| ID | Summary | Flags | Max Score |
|---|---|---|---|
| CVE-2003-0001 | Multiple ethernet Network Interface Card (NIC) device drivers do not pad frames with null bytes, whi... | | |
| CVE-2003-0002 | Cross-site scripting vulnerability (XSS) in ManualLogin.asp script for Microsoft Content Management ... | S | |
| CVE-2003-0003 | Buffer overflow in the RPC Locator service for Microsoft Windows NT 4.0, Windows NT 4.0 Terminal Ser... | S | |
| CVE-2003-0004 | Buffer overflow in the Windows Redirector function in Microsoft Windows XP allows local users to exe... | | |
| CVE-2003-0007 | Microsoft Outlook 2002 does not properly handle requests to encrypt email messages with V1 Exchange ... | | |
| CVE-2003-0009 | Cross-site scripting (XSS) vulnerability in Help and Support Center for Microsoft Windows Me allows ... | S | |
| CVE-2003-0010 | Integer overflow in JsArrayFunctionHeapSort function used by Windows Script Engine for JScript (JScr... | S | |
| CVE-2003-0011 | Unknown vulnerability in the DNS intrusion detection application filter for Microsoft Internet Secur... | S | |
| CVE-2003-0012 | The data collection script for Bugzilla 2.14.x before 2.14.5, 2.16.x before 2.16.2, and 2.17.x befor... | | |
| CVE-2003-0013 | The default .htaccess scripts for Bugzilla 2.14.x before 2.14.5, 2.16.x before 2.16.2, and 2.17.x be... | S | |
| CVE-2003-0014 | gsinterf.c in bmv 1.2 and earlier allows local users to overwrite arbitrary files via a symlink atta... | S | |
| CVE-2003-0015 | Double-free vulnerability in CVS 1.11.4 and earlier allows remote attackers to cause a denial of ser... | S | |
| CVE-2003-0016 | Apache before 2.0.44, when running on unpatched Windows 9x and Me operating systems, allows remote a... | | |
| CVE-2003-0017 | Apache 2.0 before 2.0.44 on Windows platforms allows remote attackers to obtain certain files via an... | | |
| CVE-2003-0018 | Linux kernel 2.4.10 through 2.4.21-pre4 does not properly handle the O_DIRECT feature, which allows ... | S | |
| CVE-2003-0019 | uml_net in the kernel-utils package for Red Hat Linux 8.0 has incorrect setuid root privileges, whic... | S | |
| CVE-2003-0020 | Apache does not filter terminal escape sequences from its error logs, which could make it easier for... | | |
| CVE-2003-0021 | The "screen dump" feature in Eterm 0.9.1 and earlier allows attackers to overwrite arbitrary files v... | | |
| CVE-2003-0022 | The "screen dump" feature in rxvt 2.7.8 allows attackers to overwrite arbitrary files via a certain ... | | |
| CVE-2003-0023 | The menuBar feature in rxvt 2.7.8 allows attackers to modify menu options and execute arbitrary comm... | | |
| CVE-2003-0024 | The menuBar feature in aterm 0.42 allows attackers to modify menu options and execute arbitrary comm... | | |
| CVE-2003-0025 | Multiple SQL injection vulnerabilities in IMP 2.2.8 and earlier allow remote attackers to perform un... | S | |
| CVE-2003-0026 | Multiple stack-based buffer overflows in the error handling routines of the minires library, as used... | S | |
| CVE-2003-0027 | Directory traversal vulnerability in Sun Kodak Color Management System (KCMS) library service daemon... | S | |
| CVE-2003-0028 | Integer overflow in the xdrmem_getbytes() function, and possibly other functions, of XDR (external d... | E S | |
| CVE-2003-0030 | Buffer overflows in protegrity.dll of Protegrity Secure.Data Extension Feature (SEF) before 2.2.3.9 ... | S | |
| CVE-2003-0031 | Multiple buffer overflows in libmcrypt before 2.5.5 allow attackers to cause a denial of service (cr... | S | |
| CVE-2003-0032 | Memory leak in libmcrypt before 2.5.5 allows attackers to cause a denial of service (memory exhausti... | S | |
| CVE-2003-0033 | Buffer overflow in the RPC preprocessor for Snort 1.8 and 1.9.x before 1.9.1 allows remote attackers... | S | |
| CVE-2003-0034 | Buffer overflow in the mtink status monitor, as included in the printer-drivers package in Mandrake ... | E S | |
| CVE-2003-0035 | Buffer overflow in escputil, as included in the printer-drivers package in Mandrake Linux, allows lo... | E S | |
| CVE-2003-0036 | ml85p, as included in the printer-drivers package for Mandrake Linux, allows local users to overwrit... | E S | |
| CVE-2003-0037 | Buffer overflows in noffle news server 1.0.1 and earlier allow remote attackers to cause a denial of... | S | |
| CVE-2003-0038 | Cross-site scripting (XSS) vulnerability in options.py for Mailman 2.1 allows remote attackers to in... | S | |
| CVE-2003-0039 | ISC dhcrelay (dhcp-relay) 3.0rc9 and earlier, and possibly other versions, allows remote attackers t... | S | |
| CVE-2003-0040 | SQL injection vulnerability in the PostgreSQL auth module for courier 0.40 and earlier allows remote... | S | |
| CVE-2003-0041 | Kerberos FTP client allows remote FTP sites to execute arbitrary code via a pipe (|) character in a ... | S | |
| CVE-2003-0042 | Jakarta Tomcat before 3.3.1a, when used with JDK 1.3.1 or earlier, allows remote attackers to list d... | S | |
| CVE-2003-0043 | Jakarta Tomcat before 3.3.1a, when used with JDK 1.3.1 or earlier, uses trusted privileges when proc... | | |
| CVE-2003-0044 | Multiple cross-site scripting (XSS) vulnerabilities in the (1) examples and (2) ROOT web application... | S | |
| CVE-2003-0045 | Jakarta Tomcat before 3.3.1a on certain Windows systems may allow remote attackers to cause a denial... | | |
| CVE-2003-0046 | AbsoluteTelnet SSH2 client does not clear logon credentials from memory, including plaintext passwor... | S | |
| CVE-2003-0047 | SSH2 clients for VanDyke (1) SecureCRT 4.0.2 and 3.4.7, (2) SecureFX 2.1.2 and 2.0.4, and (3) Entunn... | S | |
| CVE-2003-0048 | PuTTY 0.53b and earlier does not clear logon credentials from memory, including plaintext passwords,... | S | |
| CVE-2003-0049 | Apple File Protocol (AFP) in Mac OS X before 10.2.4 allows administrators to log in as other users b... | S | |
| CVE-2003-0050 | parse_xml.cgi in Apple Darwin Streaming Administration Server 4.1.2 and QuickTime Streaming Server 4... | | |
| CVE-2003-0051 | parse_xml.cgi in Apple Darwin Streaming Administration Server 4.1.2 and QuickTime Streaming Server 4... | | |
| CVE-2003-0052 | parse_xml.cgi in Apple Darwin Streaming Administration Server 4.1.2 and QuickTime Streaming Server 4... | | |
| CVE-2003-0053 | Cross-site scripting (XSS) vulnerability in parse_xml.cgi in Apple Darwin Streaming Administration S... | | |
| CVE-2003-0054 | Apple Darwin Streaming Administration Server 4.1.2 and QuickTime Streaming Server 4.1.1 allows remot... | | |
| CVE-2003-0055 | Buffer overflow in the MP3 broadcasting module of Apple Darwin Streaming Administration Server 4.1.2... | | |
| CVE-2003-0056 | Buffer overflow in secure locate (slocate) before 2.7 allows local users to execute arbitrary code v... | S | |
| CVE-2003-0057 | Multiple buffer overflows in Hypermail 2 before 2.1.6 allows remote attackers to cause a denial of s... | | |
| CVE-2003-0058 | MIT Kerberos V5 Key Distribution Center (KDC) before 1.2.5 allows remote authenticated attackers to ... | S | |
| CVE-2003-0059 | Unknown vulnerability in the chk_trans.c of the libkrb5 library for MIT Kerberos V5 before 1.2.5 all... | S | |
| CVE-2003-0060 | Format string vulnerabilities in the logging routines for MIT Kerberos V5 Key Distribution Center (K... | S | |
| CVE-2003-0061 | Buffer overflow in passwd for HP UX B.10.20 allows local users to execute arbitrary commands with ro... | | |
| CVE-2003-0062 | Buffer overflow in Eset Software NOD32 for UNIX before 1.013 allows local users to execute arbitrary... | E S | |
| CVE-2003-0063 | The xterm terminal emulator in XFree86 4.2.0 and earlier allows attackers to modify the window title... | | |
| CVE-2003-0064 | The dtterm terminal emulator allows attackers to modify the window title via a certain character esc... | | |
| CVE-2003-0065 | The uxterm terminal emulator allows attackers to modify the window title via a certain character esc... | | |
| CVE-2003-0066 | The rxvt terminal emulator 2.7.8 and earlier allows attackers to modify the window title via a certa... | | |
| CVE-2003-0067 | The aterm terminal emulator 0.42 allows attackers to modify the window title via a certain character... | | |
| CVE-2003-0068 | The Eterm terminal emulator 0.9.1 and earlier allows attackers to modify the window title via a cert... | | |
| CVE-2003-0069 | The PuTTY terminal emulator 0.53 allows attackers to modify the window title via a certain character... | | |
| CVE-2003-0070 | VTE, as used by default in gnome-terminal terminal emulator 2.2 and as an option in gnome-terminal 2... | | |
| CVE-2003-0071 | The DEC UDK processing feature in the xterm terminal emulator in XFree86 4.2.99.4 and earlier allows... | | |
| CVE-2003-0072 | The Key Distribution Center (KDC) in Kerberos 5 (krb5) 1.2.7 and earlier allows remote, authenticate... | S | |
| CVE-2003-0073 | Double-free vulnerability in mysqld for MySQL before 3.23.55 allows attackers with MySQL access to c... | S | |
| CVE-2003-0074 | Format string vulnerability in mpmain.c for plpnfsd of the plptools package allows remote attackers ... | S | |
| CVE-2003-0075 | Integer signedness error in the myFseek function of samplein.c for Blade encoder (BladeEnc) 0.94.2 a... | E S | |
| CVE-2003-0076 | Unknown vulnerability in the directory parser for Direct Connect 4 Linux (dcgui) before 0.2.2 allows... | | |
| CVE-2003-0077 | The hanterm (hanterm-xf) terminal emulator 2.0.5 and earlier, and possibly later versions, allows at... | | |
| CVE-2003-0078 | ssl3_get_record in s3_pkt.c for OpenSSL before 0.9.7a and 0.9.6 before 0.9.6i does not perform a MAC... | S | |
| CVE-2003-0079 | The DEC UDK processing feature in the hanterm (hanterm-xf) terminal emulator before 2.0.5 allows att... | | |
| CVE-2003-0080 | The iptables ruleset in Gnome-lokkit in Red Hat Linux 8.0 does not include any rules in the FORWARD ... | S | |
| CVE-2003-0081 | Format string vulnerability in packet-socks.c of the SOCKS dissector for Ethereal 0.8.7 through 0.9.... | E S | |
| CVE-2003-0082 | The Key Distribution Center (KDC) in Kerberos 5 (krb5) 1.2.7 and earlier allows remote, authenticate... | S | |
| CVE-2003-0083 | Apache 1.3 before 1.3.25 and Apache 2.0 before version 2.0.46 does not filter terminal escape sequen... | | |
| CVE-2003-0084 | mod_auth_any package in Red Hat Enterprise Linux 2.1 and other operating systems does not properly e... | S | |
| CVE-2003-0085 | Buffer overflow in the SMB/CIFS packet fragment re-assembly code for SMB daemon (smbd) in Samba befo... | S | |
| CVE-2003-0086 | The code for writing reg files in Samba before 2.2.8 allows local users to overwrite arbitrary files... | S | |
| CVE-2003-0087 | Buffer overflow in libIM library (libIM.a) for National Language Support (NLS) on AIX 4.3 through 5.... | E S | |
| CVE-2003-0088 | TruBlueEnvironment for MacOS 10.2.3 and earlier allows local users to overwrite or create arbitrary ... | S | |
| CVE-2003-0089 | Buffer overflow in the Software Distributor utilities for HP-UX B.11.00 and B.11.11 allows local use... | S | |
| CVE-2003-0090 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2000-0844. Reason: This candida... | R | |
| CVE-2003-0091 | Stack-based buffer overflow in the bsd_queue() function for lpq on Solaris 2.6 and 7 allows local us... | S | |
| CVE-2003-0092 | Heap-based buffer overflow in dtsession for Solaris 2.5.1 through Solaris 9 allows local users to ga... | S | |
| CVE-2003-0093 | The RADIUS decoder in tcpdump 3.6.2 and earlier allows remote attackers to cause a denial of service... | E | |
| CVE-2003-0094 | A patch for mcookie in the util-linux package for Mandrake Linux 8.2 and 9.0 uses /dev/urandom inste... | | |
| CVE-2003-0095 | Buffer overflow in ORACLE.EXE for Oracle Database Server 9i, 8i, 8.1.7, and 8.0.6 allows remote atta... | S | |
| CVE-2003-0096 | Multiple buffer overflows in Oracle 9i Database release 2, Release 1, 8i, 8.1.7, and 8.0.6 allow rem... | | |
| CVE-2003-0097 | Unknown vulnerability in CGI module for PHP 4.3.0 allows attackers to access arbitrary files as the ... | | |
| CVE-2003-0098 | Unknown vulnerability in apcupsd before 3.8.6, and 3.10.x before 3.10.5, allows remote attackers to ... | S | |
| CVE-2003-0099 | Multiple buffer overflows in apcupsd before 3.8.6, and 3.10.x before 3.10.5, may allow attackers to ... | S | |
| CVE-2003-0100 | Buffer overflow in Cisco IOS 11.2.x to 12.0.x allows remote attackers to cause a denial of service a... | | |
| CVE-2003-0101 | miniserv.pl in (1) Webmin before 1.070 and (2) Usermin before 1.000 does not properly handle metacha... | | |
| CVE-2003-0102 | Buffer overflow in tryelf() in readelf.c of the file command allows attackers to execute arbitrary c... | E S | |
| CVE-2003-0103 | Format string vulnerability in Nokia 6210 handset allows remote attackers to cause a denial of servi... | | |
| CVE-2003-0104 | Directory traversal vulnerability in PeopleTools 8.10 through 8.18, 8.40, and 8.41 allows remote att... | S | |
| CVE-2003-0105 | ServerMask 2.2 and earlier does not obfuscate (1) ETag, (2) HTTP Status Message, or (3) Allow HTTP r... | | |
| CVE-2003-0106 | The HTTP proxy for Symantec Enterprise Firewall (SEF) 7.0 allows proxy users to bypass pattern match... | S | |
| CVE-2003-0107 | Buffer overflow in the gzprintf function in zlib 1.1.4, when zlib is compiled without vsnprintf or w... | E | |
| CVE-2003-0108 | isakmp_sub_print in tcpdump 3.6 through 3.7.1 allows remote attackers to cause a denial of service (... | S | |
| CVE-2003-0109 | Buffer overflow in ntdll.dll on Microsoft Windows NT 4.0, Windows NT 4.0 Terminal Server Edition, Wi... | E S | |
| CVE-2003-0110 | The Winsock Proxy service in Microsoft Proxy Server 2.0 and the Microsoft Firewall service in Intern... | S | |
| CVE-2003-0111 | The ByteCode Verifier component of Microsoft Virtual Machine (VM) build 5.0.3809 and earlier, as use... | S | |
| CVE-2003-0112 | Buffer overflow in Windows Kernel allows local users to gain privileges by causing certain error mes... | S | |
| CVE-2003-0113 | Buffer overflow in URLMON.DLL in Microsoft Internet Explorer 5.01, 5.5 and 6.0 allows remote attacke... | | |
| CVE-2003-0114 | The file upload control in Microsoft Internet Explorer 5.01, 5.5, and 6.0 allows remote attackers to... | | |
| CVE-2003-0115 | Microsoft Internet Explorer 5.01, 5.5 and 6.0 does not properly check parameters that are passed dur... | | |
| CVE-2003-0116 | Microsoft Internet Explorer 5.01, 5.5 and 6.0 does not properly check the Cascading Style Sheet inpu... | E S | |
| CVE-2003-0117 | Buffer overflow in the HTTP receiver function (BizTalkHTTPReceive.dll ISAPI) of Microsoft BizTalk Se... | | |
| CVE-2003-0118 | SQL injection vulnerability in the Document Tracking and Administration (DTA) website of Microsoft B... | | |
| CVE-2003-0119 | The secldapclntd daemon in AIX 4.3, 5.1 and 5.2 uses an Internet socket when communicating with the ... | S | |
| CVE-2003-0120 | adb2mhc in the mhc-utils package before 0.25+20010625-7.1 allows local users to overwrite arbitrary ... | S | |
| CVE-2003-0121 | Clearswift MAILsweeper 4.x allows remote attackers to bypass attachment detection via an attachment ... | S | |
