Router) before firmware 8.3.0.10 allows rem...
E S
CVE-2002-1502 Symbolic link vulnerability in xbreaky before 0.5.5 allows local users to overwrite arbitrary files ...
E S
CVE-2002-1503 Buffer overflow in Automatic File Distributor (AFD) 1.2.14 and earlier allows local users to gain pr...
E S
CVE-2002-1504 Directory traversal vulnerability in WebServer 4 Everyone 1.22 allows remote attackers to read arbit...
E
CVE-2002-1505 SQL injection vulnerability in board.php for WoltLab Burning Board (wBB) 2.0 RC 1 and earlier allows...
E S
CVE-2002-1506 Buffer overflow in Linuxconf before 1.28r4 allows local users to execute arbitrary code via a long L...
E S
CVE-2002-1507 Unreal Tournament 2003 (ut2003) clients and servers allow remote attackers to cause a denial of serv...
CVE-2002-1508 slapd in OpenLDAP2 (OpenLDAP 2) 2.2.0 and earlier allows local users to overwrite arbitrary files vi...
S
CVE-2002-1509 A patch for shadow-utils 20000902 causes the useradd command to create a mail spool files with read/...
CVE-2002-1510 xdm, with the authComplain variable set to false, allows arbitrary attackers to connect to the X ser...
CVE-2002-1511 The vncserver wrapper for vnc before 3.3.3r2-21 uses the rand() function instead of srand(), which c...
S
CVE-2002-1512 xbru in BRU Workstation 17.0 allows local users to overwrite arbitrary files and gain root privilege...
E S
CVE-2002-1513 The UCX POP server in HP TCP/IP services for OpenVMS 4.2 through 5.3 allows local users to truncate ...
E S
CVE-2002-1514 gds_lock_mgr in Borland InterBase allows local users to overwrite files and gain privileges via a sy...
E
CVE-2002-1515 Directory traversal vulnerability in avatar.php in CoolForum 0.5 beta allows remote attackers to rea...
E S
CVE-2002-1516 rpcbind in SGI IRIX, when using the -w command line switch, allows local users to overwrite arbitrar...
S
CVE-2002-1517 fsr_efs in IRIX 6.5 allows local users to conduct unauthorized file activities via a symlink attack,...
S
CVE-2002-1518 mv in IRIX 6.5 creates a directory with world-writable permissions while moving a directory, which c...
S
CVE-2002-1519 Format string vulnerability in the CLI interface for WatchGuard Firebox Vclass 3.2 and earlier, and ...
S
CVE-2002-1520 The CLI interface for WatchGuard Firebox Vclass 3.2 and earlier, and RSSA Appliance 3.0.2, does not ...
S
CVE-2002-1521 Web Server 4D (WS4D) 3.6 stores passwords in plaintext in the Ws4d.4DD file, which allows attackers ...
CVE-2002-1522 Buffer overflow in PowerFTP FTP server 2.24, and possibly other versions, allows remote attackers to...
E
CVE-2002-1523 Directory traversal vulnerability in Daniel Arenz Mini Server 2.1.6 allows remote attackers to read ...
E
CVE-2002-1524 Buffer overflow in XML parser in wsabi.dll of Winamp 3 (1.0.0.488) allows remote attackers to execut...
E
CVE-2002-1525 Directory traversal vulnerability in ASTAware SearchDisk engine for Sun ONE Starter Kit 2.0 allows r...
E
CVE-2002-1526 Cross-site scripting (XSS) vulnerability in emumail.cgi for EMU Webmail 5.0 allows remote attackers ...
E S
CVE-2002-1527 emumail.cgi in EMU Webmail 5.0 allows remote attackers to determine the full pathname for emumail.cg...
E S
CVE-2002-1528 MsmMask.exe in MondoSearch 4.4 allows remote attackers to obtain the source code of scripts via the ...
E S
CVE-2002-1529 Cross-site scripting (XSS) vulnerability in msgError.asp for the administrative web interface (STEMW...
E S
CVE-2002-1530 The administrative web interface (STEMWADM) for SurfControl SuperScout Email Filter allows users to ...
E S
CVE-2002-1531 The administrative web interface (STEMWADM) for SurfControl SuperScout Email Filter allows remote at...
E S
CVE-2002-1532 The administrative web interface (STEMWADM) for SurfControl SuperScout Email Filter allows remote at...
E S
CVE-2002-1533 Cross-site scripting (XSS) vulnerability in Jetty JSP servlet engine allows remote attackers to inse...
E
CVE-2002-1534 Macromedia Flash Player allows remote attackers to read arbitrary files via XML script in a .swf fil...
E
CVE-2002-1535 Secure Webserver 1.1 in Raptor 6.5 and Symantec Enterprise Firewall 6.5.2 allows remote attackers to...
S
CVE-2002-1536 Molly IRC bot 0.5 allows remote attackers to execute arbitrary commands via shell metacharacters in ...
S
CVE-2002-1537 admin_ug_auth.php in phpBB 2.0.0 allows local users to gain administrator privileges by directly cal...
E S
CVE-2002-1538 Acuma Acusend 4, and possibly earlier versions, allows remote authenticated users to read the report...
S
CVE-2002-1539 Buffer overflow in MDaemon POP server 6.0.7 and earlier allows remote authenticated users to cause a...
E S
CVE-2002-1540 The client for Symantec Norton AntiVirus Corporate Edition 7.5.x before 7.5.1 Build 62 and 7.6.x bef...
S
CVE-2002-1541 BadBlue 1.7 allows remote attackers to bypass password protections for directories and files via an ...
CVE-2002-1542 SolarWinds TFTP server 5.0.55 and earlier allows remote attackers to cause a denial of service (cras...
E
CVE-2002-1543 Buffer overflow in trek on NetBSD 1.5 through 1.5.3 allows local users to gain privileges via long k...
S
CVE-2002-1544 Directory traversal vulnerability in CooolSoft Personal FTP Server 2.24 allows remote attackers to r...
CVE-2002-1545 CooolSoft Personal FTP Server 2.24 allows remote attackers to obtain the absolute pathname of the FT...
CVE-2002-1546 BRS WebWeaver Web Server 1.01 allows remote attackers to bypass password protections for files and d...
E
CVE-2002-1547 Netscreen running ScreenOS 4.0.0r6 and earlier allows remote attackers to cause a denial of service ...
S
CVE-2002-1548 Unknown vulnerability in autofs on AIX 4.3.0, when using executable maps, allows attackers to execut...
CVE-2002-1549 Buffer overflow in Light HTTPd (lhttpd) 0.1 allows remote attackers to execute arbitrary code via a ...
E S
CVE-2002-1550 dump_smutil.sh in IBM AIX allows local users to overwrite arbitrary files via a symlink attack on te...
CVE-2002-1551 Buffer overflow in nslookup in IBM AIX may allow attackers to cause a denial of service or execute a...
CVE-2002-1552 Novell eDirectory (eDir) 8.6.2 and Netware 5.1 eDir 85.x allows users with expired passwords to gain...
S
CVE-2002-1553 Cisco ONS15454 and ONS15327 running ONS before 3.4 allows remote attackers to modify the system conf...
S
CVE-2002-1554 Cisco ONS15454 and ONS15327 running ONS before 3.4 stores usernames and passwords in cleartext in th...
S
CVE-2002-1555 Cisco ONS15454 and ONS15327 running ONS before 3.4 uses a "public" SNMP community string that cannot...
S
CVE-2002-1556 Cisco ONS15454 and ONS15327 running ONS before 3.4 allows attackers to cause a denial of service (re...
S
CVE-2002-1557 Cisco ONS15454 and ONS15327 running ONS before 3.4 allows attackers to cause a denial of service (re...
S
CVE-2002-1558 Cisco ONS15454 and ONS15327 running ONS before 3.4 have an account for the VxWorks Operating System ...
S
CVE-2002-1559 Directory traversal vulnerability in ion-p.exe (aka ion-p) allows remote attackers to read arbitrary...
E
CVE-2002-1560 index.php in gBook 1.4 allows remote attackers to bypass authentication and gain administrative priv...
E S
CVE-2002-1561 The RPC component in Windows 2000, Windows NT 4.0, and Windows XP allows remote attackers to cause a...
E S
CVE-2002-1562 Directory traversal vulnerability in thttpd, when using virtual hosting, allows remote attackers to ...
CVE-2002-1563 stunnel 4.0.3 and earlier allows attackers to cause a denial of service (crash) via SIGCHLD signal h...
S
CVE-2002-1564 Internet Explorer 5.5 and 6.0 allows remote attackers to steal potentially sensitive information fro...
