| ID | Summary | Flags | Max Score |
|---|---|---|---|
| CVE-2003-1000 | xchat 2.0.6 allows remote attackers to cause a denial of service (crash) via a passive DCC request w... | S | |
| CVE-2003-1001 | Buffer overflow in the Cisco Firewall Services Module (FWSM) in Cisco Catalyst 6500 and 7600 series ... | S | |
| CVE-2003-1002 | Cisco Firewall Services Module (FWSM) in Cisco Catalyst 6500 and 7600 series devices allows remote a... | S | |
| CVE-2003-1003 | Cisco PIX firewall 5.x.x, and 6.3.1 and earlier, allows remote attackers to cause a denial of servic... | S | |
| CVE-2003-1004 | Cisco PIX firewall 6.2.x through 6.2.3, when configured as a VPN Client, allows remote attackers to ... | S | |
| CVE-2003-1005 | The PKI functionality in Mac OS X 10.2.8 and 10.3.2 allows remote attackers to cause a denial of ser... | S | |
| CVE-2003-1006 | Buffer overflow in cd9660.util in Apple Mac OS X 10.0 through 10.3.2 and Apple Mac OS X Server 10.0 ... | E S | |
| CVE-2003-1007 | AppleFileServer (AFS) in Apple Mac OS X 10.2.8 and 10.3.2 does not properly handle certain malformed... | S | |
| CVE-2003-1008 | Unknown vulnerability in Mac OS X 10.2.8 and 10.3.2 allows local users to bypass the screen saver lo... | | |
| CVE-2003-1009 | Directory Services in Apple Mac OS X 10.0.2, 10.0.3, 10.2.8, 10.3.2 and Apple Mac OS X Server 10.2 t... | E S | |
| CVE-2003-1010 | Unknown vulnerability in fs_usage in Mac OS X 10.2.8 and 10.3.2 and Mac OS X Server 10.2.8 and 10.3.... | S | |
| CVE-2003-1011 | Apple Mac OS X 10.0 through 10.2.8 allows local users with a USB keyboard to gain unauthorized acces... | S | |
| CVE-2003-1012 | The SMB dissector in Ethereal before 0.10.0 allows remote attackers to cause a denial of service via... | S | |
| CVE-2003-1013 | The Q.931 dissector in Ethereal before 0.10.0, and Tethereal, allows remote attackers to cause a den... | S | |
| CVE-2003-1014 | Multiple content security gateway and antivirus products allow remote attackers to bypass content re... | | |
| CVE-2003-1015 | Multiple content security gateway and antivirus products allow remote attackers to bypass content re... | | |
| CVE-2003-1016 | Multiple content security gateway and antivirus products allow remote attackers to bypass content re... | | |
| CVE-2003-1017 | Macromedia Flash Player before 7,0,19,0 stores a Flash data file in a predictable location that is a... | E S | |
| CVE-2003-1018 | Format string vulnerability in enq command in AIX 4.3, 5.1, and 5.2 allows local users with rintq gr... | S | |
| CVE-2003-1020 | The format_send_to_gui function in formats.c for irssi before 0.8.9 allows remote IRC users to cause... | | |
| CVE-2003-1021 | The scosession program in OpenServer 5.0.6 and 5.0.7 allows local users to gain privileges via craft... | S | |
| CVE-2003-1022 | Directory traversal vulnerability in fsp before 2.81.b18 allows remote users to access files outside... | S | |
| CVE-2003-1023 | Stack-based buffer overflow in vfs_s_resolve_symlink of vfs/direntry.c for Midnight Commander (mc) 4... | | |
| CVE-2003-1024 | Unknown vulnerability in the ls-F builtin function in tcsh on Solaris 8 allows local users to create... | S | |
| CVE-2003-1025 | Internet Explorer 5.01 through 6 SP1 allows remote attackers to spoof the domain of a URL via a "%01... | E | |
| CVE-2003-1026 | Internet Explorer 5.01 through 6 SP1 allows remote attackers to bypass zone restrictions via a javas... | | |
| CVE-2003-1027 | Internet Explorer 5.01 through 6 SP1 allows remote attackers to direct drag and drop behaviors and o... | | |
| CVE-2003-1028 | The download function of Internet Explorer 6 SP1 allows remote attackers to obtain the cache directo... | | |
| CVE-2003-1029 | The L2TP protocol parser in tcpdump 3.8.1 and earlier allows remote attackers to cause a denial of s... | S | |
| CVE-2003-1030 | Buffer overflow in DameWare Mini Remote Control before 3.73 allows remote attackers to execute arbit... | E S | |
| CVE-2003-1031 | Cross-site scripting (XSS) vulnerability in register.php for vBulletin 3.0 Beta 2 allows remote atta... | E | |
| CVE-2003-1032 | Pi3Web web server 2.0.2 Beta 1, when the Directory Index is configured to use the "Name" column and ... | E S | |
| CVE-2003-1033 | The (1) instdbmsrv and (2) instlserver programs in SAP DB Development Tools 7.x trust the user-provi... | S | |
| CVE-2003-1034 | The RPM installation of SAP DB 7.x creates the (1) dbmsrv or (2) lserver programs with world-writabl... | S | |
| CVE-2003-1035 | The default installation of SAP R/3 46C/D allows remote attackers to bypass account locking by using... | | |
| CVE-2003-1036 | Multiple buffer overflows in the AGate component for SAP Internet Transaction Server (ITS) allow rem... | | |
| CVE-2003-1037 | Format string vulnerability in the WGate component for SAP Internet Transaction Server (ITS) allows ... | | |
| CVE-2003-1038 | The AGate component for SAP Internet Transaction Server (ITS) allows remote attackers to obtain sens... | | |
| CVE-2003-1039 | Multiple buffer overflows in the mySAP.com architecture for SAP allow remote attackers to execute ar... | | |
| CVE-2003-1040 | kmod in the Linux kernel does not set its uid, suid, gid, or sgid to 0, which allows local users to ... | | |
| CVE-2003-1041 | Internet Explorer 5.x and 6.0 allows remote attackers to execute arbitrary programs via a modified d... | E | |
| CVE-2003-1042 | SQL injection vulnerability in collectstats.pl for Bugzilla 2.16.3 and earlier allows remote authent... | S | |
| CVE-2003-1043 | SQL injection vulnerability in Bugzilla 2.16.3 and earlier, and 2.17.1 through 2.17.4, allows remote... | S | |
| CVE-2003-1044 | editproducts.cgi in Bugzilla 2.16.3 and earlier, when usebuggroups is enabled, does not properly rem... | S | |
| CVE-2003-1045 | votes.cgi in Bugzilla 2.16.3 and earlier, and 2.17.1 through 2.17.4, allows remote attackers to read... | S | |
| CVE-2003-1046 | describecomponents.cgi in Bugzilla 2.17.3 and 2.17.4 does not properly verify group membership when ... | S | |
| CVE-2003-1047 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2004-0540. Reason: This candida... | R | |
| CVE-2003-1048 | Double free vulnerability in mshtml.dll for certain versions of Internet Explorer 6.x allows remote ... | S | |
| CVE-2003-1049 | IBM DB2 Universal Database 7 before FixPak 12 creates certain DMS directories with insecure permissi... | S | |
| CVE-2003-1050 | Multiple buffer overflows in IBM DB2 Universal Database 8.1 may allow local users to execute arbitra... | E S | |
| CVE-2003-1051 | Multiple format string vulnerabilities in IBM DB2 Universal Database 8.1 may allow local users to ex... | E S | |
| CVE-2003-1052 | IBM DB2 7.1 and 8.1 allow the bin user to gain root privileges by modifying the shared libraries tha... | E S | |
| CVE-2003-1053 | Multiple buffer overflows in XShisen allow attackers to execute arbitrary code via a long (1) -KCONV... | S | |
| CVE-2003-1054 | mod_access_referer 1.0.2 allows remote attackers to cause a denial of service (crash) via a malforme... | E S | |
| CVE-2003-1055 | Buffer overflow in the nss_ldap.so.1 library for Sun Solaris 8 and 9 may allow local users to gain r... | E S | |
| CVE-2003-1056 | The ed editor for Sun Solaris 2.6, 7, and 8 allows local users to create or overwrite arbitrary file... | S | |
| CVE-2003-1057 | Unknown vulnerability in CDE Print Viewer (dtprintinfo) for Sun Solaris 2.6 through 9 may allow loca... | S | |
| CVE-2003-1058 | The Xsun server for Sun Solaris 2.6 through 9, when running in Direct Graphics Access (DGA) mode, al... | S | |
| CVE-2003-1059 | Unknown vulnerability in the libraries for the PGX32 frame buffer in Solaris 2.5.1 and 2.6 through 9... | S | |
| CVE-2003-1060 | The NFS Server for Solaris 7, 8, and 9 allows remote attackers to cause a denial of service (UFS pan... | S | |
| CVE-2003-1061 | Race condition in Solaris 2.6 through 9 allows local users to cause a denial of service (kernel pani... | S | |
| CVE-2003-1062 | Unknown vulnerability in the sysinfo system call for Solaris for SPARC 2.6 through 9, and Solaris fo... | S | |
| CVE-2003-1063 | The patches (1) 105693-13, (2) 108800-02, (3) 105694-13, and (4) 108801-02 for cachefs on Solaris 2.... | S | |
| CVE-2003-1064 | Solaris 8 with IPv6 enabled allows remote attackers to cause a denial of service (kernel panic) via ... | S | |
| CVE-2003-1065 | Unknown vulnerability in patches 108993-14 through 108993-19 and 108994-14 through 108994-19 for Sol... | S | |
| CVE-2003-1066 | Buffer overflow in the syslog daemon for Solaris 2.6 through 9 allows remote attackers to cause a de... | S | |
| CVE-2003-1067 | Multiple buffer overflows in the (1) dbm_open function, as used in ndbm and dbm, and the (2) dbminit... | S | |
| CVE-2003-1068 | Buffer overflow in utmp_update for Solaris 2.6 through 9 allows local users to gain root privileges,... | S | |
| CVE-2003-1069 | The Telnet daemon (in.telnetd) for Solaris 2.6 through 9 allows remote attackers to cause a denial o... | S | |
| CVE-2003-1070 | Unknown vulnerability in rpcbind for Solaris 2.6 through 9 allows remote attackers to cause a denial... | S | |
| CVE-2003-1071 | rpc.walld (wall daemon) for Solaris 2.6 through 9 allows local users to send messages to logged on u... | E S | |
| CVE-2003-1072 | Memory leak in lofiadm in Solaris 8 allows local users to cause a denial of service (kernel memory c... | S | |
| CVE-2003-1073 | A race condition in the at command for Solaris 2.6 through 9 allows local users to delete arbitrary ... | S | |
| CVE-2003-1074 | Unknown vulnerability in newtask for Solaris 9 allows local users to gain root privileges.... | S | |
| CVE-2003-1075 | Unknown vulnerability in the FTP server (in.ftpd) for Solaris 2.6 through 9 allows remote attackers ... | S | |