| CVE-2003-0122 | Buffer overflow in Notes server before Lotus Notes R4, R5 before 5.0.11, and early R6 allows remote ... | S | |
| CVE-2003-0123 | Buffer overflow in Web Retriever client for Lotus Notes/Domino R4.5 through R6 allows remote malicio... | S | |
| CVE-2003-0124 | man before 1.5l allows attackers to execute arbitrary code via a malformed man file with improper qu... | E S | |
| CVE-2003-0125 | Buffer overflow in the web interface for SOHO Routefinder 550 before firmware 4.63 allows remote att... | E S | |
| CVE-2003-0126 | The web interface for SOHO Routefinder 550 firmware 4.63 and earlier, and possibly later versions, h... | E S | |
| CVE-2003-0127 | The kernel module loader in Linux kernel 2.2.x before 2.2.25, and 2.4.x before 2.4.21, allows local ... | S | |
| CVE-2003-0128 | The try_uudecoding function in mail-format.c for Ximian Evolution Mail User Agent 1.2.2 and earlier ... | E S | |
| CVE-2003-0129 | Ximian Evolution Mail User Agent 1.2.2 and earlier allows remote attackers to cause a denial of serv... | E S | |
| CVE-2003-0130 | The handle_image function in mail-format.c for Ximian Evolution Mail User Agent 1.2.2 and earlier do... | E S | |
| CVE-2003-0131 | The SSL and TLS components for OpenSSL 0.9.6i and earlier, 0.9.7, and 0.9.7a allow remote attackers ... | S | |
| CVE-2003-0132 | A memory leak in Apache 2.0 through 2.0.44 allows remote attackers to cause a denial of service (mem... | E | |
| CVE-2003-0133 | GtkHTML, as included in Evolution before 1.2.4, allows remote attackers to cause a denial of service... | S | |
| CVE-2003-0134 | Unknown vulnerability in filestat.c for Apache running on OS2, versions 2.0 through 2.0.45, allows u... | S | |
| CVE-2003-0135 | vsftpd FTP daemon in Red Hat Linux 9 is not compiled against TCP wrappers (tcp_wrappers) but is inst... | S | |
| CVE-2003-0136 | psbanner in the LPRng package allows local users to overwrite arbitrary files via a symbolic link at... | S | |
| CVE-2003-0137 | SNMP daemon in the DX200 based network element for Nokia Serving GPRS support node (SGSN) allows rem... | E | |
| CVE-2003-0138 | Version 4 of the Kerberos protocol (krb4), as used in Heimdal and other packages, allows an attacker... | S | |
| CVE-2003-0139 | Certain weaknesses in the implementation of version 4 of the Kerberos protocol (krb4) in the krb5 di... | S | |
| CVE-2003-0140 | Buffer overflow in Mutt 1.4.0 and possibly earlier versions, 1.5.x up to 1.5.3, and other programs t... | S | |
| CVE-2003-0141 | The PNG deflate algorithm in RealOne Player 6.0.11.x and earlier, RealPlayer 8/RealPlayer Plus 8 6.0... | S | |
| CVE-2003-0142 | Adobe Acrobat Reader (acroread) 6, under certain circumstances when running with the "Certified plug... | | |
| CVE-2003-0143 | The pop_msg function in qpopper 4.0.x before 4.0.5fc2 does not null terminate a message buffer after... | E S | |
| CVE-2003-0144 | Buffer overflow in the lprm command in the lprold lpr package on SuSE 7.1 through 7.3, OpenBSD 3.2 a... | E S | |
| CVE-2003-0145 | Unknown vulnerability in tcpdump before 3.7.2 related to an inability to "Handle unknown RADIUS attr... | | |
| CVE-2003-0146 | Multiple vulnerabilities in NetPBM 9.20 and earlier, and possibly other versions, may allow remote a... | S | |
| CVE-2003-0147 | OpenSSL does not use RSA blinding by default, which allows local and remote attackers to obtain the ... | | |
| CVE-2003-0148 | The default installation of MSDE via McAfee ePolicy Orchestrator 2.0 through 3.0 allows attackers to... | S | |
| CVE-2003-0149 | Heap-based buffer overflow in ePO agent for McAfee ePolicy Orchestrator 2.0, 2.5, and 2.5.1 allows r... | S | |
| CVE-2003-0150 | MySQL 3.23.55 and earlier creates world-writeable files and allows mysql users to gain root privileg... | E S | |
| CVE-2003-0151 | BEA WebLogic Server and Express 6.0 through 7.0 does not properly restrict access to certain interna... | | |
| CVE-2003-0152 | Unknown vulnerability in bonsai Mozilla CVS query tool allows remote attackers to execute arbitrary ... | S | |
| CVE-2003-0153 | bonsai Mozilla CVS query tool leaks the absolute pathname of the tool in certain error messages gene... | S | |
| CVE-2003-0154 | Cross-site scripting vulnerabilities (XSS) in bonsai Mozilla CVS query tool allow remote attackers t... | E S | |
| CVE-2003-0155 | bonsai Mozilla CVS query tool allows remote attackers to gain access to the parameters page without ... | S | |
| CVE-2003-0156 | Directory traversal vulnerability in Cross-Referencing Linux (LXR) allows remote attackers to read a... | S | |
| CVE-2003-0157 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2003-0138. Reason: This candida... | R | |
| CVE-2003-0158 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2003-0139. Reason: This candida... | R | |
| CVE-2003-0159 | Heap-based buffer overflow in the NTLMSSP code for Ethereal 0.9.9 and earlier allows remote attacker... | S | |
| CVE-2003-0160 | Multiple cross-site scripting (XSS) vulnerabilities in SquirrelMail before 1.2.11 allow remote attac... | S | |
| CVE-2003-0161 | The prescan() function in the address parser (parseaddr.c) in Sendmail before 8.12.9 does not proper... | S | |
| CVE-2003-0162 | Ecartis 1.0.0 (formerly listar) before snapshot 20030227 allows remote attackers to reset passwords ... | S | |
| CVE-2003-0163 | decrypt_msg for the Gaim-Encryption GAIM plugin 1.15 and earlier does not properly validate a messag... | S | |
| CVE-2003-0165 | Format string vulnerability in Eye Of Gnome (EOG) allows attackers to execute arbitrary code via for... | E S | |
| CVE-2003-0166 | Integer signedness error in emalloc() function for PHP before 4.3.2 allow remote attackers to cause ... | E | |
| CVE-2003-0167 | Multiple off-by-one buffer overflows in the IMAP capability for Mutt 1.3.28 and earlier, and Balsa 1... | S | |
| CVE-2003-0168 | Buffer overflow in Apple QuickTime Player 5.x and 6.0 for Windows allows remote attackers to execute... | E | |
| CVE-2003-0169 | hpnst.exe in the GoAhead-Webs webserver for HP Instant TopTools before 5.55 allows remote attackers ... | E S | |
| CVE-2003-0170 | Unknown vulnerability in ftpd in IBM AIX 5.2, when configured to use Kerberos 5 for authentication, ... | S | |
| CVE-2003-0171 | DirectoryServices in MacOS X trusts the PATH environment variable to locate and execute the touch co... | | |
| CVE-2003-0172 | Buffer overflow in openlog function for PHP 4.3.1 on Windows operating system, and possibly other OS... | E S | |
| CVE-2003-0173 | xfsdq in xfsdump does not create quota information files securely, which allows local users to gain ... | S | |
| CVE-2003-0174 | The LDAP name service (nsd) in IRIX 6.5.19 and earlier does not properly verify if the USERPASSWORD ... | S | |
| CVE-2003-0175 | SGI IRIX before 6.5.21 allows local users to cause a denial of service (kernel panic) via a certain ... | S | |
| CVE-2003-0176 | The Name Service Daemon (nsd), when running on an NIS master on SGI IRIX 6.5.x through 6.5.20f, and ... | S | |
| CVE-2003-0177 | SGI IRIX 6.5.x through 6.5.20f, and possibly earlier versions, does not follow "-" entries in the /e... | S | |
| CVE-2003-0178 | Multiple buffer overflows in Lotus Domino Web Server before 6.0.1 allow remote attackers to cause a ... | S | |
| CVE-2003-0179 | Buffer overflow in the COM Object Control Handler for Lotus Domino 6.0.1 and earlier allows remote a... | S | |
| CVE-2003-0180 | Lotus Domino Web Server (nhttp.exe) before 6.0.1 allows remote attackers to cause a denial of servic... | E S | |
| CVE-2003-0181 | Lotus Domino Web Server (nhttp.exe) before 6.0.1 allows remote attackers to cause a denial of servic... | E S | |
| CVE-2003-0187 | The connection tracking core of Netfilter for Linux 2.4.20, with CONFIG_IP_NF_CONNTRACK enabled or t... | | |
| CVE-2003-0188 | lv reads a .lv file from the current working directory, which allows local users to execute arbitrar... | S | |
| CVE-2003-0189 | The authentication module for Apache 2.0.40 through 2.0.45 on Unix does not properly handle threads ... | S | |
| CVE-2003-0190 | OpenSSH-portable (OpenSSH) 3.6.1p1 and earlier with PAM support enabled immediately sends an error m... | E S | |
| CVE-2003-0192 | Apache 2 before 2.0.47, and certain versions of mod_ssl for Apache 1.3, do not properly handle "cert... | S | |
| CVE-2003-0193 | msxlsview.sh in xlsview for catdoc 0.91 and earlier allows local users to overwrite arbitrary files ... | | |
| CVE-2003-0194 | tcpdump does not properly drop privileges to the pcap user when starting up.... | S | |
| CVE-2003-0195 | CUPS before 1.1.19 allows remote attackers to cause a denial of service via a partial printing reque... | E S | |
| CVE-2003-0196 | Multiple buffer overflows in Samba before 2.2.8a may allow remote attackers to execute arbitrary cod... | S | |
| CVE-2003-0197 | Buffer overflow gds_lock_mgr of Interbase Database 6.x allows local users to gain privileges via a l... | E S | |
| CVE-2003-0198 | Mac OS X before 10.2.5 allows guest users to modify the permissions of the DropBox folder and read u... | | |
| CVE-2003-0199 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual w... | R | |
| CVE-2003-0200 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual w... | R | |
| CVE-2003-0201 | Buffer overflow in the call_trans2open function in trans2.c for Samba 2.2.x before 2.2.8a, 2.0.10 an... | E S | |
| CVE-2003-0202 | The (1) halstead and (2) gather_stats scripts in metrics 1.0 allow local users to overwrite arbitrar... | S | |
| CVE-2003-0203 | Buffer overflow in moxftp 2.2 and earlier allows remote malicious FTP servers to execute arbitrary c... | E S | |
| CVE-2003-0204 | KDE 2 and KDE 3.1.1 and earlier 3.x versions allows attackers to execute arbitrary commands via (1) ... | S | |
| CVE-2003-0205 | gkrellm-newsticker gkrellm plugin before 0.3-3.1 allows remote attackers to execute arbitrary comman... | S | |
| CVE-2003-0206 | gkrellm-newsticker gkrellm plugin before 0.3-3.1 allows remote attackers to cause a denial of servic... | S | |
| CVE-2003-0207 | ps2epsi creates insecure temporary files when calling ghostscript, which allows local attackers to o... | S | |
| CVE-2003-0208 | Cross-site scripting (XSS) vulnerability in Macromedia Flash ad user tracking capability allows remo... | S | |
| CVE-2003-0209 | Integer overflow in the TCP stream reassembly module (stream4) for Snort 2.0 and earlier allows remo... | E S | |
| CVE-2003-0210 | Buffer overflow in the administration service (CSAdmin) for Cisco Secure ACS before 3.1.2 allows rem... | S | |
| CVE-2003-0211 | Memory leak in xinetd 2.3.10 allows remote attackers to cause a denial of service (memory consumptio... | E | |
| CVE-2003-0212 | handleAccept in rinetd before 0.62 does not properly resize the connection list when it becomes full... | S | |
| CVE-2003-0213 | ctrlpacket.c in PoPToP PPTP server before 1.1.4-b3 allows remote attackers to cause a denial of serv... | E S | |
| CVE-2003-0214 | run-mailcap in mime-support 3.22 and earlier allows local users to overwrite arbitrary files via a s... | S | |
| CVE-2003-0215 | SQL injection vulnerability in bttlxeForum 2.0 beta 3 and earlier allows remote attackers to bypass ... | S | |
| CVE-2003-0216 | Unknown vulnerability in Cisco Catalyst 7.5(1) allows local users to bypass authentication and gain ... | | |
| CVE-2003-0217 | Cross-site scripting (XSS) vulnerability in Neoteris Instant Virtual Extranet (IVE) 3.01 and earlier... | | |
| CVE-2003-0218 | Buffer overflow in PostMethod() function for Monkey HTTP Daemon (monkeyd) 0.6.1 and earlier allows r... | E S | |
| CVE-2003-0219 | Kerio Personal Firewall (KPF) 2.1.4 and earlier allows remote attackers to execute administrator com... | E S | |
| CVE-2003-0220 | Buffer overflow in the administrator authentication process for Kerio Personal Firewall (KPF) 2.1.4 ... | E S | |
| CVE-2003-0221 | The (1) dupatch and (2) setld utilities in HP Tru64 UNIX 5.1B PK1 and earlier allows local users to ... | | |
| CVE-2003-0222 | Stack-based buffer overflow in Oracle Net Services for Oracle Database Server 9i release 2 and earli... | S | |
| CVE-2003-0223 | Cross-site scripting vulnerability (XSS) in the ASP function responsible for redirection in Microsof... | | |
| CVE-2003-0224 | Buffer overflow in ssinc.dll for Microsoft Internet Information Services (IIS) 5.0 allows local user... | | |
| CVE-2003-0225 | The ASP function Response.AddHeader in Microsoft Internet Information Server (IIS) 4.0 and 5.0 does ... | | |
| CVE-2003-0226 | Microsoft Internet Information Services (IIS) 5.0 and 5.1 allows remote attackers to cause a denial ... | S | |
| CVE-2003-0227 | The logging capability for unicast and multicast transmissions in the ISAPI extension for Microsoft ... | | |
| CVE-2003-0228 | Directory traversal vulnerability in Microsoft Windows Media Player 7.1 and Windows Media Player for... | E S | |
| CVE-2003-0230 | Microsoft SQL Server 7, 2000, and MSDE allows local users to gain privileges by hijacking a named pi... | | |
| CVE-2003-0231 | Microsoft SQL Server 7, 2000, and MSDE allows local or remote authenticated users to cause a denial ... | | |
| CVE-2003-0232 | Microsoft SQL Server 7, 2000, and MSDE allows local users to execute arbitrary code via a certain re... | S | |
| CVE-2003-0233 | Heap-based buffer overflow in plugin.ocx for Internet Explorer 5.01, 5.5 and 6.0 allows remote attac... | | |
| CVE-2003-0235 | Format string vulnerability in POP3 client for Mirabilis ICQ Pro 2003a allows remote malicious serve... | | |
| CVE-2003-0236 | Integer signedness errors in the POP3 client for Mirabilis ICQ Pro 2003a allow remote attackers to e... | | |
| CVE-2003-0237 | The "ICQ Features on Demand" functionality for Mirabilis ICQ Pro 2003a does not properly verify the ... | S | |
| CVE-2003-0238 | The Message Session window in Mirabilis ICQ Pro 2003a allows remote attackers to cause a denial of s... | | |
| CVE-2003-0239 | icqateimg32.dll parsing/rendering library in Mirabilis ICQ Pro 2003a allows remote attackers to caus... | | |
| CVE-2003-0240 | The web-based administration capability for various Axis Network Camera products allows remote attac... | | |
| CVE-2003-0241 | FrontRange GoldMine mail agent 5.70 and 6.00 before 30503 directly sends HTML to the default browser... | E S | |
| CVE-2003-0242 | IPSec in Mac OS X before 10.2.6 does not properly handle certain incoming security policies that mat... | | |
| CVE-2003-0243 | Happycgi.com Happymall 4.3 and 4.4 allows remote attackers to execute arbitrary commands via shell m... | | |
| CVE-2003-0244 | The route cache implementation in Linux 2.4, and the Netfilter IP conntrack module, allows remote at... | S | |
| CVE-2003-0245 | Vulnerability in the apr_psprintf function in the Apache Portable Runtime (APR) library for Apache 2... | S | |
| CVE-2003-0246 | The ioperm system call in Linux kernel 2.4.20 and earlier does not properly restrict privileges, whi... | S | |
| CVE-2003-0247 | Unknown vulnerability in the TTY layer of the Linux kernel 2.4 allows attackers to cause a denial of... | S | |