CVE-2002-1565 Buffer overflow in url_filename function for wget 1.8.1 allows attackers to cause a denial of servic...
S
CVE-2002-1566 netris 0.5, and possibly other versions before 0.52, when running with the -w (wait) option, allows ...
E S
CVE-2002-1567 Cross-site scripting (XSS) vulnerability in Apache Tomcat 4.1 allows remote attackers to execute arb...
E
CVE-2002-1568 OpenSSL 0.9.6e uses assertions when detecting buffer overflow attacks instead of less severe mechani...
S
CVE-2002-1569 gv 3.5.8, and possibly earlier versions, allows remote attackers to execute arbitrary commands via s...
E S
CVE-2002-1570 Heap-based buffer overflow in snmpnetstat for ucd-snmp 4.2.3 and earlier, and net-snmp, allows remot...
E S
CVE-2002-1571 The linux 2.4 kernel before 2.4.19 assumes that the fninit instruction clears all registers, which c...
CVE-2002-1572 Signed integer overflow in the bttv_read function in the bttv driver (bttv-driver.c) in Linux kernel...
S
CVE-2002-1573 Unspecified vulnerability in the pcilynx ieee1394 firewire driver (pcilynx.c) in Linux kernel before...
S
CVE-2002-1574 Buffer overflow in the ixj telephony card driver in Linux before 2.4.20 has unknown impact and attac...
S
CVE-2002-1575 cgiemail allows remote attackers to use cgiemail as a spam proxy via CRLF injection of encoded newli...
S
CVE-2002-1576 lserver in SAP DB 7.3 and earlier uses the current working directory to find and execute the lserver...
E S
CVE-2002-1577 SAP R/3 2.0B to 4.6D installs several clients with default users and passwords, which allows remote ...
CVE-2002-1578 The default installation of SAP R/3, when using Oracle and SQL*net V2 3.x, 4.x, and 6.10, allows rem...
E S
CVE-2002-1579 SAP GUI (Sapgui) 4.6D allows remote attackers to cause a denial of service (crash) via a connection ...
S
CVE-2002-1580 Integer overflow in imapparse.c for Cyrus IMAP server 1.4 and 2.1.10 allows remote attackers to exec...
E S
CVE-2002-1581 Directory traversal vulnerability in nph-mr.cgi in Mailreader.com 2.3.20 through 2.3.31 allows remot...
E S
CVE-2002-1582 compose.cgi in Mailreader.com 2.3.30 and 2.3.31, when using Sendmail as the Mail Transfer Agent, all...
E S
CVE-2002-1583 Buffer overflow in sqllib/security/db2ckpw for IBM DB2 Universal Database 6.0 and 7.0 allows local u...
S
CVE-2002-1584 Unknown vulnerability in the AUTH_DES authentication for RPC in Solaris 2.5.1, 2.6, and 7, SGI IRIX ...
S
CVE-2002-1585 Unknown vulnerability in Solaris 8 for Intel and Solaris 8 and 9 for SPARC allows remote attackers t...
S
CVE-2002-1586 Solaris 2.5.1 through 9 allows local users to cause a denial of service (kernel panic) by setting th...
S
CVE-2002-1587 The libthread library (libthread.so.1) for Solaris 2.5.1 through 8 allows local users to cause a den...
S
CVE-2002-1588 Mailtool for OpenWindows 3.6, 3.6.1, and 3.6.2 allows remote attackers to cause a denial of service ...
S
CVE-2002-1589 Unknown vulnerability in Solaris 8, when the 0x02 bit (aka TEST, KMF_DEADBEEF, or deadbeef) is set i...
S
CVE-2002-1590 The Web-Based Enterprise Management (WBEM) packages (1) SUNWwbdoc, (2) SUNWwbcou, (3) SUNWwbdev and ...
S
CVE-2002-1591 AOL Instant Messenger (AIM) 4.7.2480 adds free.aol.com to the Trusted Sites Zone in Internet Explore...
CVE-2002-1592 The ap_log_rerror function in Apache 2.0 through 2.035, when a CGI application encounters an error, ...
CVE-2002-1593 mod_dav in Apache before 2.0.42 does not properly handle versioning hooks, which may allow remote at...
S
CVE-2002-1594 Buffer overflow in (1) grpck and (2) pwck, if installed setuid on a system as recommended in some AI...
CVE-2002-1595 Cisco SN 5420 Storage Router 1.1(5) and earlier allows attackers to read configuration files without...
S
CVE-2002-1596 Cisco SN 5420 Storage Router 1.1(5) and earlier allows remote attackers to cause a denial of service...
S
CVE-2002-1597 Cisco SN 5420 Storage Router 1.1(5) and earlier allows remote attackers to cause a denial of service...
S
CVE-2002-1598 Buffer overflows in Computer Associates MLink (CA-MLink) 6.5 and earlier may allow local users to ex...
S
CVE-2002-1599 DansGuardian before 2.4.5-1 allows remote attackers to bypass content filtering rules via hex-encode...
S
CVE-2002-1600 Directory traversal vulnerability in Mike Spice's My Classifieds (classifieds.cgi) before 1.3 allows...
S
CVE-2002-1601 The Connectables feature in Adobe PhotoDeluxe 3.1 prepends the Adobe directory to the CLASSPATH envi...
CVE-2002-1602 Buffer overflow in the Braille module for GNU screen 3.9.11, when HAVE_BRAILLE is defined, allows lo...
E
CVE-2002-1603 GoAhead Web Server 2.1.7 and earlier allows remote attackers to obtain the source code of ASP files ...
E
CVE-2002-1604 Multiple buffer overflows in HP Tru64 UNIX allow local and possibly remote attackers to execute arbi...
E
CVE-2002-1605 Buffer overflow in HP Tru64 UNIX 5.1a, 5.1, 5.0a, 4.0g, and 4.0f allows attackers to execute arbitra...
E
CVE-2002-1606 Multiple buffer overflows in HP Tru64 UNIX 5.1a, 5.1, 5.0a, 4.0g, and 4.0f allow local users to gain...
CVE-2002-1607 Buffer overflow in ypmatch in HP Tru64 UNIX 5.1a, 5.1, 5.0a, 4.0g, and 4.0f allows local users to ex...
CVE-2002-1608 Buffer overflow in traceroute in HP Tru64 UNIX 5.1a, 5.1, 5.0a, 4.0g, and 4.0f allows local users to...
CVE-2002-1609 Buffer overflow in binmail in HP Tru64 UNIX 5.1a, 5.1, 5.0a, 4.0g, and 4.0f allows local users to ga...
CVE-2002-1610 Unknown vulnerability in ping in HP Tru64 UNIX 5.1a, 5.1, 5.0a, 4.0g, and 4.0f allows local users to...
S
CVE-2002-1611 Buffer overflow in quot in HP Tru64 UNIX 5.1a, 5.1, 5.0a, 4.0g, and 4.0f allows local users to gain ...
S
CVE-2002-1612 Buffer overflow in mailcv in HP Tru64 UNIX 5.1a, 5.1, 5.0a, 4.0g, and 4.0f allows local users to gai...
CVE-2002-1613 Buffer overflow in ps in HP Tru64 UNIX 5.1a, 5.1, 5.0a, 4.0g, and 4.0f allows local users to gain pr...
CVE-2002-1614 Buffer overflow in HP Tru64 UNIX allows local users to execute arbitrary code via a long argument to...
CVE-2002-1615 Multiple buffer overflows in HP Tru64 UNIX 5.1a, 5.1, 5.0a, 4.0g, and 4.0f allow local users to exec...
CVE-2002-1616 Multiple buffer overflows in HP Tru64 UNIX 5.1a, 5.1, 5.0a, 4.0g, and 4.0f allow local users to gain...
E S
CVE-2002-1617 Multiple buffer overflows in HP Tru64 UNIX 5.x allow local users to execute arbitrary code via (1) a...
E
CVE-2002-1618 JFS (JFS3.1 and OnlineJFS) in HP-UX 10.20, 11.00, and 11.04 does not properly implement the sticky b...
S
CVE-2002-1619 Buffer overflow in the FC client for IBM AIX 4.3.x allows remote attackers to cause a denial of serv...
CVE-2002-1620 Unknown vulnerability in IBM AIX Parallel Systems Support Programs (PSSP) 3.1.1, 3.2, and 3.4 allows...
S
CVE-2002-1621 Buffer overflow in the file_comp function in rcp for IBM AIX 4.3.x and 5.1 allows remote attackers t...
S
CVE-2002-1622 Buffer overflow in certain RPC routines in IBM AIX 4.3 may allow attackers to execute arbitrary code...
CVE-2002-1623 The design of the Internet Key Exchange (IKE) protocol, when using Aggressive Mode for shared secret...