| CVE-2003-1076 | Unknown vulnerability in sendmail for Solaris 7, 8, and 9 allows local users to cause a denial of se... | S | |
| CVE-2003-1077 | Unknown vulnerability in UFS for Solaris 9 for SPARC, with logging enabled, allows local users to ca... | S | |
| CVE-2003-1078 | The FTP client for Solaris 2.6, 7, and 8 with the debug (-d) flag enabled displays the user password... | S | |
| CVE-2003-1079 | Unknown vulnerability in UDP RPC for Solaris 2.5.1 through 9 for SPARC, and 2.5.1 through 8 for x86,... | S | |
| CVE-2003-1080 | Unknown vulnerability in mail for Solaris 2.6 through 9 allows local users to read the email of othe... | S | |
| CVE-2003-1081 | Aspppls for Solaris 8 allows local users to overwrite arbitrary files via a symlink attack on the .a... | E S | |
| CVE-2003-1082 | Buffer overflow in utmp_update for Solaris 2.6 through 9 allows local users to gain root privileges,... | | |
| CVE-2003-1083 | Stack-based buffer overflow in Monit 1.4 to 4.1 allows remote attackers to execute arbitrary code vi... | E S | |
| CVE-2003-1084 | Monit 1.4 to 4.1 allows remote attackers to cause a denial of service (daemon crash) via an HTTP POS... | E S | |
| CVE-2003-1085 | The HTTP server in the Thomson TWC305, TWC315, and TCW690 cable modem ST42.03.0a allows remote attac... | E | |
| CVE-2003-1086 | PHP remote file inclusion vulnerability in pm/lib.inc.php in pMachine Free and pMachine Pro 2.2 and ... | S | |
| CVE-2003-1087 | Unknown vulnerability in diagmond and possibly other applications in HP9000 Series 700/800 running H... | S | |
| CVE-2003-1088 | Cross-site scripting (XSS) vulnerability in index.php for Zorum 3.4 and 3.5 allows remote attackers ... | E | |
| CVE-2003-1089 | index.php for Zorum 3.4 allows remote attackers to determine the full path of the web root via inval... | E | |
| CVE-2003-1090 | Buffer overflow in AbsoluteTelnet before 2.12 RC10 allows remote attackers to execute arbitrary code... | E S | |
| CVE-2003-1091 | Integer overflow in MP3Broadcaster for Apple QuickTime/Darwin Streaming Server 4.1.3 allows remote a... | E | |
| CVE-2003-1092 | Unknown vulnerability in the "Automatic File Content Type Recognition (AFCTR) Tool version of the fi... | | |
| CVE-2003-1093 | BEA WebLogic Server 6.1, 7.0 and 7.0.0.1, when routing messages to a JMS target domain that is inacc... | S | |
| CVE-2003-1094 | BEA WebLogic Server and Express version 7.0 SP3 may follow certain code execution paths that result ... | S | |
| CVE-2003-1095 | BEA WebLogic Server and Express 7.0 and 7.0.0.1, when using "memory" session persistence for web app... | S | |
| CVE-2003-1096 | The Cisco LEAP challenge/response authentication mechanism uses passwords in a way that is susceptib... | E | |
| CVE-2003-1097 | Buffer overflow in rexec on HP-UX B.10.20, B.11.00, and B.11.04, when setuid root, may allow local u... | E S | |
| CVE-2003-1098 | The Xserver for HP-UX 11.22 was not properly built, which introduced a vulnerability that allows loc... | S | |
| CVE-2003-1099 | shar on HP-UX B.11.00, B.11.04, and B.11.11 creates temporary files with predictable names in /tmp, ... | S | |
| CVE-2003-1100 | Multiple cross-site scripting (XSS) vulnerabilities in Hummingbird CyberDOCS 3.5.1, 3.9, and 4.0 all... | S | |
| CVE-2003-1101 | Hummingbird CyberDOCS 3.5.1, 3.9, and 4.0 allows remote attackers to obtain the full path of the DM ... | S | |
| CVE-2003-1102 | Hummingbird CyberDOCS 3.5, 3.9, and 4.0, when running on IIS, uses insecure permissions for script s... | S | |
| CVE-2003-1103 | SQL injection vulnerability in loginact.asp for Hummingbird CyberDOCS before 3.9 allows remote attac... | S | |
| CVE-2003-1104 | Buffer overflow in IBM Tivoli Firewall Toolbox (TFST) 1.2 allows remote attackers to execute arbitra... | S | |
| CVE-2003-1105 | Unknown vulnerability in Internet Explorer 5.01 SP3 through 6.0 SP1 allows remote attackers to cause... | | |
| CVE-2003-1106 | The SMTP service in Microsoft Windows 2000 before SP4 allows remote attackers to cause a denial of s... | | |
| CVE-2003-1107 | The DHTML capability in Microsoft Windows Media Player (WMP) 6.4, 7.0, 7.1, and 9 may run certain UR... | | |
| CVE-2003-1108 | The Session Initiation Protocol (SIP) implementation in Alcatel OmniPCX Enterprise 5.0 Lx allows rem... | E | |
| CVE-2003-1109 | The Session Initiation Protocol (SIP) implementation in multiple Cisco products including IP Phone m... | E S | |
| CVE-2003-1110 | The Session Initiation Protocol (SIP) implementation in Columbia SIP User Agent (sipc) 1.74 and othe... | E S | |
| CVE-2003-1111 | The Session Initiation Protocol (SIP) implementation in multiple dynamicsoft products including y an... | E | |
| CVE-2003-1112 | The Session Initiation Protocol (SIP) implementation in Ingate Firewall and Ingate SIParator before ... | E S | |
| CVE-2003-1113 | The Session Initiation Protocol (SIP) implementation in IPTel SIP Express Router 0.8.9 and earlier a... | E S | |
| CVE-2003-1114 | The Session Initiation Protocol (SIP) implementation in Mediatrix Telecom VoIP Access Devices and Ga... | E | |
| CVE-2003-1115 | The Session Initiation Protocol (SIP) implementation in Nortel Networks Succession Communication Ser... | E S | |
| CVE-2003-1116 | The communications protocol for the Report Review Agent (RRA), aka FND File Server (FNDFS) program, ... | S | |
| CVE-2003-1117 | Buffer overflow in RealSystem Server 6.x, 7.x and 8.x, and RealSystem Proxy 8.x, related to URL erro... | S | |
| CVE-2003-1118 | Buffer overflow in the SETI@home client 3.03 and other versions allows remote attackers to cause a d... | S | |
| CVE-2003-1119 | SSH Secure Shell before 3.2.9 allows remote attackers to cause a denial of service via malformed BER... | S | |
| CVE-2003-1120 | Race condition in SSH Tectia Server 4.0.3 and 4.0.4 for Unix, when the password change plugin (ssh-p... | S | |
| CVE-2003-1121 | Services in ScriptLogic 4.01, and possibly other versions before 4.14, process client requests at ra... | S | |
| CVE-2003-1122 | ScriptLogic 4.01, and possibly other versions before 4.14, uses insecure permissions for the LOGS$ s... | S | |
| CVE-2003-1123 | Sun Java Runtime Environment (JRE) and SDK 1.4.0_01 and earlier allows untrusted applets to access c... | E S | |
| CVE-2003-1124 | Unknown vulnerability in Sun Management Center (SunMC) 2.1.1, 3.0, and 3.0 Revenue Release (RR), whe... | S | |
| CVE-2003-1125 | Unknown vulnerability in ns-ldapd for Sun ONE Directory Server 4.16, 5.0, and 5.1 allows LDAP client... | S | |
| CVE-2003-1126 | Unknown vulnerability in SunOne/iPlanet Web Server SP3 through SP5 on Windows platforms allows remot... | S | |
| CVE-2003-1127 | Whale Communications e-Gap 2.5 on Windows 2000 allows remote attackers to obtain the source code for... | E | |
| CVE-2003-1128 | XMMS.pm in X2 XMMS Remote, as obtained from the vendor server between 4 AM 11 AM PST on May 7, 2003,... | E S | |
| CVE-2003-1129 | Buffer overflow in the Yahoo! Audio Conferencing (aka Voice Chat) ActiveX control before 1,0,0,45 al... | S | |
| CVE-2003-1130 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2003-1071. Reason: This candida... | R | |
| CVE-2003-1131 | PHP remote file inclusion vulnerability in index.php in KnowledgeBuilder, referred to as KnowledgeBa... | E S | |
| CVE-2003-1132 | The DNS server for Cisco Content Service Switch (CSS) 11000 and 11500, when prompted for a nonexiste... | | |
| CVE-2003-1133 | Rit Research Labs The Bat! 1.0.11 through 2.0 creates new accounts with insecure ACLs, which allows ... | E | |
| CVE-2003-1134 | Sun Java 1.3.1, 1.4.1, and 1.4.2 allows local users to cause a denial of service (JVM crash), possib... | E | |
| CVE-2003-1135 | Buffer overflow in Yahoo! Messenger 5.6 allows remote attackers to cause a denial of service (crash)... | E | |
| CVE-2003-1136 | Cross-site scripting (XSS) vulnerability in Chi Kien Uong Guestbook 1.51 allows remote attackers to ... | E | |
| CVE-2003-1137 | Charles Steinkuehler sh-httpd 0.3 and 0.4 allows remote attackers to read files or execute arbitrary... | E S | |
| CVE-2003-1138 | The default configuration of Apache 2.0.40, as shipped with Red Hat Linux 9.0, allows remote attacke... | E | |
| CVE-2003-1139 | Musicqueue 1.2.0 allows local users to overwrite arbitrary files by triggering a segmentation fault ... | E | |
| CVE-2003-1140 | Buffer overflow in Musicqueue 1.2.0 allows local users to execute arbitrary code via a long language... | E | |
| CVE-2003-1141 | Buffer overflow in NIPrint 4.10 allows remote attackers to execute arbitrary code via a long string ... | E | |
| CVE-2003-1142 | Help in NIPrint LPD-LPR Print Server 4.10 and earlier executes Windows Explorer with SYSTEM privileg... | E | |
| CVE-2003-1143 | Croteam Serious Sam demo test 2 2.1a, Serious Sam: the First Encounter 1.05, and Serious Sam: the Se... | E S | |
| CVE-2003-1144 | Buffer overflow in the log viewing interface in Perception LiteServe 1.25 through 2.2 allows remote ... | E S | |
| CVE-2003-1145 | Cross-site scripting (XSS) vulnerability in friendmail.php in OpenAutoClassifieds 1.0 allows remote ... | E | |
| CVE-2003-1146 | Cross-site scripting (XSS) vulnerability in John Beatty Easy PHP Photo Album 1.0 allows remote attac... | E | |
| CVE-2003-1147 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2003-0955. Reason: This candida... | R | |
| CVE-2003-1148 | Multiple PHP remote file inclusion vulnerabilities in J-Pierre DEZELUS Les Visiteurs 2.0.1, as used ... | E S | |
| CVE-2003-1149 | Cross-site scripting (XSS) vulnerability in Symantec Norton Internet Security 2003 6.0.4.34 allows r... | E S | |
| CVE-2003-1150 | Buffer overflow in the portmapper service (PMAP.NLM) in Novell NetWare 6 SP3 and ZenWorks for Deskto... | | |
