| CVE |
Vendors |
Products |
Updated |
CVSS v3.1 |
| Buffer overflow in the mysql_real_connect function in MySQL 4.x before 4.0.21, and 3.x before 3.23.49, allows remote DNS servers to cause a denial of service and possibly execute arbitrary code via a DNS response with a large address length (h_length). |
| MySQL 4.x before 4.0.21, and 3.x before 3.23.49, allows attackers to cause a denial of service (crash or hang) via multiple threads that simultaneously alter MERGE table UNIONs. |
| The SMTP (Simple Mail Transfer Protocol) component of Microsoft Windows XP 64-bit Edition, Windows Server 2003, Windows Server 2003 64-bit Edition, and the Exchange Routing Engine component of Exchange Server 2003, allows remote attackers to execute arbitrary code via a malicious DNS response message containing length values that are not properly validated. |
| Internet Explorer 6 on Double Byte Character Set (DBCS) systems allows remote attackers to alter displayed address bars and spoof web pages via a URL containing special characters, facilitating phishing attacks, aka the "Address Bar Spoofing on Double Byte Character Set Systems Vulnerability." |
| Buffer overflow in Microsoft Office XP allows remote attackers to execute arbitrary code via a link with a URL file location containing long inputs after (1) "%00 (null byte) in .doc filenames or (2) "%0a" (carriage return) in .rtf filenames. |
| Mozilla Firefox 0.9.2 allows web sites to set cookies for country-specific top-level domains, such as .ltd.uk, .plc.uk, and .sch.uk, which could allow remote attackers to perform a session fixation attack and hijack a user's HTTP session. NOTE: it was later reported that 2.x is also affected. |
| The (1) libsasl and (2) libsasl2 libraries in Cyrus-SASL 2.1.18 and earlier trust the SASL_PATH environment variable to find all available SASL plug-ins, which allows local users to execute arbitrary code by modifying the SASL_PATH to point to malicious programs. |
| The mod_ssl module in Apache 2.0.35 through 2.0.52, when using the "SSLCipherSuite" directive in directory or location context, allows remote clients to bypass intended restrictions by using any cipher suite that is allowed by the virtual host configuration. |
| Multiple integer overflows in libtiff 3.6.1 and earlier allow remote attackers to cause a denial of service (crash or memory corruption) via TIFF images that lead to incorrect malloc calls. |
| Buffer overflow in the changevalue function in libcgi.h for Marcos Luiz Onisto Lib CGI 0.1 allows remote attackers to execute arbitrary code via a long argument. |
| Buffer overflow in cmd.exe in Windows NT 4.0 may allow local users to execute arbitrary code via a long pathname argument to the cd command. |
| PHP remote file inclusion vulnerability in D-Forum 1.00 through 1.11 allows remote attackers to execute arbitrary PHP code via a URL in the (1) my_header parameter to header.php3 or (2) my_footer parameter to footer.php3. |
| DotBr 0.1 allows remote attackers to execute arbitrary shell commands via the cmd parameter to (1) exec.php3 or (2) system.php3. |
| RTS CryptoBuddy 1.2 and earlier stores bytes 53 through 55 of a 55-byte passphrase in plaintext, which makes it easier for local users to guess the passphrase. |
| AXIS 2400 Video Server 2.00 through 2.33 allows remote attackers to obtain sensitive information via an HTTP request to /support/messages, which displays the server's /var/log/messages file. |
| ipchat.php in Invision Power Board 1.1.1 allows remote attackers to execute arbitrary PHP code, if register_globals is enabled, by modifying the root_path parameter to reference a URL on a remote web server that contains the code. |
| The communications protocol for the Report Review Agent (RRA), aka FND File Server (FNDFS) program, in Oracle E-Business Suite 10.7, 11.0, and 11.5.1 to 11.5.8 allows remote attackers to bypass authentication and obtain sensitive information from the Oracle Applications Concurrent Manager by spoofing requests to the TNS Listener. |
| SSH Secure Shell before 3.2.9 allows remote attackers to cause a denial of service via malformed BER/DER packets. |
| Race condition in SSH Tectia Server 4.0.3 and 4.0.4 for Unix, when the password change plugin (ssh-passwd-plugin) is enabled, allows local users to obtain the server's private key. |
| Services in ScriptLogic 4.01, and possibly other versions before 4.14, process client requests at raised privileges, which allows remote attackers to (1) modify arbitrary registry entries via the ScriptLogic RPC service (SLRPC) or (2) modify arbitrary configuration via the RunAdmin services (SLRAserver.exe and SLRAclient.exe). |