E
CVE-2002-1624 Buffer overflow in Lotus Domino web server before R5.0.10, when logging to DOMLOG.NSF, allows remote...
S
CVE-2002-1625 Macromedia Flash Player 6 does not terminate connections when the user leaves the web page, which al...
S
CVE-2002-1626 Directory traversal vulnerability in Mike Spice My Calendar before 1.5 allows remote attackers to wr...
S
CVE-2002-1627 Directory traversal vulnerability in quiz.cgi for Mike Spice Quiz Me! before 0.6 allows remote attac...
S
CVE-2002-1628 Directory traversal vulnerability in vote.cgi for Mike Spice Mike's Vote CGI before 1.3 allows remot...
S
CVE-2002-1629 Multi-Tech ProxyServer products MTPSR1-100, MTPSR1-120, MTPSR1-202ST, MTPSR2-201, and MTPSR3-200 shi...
S
CVE-2002-1630 The sendmail.jsp sample page in Oracle 9i Application Server (9iAS) allows remote attackers to send ...
E S
CVE-2002-1631 SQL injection vulnerability in the query.xsql sample page in Oracle 9i Application Server (9iAS) all...
E S
CVE-2002-1632 Oracle 9i Application Server (9iAS) installs multiple sample pages that allow remote attackers to ob...
S
CVE-2002-1633 Multiple buffer overflows in QNX 4.25 may allow local users to execute arbitrary code via long comma...
E
CVE-2002-1634 Novell NetWare 5.1 installs sample applications that allow remote attackers to obtain sensitive info...
E S
CVE-2002-1635 The Apache configuration file (httpd.conf) in Oracle 9i Application Server (9iAS) uses a Location al...
CVE-2002-1636 Cross-site scripting (XSS) vulnerability in the htp PL/SQL package for Oracle 9i Application Server ...
CVE-2002-1637 Multiple components in Oracle 9i Application Server (9iAS) are installed with over 160 default usern...
CVE-2002-1638 Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2002-2153. Reason: This candida...
R
CVE-2002-1639 Oracle Configurator before 11.5.7.17.32 and 11.5.6.16.53 allows remote attackers to obtain sensitive...
S
CVE-2002-1640 Multiple cross-site scripting (XSS) vulnerabilities in Oracle Configurator before 11.5.7.17.32 and 1...
E S
CVE-2002-1641 Multiple buffer overflows in Oracle Web Cache for Oracle 9i Application Server (9iAS) allow remote a...
CVE-2002-1642 PostgreSQL 7.2.1 and 7.2.2 allows local users to delete transaction log (pg_clog) data and cause a d...
S
CVE-2002-1643 Multiple buffer overflows in RealNetworks Helix Universal Server 9.0 (9.0.2.768) allow remote attack...
E S
CVE-2002-1644 SSH Secure Shell for Servers and SSH Secure Shell for Workstations 2.0.13 through 3.2.1, when runnin...
S
CVE-2002-1645 Buffer overflow in the URL catcher feature for SSH Secure Shell for Workstations client 3.1 to 3.2.0...
E S
CVE-2002-1646 SSH Secure Shell for Servers 3.0.0 to 3.1.1 allows remote attackers to override the AllowedAuthentic...
S
CVE-2002-1647 The quick login feature in Slash Slashcode does not redirect the user to an alternate URL when the w...
CVE-2002-1648 Cross-site request forgery (CSRF) vulnerability in compose.php in SquirrelMail before 1.2.3 allows r...
E S
CVE-2002-1649 Cross-site scripting (XSS) vulnerability in read_body.php in SquirrelMail before 1.2.3 allows remote...
E
CVE-2002-1650 The spell checker plugin (check_me.mod.php) for SquirrelMail before 1.2.3 allows remote attackers to...
E S
CVE-2002-1651 Cross-site scripting (XSS) vulnerability in Verity Search97 allows remote attackers to insert arbitr...
S
CVE-2002-1652 Buffer overflow in cgicso.c for cgiemail 1.6 allows remote attackers to cause a denial of service (c...
E S
CVE-2002-1653 Farm9 Cryptcat, when started in server mode with the -e option, does not enable encryption, which al...
S
CVE-2002-1654 iPlanet Web Server Enterprise Edition and Netscape Enterprise Server 4.0 and 4.1 allows remote attac...
E S
CVE-2002-1655 The Web Publishing feature in Netscape Enterprise Server 3.x and iPlanet Web Server 4.x allows remot...
E S
CVE-2002-1656 X-News (x_news) 1.1 and earlier allows attackers to authenticate as other users by obtaining the MD5...
E
CVE-2002-1657 PostgreSQL uses the username for a salt when generating passwords, which makes it easier for remote ...
CVE-2002-1658 Buffer overflow in htdigest in Apache 1.3.26 and 1.3.27 may allow attackers to execute arbitrary cod...
E
CVE-2002-1659 user_profile.asp in PortalApp 2.2 allows local users to gain privileges by modifying the user_id var...
E
CVE-2002-1660 calendar.php in vBulletin before 2.2.0 allows remote attackers to execute arbitrary commands via she...
E S
CVE-2002-1661 The leafnode server in leafnode 1.9.20 to 1.9.29 allows remote attackers to cause a denial of servic...
S
CVE-2002-1662 Multiple cross-site scripting (XSS) vulnerabilities in Mambo Site Server 4.0.11 allow remote attacke...
S
CVE-2002-1663 The Post_Method function in method.c for Monkey HTTP Daemon before 0.5.1 allows remote attackers to ...
E S
CVE-2002-1664 Yahoo! Messenger before February 2002 allows remote attackers to add arbitrary users to another user...
S
CVE-2002-1665 Buffer overflow in Yahoo! Messenger before February 2002 allows remote attackers to cause a denial o...
S
CVE-2002-1666 Unknown vulnerability in Oracle E-Business Suite 11i.1 through 11i.6 allows remote attackers to exec...
S
CVE-2002-1667 The virtual memory management system in FreeBSD 4.5-RELEASE and earlier does not properly check the ...
S
CVE-2002-1668 HP-UX 11.11 and earlier allows local users to cause a denial of service (kernel deadlock), due to a ...
S
CVE-2002-1669 pkg_add in FreeBSD 4.2 through 4.4 creates a temporary directory with world-searchable permissions, ...
S
CVE-2002-1670 Microsoft Windows XP Professional upgrade edition overwrites previously installed patches for Intern...
S
CVE-2002-1671 Microsoft Internet Explorer 5.0, 5.01, and 5.5 allows remote attackers to monitor the contents of th...
E
CVE-2002-1672 Webmin 0.92, when installed from an RPM, creates /var/webmin with insecure permissions (world readab...
S
CVE-2002-1673 The web interface for Webmin 0.92 does not properly quote or filter script code in files that are di...
E S
CVE-2002-1674 procfs on FreeBSD before 4.5 allows local users to cause a denial of service (kernel panic) by remov...
S
CVE-2002-1675 Format string vulnerability in the Cio_PrintF function of cio_main.c in Unreal IRCd 3.1.1 allows rem...
CVE-2002-1676 BindView NetInventory 1.0, when used with NetRC 1.0, allows local users to read sensitive informatio...
S
CVE-2002-1677 14all.cgi 1.1p15 in mrtgconfig allows remote attackers to determine the physical path to the web roo...
E
CVE-2002-1678 Cross-site scripting (XSS) vulnerability in memberlist.php in Jelsoft vBulletin 2.0 rc 2 through 2.2...
CVE-2002-1679 Cross-site scripting (XSS) vulnerability in Jelsoft vBulletin 2.2.0 allows remote attackers to execu...
CVE-2002-1680 Cross-site scripting (XSS) vulnerability in CGI Online Worldweb Shopping 1.1 (a.k.a. COWS) allows re...
CVE-2002-1681 Cross-site scripting (XSS) vulnerability in Slashcode CVS releases June 17 through July 1 2002 allow...
CVE-2002-1682 NewsReactor 1.0 uses a weak encryption scheme, which could allow local users to decrypt the password...
E
CVE-2002-1683 Cross-site scripting (XSS) vulnerability in BadBlue Personal Edition 1.7.3 allows remote attackers t...
E
CVE-2002-1684 Directory traversal vulnerability in (1) Deerfield D2Gfx 1.0.2 or (2) BadBlue Enterprise Edition 1.5...
CVE-2002-1685 Cross-site scripting vulnerability (XSS) in BadBlue Enterprise Edition and Personal Edition 1.7 and ...
E S
CVE-2002-1686 Buffer overflow in lscfg of unknown versions of AIX has unknown impact....