| CVE-2003-1151 | Cross-site scripting (XSS) vulnerability in Fastream NETFile Server 6.0.3.588 allows remote attacker... | E | |
| CVE-2003-1152 | WebTide 7.04 allows remote attackers to list arbitrary directories via an HTTP request for %3f.jsp (... | E | |
| CVE-2003-1153 | byteHoard 0.7 and 0.71 allows remote attackers to list arbitrary files and directories via a direct ... | E S | |
| CVE-2003-1154 | MAILsweeper for SMTP 4.3 allows remote attackers to bypass virus protection via a mail message with ... | S | |
| CVE-2003-1155 | X-CD-Roast 0.98 alpha10 through alpha14 allows local users to overwrite arbitrary files via a symlin... | S | |
| CVE-2003-1156 | Java Runtime Environment (JRE) and Software Development Kit (SDK) 1.4.2 through 1.4.2_02 allows loca... | E | |
| CVE-2003-1157 | Cross-site scripting (XSS) vulnerability in login.asp in Citrix MetaFrame XP Server 1.0 allows remot... | E S | |
| CVE-2003-1158 | Multiple buffer overflows in the FTP service in Plug and Play Web Server 1.0002c allow remote attack... | E | |
| CVE-2003-1159 | Plug and Play Web Server Proxy 1.0002c allows remote attackers to cause a denial of service (server ... | E | |
| CVE-2003-1160 | FlexWATCH Network video server 132 allows remote attackers to bypass authentication and gain adminis... | E S | |
| CVE-2003-1161 | exit.c in Linux kernel 2.6-test9-CVS, as stored on kernel.bkbits.net, was modified to contain a back... | E | |
| CVE-2003-1162 | index.php in Tritanium Bulletin Board 1.2.3 allows remote attackers to read and reply to arbitrary m... | E | |
| CVE-2003-1163 | hash.c in Ganglia gmond 2.5.3 allows remote attackers to cause a denial of service (segmentation fau... | E S | |
| CVE-2003-1164 | Cross-site scripting (XSS) vulnerability in Mldonkey 2.5-4 allows remote attackers to inject arbitra... | E S | |
| CVE-2003-1165 | Buffer overflow in BRS WebWeaver 1.06 and earlier allows remote attackers to cause a denial of servi... | E | |
| CVE-2003-1166 | Directory traversal vulnerability in (1) Openfile.aspx and (2) Html.aspx in HTTP Commander 4.0 allow... | E | |
| CVE-2003-1167 | misc.cpp in KPopup 0.9.1 trusts the PATH variable when executing killall, which allows local users t... | E S | |
| CVE-2003-1168 | HTTP Commander 4.0 allows remote attackers to obtain sensitive information via an HTTP request that ... | E S | |
| CVE-2003-1169 | DATEV Nutzungskontrolle 2.1 and 2.2 has insecure write permissions for critical registry keys, which... | E S | |
| CVE-2003-1170 | Format string vulnerability in main.cpp in kpopup 0.9.1 and 0.9.5pre2 allows local users to cause a ... | E S | |
| CVE-2003-1171 | Heap-based buffer overflow in the sec_filter_out function in mod_security 1.7RC1 through 1.7.1 in Ap... | E S | |
| CVE-2003-1172 | Directory traversal vulnerability in the view-source sample file in Apache Software Foundation Cocoo... | E S | |
| CVE-2003-1173 | Centrinity FirstClass 7.1 allows remote attackers to access sensitive information by appending searc... | E S | |
| CVE-2003-1174 | Buffer overflow in NullSoft Shoutcast Server 1.9.2 allows local users to cause a denial of service v... | E | |
| CVE-2003-1175 | Cross-site scripting (XSS) vulnerability in index.php in Sympoll 1.5 allows remote attackers to inje... | E | |
| CVE-2003-1176 | post_message_form.asp in Web Wiz Forums 6.34 through 7.5, when quote mode is used, allows remote att... | E S | |
| CVE-2003-1177 | Buffer overflow in the base64 decoder in MERCUR Mailserver 4.2 before SP3a allows remote attackers t... | E S | |
| CVE-2003-1178 | Eval injection vulnerability in comments.php in Advanced Poll 2.0.2 allows remote attackers to execu... | E S | |
| CVE-2003-1179 | Multiple PHP remote file inclusion vulnerabilities in Advanced Poll 2.0.2 allow remote attackers to ... | E S | |
| CVE-2003-1180 | Directory traversal vulnerability in Advanced Poll 2.0.2 allows remote attackers to read arbitrary f... | S | |
| CVE-2003-1181 | Advanced Poll 2.0.2 allows remote attackers to obtain sensitive information via an HTTP request to i... | E S | |
| CVE-2003-1182 | Cross-site scripting (XSS) vulnerability in MPM Guestbook 1.2 allows remote attackers to inject arbi... | E | |
| CVE-2003-1183 | The WebCache component in Oracle Files 9.0.3.1.0, 9.0.3.2.0, and 9.0.3.3.0 of Oracle Collaboration S... | S | |
| CVE-2003-1184 | Multiple cross-site scripting (XSS) vulnerabilities in ThWboard Beta 2.8 and 2.81 allow remote attac... | E S | |
| CVE-2003-1185 | Multiple SQL injection vulnerabilities in ThWboard before Beta 2.8.2 allow remote attackers to injec... | S | |
| CVE-2003-1186 | Buffer overflow in TelCondex SimpleWebServer 2.12.30210 Build3285 allows remote attackers to execute... | E S | |
| CVE-2003-1187 | Cross-site scripting (XSS) vulnerability in include.php in PHPKIT 1.6.02 and 1.6.03 allows remote at... | E | |
| CVE-2003-1188 | Unichat allows remote attackers to cause a denial of service (crash) by adding extra chat characters... | E | |
| CVE-2003-1189 | Unknown vulnerability in Nokia IPSO 3.7, configured as IP Clusters, allows remote attackers to cause... | S | |
| CVE-2003-1190 | Cross-site scripting (XSS) vulnerability in PHPRecipeBook 1.24 through 2.17 allows remote attackers ... | S | |
| CVE-2003-1191 | chatbox.php in e107 0.554 and 0.603 allows remote attackers to cause a denial of service (pages fail... | E S | |
| CVE-2003-1192 | Stack-based buffer overflow in IA WebMail Server 3.1.0 allows remote attackers to execute arbitrary ... | E | |
| CVE-2003-1193 | Multiple SQL injection vulnerabilities in the Portal DB (1) List of Values (LOVs), (2) Forms, (3) Hi... | S | |
| CVE-2003-1194 | Cross-site scripting (XSS) vulnerability in Booby .1 through 0.2.3 allows remote attackers to inject... | S | |
| CVE-2003-1195 | SQL injection vulnerability in getmember.asp in VieBoard 2.6 Beta 1 allows remote attackers to execu... | E S | |
| CVE-2003-1196 | SQL injection vulnerability in viewtopic.asp in VieBoard 2.6 allows remote attackers to execute arbi... | E S | |
| CVE-2003-1197 | Cross-site scripting (XSS) vulnerability in index.php for Ledscripts.com LedForums Beta 1 allows rem... | E | |
| CVE-2003-1198 | connection.c in Cherokee web server before 0.4.6 allows remote attackers to cause a denial of servic... | S | |
| CVE-2003-1199 | Cross-site scripting (XSS) vulnerability in MyProxy 20030629 allows remote attackers to inject arbit... | E | |
| CVE-2003-1200 | Stack-based buffer overflow in FORM2RAW.exe in Alt-N MDaemon 6.5.2 through 6.8.5 allows remote attac... | E | |
| CVE-2003-1201 | ldbm_back_exop_passwd in the back-ldbm backend in passwd.c for OpenLDAP 2.1.12 and earlier, when the... | S | |
| CVE-2003-1202 | The checklogin function in omail.pl for omail webmail 0.98.4 and earlier allows remote attackers to ... | E S | |
| CVE-2003-1203 | Cross-site scripting (XSS) vulnerability in index.php for Mambo Site Server 4.0.10 allows remote att... | E | |
| CVE-2003-1204 | Multiple cross-site scripting (XSS) vulnerabilities in Mambo Site Server 4.0.12 BETA and earlier all... | E | |
| CVE-2003-1205 | Crob FTP Server 2.60.1 allows remote authenticated users to cause a denial of service (crash) by ren... | S | |
| CVE-2003-1206 | Format string vulnerability in Crob FTP Server 2.60.1 allows remote attackers to cause a denial of s... | E S | |
| CVE-2003-1207 | Crob FTP Server 3.5.1 allows remote authenticated users to cause a denial of service (crash) via a d... | E | |
| CVE-2003-1208 | Multiple buffer overflows in Oracle 9i 9 before 9.2.0.3 allow local users to execute arbitrary code ... | E S | |
| CVE-2003-1209 | The Post_Method function in Monkey HTTP Daemon before 0.6.2 allows remote attackers to cause a denia... | S | |
| CVE-2003-1210 | Multiple SQL injection vulnerabilities in the Downloads module for PHP-Nuke 5.x through 6.5 allow re... | E | |
| CVE-2003-1211 | Cross-site scripting (XSS) vulnerability in search.asp for MaxWebPortal 1.30 and possibly earlier ve... | E S | |
| CVE-2003-1212 | MaxWebPortal 1.30 allows remote attackers to perform unauthorized actions by modifying hidden form f... | E S | |
| CVE-2003-1213 | The default installation of MaxWebPortal 1.30 stores the portal database under the web document root... | E S | |
| CVE-2003-1214 | Unknown vulnerability in the server login for VisualShapers ezContents 2.02 and earlier allows remot... | E S | |
| CVE-2003-1215 | SQL injection vulnerability in groupcp.php for phpBB 2.0.6 and earlier allows group moderators to pe... | S | |
| CVE-2003-1216 | SQL injection vulnerability in search.php for phpBB 2.0.6 and earlier allows remote attackers to exe... | E S | |
| CVE-2003-1217 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual w... | R | |
| CVE-2003-1218 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual w... | R | |
| CVE-2003-1219 | Cross-site scripting (XSS) vulnerability in the tep_href_link function in html_output.php for osComm... | | |
| CVE-2003-1220 | BEA WebLogic Server proxy plugin for BEA Weblogic Express and Server 6.1 through 8.1 SP 1 allows rem... | S | |
| CVE-2003-1221 | BEA WebLogic Express and Server 7.0 through 8.1 SP 1, under certain circumstances when a request to ... | S | |
| CVE-2003-1222 | BEA Weblogic Express and Server 8.0 through 8.1 SP 1, when using a foreign Java Message Service (JMS... | S | |
| CVE-2003-1223 | The Node Manager for BEA WebLogic Express and Server 6.1 through 8.1 SP 1 allows remote attackers to... | S | |
| CVE-2003-1224 | Weblogic.admin for BEA WebLogic Server and Express 7.0 and 7.0.0.1 displays the JDBCConnectionPoolRu... | S | |
| CVE-2003-1225 | The default CredentialMapper for BEA WebLogic Server and Express 7.0 and 7.0.0.1 stores passwords in... | S | |
| CVE-2003-1226 | BEA WebLogic Server and Express 7.0 and 7.0.0.1 stores certain secrets concerning password encryptio... | S | |
