Format string vulnerability in DayDream BBS allows remote attackers to execute arbitrary code via format string specifiers in a file containing a ~#RA
Published
Dec 31, 2001
Directory traversal vulnerability in zml.cgi allows remote attackers to read arbitrary files via a .. (dot dot) in the file parameter.
Ipswitch IMail 7.0.4 and earlier allows attackers with administrator privileges to read and modify user alias and mailing list information for other d
The Domain gateway in BEA Tuxedo 7.1 does not perform authorization checks for imported services and qspaces on remote domains, even when an ACL exist
Buffer overflow in xlock in UnixWare 7.1.0 and 7.1.1 and Open Unix 8.0.0 allows local users to execute arbitrary code.
smcboot in Sun SMC (Sun Management Center) 2.0 in Solaris 8 allows local users to delete arbitrary files via a symlink attack on /tmp/smc$SMC_PORT.
Java Runtime Environment (JRE) and SDK 1.2 through 1.3.0_04 allows untrusted applets to access the system clipboard.
Xitami 2.4 through 2.5 b4 stores the Administrator password in plaintext in the default.aut file, whose default permissions are world-readable, which
SQL injection vulnerability in bb_memberlist.php for phpBB 1.4.2 allows remote attackers to execute arbitrary SQL queries via the $sortby variable.
One-Time Passwords In Everything (a.k.a OPIE) 2.32 and 2.4 allows remote attackers to determine the existence of user accounts by printing random pass
Alcatel ADSL modems allow remote attackers to access the Trivial File Transfer Protocol (TFTP) to modify firmware and configuration via a bounce attac
popauth utility in Qualcomm Qpopper 4.0 and earlier allows local users to overwrite arbitrary files and execute commands as the pop user via a symlink
Open Projects Network Internet Relay Chat (IRC) daemon u2.10.05.18 does not perform a double-reverse DNS lookup, which allows remote attackers to spoo
Microsoft Internet Explorer 6 allows remote attackers to cause a denial of service (CPU consumption and memory leak) via a web page with a large numbe
Mozilla 0.9.6 allows remote attackers to cause a denial of service (CPU consumption and memory leak) via a web page with a large number of images.
Opera 5.11 allows remote attackers to cause a denial of service (CPU consumption and memory leak) via a web page with a large number of images.
Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2001-1460. Reason: This candidate is a refinement duplicate of CVE-2001-1460. No
script command in the util-linux package before 2.11n allows local users to overwrite arbitrary files by setting a hardlink from the typescript log fi
network_query.php in Network Query Tool 1.0 allows remote attackers to execute arbitrary commands via shell metacharacters in the target parameter.
Off-by-one buffer overflow in Basic Authentication in Acme Labs thttpd 1.95 through 2.20 allows remote attackers to cause a denial of service and poss