CVE-2002-1687 Buffer overflow in the diagnostics library in AIX allows local users to "cause data and instructions...
CVE-2002-1688 The browser history feature in Microsoft Internet Explorer 5.5 through 6.0 allows remote attackers t...
E
CVE-2002-1689 Unknown vulnerability in the login program on AIX before 4.0 could allow remote users to specify 100...
CVE-2002-1690 Unknown vulnerability in AIX before 4.0 with unknown attack vectors and unknown impact, aka "securit...
CVE-2002-1691 Alcatel OmniPCX 4400 installs known user accounts and passwords in the /etc/password file by default...
CVE-2002-1692 Buffer overflow in backup utility of Microsoft Windows 95 allows attackers to execute arbitrary code...
CVE-2002-1694 Microsoft Internet Information Server (IIS) 4.0 opens log files with FILE_SHARE_READ and FILE_SHARE_...
CVE-2002-1695 Norton Internet Security 2001 opens log files with FILE_SHARE_READ and FILE_SHARE_WRITE permissions,...
CVE-2002-1696 Microsoft Outlook plug-in PGP version 7.0, 7.0.3, and 7.0.4 silently saves a decrypted copy of a mes...
CVE-2002-1697 Electronic Code Book (ECB) mode in VTun 2.0 through 2.5 uses a weak encryption algorithm that produc...
CVE-2002-1698 Buffer overflow in Microsoft MSN Messenger Service 1.0 through 4.6 allows remote attackers to cause ...
CVE-2002-1699 SQL injection vulnerability in ASP Client Check (ASPCC) 1.3 and 1.5 allows remote attackers to bypas...
S
CVE-2002-1700 Cross-site scripting vulnerability (XSS) in the missing template handler in Macromedia ColdFusion MX...
CVE-2002-1702 Cross-site scripting vulnerability (XSS) in DeltaScripts PHP Classifieds 6.0.5 allows remote attacke...
E
CVE-2002-1703 Cross-site scripting vulnerability (XSS) in auction.cgi for Mewsoft NetAuction 3.0 allows remote att...
E
CVE-2002-1704 Zeroboard 4.1, when the "allow_url_fopen" and "register_globals" variables are enabled, allows remot...
E
CVE-2002-1705 Microsoft Internet Explorer 5.5 through 6.0 allows remote attackers to cause a denial of service (cr...
E
CVE-2002-1706 Cisco IOS software 11.3 through 12.2 running on Cisco uBR7200 and uBR7100 series Universal Broadband...
S
CVE-2002-1707 install.php in phpBB 2.0 through 2.0.1, when "allow_url_fopen" and "register_globals" variables are ...
CVE-2002-1708 Cross-site scripting vulnerability (XSS) in BasiliX Webmail 1.10 allows remote attackers to execute ...
E
CVE-2002-1709 SQL injection vulnerability in BasiliX Webmail 1.10 allows remote attackers to obtain sensitive info...
CVE-2002-1710 The attachment capability in Compose Mail in BasiliX Webmail 1.1.0 does not check whether the attach...
CVE-2002-1711 BasiliX 1.1.0 saves attachments in a world readable /tmp/BasiliX directory, which allows local users...
CVE-2002-1712 Microsoft Windows 2000 allows remote attackers to cause a denial of service (memory consumption) by ...
E S
CVE-2002-1713 The Standard security setting for Mandrake-Security package (msec) in Mandrake 8.2 installs home dir...
CVE-2002-1714 Microsoft Internet Explorer 5.0 through 6.0 allows remote attackers to cause a denial of service (cr...
CVE-2002-1715 SSH 1 through 3, and possibly other versions, allows local users to bypass restricted shells such as...
E
CVE-2002-1716 The Host() function in the Microsoft spreadsheet component on Microsoft Office XP allows remote atta...
CVE-2002-1717 Microsoft Internet Information Server (IIS) 5.1 allows remote attackers to view path information via...
CVE-2002-1718 Microsoft Internet Information Server (IIS) 5.1 may allow remote attackers to view the contents of a...
CVE-2002-1719 Unknown vulnerability in Bavo 0.3 allows remote attackers to modify posted messages....
S
CVE-2002-1720 SQL injection vulnerability in Spooky Login 2.0 through 2.5 allows remote attackers to bypass authen...
E
CVE-2002-1721 Off-by-one error in alterMIME 0.1.10 and 0.1.11 allows remote attackers to cause a denial of service...
S
CVE-2002-1722 Logitech iTouch keyboards allows attackers with physical access to the system to bypass the screen l...
CVE-2002-1723 Powerboards 2.2b allows remote attackers to view the full path to the backend database by sending a ...
CVE-2002-1724 Cross-site scripting vulnerability (XSS) in phpimageview.php for PHPImageView 1.0 allows remote atta...
CVE-2002-1725 phpimageview.php in PHPImageView 1.0 allows remote attackers to obtain sensitive information via the...
CVE-2002-1726 secure_inc.php in PhotoDB 1.4 allows remote attackers to bypass authentication via a URL with a larg...
CVE-2002-1727 Cross-site scripting vulnerability (XSS) in (1) as_web.exe and (2) as_web4.exe in askSam Web Publish...
E
CVE-2002-1728 askSam Web Publisher 1.0 and 4.0 allows remote attackers to determine the full path to the web root ...
E
CVE-2002-1729 Cross-site scripting vulnerability (XSS) in ASPjar Guestbook 1.00 allows remote attackers to execute...
CVE-2002-1730 ASPjar Guestbook 1.00 allows remote attackers to delete arbitrary messages accessing the delete.asp ...
CVE-2002-1731 The System Request menu in IBM AS/400 allows local users to list valid user accounts by viewing the ...
E
CVE-2002-1732 Multiple cross-site scripting (XSS) vulnerabilities in Actinic Catalog 4.7.0 allow remote attackers ...
CVE-2002-1733 Cross-site scripting (XSS) vulnerability in the web-based message board in Prospero Technologies all...
CVE-2002-1734 NewsPro 1.01 allows remote attackers to gain unauthorized administrator access by setting their auth...
CVE-2002-1735 Buffer overflow in dlogin 1.0a could allow local users to gain privileges via unknown attack vectors...
S
CVE-2002-1736 Unknown vulnerability in CGINews before 1.06 allow remote attackers to read arbitrary files via "unf...
S
CVE-2002-1737 Astaro Security Linux 2.016 creates world-writable files and directories, which allows local users t...
S
CVE-2002-1738 Alt-N Technologies MDaemon 5.0.5.0 and earlier creates a default MDaemon mail account with a passwor...
S
CVE-2002-1739 Alt-N Technologies Mdaemon 5.0 through 5.0.6 uses a weak encryption algorithm to store user password...
CVE-2002-1740 Buffer overflow in WorldClient.cgi in WorldClient in Alt-N Technologies MDaemon 5.0.5.0 and earlier ...
E S
CVE-2002-1741 Directory traversal vulnerability in WorldClient.cgi in WorldClient for Alt-N Technologies MDaemon 5...
E S
CVE-2002-1742 SOAP::Lite 0.50 through 0.52 allows remote attackers to load arbitrary Perl functions by suppling a ...
S
CVE-2002-1743 AOL ICQ 2002a Build 3722 allows remote attackers to cause a denial of service (crash) via a malforme...
CVE-2002-1744 Directory traversal vulnerability in CodeBrws.asp in Microsoft IIS 5.0 allows remote attackers to vi...
E
CVE-2002-1745 Off-by-one error in the CodeBrws.asp sample script in Microsoft IIS 5.0 allows remote attackers to v...
CVE-2002-1746 Vtun 2.5b1 allows remote attackers to inject data into user sessions by sniffing and replaying packe...
CVE-2002-1747 Vtun 2.5b1 does not authenticate forwarded packets, which allows remote attackers to inject data int...
CVE-2002-1748 Unknown vulnerability in Slash 2.1.x and 2.2 through 2.2.2, as used in Slashcode, allows remote auth...
S
CVE-2002-1749 Windows 2000 Terminal Services, when using the disconnect feature of the client, does not properly l...
CVE-2002-1750 csGuestbook.cgi in CGISCRIPT.NET csGuestbook 1.0 allows remote attackers to execute arbitrary Perl c...
CVE-2002-1751 csLiveSupport.cgi in CGIScript.net csLiveSupport allows remote attackers to execute arbitrary Perl c...
CVE-2002-1752 csChatRBox.cgi in CGIScript.net csChat-R-Box allows remote attackers to execute arbitrary Perl code ...
CVE-2002-1753 csNewsPro.cgi in CGIScript.net csNews Professional (csNewsPro) allows remote attackers to execute ar...