| CVE-2003-1227 | PHP remote file include vulnerability in index.php for Gallery 1.4 and 1.4-pl1, when running on Wind... | E S | |
| CVE-2003-1228 | Buffer overflow in the prepare_reply function in request.c for Mathopd 1.2 through 1.5b13, and possi... | E | |
| CVE-2003-1229 | X509TrustManager in (1) Java Secure Socket Extension (JSSE) in SDK and JRE 1.4.0 through 1.4.0_01, (... | S | |
| CVE-2003-1230 | The implementation of SYN cookies (syncookies) in FreeBSD 4.5 through 5.0-RELEASE-p3 uses only 32-bi... | S | |
| CVE-2003-1231 | Cross-site scripting (XSS) vulnerability in index.php in ECW-Shop 5.5 allows remote attackers to inj... | E | |
| CVE-2003-1232 | Emacs 21.2.1 does not prompt or warn the user before executing Lisp code in the local variables sect... | S | |
| CVE-2003-1233 | Pedestal Software Integrity Protection Driver (IPD) 1.3 and earlier allows privileged attackers, suc... | E S | |
| CVE-2003-1234 | Integer overflow in the f_count counter in FreeBSD before 4.2 through 5.0 allows local users to caus... | S | |
| CVE-2003-1235 | BRW WebWeaver 1.03 allows remote attackers to obtain sensitive server environment information via a ... | E | |
| CVE-2003-1236 | Multiple format string vulnerabilities in the logger function in netzio.c for Tanne 0.6.17 allows re... | E S | |
| CVE-2003-1237 | Cross-site scripting vulnerability (XSS) in WWWBoard 2.0A2.1 and earlier allows remote attackers to ... | E | |
| CVE-2003-1238 | Cross-site scripting vulnerability (XSS) in Nuked-Klan 1.3 beta and earlier allows remote attackers ... | E | |
| CVE-2003-1239 | Directory traversal vulnerability in sendphoto.php in WihPhoto 0.86 allows remote attackers to read ... | E S | |
| CVE-2003-1240 | PHP remote file inclusion vulnerability in CuteNews 0.88 allows remote attackers to execute arbitrar... | E | |
| CVE-2003-1241 | Cross-site scripting vulnerability (XSS) in (1) admin_index.php, (2) admin_pass.php, (3) admin_modif... | E S | |
| CVE-2003-1242 | Sage 1.0 b3 allows remote attackers to obtain the root web server path via a URL request for a non-e... | E | |
| CVE-2003-1243 | Cross-site scripting vulnerability (XSS) in Sage 1.0 b3 allows remote attackers to insert arbitrary ... | E | |
| CVE-2003-1244 | SQL injection vulnerability in page_header.php in phpBB 2.0, 2.0.1 and 2.0.2 allows remote attackers... | E S | |
| CVE-2003-1245 | index2.php in Mambo 4.0.12 allows remote attackers to gain administrator access via a URL request wh... | E S | |
| CVE-2003-1246 | NtCreateSymbolicLinkObject in ntdll.dll in Integrity Protection Driver (IPD) 1.2 and 1.3 allows loca... | S | |
| CVE-2003-1247 | Multiple buffer overflows in H-Sphere WebShell 2.3 allow remote attackers to execute arbitrary code ... | E S | |
| CVE-2003-1248 | H-Sphere WebShell 2.3 allows remote attackers to execute arbitrary commands via shell metacharacters... | S | |
| CVE-2003-1249 | WebIntelligence 2.7.1 uses guessable user session cookies, which allows remote attackers to hijack s... | S | |
| CVE-2003-1250 | Efficient Networks 5861 DSL router, when running firmware 5.3.80 configured to block incoming TCP SY... | | |
| CVE-2003-1251 | The (1) menu.inc.php, (2) datasets.php and (3) mass_operations.inc.php (mistakenly referred to as ma... | E S | |
| CVE-2003-1252 | register.php in S8Forum 3.0 allows remote attackers to execute arbitrary PHP commands by creating a ... | E | |
| CVE-2003-1253 | PHP remote file inclusion vulnerability in Bookmark4U 1.8.3 allows remote attackers to execute arbit... | E | |
| CVE-2003-1254 | Active PHP Bookmarks (APB) 1.1.01 allows remote attackers to execute arbitrary PHP code via (1) head... | E S | |
| CVE-2003-1255 | add_bookmark.php in Active PHP Bookmarks (APB) 1.1.01 allows remote attackers to add arbitrary bookm... | E | |
| CVE-2003-1256 | aff_liste_langue.php in E-theni allows remote attackers to execute arbitrary PHP code by modifying t... | E S | |
| CVE-2003-1257 | find_theni_home.php in E-theni allows remote attackers to obtain sensitive system information via a ... | E S | |
| CVE-2003-1258 | activate.php in versatileBulletinBoard (vBB) 0.9.5 and 0.9.6 allows remote attackers to gain unautho... | E S | |
| CVE-2003-1259 | Buffer overflow in CuteFTP 4.2 and 5.0 allows remote attackers to cause a denial of service (crash) ... | E S | |
| CVE-2003-1260 | Buffer overflow in CuteFTP 5.0 allows remote attackers to execute arbitrary code via a long response... | E S | |
| CVE-2003-1261 | Buffer overflow in CuteFTP 5.0 and 5.0.1 allows local users to cause a denial of service (crash) by ... | E S | |
| CVE-2003-1262 | Buffer overflow in the http_fetch function of HTTP Fetcher 1.0.0 and 1.0.1 allows remote attackers t... | E S | |
| CVE-2003-1263 | ICAL.EXE in iCal 3.7 allows remote attackers to cause a denial of service (crash) via a malformed HT... | E S | |
| CVE-2003-1264 | TFTP server in Longshine Wireless Access Point (WAP) LCS-883R-AC-B, and in D-Link DI-614+ 2.0 which ... | E | |
| CVE-2003-1265 | Netscape 7.0 and Mozilla 5.0 do not immediately delete messages in the trash folder when users selec... | E | |
| CVE-2003-1266 | The (1) FTP, (2) POP3, (3) SMTP, and (4) NNTP servers in EServer 2.92 through 2.97, and possibly 2.9... | E S | |
| CVE-2003-1267 | GuildFTPd 0.999 allows remote attackers to cause a denial of service (crash) via a GET request for M... | E | |
| CVE-2003-1268 | Multiple SQL injection vulnerabilities in (1) addcustomer.asp, (2) addprod.asp, and (3) process.asp ... | | |
| CVE-2003-1269 | AN HTTP 1.41e allows remote attackers to obtain the root web server path via an HTTP request with a ... | | |
| CVE-2003-1270 | AN HTTP 1.41e allows remote attackers to cause a denial of service (borken pipe) via an HTTP request... | E | |
| CVE-2003-1271 | Cross-site scripting vulnerability (XSS) in AN HTTP 1.41e allows remote attackers to execute arbitra... | E S | |
| CVE-2003-1272 | Multiple buffer overflows in Winamp 3.0 allow remote attackers to cause a denial of service (crash) ... | | |
| CVE-2003-1273 | Winamp 3.0 allows remote attackers to cause a denial of service (crash) via a .b4s file with a playl... | | |
| CVE-2003-1274 | Winamp 3.0 allows remote attackers to cause a denial of service (crash) via .b4s file with a file: a... | | |
| CVE-2003-1275 | Pocket Internet Explorer (PIE) 3.0 allows remote attackers to cause a denial of service (crash) via ... | E | |
| CVE-2003-1276 | Netfone.exe of NetTelephone 3.5.6 uses weak encryption for user PIN's and stores user account number... | | |
| CVE-2003-1277 | Cross-site scripting (XSS) vulnerabilities in Yet Another Bulletin Board (YaBB) 1.5.0 allow remote a... | E | |
| CVE-2003-1278 | Cross-site scripting vulnerability (XSS) in OpenTopic 2.3.1 allows remote attackers to execute arbit... | E | |
| CVE-2003-1279 | S-PLUS 6.0 allows local users to overwrite arbitrary files and possibly elevate privileges via a sym... | | |
| CVE-2003-1280 | Directory traversal vulnerability in cgihtml 1.69 allows remote attackers to overwrite and create ar... | | |
| CVE-2003-1281 | cgihtml 1.69 allows local users to overwrite arbitrary files via a symlink attack on certain tempora... | | |
| CVE-2003-1282 | IBM Net.Data allows remote attackers to obtain sensitive information such as path names, server name... | | |
| CVE-2003-1283 | KaZaA Media Desktop (KMD) 2.0 launches advertisements in the Internet Explorer (IE) local security z... | | |
| CVE-2003-1284 | Sambar Server before 6.0 beta 6 allows remote attackers to obtain sensitive information via direct r... | S | |
| CVE-2003-1285 | Multiple cross-site scripting (XSS) vulnerabilities in Sambar Server before 6.0 beta 6 allow remote ... | E S | |
| CVE-2003-1286 | HTTP Proxy in Sambar Server before 6.0 beta 6, when security.ini lacks a 127.0.0.1 proxydeny entry, ... | E S | |
| CVE-2003-1287 | Sambar Server before 6.0 beta 3 allows attackers with physical access to execute arbitrary code via ... | S | |
| CVE-2003-1288 | Multiple race conditions in Linux-VServer 1.22 with Linux kernel 2.4.23 and SMP allow local users to... | E S | |
| CVE-2003-1289 | The iBCS2 system call translator for statfs in NetBSD 1.5 through 1.5.3 and FreeBSD 4 up to 4.8-RELE... | S | |
| CVE-2003-1290 | BEA WebLogic Server and WebLogic Express 6.1, 7.0, and 8.1, with RMI and anonymous admin lookup enab... | S | |
| CVE-2003-1291 | VMware ESX Server 1.5.2 before Patch 4 allows local users to execute arbitrary programs as root via ... | S | |
| CVE-2003-1292 | PHP remote file include vulnerability in Derek Ashauer ashNews 0.83 allows remote attackers to inclu... | E | |
| CVE-2003-1293 | Multiple cross-site scripting (XSS) vulnerabilities in NukedWeb GuestBookHost allow remote attackers... | | |
| CVE-2003-1294 | Xscreensaver before 4.15 creates temporary files insecurely in (1) driver/passwd-kerberos.c, (2) dri... | | |
| CVE-2003-1295 | Unspecified vulnerability in xscreensaver 4.12, and possibly other versions, allows attackers to cau... | S | |
| CVE-2003-1296 | Easy File Sharing (EFS) Web Server 1.2 allows remote authenticated users to cause a denial of servic... | E | |
| CVE-2003-1297 | Easy File Sharing (EFS) Web Server 1.2 stores the (1) option.ini (aka options.ini) file and (2) log ... | E S | |
| CVE-2003-1298 | Multiple directory traversal vulnerabilities in siteman.php3 in AnyPortal(php) 12 MAY 00 allow remot... | E | |
| CVE-2003-1299 | Directory traversal vulnerability in Baby FTP Server 1.2, and possibly other versions before May 31,... | E S | |
| CVE-2003-1300 | Baby FTP Server (BabyFTP) 1.2, and possibly other versions before May 31, 2003, allows remote attack... | E S | |
| CVE-2003-1301 | Sun Java Runtime Environment (JRE) 1.x before 1.4.2_11 and 1.5.x before 1.5.0_06, and as used in mul... | E | |