| CVE-2003-0248 | The mxcsr code in Linux kernel 2.4 allows attackers to modify CPU state registers via a malformed ad... | S | |
| CVE-2003-0249 | PHP treats unknown methods such as "PoSt" as a GET request, which could allow attackers to intended ... | | |
| CVE-2003-0251 | ypserv NIS server before 2.7 allows remote attackers to cause a denial of service via a TCP client r... | S | |
| CVE-2003-0252 | Off-by-one error in the xlog function of mountd in the Linux NFS utils package (nfs-utils) before 1.... | E S | |
| CVE-2003-0253 | The prefork MPM in Apache 2 before 2.0.47 does not properly handle certain errors from accept, which... | S | |
| CVE-2003-0254 | Apache 2 before 2.0.47, when running on an IPv6 host, allows attackers to cause a denial of service ... | S | |
| CVE-2003-0255 | The key validation code in GnuPG before 1.2.2 does not properly determine the validity of keys with ... | S | |
| CVE-2003-0256 | The GnuPG plugin in kopete before 0.6.2 does not properly cleanse the command line when executing gp... | | |
| CVE-2003-0257 | Format string vulnerability in the printer capability for IBM AIX .3, 5.1, and 5.2 allows local user... | S | |
| CVE-2003-0258 | Cisco VPN 3000 series concentrators and Cisco VPN 3002 Hardware Client 3.5.x through 4.0.REL, when e... | S | |
| CVE-2003-0259 | Cisco VPN 3000 series concentrators and Cisco VPN 3002 Hardware Client 2.x.x through 3.6.7 allows re... | S | |
| CVE-2003-0260 | Cisco VPN 3000 series concentrators and Cisco VPN 3002 Hardware Client 2.x.x through 3.6.7A allow re... | S | |
| CVE-2003-0261 | fuzz 0.6 and earlier creates temporary files insecurely, which could allow local users to gain root ... | S | |
| CVE-2003-0262 | leksbot 1.2.3 in Debian GNU/Linux installs the KATAXWR as setuid root, which allows local users to g... | S | |
| CVE-2003-0263 | Multiple buffer overflows in Floosietek FTGate Pro Mail Server (FTGatePro) 1.22 allow remote attacke... | E S | |
| CVE-2003-0264 | Multiple buffer overflows in SLMail 5.1.0.4420 allows remote attackers to execute arbitrary code via... | S | |
| CVE-2003-0265 | Race condition in SDBINST for SAP database 7.3.0.29 creates critical files with world-writable permi... | E S | |
| CVE-2003-0266 | Multiple buffer overflows in SLWebMail 3 on Windows systems allows remote attackers to cause a denia... | | |
| CVE-2003-0267 | ShowGodLog.dll in SLWebMail 3 on Windows systems allows remote attackers to read arbitrary files by ... | | |
| CVE-2003-0268 | SLWebMail 3 on Windows systems allows remote attackers to identify the full path of the server via i... | | |
| CVE-2003-0269 | Buffer overflow in youbin allows local users to gain privileges via a long HOME environment variable... | E | |
| CVE-2003-0270 | The administration capability for Apple AirPort 802.11 wireless access point devices uses weak encry... | | |
| CVE-2003-0271 | Buffer overflow in Personal FTP Server allows remote attackers to execute arbitrary code via a long ... | E | |
| CVE-2003-0272 | admin.php in miniPortail allows remote attackers to gain administrative privileges by setting the mi... | | |
| CVE-2003-0273 | Cross-site scripting (XSS) vulnerability in the web interface for Request Tracker (RT) 1.0 through 1... | | |
| CVE-2003-0274 | Buffer overflow in catmail for ListProc 8.2.09 and earlier allows remote attackers to execute arbitr... | | |
| CVE-2003-0275 | SSI.php in YaBB SE 1.5.2 allows remote attackers to execute arbitrary PHP code by modifying the sour... | | |
| CVE-2003-0276 | Buffer overflow in Pi3Web 2.0.1 allows remote attackers to cause a denial of service (crash) and pos... | | |
| CVE-2003-0277 | Directory traversal vulnerability in normal_html.cgi in Happycgi.com Happymall 4.3 and 4.4 allows re... | | |
| CVE-2003-0278 | Cross-site scripting (XSS) vulnerability in normal_html.cgi in Happycgi.com Happymall 4.3 and 4.4 al... | | |
| CVE-2003-0279 | Multiple SQL injection vulnerabilities in the Web_Links module for PHP-Nuke 5.x through 6.5 allows r... | | |
| CVE-2003-0280 | Multiple buffer overflows in the SMTP Service for ESMTP CMailServer 4.0.2003.03.27 allow remote atta... | | |
| CVE-2003-0281 | Buffer overflow in Firebird 1.0.2 and other versions before 1.5, and possibly other products that us... | | |
| CVE-2003-0282 | Directory traversal vulnerability in UnZip 5.50 allows attackers to overwrite arbitrary files via in... | E S | |
| CVE-2003-0283 | Cross-site scripting (XSS) vulnerability in Phorum before 3.4.3 allows remote attackers to inject ar... | | |
| CVE-2003-0284 | Adobe Acrobat 5 does not properly validate JavaScript in PDF files, which allows remote attackers to... | S | |
| CVE-2003-0285 | IBM AIX 5.2 and earlier distributes Sendmail with a configuration file (sendmail.cf) with the (1) pr... | | |
| CVE-2003-0286 | SQL injection vulnerability in register.asp in Snitz Forums 2000 before 3.4.03, and possibly 3.4.07 ... | E S | |
| CVE-2003-0287 | Cross-site scripting (XSS) vulnerability in Movable Type before 2.6, and possibly other versions inc... | | |
| CVE-2003-0288 | Buffer overflow in the file & folder transfer mechanism for IP Messenger for Win 2.00 through 2.02 a... | S | |
| CVE-2003-0289 | Format string vulnerability in scsiopen.c of the cdrecord program in cdrtools 2.0 allows local users... | E S | |
| CVE-2003-0290 | Memory leak in eServ 2.9x allows remote attackers to cause a denial of service (memory exhaustion) v... | | |
| CVE-2003-0291 | 3com OfficeConnect Remote 812 ADSL Router 1.1.7 does not properly clear memory from DHCP responses, ... | S | |
| CVE-2003-0292 | Cross-site scripting (XSS) vulnerability in Inktomi Traffic-Server 5.5.1 allows remote attackers to ... | | |
| CVE-2003-0293 | PalmOS allows remote attackers to cause a denial of service (CPU consumption) via a flood of ICMP ec... | | |
| CVE-2003-0294 | autohtml.php in php-proxima 6.0 and earlier allows remote attackers to read arbitrary files via the ... | | |
| CVE-2003-0295 | Cross-site scripting (XSS) vulnerability in private.php for vBulletin 3.0.0 Beta 2 allows remote att... | | |
| CVE-2003-0296 | The IMAP Client for Evolution 1.2.4 allows remote malicious IMAP servers to cause a denial of servic... | | |
| CVE-2003-0297 | c-client IMAP Client, as used in imap-2002b and Pine 4.53, allows remote malicious IMAP servers to c... | | |
| CVE-2003-0298 | The IMAP Client for Mozilla 1.3 and 1.4a allows remote malicious IMAP servers to cause a denial of s... | | |
| CVE-2003-0299 | The IMAP Client, as used in mutt 1.4.1 and Balsa 2.0.10, allows remote malicious IMAP servers to cau... | | |
| CVE-2003-0300 | The IMAP Client for Sylpheed 0.8.11 allows remote malicious IMAP servers to cause a denial of servic... | | |
| CVE-2003-0301 | The IMAP Client for Outlook Express 6.00.2800.1106 allows remote malicious IMAP servers to cause a d... | | |
| CVE-2003-0302 | The IMAP Client for Eudora 5.2.1 allows remote malicious IMAP servers to cause a denial of service a... | | |
| CVE-2003-0303 | SQL injection vulnerability in one||zero (aka One or Zero) Helpdesk 1.4 rc4 allows remote attackers ... | E S | |
| CVE-2003-0304 | one||zero (aka One or Zero) Helpdesk 1.4 rc4 allows remote attackers to create administrator account... | E S | |
| CVE-2003-0305 | The Service Assurance Agent (SAA) in Cisco IOS 12.0 through 12.2, aka Response Time Reporter (RTR), ... | S | |
| CVE-2003-0306 | Buffer overflow in EXPLORER.EXE on Windows XP allows attackers to execute arbitrary code as the XP u... | | |
| CVE-2003-0307 | Poster version.two allows remote authenticated users to gain administrative privileges by appending ... | | |
| CVE-2003-0308 | The Sendmail 8.12.3 package in Debian GNU/Linux 3.0 does not securely create temporary files, which ... | S | |
| CVE-2003-0309 | Internet Explorer 5.01, 5.5, and 6.0 allows remote attackers to bypass security zone restrictions an... | | |
| CVE-2003-0310 | Cross-site scripting (XSS) vulnerability in articleview.php for eZ publish 2.2 allows remote attacke... | | |
| CVE-2003-0312 | Directory traversal vulnerability in Snowblind Web Server 1.0 allows remote attackers to read arbitr... | | |
| CVE-2003-0313 | Directory traversal vulnerability in Snowblind Web Server 1.0 allows remote attackers to list arbitr... | | |
| CVE-2003-0314 | Snowblind Web Server 1.0 allows remote attackers to cause a denial of service (crash) via a URL that... | | |
| CVE-2003-0315 | Snowblind Web Server 1.0 allows remote attackers to cause a denial of service (crash) and possibly e... | | |
| CVE-2003-0316 | Venturi Client before 2.2, as used in certain Fourelle and Venturi Wireless products, can be used as... | E S | |
| CVE-2003-0317 | iisPROTECT 2.1 and 2.2 allows remote attackers to bypass authentication via an HTTP request containi... | | |
| CVE-2003-0318 | Cross-site scripting (XSS) vulnerability in the Statistics module for PHP-Nuke 6.0 and earlier allow... | | |
| CVE-2003-0319 | Buffer overflow in the IMAP server (IMAPMax) for SmartMax MailMax 5.0.10.8 and earlier allows remote... | E S | |
| CVE-2003-0320 | header.php in ttCMS 2.3 and earlier allows remote attackers to inject arbitrary PHP code by setting ... | | |
| CVE-2003-0321 | Multiple buffer overflows in BitchX IRC client 1.0-0c19 and earlier allow remote malicious IRC serve... | S | |
| CVE-2003-0322 | Integer overflow in BitchX IRC client 1.0-0c19 and earlier allows remote malicious IRC servers to ca... | S | |
| CVE-2003-0323 | Multiple buffer overflows in ircII 20020912 allows remote malicious IRC servers to cause a denial of... | S | |
| CVE-2003-0324 | Buffer overflows in EPIC IRC Client (EPIC4) 1.0.1 allows remote malicious IRC servers to cause a den... | S | |
| CVE-2003-0325 | Buffer overflow in Maelstrom 3.0.6, 3.0.5, and earlier allows local users to execute arbitrary code ... | | |
| CVE-2003-0326 | Integer overflow in parse_decode_path() of slocate may allow attackers to execute arbitrary code via... | | |
| CVE-2003-0327 | Sybase Adaptive Server Enterprise (ASE) 12.5 allows remote attackers to cause a denial of service (h... | S | |
| CVE-2003-0328 | EPIC IRC Client (EPIC4) pre2.002, pre2.003, and possibly later versions, allows remote malicious IRC... | S | |
| CVE-2003-0329 | CesarFTP 0.99g stores user names and passwords in plaintext in the settings.ini file, which could al... | | |
| CVE-2003-0330 | Buffer overflow in unknown versions of Maelstrom allows local users to execute arbitrary code via a ... | | |
| CVE-2003-0331 | SQL injection vulnerability in ttForum allows remote attackers to execute arbitrary SQL and gain ttF... | | |
| CVE-2003-0332 | The ISAPI extension in BadBlue 1.7 through 2.2, and possibly earlier versions, modifies the first tw... | E S | |
| CVE-2003-0333 | Multiple buffer overflows in kermit in HP-UX 10.20 and 11.00 (C-Kermit 6.0.192 and possibly other ve... | | |
| CVE-2003-0334 | BitchX IRC client 1.0c20cvs and earlier allows attackers to cause a denial of service (core dump) vi... | S | |
| CVE-2003-0335 | rc.M in Slackware 9.0 calls quotacheck with the -M option, which causes the filesystem to be remount... | | |
| CVE-2003-0336 | Qualcomm Eudora 5.2.1 allows remote attackers to read arbitrary files via an email message with a ca... | | |
| CVE-2003-0337 | The ckconfig command in lsadmin for Load Sharing Facility (LSF) 5.1 allows local users to execute ar... | | |
| CVE-2003-0338 | Directory traversal vulnerability in WsMp3 daemon (WsMp3d) 0.0.10 and earlier allows remote attacker... | E | |
| CVE-2003-0339 | Multiple heap-based buffer overflows in WsMp3 daemon (WsMp3d) 0.0.10 and earlier allow remote attack... | | |
| CVE-2003-0340 | Demarc Puresecure 1.6 stores authentication information for the logging server in plaintext, which a... | | |
| CVE-2003-0341 | Cross-site scripting (XSS) vulnerability in Owl Intranet Engine 0.71 and earlier allows remote attac... | | |
| CVE-2003-0342 | BlackMoon FTP Server 2.6 Free Edition, and possibly other distributions and versions, stores user na... | | |
| CVE-2003-0343 | BlackMoon FTP Server 2.6 Free Edition, and possibly other distributions and versions, generates an "... | | |
| CVE-2003-0344 | Buffer overflow in Microsoft Internet Explorer 5.01, 5.5, and 6.0 allows remote attackers to execute... | S | |
| CVE-2003-0345 | Buffer overflow in the SMB capability for Microsoft Windows XP, 2000, and NT allows remote attackers... | S | |
| CVE-2003-0346 | Multiple integer overflows in a Microsoft Windows DirectX MIDI library (QUARTZ.DLL) allow remote att... | S | |
| CVE-2003-0347 | Heap-based buffer overflow in VBE.DLL and VBE6.DLL of Microsoft Visual Basic for Applications (VBA) ... | E S | |
| CVE-2003-0348 | A certain Microsoft Windows Media Player 9 Series ActiveX control allows remote attackers to view an... | | |
| CVE-2003-0349 | Buffer overflow in the streaming media component for logging multicast requests in the ISAPI for the... | E S | |
| CVE-2003-0350 | The control for listing accessibility options in the Accessibility Utility Manager on Windows 2000 (... | S | |
| CVE-2003-0351 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2003-0306. Reason: This candida... | R | |
| CVE-2003-0352 | Buffer overflow in a certain DCOM interface for RPC in Microsoft Windows NT 4.0, 2000, XP, and Serve... | E S | |
| CVE-2003-0353 | Buffer overflow in a component of SQL-DMO for Microsoft Data Access Components (MDAC) 2.5 through 2.... | | |
| CVE-2003-0354 | Unknown vulnerability in GNU Ghostscript before 7.07 allows attackers to execute arbitrary commands,... | S | |
| CVE-2003-0355 | Safari 1.0 Beta 2 (v73) and earlier does not validate the Common Name (CN) field for X.509 Certifica... | | |
| CVE-2003-0356 | Multiple off-by-one vulnerabilities in Ethereal 0.9.11 and earlier allow remote attackers to cause a... | S | |
| CVE-2003-0357 | Multiple integer overflow vulnerabilities in Ethereal 0.9.11 and earlier allow remote attackers to c... | S | |
| CVE-2003-0358 | Buffer overflow in (1) nethack 3.4.0 and earlier, and (2) falconseye 1.9.3 and earlier, which is bas... | E S | |
| CVE-2003-0359 | nethack 3.4.0 and earlier installs certain setgid binaries with insecure permissions, which allows l... | S | |
| CVE-2003-0360 | Multiple buffer overflows in gPS before 1.0.0 allow attackers to cause a denial of service and possi... | S | |
| CVE-2003-0361 | gPS before 1.1.0 does not properly follow the rgpsp connection source acceptation policy as specifie... | S | |
| CVE-2003-0362 | Buffer overflow in gPS before 0.10.2 may allow local users to cause a denial of service (SIGSEGV) in... | | |
| CVE-2003-0363 | Format string vulnerability in LICQ 1.2.6, 1.0.3 and possibly other versions allows remote attackers... | | |
| CVE-2003-0364 | The TCP/IP fragment reassembly handling in the Linux kernel 2.4 allows remote attackers to cause a d... | S | |
| CVE-2003-0365 | ICQLite 2003a creates the ICQ Lite directory with an ACE for "Full Control" privileges for Interacti... | | |
| CVE-2003-0366 | lyskom-server 2.0.7 and earlier allows unauthenticated users to cause a denial of service (CPU consu... | S | |