CVE-2002-1754 Buffer overflow in Novell NetWare Client 4.80 through 4.83 allows local users to cause a denial of s...
S
CVE-2002-1755 tinc 1.0pre3 and 1.0pre4 VPN does not authenticate forwarded packets, which allows remote attackers ...
CVE-2002-1756 ACDSee 4.0 allows remote attackers to cause a denial of service (crash) via an .ais file with a long...
E
CVE-2002-1757 PHProjekt 2.0 through 3.1 relies on the $PHP_SELF variable for authentication, which allows remote a...
E S
CVE-2002-1758 PHProjekt 2.0 through 3.1 allows remote attackers to view or modify data via requests to certain scr...
S
CVE-2002-1759 The upload function in PHProjekt 2.0 through 3.1 does not properly verify certain variables related ...
S
CVE-2002-1760 Multiple SQL injection vulnerabilities in PHProjekt 2.0 through 3.1 allow remote attackers to execut...
S
CVE-2002-1761 Directory traversal vulnerability in PHProjekt 2.0 through 3.1 allows remote attackers to read arbit...
CVE-2002-1762 Microsoft Baseline Security Analyzer (MBSA) 1.0 stores security scans in a known location C:\Documen...
E
CVE-2002-1763 The dtscreen Sun Solaris 8 CDE screensaver crashes when the "Shift" and "Return" keys are pressed re...
CVE-2002-1764 acroread in Adobe Acrobat Reader 4.05 on Linux allows local users to overwrite arbitrary files via a...
S
CVE-2002-1765 Evolution 1.0.3 and 1.0.4 allows remote attackers to cause a denial of service (memory consumption a...
S
CVE-2002-1766 Buffer overflow in Composer in Netscape 4.77 allows local users to overwrite process memory and exec...
E
CVE-2002-1767 Buffer overflow in tnslsnr of Oracle 8i Database Server 8.1.5 for Linux allows local users to execut...
E
CVE-2002-1768 Cisco IOS 11.1 through 12.2, when HSRP support is not enabled, allows remote attackers to cause a de...
CVE-2002-1769 Microsoft Site Server 3.0 prior to SP4 installs a default user, LDAP_Anonymous, with a default passw...
S
CVE-2002-1770 Qualcomm Eudora 5.1 allows remote attackers to execute arbitrary code via an HTML e-mail message tha...
E
CVE-2002-1771 Matt Wright FormMail 1.9 and earlier allows remote attackers to send spam or anonymous e-mail by inj...
S
CVE-2002-1772 Novell Netware 5.0 through 5.1 may allow local users to gain "Domain Admin" rights by logging into a...
CVE-2002-1773 Buffer overflow in ICQ 2.6x for MacOS X 10.0 through 10.1.2 allows remote attackers to cause a denia...
E
CVE-2002-1774 NOTE: this issue has been disputed by the vendor. Symantec Norton AntiVirus 2002 allows remote attac...
CVE-2002-1775 NOTE: this issue has been disputed by the vendor. Symantec Norton AntiVirus (NAV) 2002 allows remote...
CVE-2002-1776 NOTE: this issue has been disputed by the vendor. Symantec Norton AntiVirus 2002 allows remote attac...
CVE-2002-1777 NOTE: this issue has been disputed by the vendor. Symantec Norton AntiVirus (NAV) 2002 allows remote...
CVE-2002-1778 Symantec Norton Personal Firewall 2002 allows remote attackers to bypass the portscan protection by ...
CVE-2002-1779 The "block fragmented IP Packets" option in Symantec Norton Personal Firewall 2002 (NPW) does not pr...
CVE-2002-1780 BPM Studio Pro 4.2 by ALCATech GmbH includes a webserver that allows a remote attacker to cause a de...
CVE-2002-1781 Multiple buffer overflows in DeleGate 7.7.0 through 7.8.1 allow remote attackers to execute arbitrar...
CVE-2002-1782 The default configuration of University of Washington IMAP daemon (wu-imapd), when running on a syst...
CVE-2002-1783 CRLF injection vulnerability in PHP 4.2.1 through 4.2.3, when allow_url_fopen is enabled, allows rem...
S
CVE-2002-1784 Unknown vulnerability in inetd in HP Tru64 Unix 4.0f through 5.1a allows remote attackers to cause a...
S
CVE-2002-1785 Cross-site scripting (XSS) vulnerability in Zeus Administration Server in Zeus Web Server 4.0 throug...
E S
CVE-2002-1786 SGI IRIX 6.5 through 6.5.14 applies a umask of 022 to root core dumps, which allows local users to r...
S
CVE-2002-1787 Buffer overflow in uux in eoe.sw.uucp package of SGI IRIX 6.5 through 6.5.17 allows local users to e...
S
CVE-2002-1788 Format string vulnerability in the nn_exitmsg function in nn 6.6.0 through 6.6.3 allows remote NNTP ...
S
CVE-2002-1789 Format string vulnerability in newsx NNTP client before 1.4.8 allows local users to execute arbitrar...
S
CVE-2002-1790 The SMTP service in Microsoft Internet Information Services (IIS) 4.0 and 5.0 allows remote attacker...
E S
CVE-2002-1791 SGI IRIX 6.5 through 6.5.17 creates temporary desktop files with world-writable permissions, which a...
S
CVE-2002-1792 Buffer overflow in Fake Identd 0.9 through 1.4 allows remote attackers to execute arbitrary code as ...
E S
CVE-2002-1793 HTTP Server mod_ssl module running on HP-UX 11.04 with Virtualvault OS (VVOS) 4.5 through 4.6 closes...
S
CVE-2002-1794 Unknown vulnerability in pam_authz in the LDAP-UX Integration product on HP-UX 11.00 and 11.11 allow...
S
CVE-2002-1795 Cross-site scripting (XSS) vulnerability in connect.asp in Microsoft Terminal Services Advanced Clie...
S
CVE-2002-1796 ChaiVM EZloader for HP color LaserJet 4500 and 4550 and HP LaserJet 4100 and 8150 does not properly ...
S
CVE-2002-1797 ChaiVM for HP color LaserJet 4500 and 4550 or HP LaserJet 4100 and 8150 does not properly enforce ac...
CVE-2002-1798 MidiCart PHP, PHP Plus, and PHP Maxi allows remote attackers to (1) upload arbitrary php files via a...
E
CVE-2002-1799 Cross-site scripting (XSS) vulnerability in phpRank 1.8 allows remote attackers to inject arbitrary ...
E S
CVE-2002-1800 phpRank 1.8 stores the administrative password in plaintext on the server and in the "ap" cookie, wh...
CVE-2002-1801 ImageFolio 2.23 through 2.27 allows remote attackers to obtain sensitive information via a nonexiste...
E
CVE-2002-1802 Cross-site scripting (XSS) vulnerability in Xoops 1.0 RC3 allows remote attackers to inject arbitrar...
E S
CVE-2002-1803 Cross-site scripting (XSS) vulnerability in PHP-Nuke 6.0 allows remote attackers to inject arbitrary...
E
CVE-2002-1804 Cross-site scripting (XSS) vulnerability in NPDS 4.8 allows remote attackers to inject arbitrary web...
E
CVE-2002-1805 Cross-site scripting (XSS) vulnerability in DaCode 1.2.0 allows remote attackers to inject arbitrary...
E S
CVE-2002-1806 Cross-site scripting (XSS) vulnerability in Drupal 4.0.0 allows remote attackers to inject arbitrary...
E
CVE-2002-1807 Cross-site scripting (XSS) vulnerability in phpWebSite 0.8.3 allows remote attackers to inject arbit...
E
CVE-2002-1808 Cross-site scripting (XSS) vulnerability in Meunity Community System 1.1 allows remote attackers to ...
E
CVE-2002-1809 The default configuration of the Windows binary release of MySQL 3.23.2 through 3.23.52 has a NULL r...
E
CVE-2002-1810 D-Link DWL-900AP+ Access Point 2.1 and 2.2 allows remote attackers to access the TFTP server without...
CVE-2002-1811 Belkin F5D6130 Wireless Network Access Point running firmware AP14G8 allows remote attackers to caus...
E
CVE-2002-1812 Buffer overflow in gdam123 0.933 and 0.942 allows local users to execute arbitrary code via a long f...
E
CVE-2002-1813 Directory traversal vulnerability in AOL Instant Messenger (AIM) 4.8.2790 allows remote attackers to...
E S
CVE-2002-1814 Buffer overflow in efstools in Bonobo, when installed setuid, allows local users to execute arbitrar...
E
CVE-2002-1815 Directory traversal vulnerability in source.php and source.cgi in Aquonics File Manager 1.5 allows r...