| CVE-2003-1302 | The IMAP functionality in PHP before 4.3.1 allows remote attackers to cause a denial of service via ... | E S | |
| CVE-2003-1303 | Buffer overflow in the imap_fetch_overview function in the IMAP functionality (php_imap.c) in PHP be... | E S | |
| CVE-2003-1304 | EarlyImpact ProductCart 1.0 through 2.0 stores database/EIPC.mdb under the web root with insufficien... | | |
| CVE-2003-1305 | Microsoft Internet Explorer allows remote attackers to cause a denial of service (resource consumpti... | E | |
| CVE-2003-1306 | Microsoft URLScan 2.5, with the RemoveServerHeader option enabled, allows remote attackers to obtain... | E | |
| CVE-2003-1307 | The mod_php module for the Apache HTTP Server allows local users with write access to PHP scripts to... | E | |
| CVE-2003-1308 | CRLF injection vulnerability in fvwm-menu-directory for fvwm 2.5.x before 2.5.10 and 2.4.x before 2.... | E S | |
| CVE-2003-1309 | The DeviceIoControl function in the TrueVector Device Driver (VSDATANT) in ZoneAlarm before 3.7.211,... | E S | |
| CVE-2003-1310 | The DeviceIoControl function in the Norton Device Driver (NAVAP.sys) in Symantec Norton AntiVirus 20... | E | |
| CVE-2003-1311 | siteminderagent/SmMakeCookie.ccc in Netegrity SiteMinder does not ensure that the TARGET parameter n... | E | |
| CVE-2003-1312 | siteminderagent/SmMakeCookie.ccc in Netegrity SiteMinder places a session ID string in the value of ... | | |
| CVE-2003-1313 | Multiple PHP remote file inclusion vulnerabilities in EternalMart Mailing List Manager (EMLM) 1.32 a... | E | |
| CVE-2003-1314 | PHP remote file inclusion vulnerability in admin/auth.php in EternalMart Guestbook (EMGB) 1.1 allows... | E | |
| CVE-2003-1315 | SQL injection vulnerability in auth.php in Land Down Under (LDU) v601 and earlier allows remote atta... | | |
| CVE-2003-1316 | mod.php in eNdonesia 8.2 allows remote attackers to obtain sensitive information via a ' (quote) val... | E | |
| CVE-2003-1317 | Cross-site scripting (XSS) vulnerability in mod.php in eNdonesia 8.2 allows remote attackers to inje... | E | |
| CVE-2003-1318 | Twilight Webserver 1.3.3.0 allows remote attackers to cause a denial of service (application crash) ... | E | |
| CVE-2003-1319 | Multiple buffer overflows in SmartFTP 1.0.973, and other versions before 1.0.976, allow remote attac... | S | |
| CVE-2003-1320 | SonicWALL firmware before 6.4.0.1 allows remote attackers to cause a denial of service and possibly ... | | |
| CVE-2003-1321 | Buffer overflow in Avant Browser 8.02 allows remote attackers to cause a denial of service (crash) a... | E | |
| CVE-2003-1322 | Multiple stack-based buffer overflows in Atrium MERCUR IMAPD in MERCUR Mailserver before 4.2.15.0 al... | S | |
| CVE-2003-1323 | Elm ME+ 2.4 before PL109S, when installed setgid mail and the operating system lacks POSIX saved ID ... | S | |
| CVE-2003-1324 | Race condition in the can_open function in Elm ME+ 2.4, when installed setgid mail and the operating... | S | |
| CVE-2003-1325 | The SV_CheckForDuplicateNames function in Valve Software Half-Life CSTRIKE Dedicated Server 1.1.1.0 ... | E | |
| CVE-2003-1326 | Microsoft Internet Explorer 5.5 and 6.0 allows remote attackers to bypass the cross-domain security ... | | |
| CVE-2003-1327 | Buffer overflow in the SockPrintf function in wu-ftpd 2.6.2 and earlier, when compiled with MAIL_ADM... | | |
| CVE-2003-1328 | The showHelp() function in Microsoft Internet Explorer 5.01, 5.5, and 6.0 supports certain types of ... | | |
| CVE-2003-1329 | ftpd.c in wu-ftpd 2.6.2, when running on "operating systems that only allow one non-connected socket... | S | |
| CVE-2003-1330 | Clearswift MAILsweeper for SMTP 4.3.6 SP1 does not execute custom "on strip unsuccessful" hooks, whi... | | |
| CVE-2003-1331 | Stack-based buffer overflow in the mysql_real_connect function in the MySql client library (libmysql... | E | |
| CVE-2003-1332 | Stack-based buffer overflow in the reply_nttrans function in Samba 2.2.7a and earlier allows remote ... | E | |
| CVE-2003-1333 | Unspecified vulnerability in the Cache' Server Page (CSP) implementation in InterSystems Cache' 4.0.... | | |
| CVE-2003-1334 | Cross-site scripting (XSS) vulnerability in Kai Blankenhorn Bitfolge simple and nice index file (aka... | | |
| CVE-2003-1335 | Directory traversal vulnerability in Kai Blankenhorn Bitfolge simple and nice index file (aka snif) ... | | |
| CVE-2003-1336 | Buffer overflow in mIRC before 6.11 allows remote attackers to execute arbitrary code via a long irc... | E S | |
| CVE-2003-1337 | Heap-based buffer overflow in Aprelium Abyss Web Server 1.1.2 and earlier allows remote attackers to... | S | |
| CVE-2003-1338 | CRLF injection vulnerability in Aprelium Abyss Web Server 1.1.2 and earlier allows remote attackers ... | E | |
| CVE-2003-1339 | Stack-based buffer overflow in eZnet.exe, as used in eZ (a) eZphotoshare, (b) eZmeeting, (c) eZnetwo... | E | |
| CVE-2003-1340 | Multiple SQL injection vulnerabilities in Francisco Burzi PHP-Nuke 5.6 and 6.5 allow remote authenti... | E | |
| CVE-2003-1341 | The default installation of Trend Micro OfficeScan 3.0 through 3.54 and 5.x allows remote attackers ... | E S | |
| CVE-2003-1342 | Trend Micro Virus Control System (TVCS) 1.8 running with IIS allows remote attackers to cause a deni... | | |
| CVE-2003-1343 | Trend Micro ScanMail for Exchange (SMEX) before 3.81 and before 6.1 might install a back door accoun... | E S | |
| CVE-2003-1344 | Trend Micro Virus Control System (TVCS) Log Collector allows remote attackers to obtain usernames, e... | E | |
| CVE-2003-1345 | Directory traversal vulnerability in s.dll in WebCollection Plus 5.00 allows remote attackers to vie... | | |
| CVE-2003-1346 | D-Link wireless access point DWL-900AP+ 2.2, 2.3 and possibly 2.5 allows remote attackers to set fac... | | |
| CVE-2003-1347 | Multiple cross-site scripting (XSS) vulnerabilities in Geeklog 1.3.7 allow remote attackers to injec... | E S | |
| CVE-2003-1348 | Cross-site scripting (XSS) vulnerability in guestbook.cgi in ftls.org Guestbook 1.1 allows remote at... | E | |
| CVE-2003-1349 | Directory traversal vulnerability in NITE ftp-server (NiteServer) 1.83 allows remote attackers to li... | | |
| CVE-2003-1350 | List Site Pro 2.0 allows remote attackers to hijack user accounts by inserting a "|" (pipe), which i... | E | |
| CVE-2003-1351 | Directory traversal vulnerability in edittag.cgi in EditTag 1.1 allows remote attackers to read arbi... | E | |
| CVE-2003-1352 | Gabber 0.8.7 sends an email to a specific address during user login and logout, which allows remote ... | | |
| CVE-2003-1353 | Multiple cross-site scripting (XSS) vulnerabilities in Outreach Project Tool (OPT) 0.946b allow remo... | | |
| CVE-2003-1354 | Multiple GameSpy 3D 2.62 compatible gaming servers generate very large UDP responses to small reques... | E | |
| CVE-2003-1355 | Buffer overflow in the remote console (rcon) in Battlefield 1942 1.2 and 1.3 allows remote attackers... | E | |
| CVE-2003-1356 | The "file handling" in sort in HP-UX 10.01 through 10.20, and 11.00 through 11.11 is "incorrect," wh... | S | |
| CVE-2003-1357 | ProxyView has a default administrator password of Administrator for Embedded Windows NT, which allow... | | |
| CVE-2003-1358 | rs.F300 for HP-UX 10.0 through 11.22 uses the PATH environment variable to find and execute programs... | E | |
| CVE-2003-1359 | Buffer overflow in stmkfont utility of HP-UX 10.0 through 11.22 allows local users to gain privilege... | E S | |
| CVE-2003-1360 | Buffer overflow in the setupterm function of (1) lanadmin and (2) landiag programs of HP-UX 10.0 thr... | | |
| CVE-2003-1361 | Unknown vulnerability in VERITAS Bare Metal Restore (BMR) of Tivoli Storage Manager (TSM) 3.1.0 thro... | S | |
| CVE-2003-1362 | Bastille B.02.00.00 of HP-UX 11.00 and 11.11 does not properly configure the (1) NOVRFY and (2) NOEX... | S | |
| CVE-2003-1363 | The remote web management interface of Aprelium Technologies Abyss Web Server 1.1.2 and earlier does... | | |
| CVE-2003-1364 | Aprelium Technologies Abyss Web Server 1.1.2, and possibly other versions before 1.1.4, allows remot... | E S | |
| CVE-2003-1365 | The escape_dangerous_chars function in CGI::Lite 2.0 and earlier does not correctly remove special c... | E | |
| CVE-2003-1366 | chpass in OpenBSD 2.0 through 3.2 allows local users to read portions of arbitrary files via a hard ... | | |
| CVE-2003-1367 | The which_access variable for Majordomo 2.0 through 1.94.4, and possibly earlier versions, is set to... | E | |
| CVE-2003-1368 | Buffer overflow in the 32bit FTP client 9.49.1 allows remote attackers to cause a denial of service ... | | |
| CVE-2003-1369 | Buffer overflow in ByteCatcher FTP client 1.04b allows remote attackers to cause a denial of service... | E | |
| CVE-2003-1370 | Multiple cross-site scripting (XSS) vulnerabilities in Nuked-Klan 1.2b allow remote attackers to inj... | E S | |
| CVE-2003-1371 | Nuked-Klan 1.3b, and possibly earlier versions, allows remote attackers to obtain sensitive server i... | E | |
| CVE-2003-1372 | Cross-site scripting (XSS) vulnerability in links.php script in myPHPNuke 1.8.8, and possibly earlie... | E | |
| CVE-2003-1373 | Directory traversal vulnerability in auth.php for PhpBB 1.4.0 through 1.4.4 allows remote attackers ... | | |
| CVE-2003-1374 | Buffer overflow in disable of HP-UX 11.0 may allow local users to execute arbitrary code via a long ... | E | |
| CVE-2003-1375 | Buffer overflow in wall for HP-UX 10.20 through 11.11 may allow local users to execute arbitrary cod... | E S | |
| CVE-2003-1376 | WinZip 8.0 uses weak random number generation for password protected ZIP files, which allows local u... | E | |