| CVE-2003-0367 | znew in the gzip package allows local users to overwrite arbitrary files via a symlink attack on tem... | S | |
| CVE-2003-0368 | Nokia Gateway GPRS support node (GGSN) allows remote attackers to cause a denial of service (kernel ... | S | |
| CVE-2003-0370 | Konqueror Embedded and KDE 2.2.2 and earlier does not validate the Common Name (CN) field for X.509 ... | S | |
| CVE-2003-0371 | Buffer overflow in Prishtina FTP client 1.x allows remote FTP servers to cause a denial of service (... | | |
| CVE-2003-0372 | Signed integer vulnerability in libnasl in Nessus before 2.0.6 allows local users with plugin upload... | | |
| CVE-2003-0373 | Multiple buffer overflows in libnasl in Nessus before 2.0.6 allow local users with plugin upload pri... | | |
| CVE-2003-0374 | Multiple unknown vulnerabilities in Nessus before 2.0.6, in libnessus and possibly libnasl, a differ... | | |
| CVE-2003-0375 | Cross-site scripting (XSS) vulnerability in member.php of XMBforum XMB 1.8.x (aka Partagium) allows ... | | |
| CVE-2003-0376 | Buffer overflow in Eudora 5.2.1 allows remote attackers to cause a denial of service (crash and fail... | | |
| CVE-2003-0377 | SQL injection vulnerability in the web-based administration interface for iisPROTECT 2.2-r4, and pos... | | |
| CVE-2003-0378 | The Kerberos login authentication feature in Mac OS X, when used with an LDAPv3 server and LDAP bind... | E S | |
| CVE-2003-0379 | Unknown vulnerability in Apple File Service (AFP Server) for Mac OS X Server, when sharing files on ... | S | |
| CVE-2003-0380 | Buffer overflow in atftp daemon (atftpd) 0.6.1 and earlier, and possibly later versions, allows remo... | E S | |
| CVE-2003-0381 | Multiple vulnerabilities in noweb 2.9 and earlier creates temporary files insecurely, which allows l... | S | |
| CVE-2003-0382 | Buffer overflow in Eterm 0.9.2 allows local users to gain privileges via a long ETERMPATH environmen... | S | |
| CVE-2003-0385 | Buffer overflow in xaos 3.0-23 and earlier, when running setuid, allows local users to gain root pri... | S | |
| CVE-2003-0386 | OpenSSH 3.6.1 and earlier, when restricting host access by numeric IP addresses and with VerifyRever... | E S | |
| CVE-2003-0388 | pam_wheel in Linux-PAM 0.78, with the trust option enabled and the use_uid option disabled, allows l... | E S | |
| CVE-2003-0389 | Cross-site scripting (XSS) vulnerability in the secure redirect function of RSA ACE/Agent 5.0 for Wi... | E S | |
| CVE-2003-0390 | Multiple buffer overflows in Options Parsing Tool (OPT) shared library 3.18 and earlier, when used i... | S | |
| CVE-2003-0391 | Format string vulnerability in Magic WinMail Server 2.3, and possibly other 2.x versions, allows rem... | | |
| CVE-2003-0392 | Directory traversal vulnerability in ST FTP Service 3.0 allows remote attackers to list arbitrary di... | | |
| CVE-2003-0393 | Privacyware Privatefirewall 3.0 does not block certain incoming packets when in "Filter Internet Tra... | | |
| CVE-2003-0394 | objects.inc.php4 in BLNews 2.1.3 allows remote attackers to execute arbitrary PHP code via a Server[... | | |
| CVE-2003-0395 | Ultimate PHP Board (UPB) 1.9 allows remote attackers to execute arbitrary PHP code with UPB administ... | | |
| CVE-2003-0396 | Buffer overflow in les for ATM on Linux (linux-atm) before 2.4.1, if used setuid, allows local users... | E S | |
| CVE-2003-0397 | Buffer overflow in FastTrack (FT) network code, as used in Kazaa 2.0.2 and possibly other versions a... | | |
| CVE-2003-0398 | Vignette StoryServer 4 and 5, and Vignette V/5 and V/6, with the SSI EXEC feature enabled, allows re... | S | |
| CVE-2003-0399 | Vignette StoryServer 4 and 5, Vignette V/5, and possibly other versions allows remote attackers to p... | S | |
| CVE-2003-0400 | Vignette StoryServer and Vignette V/5 does not properly calculate the size of text variables, which ... | E S | |
| CVE-2003-0401 | Vignette StoryServer and Vignette V/5 allows remote attackers to obtain sensitive information via a ... | | |
| CVE-2003-0402 | The default login template (/vgn/login) in Vignette StoryServer 5 and Vignette V/5 generates differe... | S | |
| CVE-2003-0403 | Vignette StoryServer 5 and Vignette V/5 allows remote attackers to read and modify license informati... | S | |
| CVE-2003-0404 | Multiple Cross Site Scripting (XSS) vulnerabilities in Vignette StoryServer 4 and 5, and Vignette V/... | E S | |
| CVE-2003-0405 | Vignette StoryServer 5 and Vignette V/6 allows remote attackers to execute arbitrary TCL code via (1... | S | |
| CVE-2003-0406 | PalmVNC 1.40 and earlier stores passwords in plaintext in the PalmVNCDB, which is backed up to PCs t... | | |
| CVE-2003-0407 | Buffer overflow in gbnserver for Gnome Batalla Naval 1.0.4 allows remote attackers to execute arbitr... | E | |
| CVE-2003-0408 | Buffer overflow in Uptime Client (UpClient) 5.0b7, and possibly other versions, allows local users t... | E S | |
| CVE-2003-0409 | Buffer overflow in BRS WebWeaver 1.04 and earlier allows remote attackers to cause a denial of servi... | E | |
| CVE-2003-0410 | Buffer overflow in AnalogX Proxy 4.13 allows remote attackers to execute arbitrary code via a long U... | S | |
| CVE-2003-0411 | Sun ONE Application Server 7.0 for Windows 2000/XP allows remote attackers to obtain JSP source code... | E S | |
| CVE-2003-0412 | Sun ONE Application Server 7.0 for Windows 2000/XP does not log the complete URI of a long HTTP requ... | S | |
| CVE-2003-0413 | Cross-site scripting (XSS) vulnerability in the webapps-simple sample application for (1) Sun ONE Ap... | E S | |
| CVE-2003-0414 | The installation of Sun ONE Application Server 7.0 for Windows 2000/XP creates a statefile with worl... | | |
| CVE-2003-0415 | Remote PC Access Server 2.2 allows remote attackers to cause a denial of service (crash) by receivin... | E S | |
| CVE-2003-0416 | Cross-site scripting (XSS) vulnerability in index.cgi for Bandmin 1.4 allows remote attackers to ins... | E | |
| CVE-2003-0417 | Directory traversal vulnerability in Son hServer 0.2 allows remote attackers to read arbitrary files... | | |
| CVE-2003-0418 | The Linux 2.0 kernel IP stack does not properly calculate the size of an ICMP citation, which causes... | E S | |
| CVE-2003-0419 | SMC Networks Barricade Wireless Cable/DSL Broadband Router SMC7004VWBR allows remote attackers to ca... | E S | |
| CVE-2003-0420 | Information leak in dsimportexport for Apple Macintosh OS X Server 10.2.6 allows local users to obta... | S | |
| CVE-2003-0421 | Apple QuickTime / Darwin Streaming Server before 4.1.3f allows remote attackers to cause a denial of... | | |
| CVE-2003-0422 | Apple QuickTime / Darwin Streaming Server before 4.1.3f allows remote attackers to cause a denial of... | | |
| CVE-2003-0423 | parse_xml.cgi in Apple QuickTime / Darwin Streaming Server before 4.1.3g allows remote attackers to ... | E | |
| CVE-2003-0424 | Apple QuickTime / Darwin Streaming Server before 4.1.3f allows remote attackers to obtain the source... | E | |
| CVE-2003-0425 | Directory traversal vulnerability in Apple QuickTime / Darwin Streaming Server before 4.1.3f allows ... | E | |
| CVE-2003-0426 | The installation of Apple QuickTime / Darwin Streaming Server before 4.1.3f starts the administratio... | E | |
| CVE-2003-0427 | Buffer overflow in mikmod 3.1.6 and earlier allows remote attackers to execute arbitrary code via an... | S | |
| CVE-2003-0428 | Unknown vulnerability in the DCERPC (DCE/RPC) dissector in Ethereal 0.9.12 and earlier allows remote... | S | |
| CVE-2003-0429 | The OSI dissector in Ethereal 0.9.12 and earlier allows remote attackers to cause a denial of servic... | S | |
| CVE-2003-0430 | The SPNEGO dissector in Ethereal 0.9.12 and earlier allows remote attackers to cause a denial of ser... | S | |
| CVE-2003-0431 | The tvb_get_nstringz0 function in Ethereal 0.9.12 and earlier does not properly handle a zero-length... | S | |
| CVE-2003-0432 | Ethereal 0.9.12 and earlier does not handle certain strings properly, with unknown consequences, in ... | S | |
| CVE-2003-0433 | Multiple buffer overflows in gnocatan 0.6.1 and earlier allow attackers to execute arbitrary code.... | S | |
| CVE-2003-0434 | Various PDF viewers including (1) Adobe Acrobat 5.06 and (2) Xpdf 1.01 allow remote attackers to exe... | S | |
| CVE-2003-0435 | Buffer overflow in net_swapscore for typespeed 0.4.1 and earlier allows remote attackers to execute ... | S | |
| CVE-2003-0436 | Buffer overflow in search.cgi for mnoGoSearch 3.1.20 allows remote attackers to execute arbitrary co... | E S | |
| CVE-2003-0437 | Buffer overflow in search.cgi for mnoGoSearch 3.2.10 allows remote attackers to execute arbitrary co... | E S | |
| CVE-2003-0438 | eldav WebDAV client for Emacs, version 0.7.2 and earlier, allows local users to create or overwrite ... | S | |
| CVE-2003-0439 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual w... | R | |
| CVE-2003-0440 | The (1) semi MIME library 1.14.5 and earlier, and (2) wemi 1.14.0 and possibly other versions, allow... | S | |
| CVE-2003-0441 | Multiple buffer overflows in Orville Write (orville-write) 2.53 and earlier allow local users to gai... | S | |
| CVE-2003-0442 | Cross-site scripting (XSS) vulnerability in the transparent SID support capability for PHP before 4.... | E S | |
| CVE-2003-0444 | Heap-based buffer overflow in GTKSee 0.5 and 0.5.1 allows remote attackers to execute arbitrary code... | S | |
| CVE-2003-0445 | Buffer overflow in webfs before 1.17.1 allows remote attackers to execute arbitrary code via an HTTP... | S | |
| CVE-2003-0446 | Cross-site scripting (XSS) in Internet Explorer 5.5 and 6.0, possibly in a component that is also us... | E | |
| CVE-2003-0447 | The Custom HTTP Errors capability in Internet Explorer 5.01, 5.5 and 6.0 allows remote attackers to ... | E | |
| CVE-2003-0448 | Portmon 1.7 and possibly earlier versions allows local users to read and write arbitrary files via t... | | |
| CVE-2003-0449 | Progress Database 9.1 to 9.1D06 trusts user input to find and load libraries using dlopen, which all... | E S | |
| CVE-2003-0450 | Cistron RADIUS daemon (radiusd-cistron) 1.6.6 and earlier allows remote attackers to cause a denial ... | E S | |
| CVE-2003-0451 | Multiple buffer overflows in xbl before 1.0k allow local users to gain privileges via certain long c... | S | |
| CVE-2003-0452 | Buffer overflows in osh before 1.7-11 allow local users to execute arbitrary code and bypass shell r... | S | |
| CVE-2003-0453 | traceroute-nanog 6.1.1 allows local users to overwrite unauthorized memory and possibly execute arbi... | | |
| CVE-2003-0454 | Multiple buffer overflows in xgalaga 2.0.34 and earlier allow local users to gain privileges via a l... | | |
| CVE-2003-0455 | The imagemagick libmagick library 5.5 and earlier creates temporary files insecurely, which allows l... | S | |
| CVE-2003-0456 | VisNetic WebSite 3.5 allows remote attackers to obtain the full pathname of the server via a request... | E S | |
| CVE-2003-0458 | Unknown vulnerability in HP NonStop Server D40.00 through D48.03, and G01.00 through G06.20, allows ... | S | |
| CVE-2003-0459 | KDE Konqueror for KDE 3.1.2 and earlier does not remove authentication credentials from URLs of the ... | S | |
| CVE-2003-0460 | The rotatelogs program on Apache before 1.3.28, for Windows and OS/2 systems, does not properly igno... | S | |
| CVE-2003-0461 | /proc/tty/driver/serial in Linux 2.4.x reveals the exact number of characters used in serial links, ... | S | |
| CVE-2003-0462 | A race condition in the way env_start and env_end pointers are initialized in the execve system call... | S | |
| CVE-2003-0463 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was wi... | R | |
| CVE-2003-0464 | The RPC code in Linux kernel 2.4 sets the reuse flag when sockets are created, which could allow loc... | S | |
| CVE-2003-0465 | The kernel strncpy function in Linux 2.4 and 2.5 does not %NUL pad the buffer on architectures other... | S | |
| CVE-2003-0466 | Off-by-one error in the fb_realpath() function, as derived from the realpath function in BSD, may al... | E S | |
| CVE-2003-0467 | Unknown vulnerability in ip_nat_sack_adjust of Netfilter in Linux kernels 2.4.20, and some 2.5.x, wh... | | |
| CVE-2003-0468 | Postfix 1.1.11 and earlier allows remote attackers to use Postfix to conduct "bounce scans" or DDos ... | S | |
| CVE-2003-0469 | Buffer overflow in the HTML Converter (HTML32.cnv) on various Windows operating systems allows remot... | | |
| CVE-2003-0470 | Buffer overflow in the "RuFSI Utility Class" ActiveX control (aka "RuFSI Registry Information Class"... | | |
| CVE-2003-0471 | Buffer overflow in WebAdmin.exe for WebAdmin allows remote attackers to execute arbitrary code via a... | | |
| CVE-2003-0472 | The IPv6 capability in IRIX 6.5.19 allows remote attackers to cause a denial of service (hang) in in... | S | |
| CVE-2003-0473 | Unknown vulnerability in the IPv6 capability in IRIX 6.5.19 causes snoop to process packets as the r... | S | |
| CVE-2003-0474 | Directory traversal vulnerability in iWeb Server allows remote attackers to read arbitrary files via... | | |
| CVE-2003-0475 | Directory traversal vulnerability in iWeb Server 2 allows remote attackers to read arbitrary files v... | | |
| CVE-2003-0476 | The execve system call in Linux 2.4.x records the file descriptor of the executable process in the f... | S | |
| CVE-2003-0477 | wzdftpd 0.1rc4 and earlier allows remote attackers to cause a denial of service (crash) via a PORT c... | S | |
| CVE-2003-0478 | Format string vulnerability in (1) Bahamut IRCd 1.4.35 and earlier, and other IRC daemons based on B... | | |
| CVE-2003-0479 | Cross-site scripting (XSS) vulnerability in the guestbook for WebBBS allows remote attackers to inse... | | |
| CVE-2003-0480 | VMware Workstation 4.0 for Linux allows local users to overwrite arbitrary files and gain privileges... | S | |
| CVE-2003-0481 | Multiple cross-site scripting (XSS) vulnerabilities in TUTOS 1.1 allow remote attackers to insert ar... | | |
| CVE-2003-0482 | TUTOS 1.1 allows remote attackers to execute arbitrary code by uploading the code using file_new.php... | | |
| CVE-2003-0483 | Cross-site scripting (XSS) vulnerabilities in XMB Forum 1.8 Partagium allow remote attackers to inse... | | |
| CVE-2003-0484 | Cross-site scripting (XSS) vulnerability in viewtopic.php for phpBB allows remote attackers to inser... | | |
| CVE-2003-0485 | Buffer overflow in Progress 4GL Compiler 9.1D06 and earlier allows attackers to execute arbitrary co... | | |
| CVE-2003-0486 | SQL injection vulnerability in viewtopic.php for phpBB 2.0.5 and earlier allows remote attackers to ... | E S | |
| CVE-2003-0487 | Multiple buffer overflows in Kerio MailServer 5.6.3 allow remote authenticated users to cause a deni... | E S | |
| CVE-2003-0488 | Multiple cross-site scripting (XSS) vulnerabilities in Kerio MailServer 5.6.3 allow remote attackers... | E S | |
| CVE-2003-0489 | tcptraceroute 1.4 and earlier does not fully drop privileges after obtaining a file descriptor for c... | S | |
| CVE-2003-0490 | The installation of Dantz Retrospect Client 5.0.540 on MacOS X 10.2.6, and possibly other versions, ... | | |