CVE-2002-1816 Off-by-one buffer overflow in the sock_gets function in sockhelp.c for ATPhttpd 0.4b and earlier all...
E S
CVE-2002-1817 Unknown vulnerability in Veritas Cluster Server (VCS) 1.2 for WindowsNT, Cluster Server 1.3.0 for So...
S
CVE-2002-1818 ezhttpbench.php in eZ httpbench 1.1 allows remote attackers to read arbitrary files via a full pathn...
E
CVE-2002-1819 Directory traversal vulnerability in TinyHTTPD 0.1 .0 allows remote attackers to read or execute arb...
E S
CVE-2002-1820 register.php in Ultimate PHP Board (UPB) 1.0 and 1.0b uses an administrative account Admin with a ca...
S
CVE-2002-1821 Ultimate PHP Board (UPB) 1.0 and 1.0b allows remote authenticated users to gain privileges and perfo...
CVE-2002-1822 IBM HTTP Server 1.0 on AS/400 allows remote attackers to obtain the path to the web root directory a...
CVE-2002-1823 Buffer overflow in the HttpGetRequest function in Zeroo HTTP server 1.5 allows remote attackers to e...
E S
CVE-2002-1824 Microsoft Internet Explorer 6.0, when handling an expired CA-CERT in a webserver's certificate chain...
CVE-2002-1825 Format string vulnerability in PerlRTE_example1.pl in WASD 7.1, 7.2.0 through 7.2.3, and 8.0.0 allow...
S
CVE-2002-1826 grsecurity 1.9.4 for Linux kernel 2.4.18 allows local users to bypass read-only permissions by using...
E
CVE-2002-1827 Sendmail 8.9.0 through 8.12.3 allows local users to cause a denial of service by obtaining an exclus...
E
CVE-2002-1828 Savant Webserver 3.1 allows remote attackers to cause a denial of service (crash) via an HTTP GET re...
CVE-2002-1829 Cross-site scripting (XSS) vulnerability in codeparse.php in Open Bulletin Board (OpenBB) 1.0.0 RC3 ...
E
CVE-2002-1830 Open Bulletin Board (OpenBB) 1.0.0 RC3 allows remote attackers to bypass authentication and access m...
E
CVE-2002-1831 Microsoft MSN Messenger Service 1.0 through 4.6 allows remote attackers to cause a denial of service...
E
CVE-2002-1832 Unknown vulnerability in the "ipopts decode" functionality in Firestorm IDS 0.4.0 through 0.4.2 allo...
S
CVE-2002-1833 The default configurations for DocuTech 6110 and DocuTech 6115 have a default administrative passwor...
CVE-2002-1834 The default configuration of Xerox DocuTech 6110 and DocuTech 6115 allows remote attackers to connec...
CVE-2002-1835 The default configuration of Xerox DocuTech 6110 and DocuTech 6115 running Solaris 8.0 has a large n...
CVE-2002-1836 The default configuration of Xerox DocuTech 6110 and DocuTech 6115 exports certain NFS shares to the...
CVE-2002-1837 The getAlbumToDisplay function in idsShared.pm for Image Display System (IDS) 0.81 allows remote att...
E
CVE-2002-1838 Charities.cron 1.0.2 through 1.6.0 allows local users to write to arbitrary files via a symlink atta...
S
CVE-2002-1839 Trend Micro InterScan VirusWall for Windows NT 3.52 does not record the sender's IP address in the h...
S
CVE-2002-1840 irssi IRC client 0.8.4, when downloaded after 14-March-2002, could contain a backdoor in the configu...
S
CVE-2002-1841 The document management module in NOLA 1.1.1 and 1.1.2 does not restrict the types of files that are...
S
CVE-2002-1842 Perlbot 1.0 beta allows remote attackers to execute arbitrary commands via shell metacharacters in (...
CVE-2002-1843 Perlbot 1.9.2 allows remote attackers to execute arbitrary commands via shell metacharacters in (1) ...
CVE-2002-1844 Microsoft Windows Media Player (WMP) 6.3, when installed on Solaris, installs executables with world...
CVE-2002-1845 Cross-site scripting (XSS) vulnerability in index.php in Yet Another Bulletin Board (YaBB) 1.40 and ...
E
CVE-2002-1846 Yet Another Bulletin Board (YaBB) 1.40 and 1.41 does not require a user to submit the correct passwo...
CVE-2002-1847 Buffer overflow in mplay32.exe of Microsoft Windows Media Player (WMP) 6.3 through 7.1 allows remote...
E
CVE-2002-1848 TightVNC before 1.2.4 running on Windows stores unencrypted passwords in the password text control o...
CVE-2002-1849 ParaChat Server 4.0 does not log users off if the browser's back button is used, which allows remote...
E
CVE-2002-1850 mod_cgi in Apache 2.0.39 and 2.0.40 allows local users and possibly remote attackers to cause a deni...
E S
CVE-2002-1851 Buffer overflow in WS_FTP Pro 7.5 allows remote attackers to execute code on a client system via unk...
CVE-2002-1852 Cross-site scripting (XSS) vulnerability in Monkey 0.5.0 allows remote attackers to inject arbitrary...
E
CVE-2002-1853 Cross-site scripting (XSS) vulnerability in MyNewsGroups 0.4 and 0.4.1 allows remote attackers to in...
S
CVE-2002-1854 Rlaj whois CGI script (whois.cgi) 1.0 allows remote attackers to execute arbitrary commands via shel...
CVE-2002-1855 Macromedia JRun 3.0 through 4.0, when running on Windows, allows remote attackers to retrieve files ...
S
CVE-2002-1856 HP Application Server 8.0, when running on Windows, allows remote attackers to retrieve files in the...
CVE-2002-1857 jo! jo Webserver 1.0, when running on Windows, allows remote attackers to retrieve files in the WEB-...
S
CVE-2002-1858 Oracle Oracle9i Application Server 1.0.2.2 and 9.0.2 through 9.0.2.0.1, when running on Windows, all...
S
CVE-2002-1859 Orion Application Server 1.5.3, when running on Windows, allows remote attackers to retrieve files i...
S
CVE-2002-1860 Pramati Server 3.0, when running on Windows, allows remote attackers to retrieve files in the WEB-IN...
S
CVE-2002-1861 Sybase Enterprise Application Server 4.0, when running on Windows, allows remote attackers to retrie...
S
CVE-2002-1862 SmartMail Server 2.0 allows remote attackers to cause a denial of service (crash) by sending data an...
E
CVE-2002-1863 Iomega Network Attached Storage (NAS) A300U, and possibly other models, does not allow the FTP servi...
CVE-2002-1864 Directory traversal vulnerability in Simple Web Server (SWS) 0.0.4 through 0.1.0 allows remote attac...
CVE-2002-1865 Buffer overflow in the Embedded HTTP server, as used in (1) D-Link DI-804 4.68, Dl-704 V2.56b6, and ...
E
CVE-2002-1866 Simple Web Server (SWS) 0.0.4 through 0.1.0 does not close file descriptors for 404 error messages, ...
CVE-2002-1867 The default configuration of BizDesign ImageFolio 2.23 through 2.26 does not control access to (1) a...
CVE-2002-1868 Dispair 0.1 and 0.2 allows remote attackers to execute arbitrary shell commands via certain form fie...
E S
CVE-2002-1869 Heysoft EventSave 5.1 and 5.2 and Heysoft EventSave+ 5.1 and 5.2 does not check whether the log file...
S
CVE-2002-1870 Simple Web Server (SWS) 0.0.4 through 0.1.0 does not properly handle when the recv function call fai...
CVE-2002-1871 pkgadd in Sun Solaris 2.5.1 through 8 installs files setuid/setgid root if the pkgmap file contains ...
S
CVE-2002-1872 Microsoft SQL Server 6.0 through 2000, with SQL Authentication enabled, uses weak password encryptio...
CVE-2002-1873 Microsoft Exchange 2000, when used with Microsoft Remote Procedure Call (MSRPC), allows remote attac...
CVE-2002-1874 astrocam.cgi in AstroCam 0.9-1-1 through 1.4.0 allows remote attackers to execute arbitrary commands...
S
CVE-2002-1875 Entercept Agent 2.5 agent for Windows, released before May 21, 2002, allows local administrative use...
S
CVE-2002-1876 Microsoft Exchange 2000 allows remote authenticated attackers to cause a denial of service via a lar...
E
CVE-2002-1877 NETGEAR FM114P allows remote attackers to bypass access restrictions for web sites via a URL that us...
CVE-2002-1878 PHP remote file inclusion vulnerability in w-Agora 4.1.3 allows remote attackers to execute arbitrar...
