|
363551
|
7.5 |
HIGH
|
realnetworks
|
realjukebox_2 realjukebox_2_plus realone_player
|
Buffer overflow in RealJukebox 2 1.0.2.340 and 1.0.2.379, and RealOne Player Gold 6.0.10.505, allows remote attackers to execute arbitrary code via an RFS skin file whose skin.ini contains a long val…
|
NVD-CWE-Other
|
CVE-2002-1014
|
2008-09-6 05:29 |
2002-10-4 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
363552
|
7.5 |
HIGH
|
realnetworks
|
realjukebox_2 realjukebox_2_plus realone_player
|
RealJukebox 2 1.0.2.340 and 1.0.2.379, and RealOne Player Gold 6.0.10.505, allows remote attackers to execute arbitrary script in the Local computer zone by inserting the script into the skin.ini fil…
|
NVD-CWE-Other
|
CVE-2002-1015
|
2008-09-6 05:29 |
2002-10-4 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
363553
|
4.6 |
MEDIUM
|
adobe
|
digital_editions
|
Adobe eBook Reader allows a user to bypass restrictions for copy, print, lend, and give operations by backing up key data files, performing the operations, and restoring the original data files.
|
NVD-CWE-Other
|
CVE-2002-1016
|
2008-09-6 05:29 |
2002-10-4 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
363554
|
2.1 |
LOW
|
adobe
|
digital_editions
|
Adobe eBook Reader 2.1 and 2.2 allows a user to copy eBooks to other systems by using the backup feature, capturing the encryption Challenge, and using the appropriate hash function to generate the a…
|
NVD-CWE-Other
|
CVE-2002-1017
|
2008-09-6 05:29 |
2002-10-4 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
363555
|
5.0 |
MEDIUM
|
working_resources_inc.
|
badblue
|
BadBlue server allows remote attackers to read restricted files, such as EXT.INI, via an HTTP request that contains a hex-encoded null byte.
|
NVD-CWE-Other
|
CVE-2002-1021
|
2008-09-6 05:29 |
2002-10-4 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
363556
|
7.5 |
HIGH
|
working_resources_inc.
|
badblue
|
BadBlue server stores passwords in plaintext in the ext.ini file, which could allow local and possibly remote attackers to gain privileges.
|
NVD-CWE-Other
|
CVE-2002-1022
|
2008-09-6 05:29 |
2002-10-4 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
363557
|
5.0 |
MEDIUM
|
working_resources_inc.
|
badblue
|
BadBlue server allows remote attackers to cause a denial of service (crash) via an HTTP GET request without a URI.
|
NVD-CWE-Other
|
CVE-2002-1023
|
2008-09-6 05:29 |
2002-10-4 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
363558
|
5.0 |
MEDIUM
|
macromedia
|
jrun
|
JRun 3.0 through 4.0 allows remote attackers to read JSP source code via an encoded null byte in an HTTP GET request, which causes the server to send the .JSP file unparsed.
|
NVD-CWE-Other
|
CVE-2002-1025
|
2008-09-6 05:29 |
2002-10-4 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
363559
|
5.0 |
MEDIUM
|
macromedia
|
sitespring
|
Macromedia Sitespring 1.2.0 (277.1) using Sybase runtime engine 7.0.2.1480 allows remote attackers to cause a denial of service (crash) via a long malformed request to TCP port 2500, possibly trigger…
|
NVD-CWE-Other
|
CVE-2002-1026
|
2008-09-6 05:29 |
2002-10-4 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
363560
|
7.5 |
HIGH
|
macromedia
|
sitespring
|
Cross-site scripting vulnerability in the default HTTP 500 error script (500error.jsp) for Macromedia Sitespring 1.2.0 (277.1) allows remote attackers to execute arbitrary web script via a link to 50…
|
NVD-CWE-Other
|
CVE-2002-1027
|
2008-09-6 05:29 |
2002-10-4 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
363561
|
5.0 |
MEDIUM
|
oddsock
|
song_requester
|
Multiple buffer overflows in the CGI programs for Oddsock Song Requester WinAmp plugin 2.1 allow remote attackers to cause a denial of service (crash) via long arguments.
|
NVD-CWE-Other
|
CVE-2002-1028
|
2008-09-6 05:29 |
2002-10-4 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
363562
|
5.0 |
MEDIUM
|
worldspan
|
res_manager
|
Res Manager in Worldspan for Windows Gateway 4.1 allows remote attackers to cause a denial of service (crash) via a malformed request to TCP port 17990.
|
NVD-CWE-Other
|
CVE-2002-1029
|
2008-09-6 05:29 |
2002-10-4 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
363563
|
2.6 |
LOW
|
bea
|
weblogic_server
|
Race condition in Performance Pack in BEA WebLogic Server and Express 5.1.x, 6.0.x, 6.1.x and 7.0 allows remote attackers to cause a denial of service (crash) via a flood of data and connections.
|
NVD-CWE-Other
|
CVE-2002-1030
|
2008-09-6 05:29 |
2002-10-4 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
363564
|
5.0 |
MEDIUM
|
key_focus
|
kf_web_server
|
KeyFocus (KF) web server 1.0.2 allows remote attackers to list directories and read restricted files via an HTTP request containing a %00 (null) character.
|
NVD-CWE-Other
|
CVE-2002-1031
|
2008-09-6 05:29 |
2002-10-4 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
363565
|
7.5 |
HIGH
|
key_focus
|
kf_web_server
|
Buffer overflow in KeyFocus (KF) web server 1.0.5 and earlier allows remote attackers to cause a denial of service and possibly execute arbitrary code via a malformed HTTP header.