| CVE-2003-0491 | The Tutorials 2.0 module in XOOPS and E-XOOPS allows remote attackers to execute arbitrary code by u... | | |
| CVE-2003-0492 | Cross-site scripting (XSS) vulnerability in search.asp for Snitz Forums 3.4.03 and earlier allows re... | E | |
| CVE-2003-0493 | Snitz Forums 3.4.03 and earlier allows attackers to gain privileges as other users by stealing and r... | | |
| CVE-2003-0494 | password.asp in Snitz Forums 3.4.03 and earlier allows remote attackers to reset passwords and gain ... | | |
| CVE-2003-0495 | Cross-site scripting (XSS) vulnerability in LedNews 0.7 allows remote attackers to insert arbitrary ... | | |
| CVE-2003-0496 | Microsoft SQL Server before Windows 2000 SP4 allows local users to gain privileges as the SQL Server... | E S | |
| CVE-2003-0497 | Caché Database 5.x installs /cachesys/bin/cache with world-writable permissions, which allows local ... | | |
| CVE-2003-0498 | Caché Database 5.x installs the /cachesys/csp directory with insecure permissions, which allows loca... | | |
| CVE-2003-0499 | Mantis 0.17.5 and earlier stores its database password in cleartext in a world-readable configuratio... | | |
| CVE-2003-0500 | SQL injection vulnerability in the PostgreSQL authentication module (mod_sql_postgres) for ProFTPD b... | S | |
| CVE-2003-0501 | The /proc filesystem in Linux allows local users to obtain sensitive information by opening various ... | S | |
| CVE-2003-0502 | Apple QuickTime / Darwin Streaming Server before 4.1.3g allows remote attackers to cause a denial of... | E | |
| CVE-2003-0503 | Buffer overflow in the ShellExecute API function of SHELL32.DLL in Windows 2000 before SP4 may allow... | | |
| CVE-2003-0504 | Multiple cross-site scripting (XSS) vulnerabilities in Phpgroupware 0.9.14.003 (aka webdistro) allow... | | |
| CVE-2003-0505 | Directory traversal vulnerability in Microsoft NetMeeting 3.01 2000 before SP4 allows remote attacke... | S | |
| CVE-2003-0506 | Microsoft NetMeeting 3.01 2000 before SP4 allows remote attackers to cause a denial of service (shut... | | |
| CVE-2003-0507 | Stack-based buffer overflow in Active Directory in Windows 2000 before SP4 allows remote attackers t... | S | |
| CVE-2003-0508 | Buffer overflow in the WWWLaunchNetscape function of Adobe Acrobat Reader (acroread) 5.0.7 and earli... | | |
| CVE-2003-0509 | SQL injection vulnerability in Cyberstrong eShop 4.2 and earlier allows remote attackers to steal au... | | |
| CVE-2003-0510 | Format string vulnerability in ezbounce 1.0 through 1.50 allows remote attackers to execute arbitrar... | | |
| CVE-2003-0511 | The web server for Cisco Aironet AP1x00 Series Wireless devices running certain versions of IOS 12.2... | | |
| CVE-2003-0512 | Cisco IOS 12.2 and earlier generates a "% Login invalid" message instead of prompting for a password... | | |
| CVE-2003-0513 | Microsoft Internet Explorer allows remote attackers to bypass intended cookie access restrictions on... | E | |
| CVE-2003-0514 | Apple Safari allows remote attackers to bypass intended cookie access restrictions on a web applicat... | E | |
| CVE-2003-0515 | SQL injection vulnerabilities in the (1) PostgreSQL or (2) MySQL authentication modules for teapop 0... | S | |
| CVE-2003-0516 | cnd.c in mgetty 1.1.28 and earlier does not properly filter non-printable characters and quotes, whi... | S | |
| CVE-2003-0517 | faxrunqd.in in mgetty 1.1.28 and earlier allows local users to overwrite files via a symlink attack ... | | |
| CVE-2003-0518 | The screen saver in MacOS X allows users with physical access to cause the screen saver to crash and... | S | |
| CVE-2003-0519 | Certain versions of Internet Explorer 5 and 6, in certain Windows environments, allow remote attacke... | | |
| CVE-2003-0520 | Trillian 1.0 Pro and 0.74 Freeware allows remote attackers to cause a denial of service (crash) via ... | | |
| CVE-2003-0521 | Cross-site scripting (XSS) vulnerability in cPanel 6.4.2 allows remote attackers to insert arbitrary... | | |
| CVE-2003-0522 | Multiple SQL injection vulnerabilities in ProductCart 1.5 through 2 allow remote attackers to (1) ga... | | |
| CVE-2003-0523 | Cross-site scripting (XSS) vulnerability in msg.asp for certain versions of ProductCart allow remote... | | |
| CVE-2003-0524 | Qt in Knoppix 3.1 Live CD allows local users to overwrite arbitrary files via a symlink attack on th... | | |
| CVE-2003-0525 | The getCanonicalPath function in Windows NT 4.0 may free memory that it does not own and cause heap ... | | |
| CVE-2003-0526 | Cross-site scripting (XSS) vulnerability in Microsoft Internet Security and Acceleration (ISA) Serve... | | |
| CVE-2003-0528 | Heap-based buffer overflow in the Distributed Component Object Model (DCOM) interface in the RPCSS S... | S | |
| CVE-2003-0530 | Buffer overflow in the BR549.DLL ActiveX control for Internet Explorer 5.01 SP3 through 6.0 SP1 allo... | | |
| CVE-2003-0531 | Internet Explorer 5.01 SP3 through 6.0 SP1 allows remote attackers to access and execute script in t... | | |
| CVE-2003-0532 | Internet Explorer 5.01 SP3 through 6.0 SP1 does not properly determine object types that are returne... | E | |
| CVE-2003-0533 | Stack-based buffer overflow in certain Active Directory service functions in LSASRV.DLL of the Local... | S | |
| CVE-2003-0535 | Buffer overflow in xbl 1.0k and earlier allows local users to gain privileges via a long -display co... | S | |
| CVE-2003-0536 | Directory traversal vulnerability in phpSysInfo 2.1 and earlier allows attackers with write access t... | S | |
| CVE-2003-0537 | The liece Emacs IRC client 2.0+0.20030527 and earlier creates temporary files insecurely, which coul... | S | |
| CVE-2003-0538 | The mailcap file for mozart 1.2.5 and earlier causes Oz applications to be passed to the Oz interpre... | S | |
| CVE-2003-0539 | skk (Simple Kana to Kanji conversion program) 12.1 and earlier, and the ddskk package which is based... | S | |
| CVE-2003-0540 | The address parser code in Postfix 1.1.12 and earlier allows remote attackers to cause a denial of s... | S | |
| CVE-2003-0541 | gtkhtml before 1.1.10, as used in Evolution, allows remote attackers to cause a denial of service (c... | S | |
| CVE-2003-0542 | Multiple stack-based buffer overflows in (1) mod_alias and (2) mod_rewrite for Apache before 1.3.29 ... | S | |
| CVE-2003-0543 | Integer overflow in OpenSSL 0.9.6 and 0.9.7 allows remote attackers to cause a denial of service (cr... | S | |
| CVE-2003-0544 | OpenSSL 0.9.6 and 0.9.7 does not properly track the number of characters in certain ASN.1 inputs, wh... | S | |
| CVE-2003-0545 | Double free vulnerability in OpenSSL 0.9.7 allows remote attackers to cause a denial of service (cra... | S | |
| CVE-2003-0546 | up2date 3.0.7 and 3.1.23 does not properly verify RPM GPG signatures, which could allow remote attac... | | |
| CVE-2003-0547 | GDM before 2.4.1.6, when using the "examine session errors" feature, allows local users to read arbi... | S | |
| CVE-2003-0548 | The X Display Manager Control Protocol (XDMCP) support for GDM before 2.4.1.6 allows attackers to ca... | S | |
| CVE-2003-0549 | The X Display Manager Control Protocol (XDMCP) support for GDM before 2.4.1.6 allows attackers to ca... | S | |
| CVE-2003-0550 | The STP protocol, as enabled in Linux 2.4.x, does not provide sufficient security by design, which a... | S | |
| CVE-2003-0551 | The STP protocol implementation in Linux 2.4.x does not properly verify certain lengths, which could... | E S | |
| CVE-2003-0552 | Linux 2.4.x allows remote attackers to spoof the bridge Forwarding table via forged packets whose so... | S | |
| CVE-2003-0553 | Buffer overflow in the Client Detection Tool (CDT) plugin (npcdt.dll) for Netscape 7.02 allows remot... | | |
| CVE-2003-0554 | NeoModus Direct Connect 1.0 build 9, and possibly other versions, allows remote attackers to cause a... | | |
| CVE-2003-0555 | ImageMagick 5.4.3.x and earlier allows attackers to cause a denial of service (crash) and possibly e... | | |
| CVE-2003-0556 | Polycom MGC 25 allows remote attackers to cause a denial of service (crash) via a large number of "u... | | |
| CVE-2003-0557 | SQL injection vulnerability in login.asp for StoreFront 6.0, and possibly earlier versions, allows r... | | |
| CVE-2003-0558 | Buffer overflow in LeapFTP 2.7.3.600 allows remote FTP servers to execute arbitrary code via a long ... | | |
| CVE-2003-0559 | mainfile.php in phpforum 2 RC-1, and possibly earlier versions, allows remote attackers to execute a... | | |
| CVE-2003-0560 | SQL injection vulnerability in shopexd.asp for VP-ASP allows remote attackers to gain administrator ... | E | |
| CVE-2003-0561 | Multiple buffer overflows in IglooFTP PRO 3.8 allow remote FTP servers to execute arbitrary code via... | | |
| CVE-2003-0562 | Buffer overflow in the CGI2PERL.NLM PERL handler in Novell Netware 5.1 and 6.0 allows remote attacke... | | |
| CVE-2003-0564 | Multiple vulnerabilities in multiple vendor implementations of the Secure/Multipurpose Internet Mail... | S | |
| CVE-2003-0565 | Multiple vulnerabilities in multiple vendor implementations of the X.400 protocol allow remote attac... | | |
| CVE-2003-0567 | Cisco IOS 11.x and 12.0 through 12.2 allows remote attackers to cause a denial of service (traffic b... | E S | |
| CVE-2003-0568 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual w... | R | |
| CVE-2003-0569 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual w... | R | |
| CVE-2003-0570 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual w... | R | |
| CVE-2003-0571 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual w... | R | |
| CVE-2003-0572 | Unknown vulnerability in nsd in SGI IRIX 6.5.x through 6.5.20f, and possibly earlier versions, allow... | S | |
| CVE-2003-0573 | The DNS callbacks in nsd in SGI IRIX 6.5.x through 6.5.20f, and possibly earlier versions, do not pe... | S | |
| CVE-2003-0574 | Unknown vulnerability in SGI IRIX 6.5.x through 6.5.20, and possibly earlier versions, allows local ... | S | |
| CVE-2003-0575 | Heap-based buffer overflow in the name services daemon (nsd) in SGI IRIX 6.5.x through 6.5.21f, and ... | S | |
| CVE-2003-0576 | Unknown vulnerability in the NFS daemon (nfsd) in SGI IRIX 6.5.19f and earlier allows remote attacke... | | |
| CVE-2003-0577 | mpg123 0.59r allows remote attackers to cause a denial of service and possibly execute arbitrary cod... | S | |
| CVE-2003-0578 | cci_dir in IBM U2 UniVerse 10.0.0.9 and earlier creates hard links and unlinks files as root, which ... | E | |
| CVE-2003-0579 | uvadmsh in IBM U2 UniVerse 10.0.0.9 and earlier trusts the user-supplied -uv.install command line op... | E | |
| CVE-2003-0580 | Buffer overflow in uvadmsh in IBM U2 UniVerse 10.0.0.9 and earlier allows the uvadm user to execute ... | E S | |
| CVE-2003-0581 | X Fontserver for Truetype fonts (xfstt) 1.4 allows remote attackers to cause a denial of service and... | S | |
| CVE-2003-0582 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2003-0504. Reason: This candida... | R | |
| CVE-2003-0583 | Buffer overflow in Backup and Restore Utility for Unix (BRU) 17.0 and earlier, when running setuid, ... | | |
| CVE-2003-0584 | Format string vulnerability in Backup and Restore Utility for Unix (BRU) 17.0 and earlier, when runn... | | |
| CVE-2003-0585 | SQL injection vulnerability in login.asp of Brooky eStore 1.0.1 through 1.0.2b allows remote attacke... | | |
| CVE-2003-0586 | Brooky eStore 1.0.1 through 1.0.2b allows remote attackers to obtain sensitive path information via ... | | |
| CVE-2003-0587 | Cross-site scripting (XSS) vulnerability in Infopop Ultimate Bulletin Board (UBB) 6.x allows remote ... | | |
| CVE-2003-0588 | admin.php in Digi-news 1.1 allows remote attackers to bypass authentication via a cookie with the us... | | |
| CVE-2003-0589 | admin.php in Digi-ads 1.1 allows remote attackers to bypass authentication via a cookie with the use... | | |
| CVE-2003-0590 | Cross-site scripting (XSS) vulnerability in Splatt Forum allows remote attackers to insert arbitrary... | | |
| CVE-2003-0591 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate is a d... | R | |
| CVE-2003-0592 | Konqueror in KDE 3.1.3 and earlier (kdelibs) allows remote attackers to bypass intended cookie acces... | E S | |
| CVE-2003-0593 | Opera allows remote attackers to bypass intended cookie access restrictions on a web application via... | E | |
| CVE-2003-0594 | Mozilla allows remote attackers to bypass intended cookie access restrictions on a web application v... | E | |
| CVE-2003-0595 | Buffer overflow in WiTango Application Server and Tango 2000 allows remote attackers to execute arbi... | E | |
| CVE-2003-0596 | FDclone 2.00a, and other versions before 2.02a, creates temporary directories with predictable names... | | |
| CVE-2003-0597 | Unknown vulnerability in display of Merge before 5.3.23a in UnixWare 7.1.x allows local users to gai... | | |
| CVE-2003-0598 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2003-0657. Reason: This candida... | R | |
| CVE-2003-0599 | Unknown vulnerability in the Virtual File System (VFS) capability for phpGroupWare 0.9.16preRC and v... | | |
| CVE-2003-0601 | Workgroup Manager in Apple Mac OS X Server 10.2 through 10.2.6 does not disable a password for a new... | S | |
| CVE-2003-0602 | Multiple cross-site scripting vulnerabilities (XSS) in Bugzilla 2.16.x before 2.16.3 and 2.17.x befo... | S | |
| CVE-2003-0603 | Bugzilla 2.16.x before 2.16.3, 2.17.x before 2.17.4, and earlier versions allows local users to over... | S | |
| CVE-2003-0604 | Windows Media Player (WMP) 7 and 8, as running on Internet Explorer and possibly other Microsoft pro... | | |
| CVE-2003-0605 | The RPC DCOM interface in Windows 2000 SP3 and SP4 allows remote attackers to cause a denial of serv... | | |
| CVE-2003-0606 | sup 1.8 and earlier does not properly create temporary files, which allows local users to overwrite ... | S | |
| CVE-2003-0607 | Buffer overflow in xconq 7.4.1 allows local users to become part of the "games" group via the (1) US... | S | |
| CVE-2003-0609 | Stack-based buffer overflow in the runtime linker, ld.so.1, on Solaris 2.6 through 9 allows local us... | | |
| CVE-2003-0610 | Directory traversal vulnerability in ePO agent for McAfee ePolicy Orchestrator 3.0 allows remote att... | S | |
| CVE-2003-0611 | Multiple buffer overflows in xtokkaetama 1.0 allow local users to gain privileges via a long (1) -di... | S | |
| CVE-2003-0612 | Multiple buffer overflows in main.c for Crafty 19.3 allow local users to gain group "games" privileg... | | |
| CVE-2003-0613 | Buffer overflow in zblast-svgalib of zblast 1.2.1 and earlier allows local users to execute arbitrar... | S | |
| CVE-2003-0614 | Cross-site scripting (XSS) vulnerability in search.php of Gallery 1.1 through 1.3.4 allows remote at... | S | |
| CVE-2003-0615 | Cross-site scripting (XSS) vulnerability in start_form() of CGI.pm allows remote attackers to insert... | S | |
| CVE-2003-0616 | Format string vulnerability in ePO service for McAfee ePolicy Orchestrator 2.0, 2.5, and 2.5.1 allow... | | |
