Total
274665 CVE
CVE | Vendors | Products | Updated | CVSS v3.1 |
---|---|---|---|---|
CVE-2003-0610 | 1 Mcafee | 1 Epolicy Orchestrator | 2024-11-20 | N/A |
Directory traversal vulnerability in ePO agent for McAfee ePolicy Orchestrator 3.0 allows remote attackers to read arbitrary files via a certain HTTP request. | ||||
CVE-2003-0609 | 1 Sun | 2 Solaris, Sunos | 2024-11-20 | N/A |
Stack-based buffer overflow in the runtime linker, ld.so.1, on Solaris 2.6 through 9 allows local users to gain root privileges via a long LD_PRELOAD environment variable. | ||||
CVE-2003-0607 | 1 Stanley T. Shebs | 1 Xconq | 2024-11-20 | N/A |
Buffer overflow in xconq 7.4.1 allows local users to become part of the "games" group via the (1) USER or (2) DISPLAY environment variables. | ||||
CVE-2003-0606 | 2 Cvsup, Sup | 2 Cvsup-mirror, Sup | 2024-11-20 | N/A |
sup 1.8 and earlier does not properly create temporary files, which allows local users to overwrite arbitrary files. | ||||
CVE-2003-0605 | 1 Microsoft | 1 Windows 2000 | 2024-11-20 | N/A |
The RPC DCOM interface in Windows 2000 SP3 and SP4 allows remote attackers to cause a denial of service (crash), and local attackers to use the DoS to hijack the epmapper pipe to gain privileges, via certain messages to the __RemoteGetClassObject interface that cause a NULL pointer to be passed to the PerformScmStage function. | ||||
CVE-2003-0604 | 1 Microsoft | 1 Windows Media Player | 2024-11-20 | N/A |
Windows Media Player (WMP) 7 and 8, as running on Internet Explorer and possibly other Microsoft products that process HTML, allows remote attackers to bypass zone restrictions and access or execute arbitrary files via an IFRAME tag pointing to an ASF file whose Content-location contains a File:// URL. | ||||
CVE-2003-0603 | 1 Mozilla | 1 Bugzilla | 2024-11-20 | N/A |
Bugzilla 2.16.x before 2.16.3, 2.17.x before 2.17.4, and earlier versions allows local users to overwrite arbitrary files via a symlink attack on temporary files that are created in directories with group-writable or world-writable permissions. | ||||
CVE-2003-0602 | 1 Mozilla | 1 Bugzilla | 2024-11-20 | N/A |
Multiple cross-site scripting vulnerabilities (XSS) in Bugzilla 2.16.x before 2.16.3 and 2.17.x before 2.17.4 allow remote attackers to insert arbitrary HTML or web script via (1) multiple default German and Russian HTML templates or (2) ALT and NAME attributes in AREA tags as used by the GraphViz graph generation feature for local dependency graphs. | ||||
CVE-2003-0601 | 1 Apple | 1 Mac Os X Server | 2024-11-20 | N/A |
Workgroup Manager in Apple Mac OS X Server 10.2 through 10.2.6 does not disable a password for a new account before it is saved for the first time, which allows remote attackers to gain unauthorized access via the new account before it is saved. | ||||
CVE-2003-0599 | 1 Phpgroupware | 1 Phpgroupware | 2024-11-20 | N/A |
Unknown vulnerability in the Virtual File System (VFS) capability for phpGroupWare 0.9.16preRC and versions before 0.9.14.004 with unknown implications, related to the VFS path being under the web document root. | ||||
CVE-2003-0597 | 1 Sco | 1 Openserver | 2024-11-20 | N/A |
Unknown vulnerability in display of Merge before 5.3.23a in UnixWare 7.1.x allows local users to gain root privileges. | ||||
CVE-2003-0596 | 1 Fdclone | 1 Fdclone | 2024-11-20 | N/A |
FDclone 2.00a, and other versions before 2.02a, creates temporary directories with predictable names and uses them if they already exist, which allows local users to read or modify files of other fdclone users by creating the directory ahead of time. | ||||
CVE-2003-0595 | 1 Terascript | 1 Wintango Application Server | 2024-11-20 | N/A |
Buffer overflow in WiTango Application Server and Tango 2000 allows remote attackers to execute arbitrary code via a long cookie to Witango_UserReference. | ||||
CVE-2003-0594 | 2 Mozilla, Redhat | 3 Mozilla, Enterprise Linux, Linux | 2024-11-20 | N/A |
Mozilla allows remote attackers to bypass intended cookie access restrictions on a web application via "%2e%2e" (encoded dot dot) directory traversal sequences in a URL, which causes Mozilla to send the cookie outside the specified URL subsets, e.g. to a vulnerable application that runs on the same server as the target application. | ||||
CVE-2003-0593 | 1 Opera | 1 Opera Browser | 2024-11-20 | N/A |
Opera allows remote attackers to bypass intended cookie access restrictions on a web application via "%2e%2e" (encoded dot dot) directory traversal sequences in a URL, which causes Opera to send the cookie outside the specified URL subsets, e.g. to a vulnerable application that runs on the same server as the target application. | ||||
CVE-2003-0592 | 2 Kde, Redhat | 4 Konqueror, Konqueror Embedded, Enterprise Linux and 1 more | 2024-11-20 | N/A |
Konqueror in KDE 3.1.3 and earlier (kdelibs) allows remote attackers to bypass intended cookie access restrictions on a web application via "%2e%2e" (encoded dot dot) directory traversal sequences in a URL, which causes Konqueror to send the cookie outside the specified URL subsets, e.g. to a vulnerable application that runs on the same server as the target application. | ||||
CVE-2003-0590 | 1 Splatt | 1 Splatt Forum | 2024-11-20 | N/A |
Cross-site scripting (XSS) vulnerability in Splatt Forum allows remote attackers to insert arbitrary HTML and web script via the post icon (image_subject) field. | ||||
CVE-2003-0589 | 1 Digi-fx | 1 Digi-news | 2024-11-20 | N/A |
admin.php in Digi-ads 1.1 allows remote attackers to bypass authentication via a cookie with the username set to the name of the administrator, which satisfies an improper condition in admin.php that does not require a correct password. | ||||
CVE-2003-0588 | 1 Digi-fx | 1 Digi-news | 2024-11-20 | N/A |
admin.php in Digi-news 1.1 allows remote attackers to bypass authentication via a cookie with the username set to the name of the administrator, which satisfies an improper condition in admin.php that does not require a correct password. | ||||
CVE-2003-0587 | 1 Infopop | 1 Ultimate Bulletin Board | 2024-11-20 | N/A |
Cross-site scripting (XSS) vulnerability in Infopop Ultimate Bulletin Board (UBB) 6.x allows remote authenticated users to execute arbitrary web script and gain administrative access via the "displayed name" attribute of the "ubber" cookie. |