Total
12710 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2002-2295 | 1 Pico Server | 1 Pico Server | 2024-11-20 | N/A |
| Buffer overflow in Pico Server (pServ) 2.0 beta 1 through beta 5 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via (1) a 1024-byte TCP stream message, which triggers an off-by-one buffer overflow, or (2) a long method name in an HTTP request, (3) a long version number in an HTTP request, (4) a long User-Agent header, or (5) a long file path. | ||||
| CVE-2002-2294 | 1 Symantec | 4 Enterprise Firewall, Gateway Security, Raptor Firewall and 1 more | 2024-11-20 | N/A |
| Multiple buffer overflows in Symantec Raptor Firewall 6.5 and 6.5.3, Enterprise Firewall 6.5.2 and 7.0, VelociRaptor 500/700/1000 and 1100/1200/1300, and Gateway Security 5110/5200/5300 allow remote attackers to cause a denial of service (service termination) via (1) malformed RealAudio (rad) packets that are not properly handled by the RealAudio Proxy, or (2) crafted packets to the statistics service (statsd). | ||||
| CVE-2002-2291 | 1 Calisto | 1 Calisto Internet Talker | 2024-11-20 | N/A |
| Calisto Internet Talker 0.04 and earlier allows remote attackers to cause a denial of service (hang) via a long request, possibly triggering a buffer overflow. | ||||
| CVE-2002-2272 | 1 Apache | 2 Http Server, Tomcat | 2024-11-20 | N/A |
| Tomcat 4.0 through 4.1.12, using mod_jk 1.2.1 module on Apache 1.3 through 1.3.27, allows remote attackers to cause a denial of service (desynchronized communications) via an HTTP GET request with a Transfer-Encoding chunked field with invalid values. | ||||
| CVE-2002-2271 | 1 Bigfun | 1 Bigfun | 2024-11-20 | N/A |
| Buffer overflow in BigFun 1.51b IRC client, when the Direct Client Connection (DCC) option is used, allows remote attackers to cause a denial of service (crash) via a long string. | ||||
| CVE-2002-2268 | 1 Netdave | 1 Webster Http Server | 2024-11-20 | N/A |
| Buffer overflow in Webster HTTP Server allows remote attackers to execute arbitrary code via a long URL. | ||||
| CVE-2002-2259 | 2 Gnuplot, Suse | 2 Gnuplot, Suse Linux | 2024-11-20 | N/A |
| Buffer overflow in the French documentation patch for Gnuplot 3.7 in SuSE Linux before 8.0 allows local users to execute arbitrary code as root via unknown attack vectors. | ||||
| CVE-2002-2258 | 1 Mobydisk | 1 Netsuite | 2024-11-20 | N/A |
| Moby NetSuite allows remote attackers to cause a denial of service (crash) via an HTTP POST request with a (1) large integer or (2) non-numeric value in the Content-Length header, which causes an access violation after a failed atoi function call. | ||||
| CVE-2002-2257 | 1 Tuxbr | 1 Libcgi | 2024-11-20 | N/A |
| Stack-based buffer overflow in the parse_field function in cgi_lib.c for LIBCGI 1.0.2 and 1.0.3 allows remote attackers to execute arbitrary code via a long argument. | ||||
| CVE-2002-2253 | 1 Cyrus | 1 Libsieve | 2024-11-20 | N/A |
| Multiple buffer overflows in Cyrus Sieve / libSieve 2.1.2 and earlier allow remote attackers to execute arbitrary code via (1) a long header name, (2) a long IMAP flag, or (3) a script that generates a large number of errors that overflow the resulting error string. | ||||
| CVE-2002-2251 | 1 Marcos Luiz Onisto | 1 Lib Cgi | 2024-11-20 | N/A |
| Buffer overflow in the changevalue function in libcgi.h for Marcos Luiz Onisto Lib CGI 0.1 allows remote attackers to execute arbitrary code via a long argument. | ||||
| CVE-2002-2250 | 1 Sybase | 1 Adaptive Server | 2024-11-20 | N/A |
| Multiple buffer overflows in Sybase Adaptive Server 12.0 and 12.5 allow remote attackers to execute arbitrary code via (1) a long parameter to the xp_freedll extended stored procedure or (2) a long database name argument to the DBCC CHECKVERIFY function. | ||||
| CVE-2002-2248 | 1 Netscape | 1 Communicator | 2024-11-20 | N/A |
| Buffer overflow in the sun.awt.windows.WDefaultFontCharset Java class implementation in Netscape 4.0 allows remote attackers to execute arbitrary code via an applet that calls the WDefaultFontCharset constructor with a long string and invokes the canConvert method. | ||||
| CVE-2002-2232 | 1 Mollensoft Software | 1 Enceladus Server Suite | 2024-11-20 | N/A |
| Buffer overflow in Enceladus Server Suite 3.9 allows remote attackers to execute arbitrary code via a long CD (CWD) command. | ||||
| CVE-2002-2226 | 1 Tftpd32 | 1 Tftpd32 | 2024-11-20 | N/A |
| Buffer overflow in tftpd of TFTP32 2.21 and earlier allows remote attackers to execute arbitrary code via a long filename argument. | ||||
| CVE-2002-2196 | 1 Samba | 1 Samba | 2024-11-20 | N/A |
| Samba before 2.2.5 does not properly terminate the enum_csc_policy data structure, which may allow remote attackers to execute arbitrary code via a buffer overflow attack. | ||||
| CVE-2002-1401 | 2 Postgresql, Redhat | 3 Postgresql, Enterprise Linux, Linux | 2024-11-20 | N/A |
| Buffer overflows in (1) circle_poly, (2) path_encode and (3) path_add (also incorrectly identified as path_addr) for PostgreSQL 7.2.3 and earlier allow attackers to cause a denial of service and possibly execute arbitrary code, possibly as a result of an integer overflow. | ||||
| CVE-2002-1365 | 2 Fetchmail, Redhat | 3 Fetchmail, Enterprise Linux, Linux | 2024-11-20 | N/A |
| Heap-based buffer overflow in Fetchmail 6.1.3 and earlier does not account for the "@" character when determining buffer lengths for local addresses, which allows remote attackers to execute arbitrary code via a header with a large number of local addresses. | ||||
| CVE-2002-1357 | 7 Cisco, Fissh, Intersoft and 4 more | 7 Ios, Ssh Client, Securenetterm and 4 more | 2024-11-20 | N/A |
| Multiple SSH2 servers and clients do not properly handle packets or data elements with incorrect length specifiers, which may allow remote attackers to cause a denial of service or possibly execute arbitrary code, as demonstrated by the SSHredder SSH protocol test suite. | ||||
| CVE-2002-1222 | 1 Cisco | 1 Catos | 2024-11-20 | N/A |
| Buffer overflow in the embedded HTTP server for Cisco Catalyst switches running CatOS 5.4 through 7.3 allows remote attackers to cause a denial of service (reset) via a long HTTP request. | ||||