Vulnerability_Archives

CVE_ARCHIVES.DB

ARCHIVE_CHRONOLOGY.INDEXSTATUS: ONLINE

Risk_Filter:

Records: 1,679

Mode: SECURE_QUERY

CVE-2001-1208

HIGH

Format string vulnerability in DayDream BBS allows remote attackers to execute arbitrary code via format string specifiers in a file containing a ~#RA

Discovered

Dec 31, 2001

CVE-2001-1209

MEDIUM

Directory traversal vulnerability in zml.cgi allows remote attackers to read arbitrary files via a .. (dot dot) in the file parameter.

Discovered

Dec 31, 2001

CVE-2001-1211

HIGH

Ipswitch IMail 7.0.4 and earlier allows attackers with administrator privileges to read and modify user alias and mailing list information for other d

Discovered

Dec 31, 2001

CVE-2001-1477

MEDIUM

The Domain gateway in BEA Tuxedo 7.1 does not perform authorization checks for imported services and qspaces on remote domains, even when an ACL exist

Discovered

Dec 31, 2001

CVE-2001-1478

HIGH

Buffer overflow in xlock in UnixWare 7.1.0 and 7.1.1 and Open Unix 8.0.0 allows local users to execute arbitrary code.

Discovered

Dec 31, 2001

CVE-2001-1479

LOW

smcboot in Sun SMC (Sun Management Center) 2.0 in Solaris 8 allows local users to delete arbitrary files via a symlink attack on /tmp/smc$SMC_PORT.

Discovered

Dec 31, 2001

CVE-2001-1480

HIGH

Java Runtime Environment (JRE) and SDK 1.2 through 1.3.0_04 allows untrusted applets to access the system clipboard.

Discovered

Dec 31, 2001

CVE-2001-1481

CRITICAL

Xitami 2.4 through 2.5 b4 stores the Administrator password in plaintext in the default.aut file, whose default permissions are world-readable, which

Discovered

Dec 31, 2001

CVE-2001-1482

HIGH

SQL injection vulnerability in bb_memberlist.php for phpBB 1.4.2 allows remote attackers to execute arbitrary SQL queries via the $sortby variable.

Discovered

Dec 31, 2001

CVE-2001-1483

MEDIUM

One-Time Passwords In Everything (a.k.a OPIE) 2.32 and 2.4 allows remote attackers to determine the existence of user accounts by printing random pass

Discovered

Dec 31, 2001

CVE-2001-1484

HIGH

Alcatel ADSL modems allow remote attackers to access the Trivial File Transfer Protocol (TFTP) to modify firmware and configuration via a bounce attac

Discovered

Dec 31, 2001

CVE-2001-1487

MEDIUM

popauth utility in Qualcomm Qpopper 4.0 and earlier allows local users to overwrite arbitrary files and execute commands as the pop user via a symlink

Discovered

Dec 31, 2001

CVE-2001-1488

MEDIUM

Open Projects Network Internet Relay Chat (IRC) daemon u2.10.05.18 does not perform a double-reverse DNS lookup, which allows remote attackers to spoo

Discovered

Dec 31, 2001

CVE-2001-1489

MEDIUM

Microsoft Internet Explorer 6 allows remote attackers to cause a denial of service (CPU consumption and memory leak) via a web page with a large numbe

Discovered

Dec 31, 2001

CVE-2001-1490

MEDIUM

Mozilla 0.9.6 allows remote attackers to cause a denial of service (CPU consumption and memory leak) via a web page with a large number of images.

Discovered

Dec 31, 2001

CVE-2001-1491

MEDIUM

Opera 5.11 allows remote attackers to cause a denial of service (CPU consumption and memory leak) via a web page with a large number of images.

Discovered

Dec 31, 2001

CVE-2001-1492

UNKNOWN

Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2001-1460. Reason: This candidate is a refinement duplicate of CVE-2001-1460. No

Discovered

Dec 31, 2001

CVE-2001-1494

MEDIUM

script command in the util-linux package before 2.11n allows local users to overwrite arbitrary files by setting a hardlink from the typescript log fi

Discovered

Dec 31, 2001

CVE-2001-1495

HIGH

network_query.php in Network Query Tool 1.0 allows remote attackers to execute arbitrary commands via shell metacharacters in the target parameter.

Discovered

Dec 31, 2001

CVE-2001-1496

CRITICAL

Off-by-one buffer overflow in Basic Authentication in Acme Labs thttpd 1.95 through 2.20 allows remote attackers to cause a denial of service and poss

Discovered

Dec 31, 2001

...