Vulnerability_Archives

CVE_ARCHIVES.DB

ARCHIVE_CHRONOLOGY.INDEXSTATUS: ONLINE

Risk_Filter:

Records: 2,170

Mode: SECURE_QUERY

CVE-2002-1571

LOW

The linux 2.4 kernel before 2.4.19 assumes that the fninit instruction clears all registers, which could lead to an information leak on processors tha

Discovered

Dec 31, 2002

CVE-2002-1572

HIGH

Signed integer overflow in the bttv_read function in the bttv driver (bttv-driver.c) in Linux kernel before 2.4.20 has unknown impact and attack vecto

Discovered

Dec 31, 2002

CVE-2002-1573

HIGH

Unspecified vulnerability in the pcilynx ieee1394 firewire driver (pcilynx.c) in Linux kernel before 2.4.20 has unknown impact and attack vectors, rel

Discovered

Dec 31, 2002

CVE-2002-1617

HIGH

Multiple buffer overflows in HP Tru64 UNIX 5.x allow local users to execute arbitrary code via (1) a long -contextDir argument to dtaction, (2) a long

Discovered

Dec 31, 2002

CVE-2002-1622

HIGH

Buffer overflow in certain RPC routines in IBM AIX 4.3 may allow attackers to execute arbitrary code, related to a "variable data type."

Discovered

Dec 31, 2002

CVE-2002-1623

MEDIUM

The design of the Internet Key Exchange (IKE) protocol, when using Aggressive Mode for shared secret authentication, does not encrypt initiator or res

Discovered

Dec 31, 2002

CVE-2002-1624

MEDIUM

Buffer overflow in Lotus Domino web server before R5.0.10, when logging to DOMLOG.NSF, allows remote attackers to cause a denial of service (crash) an

Discovered

Dec 31, 2002

CVE-2002-1625

MEDIUM

Macromedia Flash Player 6 does not terminate connections when the user leaves the web page, which allows remote attackers to cause a denial of service

Discovered

Dec 31, 2002

CVE-2002-1626

MEDIUM

Directory traversal vulnerability in Mike Spice My Calendar before 1.5 allows remote attackers to write arbitrary files via .. (dot dot) sequences in

Discovered

Dec 31, 2002

CVE-2002-1627

MEDIUM

Directory traversal vulnerability in quiz.cgi for Mike Spice Quiz Me! before 0.6 allows remote attackers to write arbitrary files via .. (dot dot) seq

Discovered

Dec 31, 2002

CVE-2002-1628

MEDIUM

Directory traversal vulnerability in vote.cgi for Mike Spice Mike's Vote CGI before 1.3 allows remote attackers to write arbitrary files via .. (dot d

Discovered

Dec 31, 2002

CVE-2002-1629

HIGH

Multi-Tech ProxyServer products MTPSR1-100, MTPSR1-120, MTPSR1-202ST, MTPSR2-201, and MTPSR3-200 ship with a null password, which allows remote attack

Discovered

Dec 31, 2002

CVE-2002-1630

HIGH

The sendmail.jsp sample page in Oracle 9i Application Server (9iAS) allows remote attackers to send arbitrary emails.

Discovered

Dec 31, 2002

CVE-2002-1631

HIGH

SQL injection vulnerability in the query.xsql sample page in Oracle 9i Application Server (9iAS) allows remote attackers to execute arbitrary code via

Discovered

Dec 31, 2002

CVE-2002-1632

MEDIUM

Oracle 9i Application Server (9iAS) installs multiple sample pages that allow remote attackers to obtain environment variables and other sensitive inf

Discovered

Dec 31, 2002

CVE-2002-1633

MEDIUM

Multiple buffer overflows in QNX 4.25 may allow local users to execute arbitrary code via long command line arguments to (1) sample, (2) ex, (3) du, (

Discovered

Dec 31, 2002

CVE-2002-1634

MEDIUM

Novell NetWare 5.1 installs sample applications that allow remote attackers to obtain sensitive information via (1) ndsobj.nlm, (2) allfield.jse, (3)

Discovered

Dec 31, 2002

CVE-2002-1635

MEDIUM

The Apache configuration file (httpd.conf) in Oracle 9i Application Server (9iAS) uses a Location alias for /perl directory instead of a ScriptAlias,

Discovered

Dec 31, 2002

CVE-2002-1636

MEDIUM

Cross-site scripting (XSS) vulnerability in the htp PL/SQL package for Oracle 9i Application Server (9iAS) allows remote attackers to inject arbitrary

Discovered

Dec 31, 2002

CVE-2002-1646

HIGH

SSH Secure Shell for Servers 3.0.0 to 3.1.1 allows remote attackers to override the AllowedAuthentications configuration and use less secure authentic

Discovered

Dec 31, 2002

...