E S
CVE-2002-1879 SQL injection vulnerability in LokwaBB 1.2.2 allows remote attackers to execute arbitrary SQL comman...
E
CVE-2002-1880 LokwaBB 1.2.2 allows remote attackers to read arbitrary messages by modifying the pmid parameter to ...
E
CVE-2002-1881 Macromedia Flash Player 4.0 r12 through 6.0.47.0 allows remote attackers to cause a denial of servic...
E
CVE-2002-1882 Unknown vulnerability in AolSecurityPrivate.class in Oracle E-Business Suite 11i 11.1 through 11.6 a...
E S
CVE-2002-1883 Trolltech Qt Assistant 1.0 in Trolltech Qt 3.0.3, when loaded from the Designer, opens port 7358 for...
S
CVE-2002-1884 index.php in Py-Membres 3.1 allows remote attackers to log in as an administrator by setting the pym...
E
CVE-2002-1885 PHP remote file inclusion vulnerability in showhits.php3 for PowerPhlogger (PPhlogger) 2.0.9 through...
E
CVE-2002-1886 TightAuction 3.0 stores config.inc under the web document root with insufficient access control, whi...
E
CVE-2002-1887 PHP remote file inclusion vulnerability in customize.php for phpMyNewsletter 0.6.10 allows remote at...
E S
CVE-2002-1888 CommonName Toolbar 3.5.2.0 sends unqualified domain name requests to the CommonName organization and...
CVE-2002-1889 Off-by-one buffer overflow in the context_action function in context.c of Logsurfer 1.41 through 1.5...
S
CVE-2002-1890 rhmask 1.0-9 in Red Hat Linux 7.1 allows local users to overwrite arbitrary files via a symlink atta...
CVE-2002-1891 Buffer overflow in IRCIT 0.3.1 IRC client allows remote attackers to execute arbitrary code via a lo...
E
CVE-2002-1892 NETGEAR FVS318 running firmware 1.1 stores the username and password in a readable format when a bac...
CVE-2002-1893 Cross-site scripting (XSS) vulnerability in ArGoSoft Mail Server Pro 1.8.1.9 allows remote attackers...
CVE-2002-1894 Cross-site scripting (XSS) vulnerability in viewtopic.php in phpBB 2.0.3 allows remote attackers to ...
E S
CVE-2002-1895 The servlet engine in Jakarta Apache Tomcat 3.3 and 4.0.4, when using IIS and the ajp1.3 connector, ...
E S
CVE-2002-1896 Buffer overflow in Alsaplayer 0.99.71, when installed setuid root, allows local users to execute arb...
E S
CVE-2002-1897 MyWebServer LLC MyWebServer 1.0.2 allows remote attackers to cause a denial of service (crash) via a...
CVE-2002-1898 Terminal 1.3 in Apple Mac OS X 10.2 allows remote attackers to execute arbitrary commands via shell ...
E S
CVE-2002-1899 Cross-site scripting (XSS) vulnerability in IceWarp Web Mail 3.3.3 and 3.4.5 allows remote attackers...
E
CVE-2002-1900 Cross-site scripting (XSS) vulnerability in Pinboard 1.0 allows remote attackers to inject arbitrary...
S
CVE-2002-1901 Cross-site scripting (XSS) vulnerability in Bodo Bauer BBGallery 1.0 allows remote attackers to inje...
S
CVE-2002-1902 CGIForum 1.0 through 1.05 allows remote attackers to cause a denial of service (infinite recursion) ...
S
CVE-2002-1903 Pine 4.2.1 through 4.4.4 puts Unix usernames and/or uid into Sender: and X-Sender: headers, which co...
S
CVE-2002-1904 Buffer overflow in the Log function in util.c in GazTek ghttpd 1.4 through 1.4.3 allows remote attac...
E S
CVE-2002-1905 Buffer overflow in the web server of Polycom ViaVideo 2.2 and 3.0 allows remote attackers to cause a...
E S
CVE-2002-1906 The web server for Polycom ViaVideo 2.2 and 3.0 allows remote attackers to cause a denial of service...
E S
CVE-2002-1907 TelCondex SimpleWebServer 2.06.20817 allows remote attackers to cause a denial of service (crash) vi...
E S
CVE-2002-1908 Microsoft IIS 5.0 and 5.1 allows remote attackers to cause a denial of service (CPU consumption) via...
E S
CVE-2002-1909 Click2Learn Ingenium Learning Management System 5.1 and 6.1 stores the hashed administrative passwor...
CVE-2002-1910 Click2Learn Ingenium Learning Management System 5.1 and 6.1 uses weak encryption for passwords (reve...
E
CVE-2002-1911 ZoneAlarm Pro 3.0 and 3.1, when configured to block all traffic, allows remote attackers to cause a ...
E
CVE-2002-1912 SkyStream EMR5000 1.16 through 1.18 does not drop packets or disable the Ethernet interface when the...
E S
CVE-2002-1913 phptonuke.php in myPHPNuke 1.8.8 allows remote attackers to read arbitrary files via a full pathname...
E
CVE-2002-1914 dump 0.4 b10 through b29 allows local users to cause a denial of service (execution prevention) by u...
CVE-2002-1915 tip on multiple BSD-based operating systems allows local users to cause a denial of service (executi...
CVE-2002-1916 Pirch and RusPirch, when auto-log is enabled, allows remote attackers to cause a denial of service (...
E
CVE-2002-1917 CRLF injection vulnerability in the "User Profile: Send Email" feature in Geeklog 1.35 and 1.3.5sr1 ...
S
CVE-2002-1918 Buffer overflow in Microsoft Active Data Objects (ADO) in Microsoft MDAC 2.5 through 2.7 allows remo...
CVE-2002-1919 SQL injection vulnerability in shopadmin.asp in VP-ASP 4.0 allows remote attackers to execute arbitr...
CVE-2002-1920 Buffer overflow in FtpXQ 2.5 allows remote attackers to cause a denial of service (crash) via a MKD ...
CVE-2002-1921 The default configuration of MySQL 3.20.32 through 3.23.52, when running on Windows, does set the bi...
CVE-2002-1922 Cross-site scripting (XSS) vulnerability in global.php in Jelsoft vBulletin 2.0.0 through 2.2.8 allo...
E S
CVE-2002-1923 The default configuration in MySQL 3.20.32 through 3.23.52, when running on Windows, does not have l...
CVE-2002-1924 PowerChute plus 5.0.2 creates a "Pwrchute" directory during installation that is shared and world wr...
CVE-2002-1925 Tiny Personal Firewall 3.0 through 3.0.6 allows remote attackers to cause a denial of service (crash...
CVE-2002-1926 Directory traversal vulnerability in source.php in Aquonics File Manager 1.5 allows remote attackers...
CVE-2002-1927 Aquonics File Manager 1.5 allows users with edit privileges to modify user accounts by editing the u...
CVE-2002-1928 602Pro LAN SUITE 2002 allows remote attackers to view the directory tree via an HTTP GET request wit...
S
CVE-2002-1929 Cross-site scripting (XSS) vulnerability in pafiledb.php in PHP Arena paFileDB 1.1.3 through 3.0 all...
E
CVE-2002-1930 Buffer overflow in AN HTTPd 1.38 through 1.4.1c allows remote attackers to execute arbitrary code vi...
E S
CVE-2002-1931 Cross-site scripting (XSS) vulnerability in PHP Arena paFileDB 1.1.3 and 2.1.1 allows remote attacke...
S
CVE-2002-1932 Microsoft Windows XP and Windows 2000, when configured to send administrative alerts and the "Do not...
S
CVE-2002-1933 The terminal services screensaver for Microsoft Windows 2000 does not automatically lock the termina...
CVE-2002-1934 Pingtel xpressa SIP-based voice-over-IP phone 1.2.5 through 2.0.1 leaks sensitive information during...
CVE-2002-1935 Pingtel Xpressa 1.2.5 through 2.0.1 uses predictable (1) Call-ID, (2) CSeq, and (3) "To" and "From" ...
CVE-2002-1936 UTStarcom BAS 1000 3.1.10 creates several default or back door accounts and passwords, which allows ...
CVE-2002-1937 Symantec Firewall/VPN Appliance 100 through 200R hardcodes the administrator's MAC address inside th...
CVE-2002-1938 Virgil CGI Scanner 0.9 allows remote attackers to execute arbitrary commands via the (1) tar (TARGET...
E
CVE-2002-1939 FlashFXP 1.4 prints FTP passwords in plaintext when there are transfers in the queue, which allows a...
S
CVE-2002-1940 LCC-Win32 3.2 compiler, when running on Windows 95, 98, or ME, writes portions of previously used me...