| CVE-2003-0617 | mindi 0.58 and earlier does not properly create temporary files, which allows local users to overwri... | S | |
| CVE-2003-0618 | Multiple vulnerabilities in suidperl 5.6.1 and earlier allow a local user to obtain sensitive inform... | S | |
| CVE-2003-0619 | Integer signedness error in the decode_fh function of nfs3xdr.c in Linux kernel before 2.4.21 allows... | | |
| CVE-2003-0620 | Multiple buffer overflows in man-db 2.4.1 and earlier, when installed setuid, allow local users to g... | S | |
| CVE-2003-0621 | The Administration Console for BEA Tuxedo 8.1 and earlier allows remote attackers to determine the e... | E S | |
| CVE-2003-0622 | The Administration Console for BEA Tuxedo 8.1 and earlier allows remote attackers to cause a denial ... | E S | |
| CVE-2003-0623 | Cross-site scripting (XSS) vulnerability in the Administration Console for BEA Tuxedo 8.1 and earlie... | E S | |
| CVE-2003-0624 | Cross-site scripting (XSS) vulnerability in InteractiveQuery.jsp for BEA WebLogic 8.1 and earlier al... | E S | |
| CVE-2003-0625 | Off-by-one error in certain versions of xfstt allows remote attackers to read potentially sensitive ... | E S | |
| CVE-2003-0626 | psdoccgi.exe in PeopleSoft PeopleTools 8.4 through 8.43 allows remote attackers to read arbitrary fi... | S | |
| CVE-2003-0627 | psdoccgi.exe in PeopleSoft PeopleTools 8.4 through 8.43 allows remote attackers to cause a denial of... | | |
| CVE-2003-0628 | PeopleSoft Gateway Administration servlet (gateway.administration) in PeopleTools 8.43 and earlier a... | | |
| CVE-2003-0629 | Cross-site scripting (XSS) vulnerability in PeopleSoft IScript environment for PeopleTools 8.43 and ... | | |
| CVE-2003-0630 | Multiple buffer overflows in the atari800.svgalib setuid program of the Atari 800 emulator (atari800... | S | |
| CVE-2003-0631 | VMware GSX Server 2.5.1 build 4968 and earlier, and Workstation 4.0 and earlier, allows local users ... | | |
| CVE-2003-0632 | Buffer overflow in the Oracle Applications Web Report Review (FNDWRR) CGI program (FNDWRR.exe) of Or... | | |
| CVE-2003-0633 | Multiple vulnerabilities in aoljtest.jsp of Oracle Applications AOL/J Setup Test Suite in Oracle E-B... | | |
| CVE-2003-0634 | Stack-based buffer overflow in the PL/SQL EXTPROC functionality for Oracle9i Database Release 2 and ... | S | |
| CVE-2003-0635 | Unknown vulnerability or vulnerabilities in Novell iChain 2.2 before Support Pack 1, with unknown im... | | |
| CVE-2003-0636 | Novell iChain 2.2 before Support Pack 1 does not properly verify that URL redirects match the DNS na... | S | |
| CVE-2003-0637 | Novell iChain 2.2 before Support Pack 1 uses a shorter timeout for a non-existent user than a valid ... | S | |
| CVE-2003-0638 | Multiple buffer overflows in Novell iChain 2.1 before Field Patch 3, and iChain 2.2 before Field Pat... | | |
| CVE-2003-0639 | Unknown vulnerability in Novell iChain 2.2 before Support Pack 1 allows users to access restricted o... | | |
| CVE-2003-0640 | BEA WebLogic Server and Express, when using NodeManager to start servers, provides Operator users wi... | S | |
| CVE-2003-0641 | WatchGuard ServerLock for Windows 2000 before SL 2.0.3 allows local users to load arbitrary modules ... | | |
| CVE-2003-0642 | WatchGuard ServerLock for Windows 2000 before SL 2.0.4 allows local users to access kernel memory vi... | | |
| CVE-2003-0643 | Integer signedness error in the Linux Socket Filter implementation (filter.c) in Linux 2.4.3-pre3 to... | | |
| CVE-2003-0644 | Kdbg 1.1.0 through 1.2.8 does not check permissions of the .kdbgrc file, which allows local users to... | S | |
| CVE-2003-0645 | man-db 2.3.12 and 2.3.18 to 2.4.1 uses certain user-controlled DEFINE directives from the ~/.manpath... | S | |
| CVE-2003-0646 | Multiple buffer overflows in ActiveX controls used by Trend Micro HouseCall 5.5 and 5.7, and Damage ... | | |
| CVE-2003-0647 | Buffer overflow in the HTTP server for Cisco IOS 12.2 and earlier allows remote attackers to execute... | S | |
| CVE-2003-0648 | Multiple buffer overflows in vfte, based on FTE, before 0.50, allow local users to execute arbitrary... | S | |
| CVE-2003-0649 | Buffer overflow in xpcd-svga for xpcd 2.08 and earlier allows local users to execute arbitrary code ... | S | |
| CVE-2003-0650 | Directory traversal vulnerability in GSAPAK.EXE for GameSpy Arcade, possibly versions before 1.3e, a... | E S | |
| CVE-2003-0651 | Buffer overflow in the mylo_log logging function for mod_mylo 0.2.1 and earlier allows remote attack... | E S | |
| CVE-2003-0652 | Buffer overflow in xtokkaetama allows local users to gain privileges via a long -nickname command li... | S | |
| CVE-2003-0653 | The OSI networking kernel (sys/netiso) in NetBSD 1.6.1 and earlier does not use a BSD-required "PKTH... | | |
| CVE-2003-0654 | Buffer overflow in autorespond may allow remote attackers to execute arbitrary code as the autorespo... | | |
| CVE-2003-0655 | rscsi in cdrtools 2.01 and earlier allows local users to overwrite arbitrary files and gain root pri... | | |
| CVE-2003-0656 | eroaster before 2.2.0 allows local users to overwrite arbitrary files via a symlink attack on a temp... | S | |
| CVE-2003-0657 | Multiple SQL injection vulnerabilities in the infolog module for phpgroupware 0.9.14 and earlier cou... | S | |
| CVE-2003-0658 | Docview before 1.1-18 in Caldera OpenLinux 3.1.1, SCO Linux 4.0, OpenServer 5.0.7, configures the Ap... | | |
| CVE-2003-0659 | Buffer overflow in a function in User32.dll on Windows NT through Server 2003 allows local users to ... | S | |
| CVE-2003-0660 | The Authenticode capability in Microsoft Windows NT through Server 2003 does not prompt the user to ... | S | |
| CVE-2003-0661 | The NetBT Name Service (NBNS) for NetBIOS in Windows NT 4.0, 2000, XP, and Server 2003 may include r... | | |
| CVE-2003-0662 | Buffer overflow in Troubleshooter ActiveX Control (Tshoot.ocx) in Microsoft Windows 2000 SP4 and ear... | E S | |
| CVE-2003-0663 | Unknown vulnerability in the Local Security Authority Subsystem Service (LSASS) in Windows 2000 doma... | S | |
| CVE-2003-0664 | Microsoft Word 2002, 2000, 97, and 98(J) does not properly check certain properties of a document, w... | | |
| CVE-2003-0665 | Buffer overflow in the ActiveX control for Microsoft Access Snapshot Viewer for Access 97, 2000, and... | | |
| CVE-2003-0666 | Buffer overflow in Microsoft Wordperfect Converter allows remote attackers to execute arbitrary code... | | |
| CVE-2003-0669 | Unknown vulnerability in Solaris 2.6 through 9 causes a denial of service (system panic) via "a rare... | E S | |
| CVE-2003-0670 | Sustworks IPNetSentryX and IPNetMonitorX allow local users to sniff network packets via the setuid h... | E S | |
| CVE-2003-0671 | Format string vulnerability in tcpflow, when used in a setuid context, allows local users to execute... | E S | |
| CVE-2003-0672 | Format string vulnerability in pam-pgsql 0.5.2 and earlier allows remote attackers to execute arbitr... | S | |
| CVE-2003-0676 | Directory traversal vulnerability in ViewLog for iPlanet Administration Server 5.1 (aka Sun ONE) all... | | |
| CVE-2003-0677 | Cisco CSS 11000 routers on the CS800 chassis allow remote attackers to cause a denial of service (CP... | S | |
| CVE-2003-0678 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual w... | R | |
| CVE-2003-0679 | Unknown vulnerability in the libcpr library for the Checkpoint/Restart (cpr) system on SGI IRIX 6.5.... | | |
| CVE-2003-0680 | Unknown vulnerability in NFS for SGI IRIX 6.5.21 and earlier may allow an NFS client to bypass read-... | | |
| CVE-2003-0681 | A "potential buffer overflow in ruleset parsing" for Sendmail 8.12.9, when using the nonstandard rul... | S | |
| CVE-2003-0682 | "Memory bugs" in OpenSSH 3.7.1 and earlier, with unknown impact, a different set of vulnerabilities ... | S | |
| CVE-2003-0683 | NFS in SGI 6.5.21m and 6.5.21f does not perform access checks in certain configurations when an /etc... | S | |
| CVE-2003-0684 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual w... | R | |
| CVE-2003-0685 | Buffer overflow in Netris 0.52 and earlier, and possibly other versions, allows remote malicious Net... | E | |
| CVE-2003-0686 | Buffer overflow in PAM SMB module (pam_smb) 1.1.6 and earlier, when authenticating to a remote servi... | S | |
| CVE-2003-0687 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate has be... | R | |
| CVE-2003-0688 | The DNS map code in Sendmail 8.12.8 and earlier, when using the "enhdnsbl" feature, does not properl... | S | |
| CVE-2003-0689 | The getgrouplist function in GNU libc (glibc) 2.2.4 and earlier allows attackers to cause a denial o... | S | |
| CVE-2003-0690 | KDM in KDE 3.1.3 and earlier does not verify whether the pam_setcred function call succeeds, which m... | S | |
| CVE-2003-0691 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was wi... | R | |
| CVE-2003-0692 | KDM in KDE 3.1.3 and earlier uses a weak session cookie generation algorithm that does not provide 1... | S | |
| CVE-2003-0693 | A "buffer management error" in buffer_append_space of buffer.c for OpenSSH before 3.7 may allow remo... | S | |
| CVE-2003-0694 | The prescan function in Sendmail 8.12.9 allows remote attackers to execute arbitrary code via buffer... | S | |
| CVE-2003-0695 | Multiple "buffer management errors" in OpenSSH before 3.7.1 may allow attackers to cause a denial of... | S | |
| CVE-2003-0696 | The getipnodebyname() API in AIX 5.1 and 5.2 does not properly close sockets, which allows attackers... | S | |
| CVE-2003-0697 | Format string vulnerability in lpd in the bos.rte.printers fileset for AIX 4.3 through 5.2, with deb... | | |
| CVE-2003-0698 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2003-0743. Reason: This candida... | R | |
| CVE-2003-0699 | The C-Media PCI sound driver in Linux before 2.4.21 does not use the get_user function to access use... | S | |
| CVE-2003-0700 | The C-Media PCI sound driver in Linux before 2.4.22 does not use the get_user function to access use... | S | |
| CVE-2003-0701 | Buffer overflow in Internet Explorer 6 SP1 for certain languages that support double-byte encodings ... | | |
| CVE-2003-0702 | Unknown vulnerability in an ISAPI plugin for ISS Server Sensor 7.0 XPU 20.16, 20.18, and possibly ot... | | |
| CVE-2003-0703 | KisMAC before 0.05d trusts user-supplied variables to load arbitrary kernels or kernel modules, whic... | S | |
| CVE-2003-0704 | KisMAC before 0.05d trusts user-supplied variables when chown'ing files or directories, which allows... | S | |
| CVE-2003-0705 | Buffer overflow in mah-jong 1.5.6 and earlier allows remote attackers to execute arbitrary code.... | S | |
| CVE-2003-0706 | Unknown vulnerability in mah-jong 1.5.6 and earlier allows remote attackers to cause a denial of ser... | S | |
| CVE-2003-0707 | Buffer overflow in LinuxNode (node) before 0.3.2 allows remote attackers to execute arbitrary code.... | S | |
| CVE-2003-0708 | Format string vulnerability in LinuxNode (node) before 0.3.2 may allow attackers to cause a denial o... | S | |
| CVE-2003-0709 | Buffer overflow in the whois client, which is not setuid but is sometimes called from within CGI pro... | E S | |
| CVE-2003-0711 | Stack-based buffer overflow in the PCHealth system in the Help and Support Center function in Window... | S | |
| CVE-2003-0712 | Cross-site scripting (XSS) vulnerability in the HTML encoding for the Compose New Message form in Mi... | S | |
| CVE-2003-0714 | The Internet Mail Service in Exchange Server 5.5 and Exchange 2000 allows remote attackers to cause ... | E S | |
| CVE-2003-0715 | Heap-based buffer overflow in the Distributed Component Object Model (DCOM) interface in the RPCSS S... | | |
| CVE-2003-0717 | The Messenger Service for Windows NT through Server 2003 does not properly verify the length of the ... | E S | |
| CVE-2003-0718 | The WebDAV Message Handler for Internet Information Services (IIS) 5.0, 5.1, and 6.0 allows remote a... | | |
| CVE-2003-0719 | Buffer overflow in the Private Communications Transport (PCT) protocol implementation in the Microso... | S | |
| CVE-2003-0720 | Buffer overflow in PINE before 4.58 allows remote attackers to execute arbitrary code via a malforme... | E S | |
| CVE-2003-0721 | Integer signedness error in rfc2231_get_param from strings.c in PINE before 4.58 allows remote attac... | E S | |
| CVE-2003-0722 | The default installation of sadmind on Solaris uses weak authentication (AUTH_SYS), which allows loc... | | |
| CVE-2003-0723 | Buffer overflow in gkrellmd for gkrellm 2.1.x before 2.1.14 may allow remote attackers to execute ar... | | |
| CVE-2003-0724 | ssh on HP Tru64 UNIX 5.1B and 5.1A does not properly handle RSA signatures when digital certificates... | S | |
| CVE-2003-0725 | Buffer overflow in the RTSP protocol parser for the View Source plug-in (vsrcplin.so or vsrcplin3260... | E S | |
| CVE-2003-0726 | RealOne player allows remote attackers to execute arbitrary script in the "My Computer" zone via a S... | E S | |
| CVE-2003-0727 | Multiple buffer overflows in the XML Database (XDB) functionality for Oracle 9i Database Release 2 a... | E | |
| CVE-2003-0728 | Horde before 2.2.4 allows remote malicious web sites to steal session IDs and read or create arbitra... | | |
| CVE-2003-0729 | Buffer overflow in Tellurian TftpdNT 1.8 allows remote attackers to execute arbitrary code via a TFT... | E | |
| CVE-2003-0730 | Multiple integer overflows in the font libraries for XFree86 4.3.0 allow local or remote attackers t... | S | |
| CVE-2003-0731 | CiscoWorks Common Management Foundation (CMF) 2.1 and earlier allows the guest user to gain administ... | E S | |
| CVE-2003-0732 | CiscoWorks Common Management Foundation (CMF) 2.1 and earlier allows the guest user to obtain restri... | E S | |
| CVE-2003-0733 | Multiple cross-site scripting (XSS) vulnerabilities in WebLogic Integration 7.0 and 2.0, Liquid Data... | S | |
| CVE-2003-0734 | Unknown vulnerability in the pam_filter mechanism in pam_ldap before version 162, when LDAP based au... | | |
| CVE-2003-0735 | SQL injection vulnerability in the Calendar module of phpWebSite 0.9.x and earlier allows remote att... | | |
| CVE-2003-0736 | Multiple cross-site scripting (XSS) vulnerabilities in phpWebSite 0.9.x and earlier allow remote att... | | |
| CVE-2003-0737 | The calendar module in phpWebSite 0.9.x and earlier allows remote attackers to obtain the full pathn... | | |
| CVE-2003-0738 | The calendar module in phpWebSite 0.9.x and earlier allows remote attackers to cause a denial of ser... | | |
| CVE-2003-0739 | VMware Workstation 4.0.1 for Linux, build 5289 and earlier, allows local users to delete arbitrary f... | S | |
| CVE-2003-0740 | Stunnel 4.00, and 3.24 and earlier, leaks a privileged file descriptor returned by listen(), which a... | | |
| CVE-2003-0741 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual w... | R | |
| CVE-2003-0742 | SCO Internet Manager (mana) allows local users to execute arbitrary programs by setting the REMOTE_A... | | |