| CVE-2003-1377 | Buffer overflow in the reverse DNS lookup of Smart IRC Daemon (SIRCD) 0.4.0 and 0.4.4 allows remote ... | | |
| CVE-2003-1378 | Microsoft Outlook Express 6.0 and Outlook 2000, with the security zone set to Internet Zone, allows ... | E | |
| CVE-2003-1379 | clarkconnectd in ClarkConnect Linux 1.2 allows remote attackers to obtain sensitive information abou... | S | |
| CVE-2003-1380 | Directory traversal vulnerability in BisonFTP Server 4 release 2 allows remote attackers to (1) list... | E | |
| CVE-2003-1381 | Format string vulnerability in AMX 0.9.2 and earlier, a plugin for Valve Software's Half-Life Server... | | |
| CVE-2003-1382 | Buffer overflow in ISMail 1.4.3 and earlier allow remote attackers to execute arbitrary code via lon... | S | |
| CVE-2003-1383 | WEB-ERP 0.1.4 and earlier allows remote attackers to obtain sensitive information via an HTTP reques... | | |
| CVE-2003-1384 | Cross-site scripting (XSS) vulnerability in index.php in PY-Livredor 1.0 allows remote attackers to ... | E | |
| CVE-2003-1385 | ipchat.php in Invision Power Board 1.1.1 allows remote attackers to execute arbitrary PHP code, if r... | E | |
| CVE-2003-1386 | AXIS 2400 Video Server 2.00 through 2.33 allows remote attackers to obtain sensitive information via... | | |
| CVE-2003-1387 | Buffer overflow in Opera 6.05 and 6.06, and possibly other versions, allows remote attackers to exec... | E S | |
| CVE-2003-1388 | Buffer overflow in Opera 7.02 Build 2668 allows remote attackers to crash Opera via a long HTTP requ... | | |
| CVE-2003-1389 | RTS CryptoBuddy 1.2 and earlier truncates long passphrases without warning the user, which may make ... | | |
| CVE-2003-1390 | RTS CryptoBuddy 1.2 and earlier stores bytes 53 through 55 of a 55-byte passphrase in plaintext, whi... | | |
| CVE-2003-1391 | RTS CryptoBuddy 1.0 and 1.2 uses a weak encryption algorithm for the passphrase and generates predic... | | |
| CVE-2003-1392 | CryptoBuddy 1.0 and 1.2 does not use the user-supplied passphrase to encrypt data, which could allow... | | |
| CVE-2003-1393 | Buffer overflow in Gupta SQLBase 8.1.0 allows remote attackers to cause a denial of service and poss... | | |
| CVE-2003-1394 | CoffeeCup Software Password Wizard 4.0 stores sensitive information such as usernames and passwords ... | E | |
| CVE-2003-1395 | Buffer overflow in KaZaA Media Desktop 2.0 allows remote attackers to cause a denial of service (cra... | E | |
| CVE-2003-1396 | Heap-based buffer overflow in Opera 6.05 through 7.10 allows remote attackers to cause a denial of s... | E S | |
| CVE-2003-1397 | The PluginContext object of Opera 6.05 and 7.0 allows remote attackers to cause a denial of service ... | E | |
| CVE-2003-1398 | Cisco IOS 12.0 through 12.2, when IP routing is disabled, accepts false ICMP redirect messages, whic... | | |
| CVE-2003-1399 | eject 2.0.10, when installed setuid on systems such as SuSE Linux 7.3, generates different error mes... | E S | |
| CVE-2003-1400 | Cross-site scripting (XSS) vulnerability in the Your_Account module for PHP-Nuke 5.0 through 6.0 all... | E | |
| CVE-2003-1401 | login.php in php-Board 1.0 stores plaintext passwords in $username.txt with insufficient access cont... | E | |
| CVE-2003-1402 | PHP remote file inclusion vulnerability in hit.php for Kietu 2.0 and 2.3 allows remote attackers to ... | | |
| CVE-2003-1403 | foo.php3 in DotBr 0.1 allows remote attackers to obtain sensitive information via a direct request, ... | E | |
| CVE-2003-1404 | DotBr 0.1 stores config.inc with insufficient access control under the web document root, which allo... | | |
| CVE-2003-1405 | DotBr 0.1 allows remote attackers to execute arbitrary shell commands via the cmd parameter to (1) e... | E | |
| CVE-2003-1406 | PHP remote file inclusion vulnerability in D-Forum 1.00 through 1.11 allows remote attackers to exec... | E | |
| CVE-2003-1407 | Buffer overflow in cmd.exe in Windows NT 4.0 may allow local users to execute arbitrary code via a l... | E | |
| CVE-2003-1408 | Lotus Domino Server 5.0 and 6.0 allows remote attackers to read the source code for files via an HTT... | E | |
| CVE-2003-1409 | TOPo 1.43 allows remote attackers to obtain sensitive information by sending an HTTP request with an... | S | |
| CVE-2003-1410 | PHP remote file inclusion vulnerability in email.php (aka email.php3) in Cedric Email Reader 0.2 and... | E | |
| CVE-2003-1411 | PHP remote file inclusion vulnerability in emailreader_execute_on_each_page.inc.php in Cedric Email ... | E | |
| CVE-2003-1412 | PHP remote file inclusion vulnerability in index.php for GONiCUS System Administrator (GOsa) 1.0 all... | E | |
| CVE-2003-1413 | parse_xml.cgi in Apple Darwin Streaming Server 4.1.1 allows remote attackers to determine the existe... | E | |
| CVE-2003-1414 | Directory traversal vulnerability in parse_xml.cg Apple Darwin Streaming Server 4.1.2 and Apple Quic... | E | |
| CVE-2003-1415 | NetCharts XBRL Server 4.0.0 allows remote attackers to obtain sensitive information via an HTTP requ... | | |
| CVE-2003-1416 | BisonFTP Server 4 release 2 allows remote attackers to cause a denial of service (CPU consumption) v... | E | |
| CVE-2003-1417 | nCipher Support Software 6.00, when using generatekey KeySafe to import keys, does not delete the te... | | |
| CVE-2003-1418 | Apache HTTP Server 1.3.22 through 1.3.27 on OpenBSD allows remote attackers to obtain sensitive info... | S | |
| CVE-2003-1419 | Netscape 7.0 allows remote attackers to cause a denial of service (crash) via a web page with an inv... | E | |
| CVE-2003-1420 | Cross-site scripting (XSS) vulnerability in Opera 6.0 through 7.0 with automatic redirection disable... | S | |
| CVE-2003-1421 | Unspecified vulnerability in mod_mysql_logger shared object in SuckBot 0.006 allows remote attackers... | S | |
| CVE-2003-1422 | Multiple unspecified vulnerabilities in the installer for SYSLINUX 2.01, when running setuid root, a... | S | |
| CVE-2003-1423 | Petitforum stores the liste.txt data file under the web document root with insufficient access contr... | E | |
| CVE-2003-1424 | message.php in Petitforum does not properly authenticate users, which allows remote attackers to imp... | | |
| CVE-2003-1425 | guestbook.cgi in cPanel 5.0 allows remote attackers to execute arbitrary commands via the template p... | E | |
| CVE-2003-1426 | Openwebmail in cPanel 5.0, when run using suid Perl, adds the directory in the SCRIPT_FILENAME envir... | E | |
| CVE-2003-1427 | Directory traversal vulnerability in the web configuration interface in Netgear FM114P 1.4 allows re... | E | |
| CVE-2003-1428 | Gallery 1.3.3 creates directories with insecure permissions, which allows local users to read, modif... | E | |
| CVE-2003-1429 | Buffer overflow in Proxomitron Naoko 4.4 allows remote attackers to execute arbitrary code via a lon... | E | |
| CVE-2003-1430 | Directory traversal vulnerability in Unreal Tournament Server 436 and earlier allows remote attacker... | | |
| CVE-2003-1431 | Buffer overflow in Epic Games Unreal Engine 226f through 436 allows remote attackers to cause a deni... | E | |
| CVE-2003-1432 | Epic Games Unreal Engine 226f through 436 allows remote attackers to cause a denial of service (CPU ... | E | |
| CVE-2003-1433 | Epic Games Unreal Engine 226f through 436 does not validate the challenge key, which allows remote a... | | |
| CVE-2003-1434 | login_ldap 3.1 and 3.2 allows remote attackers to initiate unauthenticated bind requests if (1) bind... | S | |
| CVE-2003-1435 | SQL injection vulnerability in PHP-Nuke 5.6 and 6.0 allows remote attackers to execute arbitrary SQL... | E | |
| CVE-2003-1436 | PHP remote file inclusion vulnerability in nukebrowser.php in Nukebrowser 2.1 to 2.5 allows remote a... | E S | |
| CVE-2003-1437 | BEA WebLogic Express and WebLogic Server 7.0 and 7.0.0.1, stores passwords in plaintext when a keyst... | S | |
| CVE-2003-1438 | Race condition in BEA WebLogic Server and Express 5.1 through 7.0.0.1, when using in-memory session ... | S | |
| CVE-2003-1439 | Secure Internet Live Conferencing (SILC) 0.9.11 and 0.9.12 stores passwords and sessions in plaintex... | E | |
| CVE-2003-1440 | SpamProbe 0.8a allows remote attackers to cause a denial of service (crash) via HTML e-mail with new... | S | |
| CVE-2003-1441 | Posadis 0.50.4 through 0.50.8 allows remote attackers to cause a denial of service (crash) via a DNS... | S | |
| CVE-2003-1442 | The web administration page for the Ericsson HM220dp ADSL modem does not require authentication, whi... | E S | |
| CVE-2003-1443 | Kaspersky Antivirus (KAV) 4.0.9.0 does not detect viruses in files with MS-DOS device names in their... | E | |
| CVE-2003-1444 | Kaspersky Antivirus (KAV) 4.0.9.0 allows local users to cause a denial of service (CPU consumption o... | E | |
| CVE-2003-1445 | Stack-based buffer overflow in Far Manager 1.70beta1 and earlier allows local users to cause a denia... | E | |
| CVE-2003-1446 | Buffer overflow in the save_into_file function in save.c for Rogue 5.2-2 allows local users to execu... | E | |
| CVE-2003-1447 | IBM WebSphere Advanced Server Edition 4.0.4 uses a weak encryption algorithm (XOR and base64 encodin... | E | |
| CVE-2003-1448 | Memory leak in the Windows 2000 kernel allows remote attackers to cause a denial of service (SMB req... | | |
| CVE-2003-1449 | Aladdin Knowlege Systems eSafe Gateway 3.5.126.0 does not check the entire stream of Content Vectori... | | |
| CVE-2003-1450 | BitchX 75p3 and 1.0c16 through 1.0c20cvs allows remote attackers to cause a denial of service (segme... | E | |
| CVE-2003-1451 | Buffer overflow in Symantec Norton AntiVirus 2002 allows remote attackers to execute arbitrary code ... | | |
| CVE-2003-1452 | Untrusted search path vulnerability in Qualcomm qpopper 4.0 through 4.05 allows local users to execu... | E | |