CVE-2002-1941 Buffer overflow in RadioBird WebServer 4 Everyone 1.28 allows remote attackers to cause a denial of ...
S
CVE-2002-1942 Imatix Xitami 2.5 b5 does not properly terminate certain Keep-Alive connections that have been broke...
E
CVE-2002-1943 SafeTP 1.46, when network address translation (NAT) is being used, leaks the internal IP address of ...
E
CVE-2002-1944 Motorola Surfboard 4200 cable modem allows remote attackers to cause a denial of service (crash) by ...
S
CVE-2002-1945 Buffer overflow in SmartMail Server 1.0 Beta 10 allows remote attackers to cause a denial of service...
E
CVE-2002-1946 Videsh Sanchar Nigam Limited (VSNL) Integrated Dialer Software 1.2.000, when the "Save Password" opt...
CVE-2002-1947 Webmin 0.21 through 1.0 uses the same built-in SSL key for all installations, which allows remote at...
S
CVE-2002-1948 Multiple buffer overflows in Gringotts 0.5.9 allows local users to execute arbitrary commands via un...
S
CVE-2002-1949 The Network Attached Storage (NAS) Administration Web Page for Iomega NAS A300U transmits passwords ...
CVE-2002-1950 Cross-site scripting (XSS) vulnerability in phpRank 1.8 allows remote attackers to inject arbitrary ...
E
CVE-2002-1951 Buffer overflow in GoAhead WebServer 2.1 allows remote attackers to execute arbitrary code via a lon...
E S
CVE-2002-1952 phpRank 1.8 does not properly check the return codes for MySQL operations when authenticating users,...
CVE-2002-1953 Heap-based buffer overflow in the goim handler of AOL Instant Messenger (AIM) 4.4 through 4.8.2616 a...
E
CVE-2002-1954 Cross-site scripting (XSS) vulnerability in the phpinfo function in PHP 4.2.3 allows remote attacker...
E
CVE-2002-1955 Iomega NAS A300U uses cleartext LANMAN authentication when mounting CIFS/SMB drives, which allows re...
CVE-2002-1956 ROX Filer 1.1.9 and 1.2 is installed with world writable permissions, which allows local users to wr...
S
CVE-2002-1957 Buffer overflow in the netlog function in pen.c for Pen 0.9.1 and 0.9.2 allows remote attackers to e...
S
CVE-2002-1958 Cross-site scripting (XSS) vulnerability in kmMail 1.0, 1.0a, and 1.0b allows remote attackers to in...
S
CVE-2002-1959 Nagios 1.0b1 through 1.0b3 allows remote attackers to execute arbitrary commands via shell metachara...
S
CVE-2002-1960 Cross-site scripting (XSS) vulnerability in Cybozu Share360 1.1 allows remote attackers to inject ar...
S
CVE-2002-1961 Finjan Software SurfinGate 6.0 and 6.0 1 allows remote attackers to bypass URL access restrictions v...
E
CVE-2002-1962 Finjan Software SurfinGate 6.0 and 6.0 1 allows remote attackers to bypass URL access restrictions v...
CVE-2002-1963 Linux kernel 2.4.1 through 2.4.19 sets root's NR_RESERVED_FILES limit to 10 files, which allows loca...
E
CVE-2002-1964 Unknown vulnerability in WesMo phpEventCalendar 1.1 allows remote attackers to execute arbitrary com...
S
CVE-2002-1965 Cross-site scripting (XSS) vulnerability in Errors.gsl in Imatix Xitami 2.5b4 and 2.5b5 allows remot...
E
CVE-2002-1966 Directory traversal vulnerability in magiccard.cgi in My Postcards Platinum 5.0 and 6.0 allows remot...
E
CVE-2002-1967 Buffer overflow in XiRCON 1.0 Beta 4 allows remote attackers to cause a denial of service (disconnec...
E
CVE-2002-1968 Com21 DOXport 1100 series cable modem running firmware 2.1.1.106, and possibly other versions before...
S
CVE-2002-1969 Magic Notebook 1.0b and 1.1b allows remote attackers to cause a denial of service (crash) via an inv...
S
CVE-2002-1970 SnortCenter 0.9.5, when configured to push Snort rules, stores the rules in a temporary file with wo...
S
CVE-2002-1971 The ping utility in networking_utils.php in Sourcecraft Networking_Utils 1.0 allows remote attackers...
E
CVE-2002-1972 Unknown vulnerability in Parallel port powerSwitch (aka pp_powerSwitch) 0.1 does not properly enforc...
S
CVE-2002-1973 Buffer overflow in CHttpServer::OnParseError in the ISAPI extension (Isapi.cpp) when built using Mic...
E S
CVE-2002-1974 The FTP service in Zaurus PDAs SL-5000D and SL-5500 does not require authentication, which allows re...
CVE-2002-1975 Sharp Zaurus PDA SL-5000D and SL-5500 uses a salt of "A0" to encrypt the screen-locking password as ...
CVE-2002-1976 ifconfig, when used on the Linux kernel 2.2 and later, does not report when the network interface is...
S
CVE-2002-1977 Network Associates PGP 7.0.4 and 7.1 does not time out according to the value set in the "Passphrase...
S
CVE-2002-1978 IPFilter 3.1.1 through 3.4.28 allows remote attackers to bypass firewall rules by sending a PASV com...
S
CVE-2002-1979 WatchGuard SOHO products running firmware 5.1.6 and earlier, and Vclass/RSSA using 3.2 SP1 and earli...
S
CVE-2002-1980 Buffer overflow in Volume Manager daemon (vold) of Sun Solaris 2.5.1 through 8 allows local users to...
S
CVE-2002-1981 Microsoft SQL Server 2000 through SQL Server 2000 SP2 allows the "public" role to execute the (1) sp...
CVE-2002-1982 Directory traversal vulnerability in the list_directory function in Icecast 1.3.12 allows remote att...
E
CVE-2002-1983 The timer implementation in QNX RTOS 6.1.0 allows local users to cause a denial of service (hang) an...
E
CVE-2002-1984 Microsoft Internet Explorer 5.0.1 through 6.0 on Windows 2000 or Windows XP allows remote attackers ...
E
CVE-2002-1985 iSMTP 5.0.1 allows remote attackers to cause a denial of service via a long "MAIL FROM" command, pos...
S
CVE-2002-1986 Perception LiteServe 2.0 through 2.0.1 allows remote attackers to obtain the source code of CGI scri...
E S
CVE-2002-1987 Directory traversal vulnerability in view_source.jsp in Resin 2.1.2 allows remote attackers to read ...
CVE-2002-1988 Resin 2.1.1 allows remote attackers to cause a denial of service (memory consumption and hang) via a...
S
CVE-2002-1989 Resin 2.1.1 allows remote attackers to cause a denial of service (thread and connection consumption)...
S
CVE-2002-1990 Resin 2.0.5 through 2.1.2 allows remote attackers to reveal physical path information via a URL requ...
CVE-2002-1991 PHP file inclusion vulnerability in osCommerce 2.1 execute arbitrary commands via the include_file p...
E
CVE-2002-1992 Buffer overflow in jrun.dll in ColdFusion MX, when used with IIS 4 or 5, allows remote attackers to ...
S
CVE-2002-1993 webbbs_post.pl in WebBBS 4 and 5.0 allows remote attackers to execute arbitrary commands via shell m...
E
CVE-2002-1994 advserver.exe in Advanced Web Server (AdvServer) Professional 1.030000 allows remote attackers to ca...
CVE-2002-1995 Cross-site scripting (XSS) vulnerability in phptonuke.php for PHP-Nuke allows remote attackers to in...
E
CVE-2002-1996 Cross-site scripting (XSS) vulnerability in PostNuke 0.71 and earlier allows remote attackers to inj...
E S
CVE-2002-1997 ZoneAlarm Pro 3.0 MailSafe allows remote attackers to bypass filtering and possibly execute arbitrar...
CVE-2002-1998 Buffer overflow in rpc.cmsd in SCO UnixWare 7.1.1 and Open UNIX 8.0.0 allows remote attackers to exe...
E S
CVE-2002-1999 HP Praesidium Webproxy 1.0 running on HP-UX 11.04 VVOS could allow remote attackers to cause Webprox...
S
This platform uses data from the NIST NVD, MITRE CVE, MITRE CWE, First.org and CISA KEV but is not endorsed or certified by these entities. CVE is a registred trademark of the MITRE Corporation and the authoritative source of CVE content is MITRE's CVE web site. CWE is a registred trademark of the MITRE Corporation and the authoritative source of CWE content is MITRE's CWE web site.
© 2025 Under My Watch. All Rights Reserved.