| CVE-2003-0743 | Heap-based buffer overflow in smtp_in.c for Exim 3 (exim3) before 3.36 and Exim 4 (exim4) before 4.2... | S | |
| CVE-2003-0744 | The fetchnews NNTP client in leafnode 1.9.3 to 1.9.41 allows remote attackers to cause a denial of s... | | |
| CVE-2003-0745 | SNMPc 6.0.8 and earlier performs authentication to the server on the client side, which allows remot... | S | |
| CVE-2003-0746 | Various Distributed Computing Environment (DCE) implementations, including HP OpenView, allow remote... | | |
| CVE-2003-0747 | wgate.dll in SAP Internet Transaction Server (ITS) 4620.2.0.323011 allows remote attackers to obtain... | E | |
| CVE-2003-0748 | Directory traversal vulnerability in wgate.dll for SAP Internet Transaction Server (ITS) 4620.2.0.32... | E | |
| CVE-2003-0749 | Cross-site scripting (XSS) vulnerability in wgate.dll for SAP Internet Transaction Server (ITS) 4620... | E | |
| CVE-2003-0750 | secure.php in PY-Membres 4.2 and earlier allows remote attackers to bypass authentication by setting... | | |
| CVE-2003-0751 | SQL injection vulnerability in pass_done.php for PY-Membres 4.2 and earlier allows remote attackers ... | E | |
| CVE-2003-0752 | SQL injection vulnerability in global.php3 of AttilaPHP 3.0, and possibly earlier versions, allows r... | E | |
| CVE-2003-0753 | nphpd.php in newsPHP 216 and earlier allows remote attackers to read arbitrary files via a full path... | E | |
| CVE-2003-0754 | nphpd.php in newsPHP 216 and earlier allows remote attackers to bypass authentication via an HTTP re... | E | |
| CVE-2003-0755 | Buffer overflow in sys_cmd.c for gtkftpd 1.0.4 and earlier allows remote attackers to execute arbitr... | E | |
| CVE-2003-0756 | Directory traversal vulnerability in sitebuilder.cgi in SiteBuilder 1.4 allows remote attackers to r... | E | |
| CVE-2003-0757 | Check Point FireWall-1 4.0 and 4.1 before SP5 allows remote attackers to obtain the IP addresses of ... | | |
| CVE-2003-0758 | Buffer overflow in db2dart in IBM DB2 Universal Data Base 7.2 before Fixpak 10 allows local users to... | E S | |
| CVE-2003-0759 | Buffer overflow in db2licm in IBM DB2 Universal Data Base 7.2 before Fixpak 10a allows local users t... | E S | |
| CVE-2003-0760 | Blubster 2.5 allows remote attackers to cause a denial of service (crash) via a flood of connections... | E S | |
| CVE-2003-0761 | Buffer overflow in the get_msg_text of chan_sip.c in the Session Initiation Protocol (SIP) protocol ... | E | |
| CVE-2003-0762 | Buffer overflow in (1) foxweb.dll and (2) foxweb.exe of Foxweb 2.5 allows remote attackers to execut... | E | |
| CVE-2003-0763 | Cross-site scripting (XSS) vulnerability in Escapade Scripting Engine (ESP) allows remote attackers ... | | |
| CVE-2003-0764 | Escapade Scripting Engine (ESP) allows remote attackers to obtain sensitive path information via a m... | | |
| CVE-2003-0765 | The IN_MIDI.DLL plugin 3.01 and earlier, as used in Winamp 2.91, allows remote attackers to execute ... | | |
| CVE-2003-0766 | Multiple heap-based buffer overflows in FTP Desktop client 3.5, and possibly earlier versions, allow... | | |
| CVE-2003-0767 | Buffer overflow in RogerWilco graphical server 1.4.1.6 and earlier, dedicated server 0.32a and earli... | | |
| CVE-2003-0768 | Microsoft ASP.Net 1.1 allows remote attackers to bypass the Cross-Site Scripting (XSS) and Script In... | | |
| CVE-2003-0769 | Cross-site scripting (XSS) vulnerability in the ICQ Web Front guestbook (guestbook.html) allows remo... | | |
| CVE-2003-0770 | FUNC.pm in IkonBoard 3.1.2a and earlier, including 3.1.1, does not properly cleanse the "lang" cooki... | E S | |
| CVE-2003-0771 | Gallery.pm in Apache::Gallery (aka A::G) uses predictable temporary filenames when running Inline::C... | | |
| CVE-2003-0772 | Multiple buffer overflows in WS_FTP 3 and 4 allow remote authenticated users to cause a denial of se... | E | |
| CVE-2003-0773 | saned in sane-backends 1.0.7 and earlier does not check the IP address of the connecting host during... | S | |
| CVE-2003-0774 | saned in sane-backends 1.0.7 and earlier does not quickly handle connection drops, which allows remo... | E S | |
| CVE-2003-0775 | saned in sane-backends 1.0.7 and earlier calls malloc with an arbitrary size value if a connection i... | E S | |
| CVE-2003-0776 | saned in sane-backends 1.0.7 and earlier does not properly "check the validity of the RPC numbers it... | E S | |
| CVE-2003-0777 | saned in sane-backends 1.0.7 and earlier, when debug messages are enabled, does not properly handle ... | E S | |
| CVE-2003-0778 | saned in sane-backends 1.0.7 and earlier, and possibly later versions, does not properly allocate me... | E S | |
| CVE-2003-0779 | SQL injection vulnerability in the Call Detail Record (CDR) logging functionality for Asterisk allow... | E | |
| CVE-2003-0780 | Buffer overflow in get_salt_from_password from sql_acl.cc for MySQL 4.0.14 and earlier, and 3.23.x, ... | E S | |
| CVE-2003-0781 | Unknown vulnerability in ecartis before 1.0.0 does not properly validate user input, which allows at... | S | |
| CVE-2003-0782 | Multiple buffer overflows in ecartis before 1.0.0 allow attackers to cause a denial of service and p... | S | |
| CVE-2003-0783 | Multiple buffer overflows in hztty 2.0 allow local users to gain root privileges.... | E S | |
| CVE-2003-0784 | Format string vulnerability in tsm for the bos.rte.security fileset on AIX 5.2 allows remote attacke... | | |
| CVE-2003-0785 | ipmasq before 3.5.12, in certain configurations, may forward packets to the external interface even ... | S | |
| CVE-2003-0786 | The SSH1 PAM challenge response authentication in OpenSSH 3.7.1 and 3.7.1p1, when Privilege Separati... | | |
| CVE-2003-0787 | The PAM conversation function in OpenSSH 3.7.1 and 3.7.1p1 interprets an array of structures as an a... | | |
| CVE-2003-0788 | Unknown vulnerability in the Internet Printing Protocol (IPP) implementation in CUPS before 1.1.19 a... | S | |
| CVE-2003-0789 | mod_cgid in Apache before 2.0.48, when using a threaded MPM, does not properly handle CGI redirect p... | | |
| CVE-2003-0790 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: the reported issue is... | R | |
| CVE-2003-0791 | The Script.prototype.freeze/thaw functionality in Mozilla 1.4 and earlier allows attackers to execut... | S | |
| CVE-2003-0792 | Fetchmail 6.2.4 and earlier does not properly allocate memory for long lines, which allows remote at... | S | |
| CVE-2003-0793 | GDM 2.4.4.x before 2.4.4.4, and 2.4.1.x before 2.4.1.7, does not restrict the size of input, which a... | S | |
| CVE-2003-0794 | GDM 2.4.4.x before 2.4.4.4, and 2.4.1.x before 2.4.1.7, does not limit the number or duration of com... | S | |
| CVE-2003-0795 | The vty layer in Quagga before 0.96.4, and Zebra 0.93b and earlier, does not verify that sub-negotia... | S | |
| CVE-2003-0796 | Unknown vulnerability in rpc.mountd SGI IRIX 6.5.18 through 6.5.22 allows remote attackers to mount ... | | |
| CVE-2003-0797 | Unknown vulnerability in rpc.mountd in SGI IRIX 6.5 through 6.5.22 allows remote attackers to cause ... | | |
| CVE-2003-0798 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual w... | R | |
| CVE-2003-0799 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual w... | R | |
| CVE-2003-0800 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual w... | R | |
| CVE-2003-0801 | Cross-site scripting (XSS) vulnerability in Nokia Electronic Documentation (NED) 5.0 allows remote a... | E | |
| CVE-2003-0802 | Nokia Electronic Documentation (NED) 5.0 allows remote attackers to obtain a directory listing of th... | E | |
| CVE-2003-0803 | Nokia Electronic Documentation (NED) 5.0 allows remote attackers to use NED as an open HTTP proxy vi... | E | |
| CVE-2003-0804 | The arplookup function in FreeBSD 5.1 and earlier, Mac OS X before 10.2.8, and possibly other BSD-ba... | | |
| CVE-2003-0805 | Multiple buffer overflows in UMN gopher daemon (gopherd) 2.x and 3.x before 3.0.6 allows attackers t... | S | |
| CVE-2003-0806 | Buffer overflow in the Windows logon process (winlogon) in Microsoft Windows NT 4.0 SP6a, 2000 SP2 t... | S | |
| CVE-2003-0807 | Buffer overflow in the COM Internet Services and in the RPC over HTTP Proxy components for Microsoft... | S | |
| CVE-2003-0809 | Internet Explorer 5.01 through 6.0 does not properly handle object tags returned from a Web server d... | E S | |
| CVE-2003-0812 | Stack-based buffer overflow in a logging function for Windows Workstation Service (WKSSVC.DLL) allow... | E S | |
| CVE-2003-0813 | A multi-threaded race condition in the Windows RPC DCOM functionality with the MS03-039 patch instal... | S | |
| CVE-2003-0814 | Internet Explorer 6 SP1 and earlier allows remote attackers to bypass zone restrictions and execute ... | S | |
| CVE-2003-0815 | Internet Explorer 6 SP1 and earlier allows remote attackers to bypass zone restrictions and read arb... | S | |
| CVE-2003-0816 | Internet Explorer 6 SP1 and earlier allows remote attackers to bypass zone restrictions by (1) using... | S | |
| CVE-2003-0817 | Internet Explorer 5.01 through 6 SP1 allows remote attackers to bypass zone restrictions and read ar... | S | |
| CVE-2003-0818 | Multiple integer overflows in Microsoft ASN.1 library (MSASN1.DLL), as used in LSASS.EXE, CRYPT32.DL... | | |
| CVE-2003-0819 | Buffer overflow in the H.323 filter of Microsoft Internet Security and Acceleration Server 2000 allo... | S | |
| CVE-2003-0820 | Microsoft Word 97, 98(J), 2000, and 2002, and Microsoft Works Suites 2001 through 2004, do not prope... | S | |
| CVE-2003-0821 | Microsoft Excel 97, 2000, and 2002 allows remote attackers to execute arbitrary code via a spreadshe... | | |
| CVE-2003-0822 | Buffer overflow in the debug functionality in fp30reg.dll of Microsoft FrontPage Server Extensions (... | | |
| CVE-2003-0823 | Internet Explorer 6 SP1 and earlier allows remote attackers to direct drag and drop behaviors and ot... | | |
| CVE-2003-0824 | Unknown vulnerability in the SmartHTML interpreter (shtml.dll) in Microsoft FrontPage Server Extensi... | | |
| CVE-2003-0825 | The Windows Internet Naming Service (WINS) for Microsoft Windows Server 2003, and possibly Windows N... | S | |
| CVE-2003-0826 | lsh daemon (lshd) does not properly return from certain functions in (1) read_line.c, (2) channel_co... | | |
| CVE-2003-0827 | The DB2 Discovery Service for IBM DB2 before FixPak 10a allows remote attackers to cause a denial of... | | |
| CVE-2003-0828 | Buffer overflow in freesweep in Debian GNU/Linux 3.0 allows local users to gain "games" group privil... | S | |
| CVE-2003-0830 | Buffer overflow in marbles 1.0.2 and earlier allows local users to gain privileges via a long HOME e... | S | |
| CVE-2003-0831 | ProFTPD 1.2.7 through 1.2.9rc2 does not properly translate newline characters when transferring file... | E | |
| CVE-2003-0832 | Directory traversal vulnerability in webfs before 1.20 allows remote attackers to read arbitrary fil... | S | |
| CVE-2003-0833 | Stack-based buffer overflow in webfs before 1.20 allows attackers to execute arbitrary code by creat... | S | |
| CVE-2003-0834 | Buffer overflow in CDE libDtHelp library allows local users to execute arbitrary code via (1) a modi... | S | |
| CVE-2003-0835 | Multiple buffer overflows in asf_http_request of MPlayer before 0.92 allows remote attackers to exec... | | |
| CVE-2003-0836 | Stack-based buffer overflow in IBM DB2 Universal Data Base 7.2 before Fixpak 10 and 10a, and 8.1 bef... | | |
| CVE-2003-0837 | Stack-based buffer overflow in IBM DB2 Universal Data Base 7.2 for Windows, before Fixpak 10a, allow... | S | |
| CVE-2003-0838 | Internet Explorer allows remote attackers to bypass zone restrictions to inject and execute arbitrar... | | |
| CVE-2003-0839 | Directory traversal vulnerability in the "Shell Folders" capability in Microsoft Windows Server 2003... | | |
| CVE-2003-0840 | Buffer overflow in dtprintinfo on HP-UX 11.00, and possibly other operating systems, allows local us... | | |
| CVE-2003-0841 | The grid option in PeopleSoft 8.42 stores temporary .xls files in guessable directories under the we... | | |
| CVE-2003-0842 | Stack-based buffer overflow in mod_gzip_printf for mod_gzip 1.3.26.1a and earlier, and possibly late... | | |
| CVE-2003-0843 | Format string vulnerability in mod_gzip_printf for mod_gzip 1.3.26.1a and earlier, and possibly late... | | |
| CVE-2003-0844 | mod_gzip 1.3.26.1a and earlier, and possibly later official versions, when running in debug mode wit... | | |
| CVE-2003-0845 | Unknown vulnerability in the HSQLDB component in JBoss 3.2.1 and 3.0.8 on Java 1.4.x platforms, when... | S | |
| CVE-2003-0846 | SuSEconfig.javarunt in the javarunt package on SuSE Linux 7.3Pro allows local users to overwrite arb... | | |
| CVE-2003-0847 | SuSEconfig.susewm in the susewm package on SuSE Linux 8.2Pro allows local users to overwrite arbitra... | | |
| CVE-2003-0848 | Heap-based buffer overflow in main.c of slocate 2.6, and possibly other versions, may allow local us... | S | |
| CVE-2003-0849 | Buffer overflow in net.c for cfengine 2.x before 2.0.8 allows remote attackers to execute arbitrary ... | | |
| CVE-2003-0850 | The TCP reassembly functionality in libnids before 1.18 allows remote attackers to cause "memory cor... | S | |
| CVE-2003-0851 | OpenSSL 0.9.6k allows remote attackers to cause a denial of service (crash via large recursion) via ... | S | |
| CVE-2003-0852 | Format string vulnerability in send_message.c for Sylpheed-claws 0.9.4 through 0.9.6 allows remote S... | S | |
| CVE-2003-0853 | An integer overflow in ls in the fileutils or coreutils packages may allow local users to cause a de... | E S | |
| CVE-2003-0854 | ls in the fileutils or coreutils packages allows local users to consume a large amount of memory via... | E | |
| CVE-2003-0855 | Pan 0.13.3 and earlier allows remote attackers to cause a denial of service (crash) via a news post ... | E S | |
| CVE-2003-0856 | iproute 2.4.7 and earlier allows local users to cause a denial of service via spoofed messages as ot... | S | |
| CVE-2003-0857 | The (1) ipq_read and (2) ipulog_read functions in iptables allow local users to cause a denial of se... | | |
| CVE-2003-0858 | Zebra 0.93b and earlier, and quagga before 0.95, allows local users to cause a denial of service by ... | S | |
| CVE-2003-0859 | The getifaddrs function in GNU libc (glibc) 2.2.4 and earlier allows local users to cause a denial o... | S | |
| CVE-2003-0860 | Buffer overflows in PHP before 4.3.3 have unknown impact and unknown attack vectors.... | | |
| CVE-2003-0861 | Integer overflows in (1) base64_encode and (2) the GD library for PHP before 4.3.3 have unknown impa... | | |
| CVE-2003-0862 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2003-0813. Reason: This candida... | R | |
| CVE-2003-0863 | The php_check_safe_mode_include_dir function in fopen_wrappers.c of PHP 4.3.x returns a success valu... | | |
| CVE-2003-0864 | Buffer overflow in m_join in channel.c for IRCnet IRCD 2.10.x to 2.10.3p3 allows remote attackers to... | E S | |
| CVE-2003-0865 | Heap-based buffer overflow in readstring of httpget.c for mpg123 0.59r and 0.59s allows remote attac... | E S | |