| CVE-2003-1453 | Cross-site scripting (XSS) vulnerability in the MytextSanitizer function in XOOPS 1.3.5 through 1.3.... | E S | |
| CVE-2003-1454 | Invision Power Services Invision Board 1.0 through 1.1.1, when a forum is password protected, stores... | | |
| CVE-2003-1455 | Multiple buffer overflows in the launch_bcrelay function in pptpctrl.c in PoPToP 1.1.4-b1 through Po... | S | |
| CVE-2003-1456 | Album.pl 6.1 allows remote attackers to execute arbitrary commands, when an alternative configuratio... | S | |
| CVE-2003-1457 | Auerswald COMsuite CTI ControlCenter 3.1 creates a default "runasositron" user account with an easil... | | |
| CVE-2003-1458 | SQL injection vulnerability in Profile.php in ttCMS 2.2 and ttForum allows remote attackers to execu... | E | |
| CVE-2003-1459 | Multiple PHP remote file inclusion vulnerabilities in ttCMS 2.2 and ttForum allow remote attackers t... | E | |
| CVE-2003-1460 | Worker Filemanager 1.0 through 2.7 sets the permissions on the destination directory to world-readab... | S | |
| CVE-2003-1461 | Buffer overflow in rwrite for HP-UX 11.0 could allow local users to execute arbitrary code via a lon... | E S | |
| CVE-2003-1462 | mod_survey 3.0.0 through 3.0.15-pre6 does not check whether a survey exists before creating a subdir... | S | |
| CVE-2003-1463 | Absolute path traversal vulnerability in Alt-N Technologies WebAdmin 2.0.0 through 2.0.2 allows remo... | | |
| CVE-2003-1464 | Buffer overflow in Siemens 45 series mobile phones allows remote attackers to cause a denial of serv... | | |
| CVE-2003-1465 | Directory traversal vulnerability in download.php in Phorum 3.4 through 3.4.2 allows remote attacker... | E S | |
| CVE-2003-1466 | Unspecified vulnerability in Phorum 3.4 through 3.4.2 allows remote attackers to use Phorum as a con... | E S | |
| CVE-2003-1467 | Multiple cross-site scripting (XSS) vulnerabilities in (1) login.php, (2) register.php, (3) post.php... | S | |
| CVE-2003-1468 | The Web_Links module in PHP-Nuke 6.0 through 6.5 final allows remote attackers to obtain the full we... | E | |
| CVE-2003-1469 | The default configuration of ColdFusion MX has the "Enable Robust Exception Information" option sele... | E | |
| CVE-2003-1470 | Buffer overflow in IMAP service in MDaemon 6.7.5 and earlier allows remote authenticated users to ca... | E | |
| CVE-2003-1471 | MDaemon POP server 6.0.7 and earlier allows remote authenticated users to cause a denial of service ... | | |
| CVE-2003-1472 | Buffer overflow in 3D-FTP client 4.0 allows remote FTP servers to cause a denial of service (crash) ... | E | |
| CVE-2003-1473 | Buffer overflow in LTris 1.0.1 of FreeBSD Ports Collection 2003-02-25 and earlier allows local users... | E | |
| CVE-2003-1474 | slashem-tty in the FreeBSD Ports Collection is installed with write permissions for the games group,... | | |
| CVE-2003-1475 | Netbus 1.5 through 1.7 allows more than one client to be connected at the same time, but only prompt... | E | |
| CVE-2003-1476 | Cerberus FTP Server 2.1 stores usernames and passwords in plaintext, which could allow local users t... | | |
| CVE-2003-1477 | MAILsweeper for SMTP 4.3.6 and 4.3.7 allows remote attackers to cause a denial of service (CPU consu... | | |
| CVE-2003-1478 | Konqueror in KDE 3.0.3 allows remote attackers to cause a denial of service (core dump) via a web pa... | E | |
| CVE-2003-1479 | Cross-site scripting (XSS) vulnerability in webcamXP 1.02.432 and 1.02.535 allows remote attackers t... | E | |
| CVE-2003-1480 | MySQL 3.20 through 4.1.0 uses a weak algorithm for hashed passwords, which makes it easier for attac... | E | |
| CVE-2003-1481 | CommuniGate Pro 3.1 through 4.0.6 sends the session ID in the referer field for an HTTP request for ... | E S | |
| CVE-2003-1482 | The backup configuration file for Microsoft MN-500 wireless base station stores administrative passw... | | |
| CVE-2003-1483 | FlashFXP 1.4 uses a weak encryption algorithm for user passwords, which allows attackers to decrypt ... | E | |
| CVE-2003-1484 | Microsoft Internet Explorer 6.0 SP1 allows remote attackers to cause a denial of service (crash) by ... | | |
| CVE-2003-1485 | Clearswift MAILsweeper 4.0 through 4.3.7 allows remote attackers to bypass filtering via a file atta... | S | |
| CVE-2003-1486 | Phorum 3.4 through 3.4.2 allows remote attackers to obtain the full path of the web server via an in... | S | |
| CVE-2003-1487 | Multiple "command injection" vulnerabilities in Phorum 3.4 through 3.4.2 allow remote attackers to e... | S | |
| CVE-2003-1488 | The (1) verif_admin.php and (2) check_admin.php scripts in Truegalerie 1.0 allow remote attackers to... | E | |
| CVE-2003-1489 | upload.php in Truegalerie 1.0 allows remote attackers to read arbitrary files by specifying the targ... | | |
| CVE-2003-1490 | SonicWall Pro running firmware 6.4.0.1 allows remote attackers to cause a denial of service (device ... | | |
| CVE-2003-1491 | Kerio Personal Firewall (KPF) 2.1.4 has a default rule to accept incoming packets from DNS (UDP port... | | |
| CVE-2003-1492 | Netscape Navigator 7.0.2 and Mozilla allows remote attackers to access cookie information in a diffe... | E | |
| CVE-2003-1493 | Memory leak in HP OpenView Network Node Manager (NNM) 6.2 and 6.4 allows remote attackers to cause a... | S | |
| CVE-2003-1494 | Unspecified vulnerability in HP OpenView Network Node Manager (NNM) 6.2 and 6.4 allows remote attack... | S | |
| CVE-2003-1495 | Unspecified vulnerability in the non-SSL web agent in various HP Management Agent products allows lo... | S | |
| CVE-2003-1496 | Unspecified vulnerability in CDE dtmailpr of HP Tru64 4.0F through 5.1B allows local users to gain p... | | |
| CVE-2003-1497 | Buffer overflow in the system log viewer of Linksys BEFSX41 1.44.3 allows remote attackers to cause ... | E | |
| CVE-2003-1498 | Cross-site scripting (XSS) vulnerability in search.php for WRENSOFT Zoom Search Engine 2.0 Build 101... | E S | |
| CVE-2003-1499 | Directory traversal vulnerability in index.php in Bytehoard 0.7 allows remote attackers to read arbi... | E S | |
| CVE-2003-1500 | PHP remote file inclusion vulnerability in _functions.php in cpCommerce 0.5f allows remote attackers... | | |
| CVE-2003-1501 | Directory traversal vulnerability in the file upload CGI of Gast Arbeiter 1.3 allows remote attacker... | E | |
| CVE-2003-1502 | mod_throttle 3.0 allows local users with Apache privileges to access shared memory that points to a ... | | |
| CVE-2003-1503 | Buffer overflow in AOL Instant Messenger (AIM) 5.2.3292 allows remote attackers to execute arbitrary... | S | |
| CVE-2003-1504 | SQL injection vulnerability in variables.php in Goldlink 3.0 allows remote attackers to execute arbi... | E | |
| CVE-2003-1505 | Microsoft Internet Explorer 6.0 allows remote attackers to cause a denial of service (crash) by crea... | E | |
| CVE-2003-1506 | Cross-site scripting (XSS) vulnerability in dansguardian.pl in Adelix CensorNet 3.0 through 3.2 allo... | E | |
| CVE-2003-1507 | Planet Technology WGSD-1020 and WSW-2401 Ethernet switches use a default "superuser" account with th... | | |
| CVE-2003-1508 | Buffer overflow in mIRC 6.12, when the DCC get dialog window has been minimized and the user opens t... | E | |
| CVE-2003-1509 | Real Networks RealOne Enterprise Desktop 6.0.11.774, RealOne Player 2.0, and RealOne Player 6.0.11.8... | S | |
| CVE-2003-1510 | TinyWeb 1.9 allows remote attackers to cause a denial of service (CPU consumption) via a ".%00." in ... | E | |
| CVE-2003-1511 | Cross-site scripting (XSS) vulnerability in Bajie Java HTTP Server 0.95 through 0.95zxv4 allows remo... | E S | |
| CVE-2003-1512 | Buffer overflow in mIRC 6.1 and 6.11 allows remote attackers to cause a denial of service (crash) vi... | E S | |
| CVE-2003-1513 | Multiple cross-site scripting (XSS) vulnerabilities in example scripts in Caucho Technology Resin 2.... | E | |
| CVE-2003-1514 | eMule 0.29c allows remote attackers to cause a denial of service (crash) via a long password, possib... | E | |
| CVE-2003-1515 | Origo ASR-8100 ADSL Router 3.21 has an administration service running on port 254 that does not requ... | E | |
| CVE-2003-1516 | The org.apache.xalan.processor.XSLProcessorVersion class in Java Plug-in 1.4.2_01 allows signed and ... | E | |
| CVE-2003-1517 | cart.pl in Dansie shopping cart allows remote attackers to obtain the installation path via an inval... | E | |
| CVE-2003-1518 | Adiscon WinSyslog 4.21 SP1 allows remote attackers to cause a denial of service (CPU consumption) vi... | E S | |
| CVE-2003-1519 | Cross-site scripting (XSS) vulnerability in Vivisimo clustering engine allows remote attackers to in... | E | |
| CVE-2003-1520 | SQL injection vulnerability in FuzzyMonkey My Classifieds 2.11 allows remote attackers to execute ar... | E S | |
| CVE-2003-1521 | Sun Java Plug-In 1.4 through 1.4.2_02 allows remote attackers to repeatedly access the floppy drive ... | E | |
| CVE-2003-1522 | Cross-site scripting (XSS) vulnerability in PSCS VPOP3 Web Mail server 2.0e and 2.0f allows remote a... | E | |
| CVE-2003-1523 | SQL injection vulnerability in the IMAP daemon in dbmail 1.1 allows remote attackers to execute arbi... | S | |
| CVE-2003-1524 | PGPi PGPDisk 6.0.2i does not unmount a PGP partition when the switch user function in Windows XP is ... | | |
| CVE-2003-1525 | Unspecified vulnerability in My Photo Gallery 3.5, and possibly earlier versions, has unknown impact... | | |
| CVE-2003-1526 | PHP-Nuke 7.0 allows remote attackers to obtain the installation path via certain characters such as ... | E | |
| CVE-2003-1527 | BlackICE Defender 2.9.cap and Server Protection 3.5.cdf, when configured to automatically block atta... | E | |
