| CVE |
Vendors |
Products |
Updated |
CVSS v3.1 |
| IIS 4.0 allows a remote attacker to obtain the real pathname of the document root by requesting non-existent files with .ida or .idq extensions. |
| The SalesCart shopping cart application allows remote users to modify sensitive purchase information via hidden form fields. |
| Vignette StoryServer and Vignette V/5 does not properly calculate the size of text variables, which causes Vignette to return unauthorized portions of memory, as demonstrated using the "-->" string in a CookieName argument to the login template, referred to as a "memory leak" in some reports. |
| Super Mail Transfer Package (SMTP), later called MsgCore, has a memory leak which allows remote attackers to cause a denial of service by repeating multiple HELO, MAIL FROM, RCPT TO, and DATA commands in the same session. |
| Linux apcd program allows local attackers to modify arbitrary files via a symlink attack. |
| AIX techlibss allows local users to overwrite files via a symlink attack. |
| HP asecure creates the Audio Security File audio.sec with insecure permissions, which allows local users to cause a denial of service or gain additional privileges. |
| Netopia Timbuktu Pro sends user IDs and passwords in cleartext, which allows remote attackers to obtain them via sniffing. |
| The Intellivend shopping cart application allows remote users to modify sensitive purchase information via hidden form fields. |
| Netscape Mail Notification (nsnotify) utility in Netscape Communicator uses IMAP without SSL, even if the user has set a preference for Communicator to use an SSL connection, allowing a remote attacker to sniff usernames and passwords in plaintext. |
| The WebSiteTool shopping cart application allows remote users to modify sensitive purchase information via hidden form fields. |
| Vignette StoryServer and Vignette V/5 allows remote attackers to obtain sensitive information via a request for the /vgn/style template. |
| The default installation of Debian GNU/Linux uses an insecure Master Boot Record (MBR) which allows a local user to boot from a floppy disk during the installation. |
| Multiple Cross Site Scripting (XSS) vulnerabilities in Vignette StoryServer 4 and 5, and Vignette V/5 and V/6, allow remote attackers to insert arbitrary HTML and script via text variables, as demonstrated using the errInfo parameter of the default login template. |
| Buffer overflow in SCO scohelp program allows remote attackers to execute commands. |
| snmpd in SCO OpenServer has an SNMP community string that is writable by default, which allows local attackers to modify the host's configuration. |
| Check Point Firewall-1 allows remote attackers to bypass port access restrictions on an FTP server by forcing it to send malicious packets that Firewall-1 misinterprets as a valid 227 response to a client's PASV attempt. |
| HP Ignite-UX does not save /etc/passwd when it creates an image of a trusted system, which can set the password field to a blank and allow an attacker to gain privileges. |
| Remote attackers can cause a denial of service in Novell BorderManager 3.5 by pressing the enter key in a telnet connection to port 2000. |
| The Microsoft Active Setup ActiveX component in Internet Explorer 4.x and 5.x allows a remote attacker to install software components without prompting the user by stating that the software's manufacturer is Microsoft. |