| CVE-2003-0866 | The Catalina org.apache.catalina.connector.http package in Tomcat 4.0.x up to 4.0.3 allows remote at... | E S | |
| CVE-2003-0867 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2003-0662. Reason: This candida... | R | |
| CVE-2003-0868 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual w... | R | |
| CVE-2003-0869 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual w... | R | |
| CVE-2003-0870 | Heap-based buffer overflow in Opera 7.11 and 7.20 allows remote attackers to execute arbitrary code ... | E S | |
| CVE-2003-0871 | Unknown vulnerability in QuickTime Java in Mac OS X v10.3 and Mac OS X Server 10.3 allows attackers ... | S | |
| CVE-2003-0872 | Certain scripts in OpenServer before 5.0.6 allow local users to overwrite files and conduct other un... | S | |
| CVE-2003-0873 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual w... | R | |
| CVE-2003-0874 | Multiple SQL injection vulnerabilities in DeskPRO 1.1.0 and earlier allow remote attackers to insert... | E S | |
| CVE-2003-0875 | Symbolic link vulnerability in the slpd script slpd.all_init for OpenSLP before 1.0.11 allows local ... | | |
| CVE-2003-0876 | Finder in Mac OS X 10.2.8 and earlier sets global read/write/execute permissions on directories when... | S | |
| CVE-2003-0877 | Mac OS X before 10.3 with core files enabled allows local users to overwrite arbitrary files and rea... | S | |
| CVE-2003-0878 | slpd daemon in Mac OS X before 10.3 allows local users to overwrite arbitrary files via a symlink at... | S | |
| CVE-2003-0879 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2003-0518. Reason: This candida... | R | |
| CVE-2003-0880 | Unknown vulnerability in Mac OS X before 10.3 allows local users to access Dock functions from behin... | S | |
| CVE-2003-0881 | Mail in Mac OS X before 10.3, when configured to use MD5 Challenge Response, uses plaintext authenti... | S | |
| CVE-2003-0882 | Mac OS X before 10.3 initializes the TCP timestamp with a constant number, which allows remote attac... | S | |
| CVE-2003-0883 | The System Preferences capability in Mac OS X before 10.3 allows local users to access secure Prefer... | S | |
| CVE-2003-0885 | Xscreensaver 4.14 contains certain debugging code that should have been omitted, which causes Xscree... | E S | |
| CVE-2003-0886 | Format string vulnerability in hfaxd for Hylafax 4.1.7 and earlier allows remote attackers to execut... | S | |
| CVE-2003-0887 | ez-ipupdate 3.0.11b7 and earlier creates insecure temporary cache files, which allows local users to... | | |
| CVE-2003-0894 | Buffer overflow in the (1) oracle and (2) oracleO programs in Oracle 9i Database 9.0.x and 9.2.x bef... | | |
| CVE-2003-0895 | Buffer overflow in the Mac OS X kernel 10.2.8 and earlier allows local users, and possibly remote at... | | |
| CVE-2003-0896 | The loadClass method of the sun.applet.AppletClassLoader class in the Java Virtual Machine (JVM) in ... | | |
| CVE-2003-0897 | "Shatter" vulnerability in CommCtl32.dll in Windows XP may allow local users to execute arbitrary co... | | |
| CVE-2003-0898 | IBM DB2 7.2 before FixPak 10a, and earlier versions including 7.1, allows local users to overwrite a... | | |
| CVE-2003-0899 | Buffer overflow in defang in libhttpd.c for thttpd 2.21 to 2.23b1 allows remote attackers to execute... | E S | |
| CVE-2003-0900 | Perl 5.8.1 on Fedora Core does not properly initialize the random number generator when forking, whi... | | |
| CVE-2003-0901 | Buffer overflow in to_ascii for PostgreSQL 7.2.x, and 7.3.x before 7.3.4, allows remote attackers to... | S | |
| CVE-2003-0902 | Unknown vulnerability in minimalist mailing list manager 2.4, 2.2, and possibly other versions, allo... | S | |
| CVE-2003-0903 | Buffer overflow in a component of Microsoft Data Access Components (MDAC) 2.5 through 2.8 allows rem... | | |
| CVE-2003-0904 | Microsoft Exchange 2003 and Outlook Web Access (OWA), when configured to use NTLM authentication, do... | S | |
| CVE-2003-0905 | Unknown vulnerability in Windows Media Station Service and Windows Media Monitor Service components ... | S | |
| CVE-2003-0906 | Buffer overflow in the rendering for (1) Windows Metafile (WMF) or (2) Enhanced Metafile (EMF) image... | S | |
| CVE-2003-0907 | Help and Support Center in Microsoft Windows XP SP1 does not properly validate HCP URLs, which allow... | S | |
| CVE-2003-0908 | The Utility Manager in Microsoft Windows 2000 executes winhlp32.exe with system privileges, which al... | S | |
| CVE-2003-0909 | Windows XP allows local users to execute arbitrary programs by creating a task at an elevated privil... | S | |
| CVE-2003-0910 | The NtSetLdtEntries function in the programming interface for the Local Descriptor Table (LDT) in Wi... | S | |
| CVE-2003-0913 | Unknown vulnerability in the Terminal application for Mac OS X 10.3 (Client and Server) may allow "u... | S | |
| CVE-2003-0914 | ISC BIND 8.3.x before 8.3.7, and 8.4.x before 8.4.3, allows remote attackers to poison the cache via... | S | |
| CVE-2003-0917 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual w... | R | |
| CVE-2003-0918 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual w... | R | |
| CVE-2003-0919 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual w... | R | |
| CVE-2003-0920 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual w... | R | |
| CVE-2003-0921 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual w... | R | |
| CVE-2003-0922 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual w... | R | |
| CVE-2003-0923 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual w... | R | |
| CVE-2003-0924 | netpbm 9.25 and earlier does not properly create temporary files, which allows local users to overwr... | S | |
| CVE-2003-0925 | Buffer overflow in Ethereal 0.9.15 and earlier allows remote attackers to cause a denial of service ... | S | |
| CVE-2003-0926 | Ethereal 0.9.15 and earlier, and Tethereal, allows remote attackers to cause a denial of service (cr... | S | |
| CVE-2003-0927 | Heap-based buffer overflow in Ethereal 0.9.15 and earlier allows remote attackers to cause a denial ... | S | |
| CVE-2003-0928 | Clearswift MAILsweeper before 4.3.15 does not properly detect and filter RAR 3.20 encoded files, whi... | | |
| CVE-2003-0929 | Clearswift MAILsweeper before 4.3.15 does not properly detect and filter ZIP 6.0 encoded files, whic... | S | |
| CVE-2003-0930 | Clearswift MAILsweeper before 4.3.15 does not properly detect filenames in BinHex (HQX) encoded file... | S | |
| CVE-2003-0931 | Sygate Enforcer 4.0 earlier allows remote attackers to cause a denial of service (service hang) by r... | S | |
| CVE-2003-0932 | Buffer overflow in omega-rpg 0.90 allows local users to execute arbitrary code via a long (1) comman... | S | |
| CVE-2003-0933 | Buffer overflow in conquest 7.2 and earlier may allow a local user to execute arbitrary code via a l... | S | |
| CVE-2003-0934 | Symbol Access Portable Data Terminal (PDT) 8100 does not hide the default WEP keys if they are not c... | E S | |
| CVE-2003-0935 | Net-SNMP before 5.0.9 allows a user or community to access data in MIB objects, even if that data is... | S | |
| CVE-2003-0936 | Symantec PCAnywhere 10.x and 11, when started as a service, allows attackers to gain SYSTEM privileg... | S | |
| CVE-2003-0937 | SCO UnixWare 7.1.1, 7.1.3, and Open UNIX 8.0.0 allows local users to bypass protections for the "as"... | S | |
| CVE-2003-0938 | vos24u.c in SAP database server (SAP DB) 7.4.03.27 and earlier allows local users to gain SYSTEM pri... | E S | |
| CVE-2003-0939 | eo420_GetStringFromVarPart in veo420.c for SAP database server (SAP DB) 7.4.03.27 and earlier may al... | E S | |
| CVE-2003-0940 | Directory traversal vulnerability in sqlfopenc for web-tools in SAP DB before 7.4.03.30 allows remot... | E S | |
| CVE-2003-0941 | web-tools in SAP DB before 7.4.03.30 allows remote attackers to access the Web Agent Administration ... | E S | |
| CVE-2003-0942 | Buffer overflow in Web Agent Administration service in web-tools for SAP DB before 7.4.03.30 allows ... | E S | |
| CVE-2003-0943 | web-tools in SAP DB before 7.4.03.30 installs several services that are enabled by default, which co... | E S | |
| CVE-2003-0944 | Buffer overflow in the WAECHO default service in web-tools in SAP DB before 7.4.03.30 allows remote ... | E S | |
| CVE-2003-0945 | The Web Database Manager in web-tools for SAP DB before 7.4.03.30 generates predictable session IDs,... | E | |
| CVE-2003-0946 | Format string vulnerability in clamav-milter for Clam AntiVirus 0.60 through 0.60p, and other versio... | | |
| CVE-2003-0947 | Buffer overflow in iwconfig, when installed setuid, allows local users to execute arbitrary code via... | E | |
| CVE-2003-0948 | Buffer overflow in iwconfig allows local users to execute arbitrary code via a long HOME environment... | E | |
| CVE-2003-0949 | xsok 1.02 does not properly drop privileges before finding and executing the "gunzip" program, which... | S | |
| CVE-2003-0950 | PeopleSoft PeopleTools 8.1x, 8.2x, and 8.4x allows remote attackers to execute arbitrary commands by... | | |
| CVE-2003-0951 | Partition Manager (parmgr) in HP-UX B.11.23 does not properly validate certificates that are provide... | S | |
| CVE-2003-0952 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual w... | R | |
| CVE-2003-0953 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual w... | R | |
| CVE-2003-0954 | Buffer overflow in rcp for AIX 4.3.3, 5.1 and 5.2 allows local users to gain privileges.... | S | |
| CVE-2003-0955 | OpenBSD kernel 3.3 and 3.4 allows local users to cause a denial of service (kernel panic) and possib... | E S | |
| CVE-2003-0956 | Multiple race conditions in the handling of O_DIRECT in Linux kernel prior to version 2.4.22 could c... | | |
| CVE-2003-0959 | Multiple integer overflows in the 32bit emulation for AMD64 architectures in Linux 2.4 kernel before... | | |
| CVE-2003-0960 | OpenCA before 0.9.1.4 does not use the correct certificate in a chain to check the serial, which cou... | | |
| CVE-2003-0961 | Integer overflow in the do_brk function for the brk system call in Linux kernel 2.4.22 and earlier a... | S | |
| CVE-2003-0962 | Heap-based buffer overflow in rsync before 2.5.7, when running in server mode, allows remote attacke... | S | |
| CVE-2003-0963 | Buffer overflows in (1) try_netscape_proxy and (2) try_squid_eplf for lftp 2.6.9 and earlier allow r... | | |
| CVE-2003-0964 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: N/A. Notes: none... | R | |
| CVE-2003-0965 | Cross-site scripting (XSS) vulnerability in the admin CGI script for Mailman before 2.1.4 allows rem... | S | |
| CVE-2003-0966 | Buffer overflow in the frm command in elm 2.5.6 and earlier, and possibly later versions, allows rem... | S | |
| CVE-2003-0967 | rad_decode in FreeRADIUS 0.9.2 and earlier allows remote attackers to cause a denial of service (cra... | | |
| CVE-2003-0968 | Stack-based buffer overflow in SMB_Logon_Server of the rlm_smb experimental module for FreeRADIUS 0.... | | |
| CVE-2003-0969 | mpg321 0.2.10 allows remote attackers to overwrite memory and possibly execute arbitrary code via an... | | |
| CVE-2003-0970 | The Network Management Port on Sun Fire B1600 systems allows remote attackers to cause a denial of s... | S | |
| CVE-2003-0971 | GnuPG (GPG) 1.0.2, and other versions up to 1.2.3, creates ElGamal type 20 (sign+encrypt) keys using... | S | |
| CVE-2003-0972 | Integer signedness error in ansi.c for GNU screen 4.0.1 and earlier, and 3.9.15 and earlier, allows ... | S | |
| CVE-2003-0973 | Unknown vulnerability in mod_python 3.0.x before 3.0.4, and 2.7.x before 2.7.9, allows remote attack... | S | |
| CVE-2003-0974 | Applied Watch Command Center allows remote attackers to conduct unauthorized activities without auth... | E S | |
| CVE-2003-0975 | Apple Safari 1.0 through 1.1 on Mac OS X 10.3.1 and Mac OS X 10.2.8 allows remote attackers to steal... | | |
| CVE-2003-0976 | NFS Server (XNFS.NLM) for Novell NetWare 6.5 does not properly enforce sys:\etc\exports when hostnam... | S | |
| CVE-2003-0977 | CVS server before 1.11.10 may allow attackers to cause the CVS server to create directories and file... | S | |
| CVE-2003-0978 | Format string vulnerability in gpgkeys_hkp (experimental HKP interface) for the GnuPG (gpg) client 1... | | |
| CVE-2003-0979 | FreeScripts VisitorBook LE (visitorbook.pl) does not properly escape line breaks in input, which all... | S | |
| CVE-2003-0980 | Cross-site scripting (XSS) vulnerability in FreeScripts VisitorBook LE (visitorbook.pl) allows remot... | S | |
| CVE-2003-0981 | FreeScripts VisitorBook LE (visitorbook.pl) logs the reverse DNS name of a visiting host, which allo... | S | |
| CVE-2003-0982 | Buffer overflow in the authentication module for Cisco ACNS 4.x before 4.2.11, and 5.x before 5.0.5,... | S | |
| CVE-2003-0983 | Cisco Unity on IBM servers is shipped with default settings that should have been disabled by the ma... | S | |
| CVE-2003-0984 | Real time clock (RTC) routines in Linux kernel 2.4.23 and earlier do not properly initialize their s... | S | |
| CVE-2003-0985 | The mremap system call (do_mremap) in Linux kernel 2.4.x before 2.4.21, and possibly other versions ... | E S | |
| CVE-2003-0986 | Various routines for the ppc64 architecture on Linux kernel 2.6 prior to 2.6.2 and 2.4 prior to 2.4.... | S | |
| CVE-2003-0987 | mod_digest for Apache before 1.3.31 does not properly verify the nonce of a client response by using... | S | |
| CVE-2003-0988 | Buffer overflow in the VCF file information reader for KDE Personal Information Management (kdepim) ... | S | |
| CVE-2003-0989 | tcpdump before 3.8.1 allows remote attackers to cause a denial of service (infinite loop) via certai... | S | |
| CVE-2003-0990 | The parseAddress code in (1) SquirrelMail 1.4.0 and (2) GPG Plugin 1.1 allows remote attackers to ex... | E | |
| CVE-2003-0991 | Unknown vulnerability in the mail command handler in Mailman before 2.0.14 allows remote attackers t... | S | |
| CVE-2003-0992 | Cross-site scripting (XSS) vulnerability in the create CGI script for Mailman before 2.1.3 allows re... | S | |
| CVE-2003-0993 | mod_access in Apache 1.3 before 1.3.30, when running big-endian 64-bit platforms, does not properly ... | S | |
| CVE-2003-0994 | The GUI functionality for an interactive session in Symantec LiveUpdate 1.70.x through 1.90.x, as us... | | |
| CVE-2003-0995 | Buffer overflow in the Microsoft Message Queue Manager (MSQM) allows remote attackers to cause a den... | | |
| CVE-2003-0996 | Unknown "System Security Vulnerability" in Computer Associates (CA) Unicenter Remote Control (URC) 6... | S | |
| CVE-2003-0997 | Unknown "Denial of Service Attack" vulnerability in Computer Associates (CA) Unicenter Remote Contro... | S | |
| CVE-2003-0998 | Unknown "potential system security vulnerability" in Computer Associates (CA) Unicenter Remote Contr... | S | |
| CVE-2003-0999 | Unknown multiple vulnerabilities in (1) lpstat and (2) the libprint library in Solaris 2.6 through 9... | S |