| CVE-2003-1528 | nsr_shutdown in Fujitsu Siemens NetWorker 6.0 allows local users to overwrite arbitrary files via a ... | E | |
| CVE-2003-1529 | Directory traversal vulnerability in Seagull Software Systems J Walk application server 3.2C9, and o... | | |
| CVE-2003-1530 | SQL injection vulnerability in privmsg.php in phpBB 2.0.3 and earlier allows remote attackers to exe... | E S | |
| CVE-2003-1531 | Cross-site scripting (XSS) vulnerability in testcgi.exe in Lilikoi Software Ceilidh 2.70 and earlier... | E | |
| CVE-2003-1532 | SQL injection vulnerability in compte.php in PhpMyShop 1.00 allows remote attackers to execute arbit... | E | |
| CVE-2003-1533 | SQL injection vulnerability in accesscontrol.php in PhpPass 2 allows remote attackers to execute arb... | E | |
| CVE-2003-1534 | Cross-site scripting (XSS) vulnerability in jgb.php3 in Justice Guestbook 1.3 allows remote attacker... | E | |
| CVE-2003-1535 | Justice Guestbook 1.3 allows remote attackers to obtain the full installation path via a direct requ... | E | |
| CVE-2003-1536 | Multiple cross-site scripting (XSS) vulnerabilities in Codeworx Technologies DCP-Portal 5.3.1 allow ... | E | |
| CVE-2003-1537 | Directory traversal vulnerability in PostNuke 0.723 and earlier allows remote attackers to include a... | E | |
| CVE-2003-1538 | susehelp in SuSE Linux 8.1, Enterprise Server 8, Office Server, and Openexchange Server 4 does not p... | S | |
| CVE-2003-1539 | Cross-site scripting (XSS) vulnerability in ONEdotOH Simple File Manager (SFM) before 0.21 allows re... | E S | |
| CVE-2003-1540 | WF-Chat 1.0 Beta stores sensitive information under the web root with insufficient access control, w... | | |
| CVE-2003-1541 | PlanetMoon Guestbook tr3.a stores sensitive information under the web root with insufficient access ... | | |
| CVE-2003-1542 | Directory traversal vulnerability in plugins/file.php in phpWebFileManager before 0.4.4 allows remot... | S | |
| CVE-2003-1543 | Cross-site scripting (XSS) vulnerability in Bajie Http Web Server 0.95zxe, 0.95zxc, and possibly oth... | E | |
| CVE-2003-1544 | Unrestricted critical resource lock in Terminal Services for Windows 2000 before SP4 and Windows XP ... | | |
| CVE-2003-1545 | Absolute path traversal vulnerability in nukestyles.com viewpage.php addon for PHP-Nuke allows remot... | | |
| CVE-2003-1546 | Cross-site scripting (XSS) vulnerability in gbook.php in Filebased guestbook 1.1.3 allows remote att... | | |
| CVE-2003-1547 | Cross-site scripting (XSS) vulnerability in block-Forums.php in the Splatt Forum module for PHP-Nuke... | | |
| CVE-2003-1548 | MyABraCaDaWeb 1.0.2 and earlier allows remote attackers to obtain sensitive information via an inval... | E | |
| CVE-2003-1549 | Cross-site scripting (XSS) vulnerability in header.php in MyABraCaDaWeb 1.0.2 and earlier allows rem... | E | |
| CVE-2003-1550 | XOOPS 2.0, and possibly earlier versions, allows remote attackers to obtain sensitive information vi... | E | |
| CVE-2003-1551 | Unspecified vulnerability in Novell GroupWise 6 SP3 WebAccess before Revision F has unknown impact a... | | |
| CVE-2003-1552 | Unrestricted file upload vulnerability in uploader.php in Uploader 1.1 allows remote attackers to ex... | | |
| CVE-2003-1553 | Haakon Nilsen Simple Internet Publishing System (SIPS) 0.2.2 stores sensitive information under the ... | E | |
| CVE-2003-1554 | Cross-site scripting (XSS) vulnerability in scozbook/add.php in ScozNet ScozBook 1.1 BETA allows rem... | E | |
| CVE-2003-1555 | ScozNet ScozBook 1.1 BETA allows remote attackers to obtain sensitive information via an invalid PG ... | E | |
| CVE-2003-1556 | Cross-site scripting (XSS) vulnerability in cc_guestbook.pl in CGI City CC GuestBook allows remote a... | | |
| CVE-2003-1557 | Off-by-one buffer overflow in spamc of SpamAssassin 2.40 through 2.43, when using BSMTP mode ("-B"),... | S | |
| CVE-2003-1558 | Buffer overflow in httpd.c of fnord 1.6 allows remote attackers to create a denial of service (crash... | S | |
| CVE-2003-1559 | Microsoft Internet Explorer 5.22, and other 5 through 6 SP1 versions, sends Referer headers containi... | | |
| CVE-2003-1560 | Netscape 4 sends Referer headers containing https:// URLs in requests for http:// URLs, which allows... | | |
| CVE-2003-1561 | Opera, probably before 7.50, sends Referer headers containing https:// URLs in requests for http:// ... | | |
| CVE-2003-1562 | sshd in OpenSSH 3.6.1p2 and earlier, when PermitRootLogin is disabled and using PAM keyboard-interac... | | |
| CVE-2003-1563 | Sun Cluster 2.2 through 3.2 for Oracle Parallel Server / Real Application Clusters (OPS/RAC) allows ... | | |
| CVE-2003-1564 | libxml2, possibly before 2.5.0, does not properly detect recursion during entity expansion, which al... | S | |
| CVE-2003-1565 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2002-1565. Reason: This candida... | R | |
| CVE-2003-1566 | Microsoft Internet Information Services (IIS) 5.0 does not log requests that use the TRACK method, w... | E | |
| CVE-2003-1567 | The undocumented TRACK method in Microsoft Internet Information Services (IIS) 5.0 returns the conte... | E | |
| CVE-2003-1568 | GoAhead WebServer before 2.1.6 allows remote attackers to cause a denial of service (NULL pointer de... | | |
| CVE-2003-1569 | GoAhead WebServer before 2.1.5 on Windows 95, 98, and ME allows remote attackers to cause a denial o... | | |
| CVE-2003-1570 | The server in IBM Tivoli Storage Manager (TSM) 5.1.x, 5.2.x before 5.2.1.2, and 6.x before 6.1 does ... | | |
| CVE-2003-1571 | Web Wiz Guestbook 6.0 stores sensitive information under the web root with insufficient access contr... | E | |
| CVE-2003-1572 | Sun Java Media Framework (JMF) 2.1.1 through 2.1.1c allows unsigned applets to cause a denial of ser... | | |
| CVE-2003-1573 | The PointBase 4.6 database component in the J2EE 1.4 reference implementation (J2EE/RI) allows remot... | E | |
| CVE-2003-1574 | TikiWiki 1.6.1 allows remote attackers to bypass authentication by entering a valid username with an... | S | |
| CVE-2003-1575 | VERITAS File System (VxFS) 3.3.3, 3.4, and 3.5 before MP1 Rolling Patch 02 for Sun Solaris 2.5.1 thr... | S | |
| CVE-2003-1576 | Buffer overflow in pamverifier in Change Manager (CM) 1.0 for Sun Management Center (SunMC) 3.0 on S... | S | |
| CVE-2003-1577 | Sun ONE (aka iPlanet) Web Server 4.1 through SP12 and 6.0 through SP5, when DNS resolution is enable... | E S | |
| CVE-2003-1578 | Sun ONE (aka iPlanet) Web Server 4.1 through SP12 and 6.0 through SP5, when DNS resolution is enable... | E S | |
| CVE-2003-1579 | Sun ONE (aka iPlanet) Web Server 6 on Windows, when DNS resolution is enabled for client IP addresse... | E | |
| CVE-2003-1580 | The Apache HTTP Server 2.0.44, when DNS resolution is enabled for client IP addresses, uses a loggin... | E | |
| CVE-2003-1581 | The Apache HTTP Server 2.0.44, when DNS resolution is enabled for client IP addresses, allows remote... | E | |
| CVE-2003-1582 | Microsoft Internet Information Services (IIS) 6.0, when DNS resolution is enabled for client IP addr... | E | |
| CVE-2003-1583 | Cross-site scripting (XSS) vulnerability in WebTrends allows remote attackers to inject arbitrary we... | E | |
| CVE-2003-1584 | Cross-site scripting (XSS) vulnerability in SurfStats allows remote attackers to inject arbitrary we... | E | |
| CVE-2003-1585 | Cross-site scripting (XSS) vulnerability in WebLogExpert allows remote attackers to inject arbitrary... | E | |
| CVE-2003-1586 | Cross-site scripting (XSS) vulnerability in WebExpert allows remote attackers to inject arbitrary we... | E | |
| CVE-2003-1587 | Cross-site scripting (XSS) vulnerability in LoganPro allows remote attackers to inject arbitrary web... | E | |
| CVE-2003-1588 | Sun Cluster 2.2, when HA-Oracle or HA-Sybase DBMS services are used, stores database credentials in ... | | |
| CVE-2003-1589 | Unspecified vulnerability in Sun ONE (aka iPlanet) Web Server 4.1 before SP13 and 6.0 before SP6 on ... | S | |
| CVE-2003-1590 | Unspecified vulnerability in Sun ONE (aka iPlanet) Web Server 6.0 SP3 through SP5 on Windows allows ... | S | |
| CVE-2003-1591 | NWFTPD.nlm in the FTP server in Novell NetWare 6.0 before SP4 and 6.5 before SP1 allows user-assiste... | | |
| CVE-2003-1592 | Multiple buffer overflows in NWFTPD.nlm in the FTP server in Novell NetWare 6.0 before SP4 and 6.5 b... | | |
| CVE-2003-1593 | NWFTPD.nlm in the FTP server in Novell NetWare 6.0 before SP4 and 6.5 before SP1 does not enforce do... | | |
| CVE-2003-1594 | NWFTPD.nlm before 5.04.05 in the FTP server in Novell NetWare 6.5 does not properly enforce FTPREST.... | | |
| CVE-2003-1595 | NWFTPD.nlm before 5.04.05 in the FTP server in Novell NetWare 6.5 does not properly perform "intrude... | | |
| CVE-2003-1596 | NWFTPD.nlm before 5.03.12 in the FTP server in Novell NetWare does not properly restrict filesystem ... | | |
| CVE-2003-1598 | SQL injection vulnerability in log.header.php in WordPress 0.7 and earlier allows remote attackers t... | | |
| CVE-2003-1599 | PHP remote file inclusion vulnerability in wp-links/links.all.php in WordPress 0.70 allows remote at... | E | |
| CVE-2003-1600 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was with... | R | |
| CVE-2003-1601 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was with... | R | |
| CVE-2003-1602 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was with... | R | |
| CVE-2003-1603 | GE Healthcare Discovery VH has a default password of (1) interfile for the ftpclient user of the Int... | | |
| CVE-2003-1604 | The redirect_target function in net/ipv4/netfilter/ipt_REDIRECT.c in the Linux kernel before 2.6.0 a... | | |
| CVE-2003-1605 | curl 7.x before 7.10.7 sends CONNECT proxy credentials to the remote server.... | |