|
NVD-CWE-Other
|
CVE-2002-1032
|
2008-09-6 05:29 |
2002-10-4 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
363566
|
5.0 |
MEDIUM
|
sun
|
i-runbook
|
Directory traversal vulnerability in none.php for SunPS iRunbook 2.5.2 allows remote attackers to read arbitrary files via a "..:" sequence (dot-dot variant) in the argument.
|
NVD-CWE-Other
|
CVE-2002-1033
|
2008-09-6 05:29 |
2002-10-4 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
363567
|
10.0 |
HIGH
|
sun
|
i-runbook
|
none.php for SunPS iRunbook 2.5.2 allows remote attackers to read arbitrary files via an absolute pathname in the argument.
|
NVD-CWE-Other
|
CVE-2002-1034
|
2008-09-6 05:29 |
2002-10-4 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
363568
|
5.0 |
MEDIUM
|
omnicron
|
omnihttpd
|
Omnicron OmniHTTPd 2.09 allows remote attackers to cause a denial of service (crash) via an HTTP request with a long, malformed HTTP 1version number.
|
NVD-CWE-Other
|
CVE-2002-1035
|
2008-09-6 05:29 |
2002-10-4 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
363569
|
7.5 |
HIGH
|
zoltan_milosevic
|
fluid_dynamics_search_engine
|
Cross-site scripting vulnerability in search.pl for Fluid Dynamics Search Engine (FDSE) before 2.0.0.0055 allows remote attackers to execute web script via the (1) Rank or (2) Match parameters.
|
NVD-CWE-Other
|
CVE-2002-1036
|
2008-09-6 05:29 |
2002-10-4 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
363570
|
5.0 |
MEDIUM
|
ibm
|
aix
|
Unknown vulnerability in the WebSecure (DFSWeb) configuration utilities in AIX 4.x, possibly related to relative pathnames.
|
NVD-CWE-Other
|
CVE-2002-1040
|
2008-09-6 05:29 |
2002-10-4 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
363571
|
5.0 |
MEDIUM
|
netscape sun
|
enterprise_server iplanet_web_server one_application_server one_web_server
|
Directory traversal vulnerability in search engine for iPlanet web server 6.0 SP2 and 4.1 SP9, and Netscape Enterprise Server 3.6, when running on Windows platforms, allows remote attackers to read a…
|
NVD-CWE-Other
|
CVE-2002-1042
|
2008-09-6 05:29 |
2002-10-4 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
363572
|
5.0 |
MEDIUM
|
ultrafunk
|
popcorn
|
Ultrafunk Popcorn 1.20 allows remote attackers to cause a denial of service (crash) via a malformed Subject ("\t\t").
|
NVD-CWE-Other
|
CVE-2002-1043
|
2008-09-6 05:29 |
2002-10-4 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
363573
|
7.5 |
HIGH
|
ultrafunk
|
popcorn
|
Buffer overflow in Ultrafunk Popcorn 1.20 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a long Subject field.
|
NVD-CWE-Other
|
CVE-2002-1044
|
2008-09-6 05:29 |
2002-10-4 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
363574
|
5.0 |
MEDIUM
|
ultrafunk
|
popcorn
|
Ultrafunk Popcorn 1.20 allows remote attackers to cause a denial of service (crash) via a malformed Date field that is converted into a year greater than 2037.
|
NVD-CWE-Other
|
CVE-2002-1045
|
2008-09-6 05:29 |
2002-10-4 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
363575
|
5.0 |
MEDIUM
|
watchguard
|
firebox soho_firewall
|
Dynamic VPN Configuration Protocol service (DVCP) in Watchguard Firebox firmware 5.x.x allows remote attackers to cause a denial of service (crash) via a malformed packet containing tab characters to…
|
NVD-CWE-Other
|
CVE-2002-1046
|
2008-09-6 05:29 |
2002-10-4 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
363576
|
7.5 |
HIGH
|
watchguard
|
soho_firewall
|
The FTP service in Watchguard Soho Firewall 5.0.35a allows remote attackers to gain privileges with a correct password but an incorrect user name.
|
NVD-CWE-Other
|
CVE-2002-1047
|
2008-09-6 05:29 |
2002-10-4 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
363577
|
7.5 |
HIGH
|
hp
|
jetdirect
|
HP JetDirect printers allow remote attackers to obtain the administrative password for the (1) web and (2) telnet services via an SNMP request to the variable (.iso.3.6.1.4.1.11.2.3.9.4.2.1.3.9.1.1.0.
|
NVD-CWE-Other
|
CVE-2002-1048
|
2008-09-6 05:29 |
2002-10-4 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
363578
|
5.0 |
MEDIUM
|
hylafax
|
hylafax
|
Format string vulnerability in HylaFAX faxgetty before 4.1.3 allows remote attackers to cause a denial of service (crash) via the TSI data element.
|
NVD-CWE-Other
|
CVE-2002-1049
|
2008-09-6 05:29 |
2002-10-4 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
363579
|
7.5 |
HIGH
|
hylafax
|
hylafax
|
Buffer overflow in HylaFAX faxgetty before 4.1.3 allows remote attackers to cause a denial of service, and possibly execute arbitrary code, via a long line of image data.
|
NVD-CWE-Other
|
CVE-2002-1050
|
2008-09-6 05:29 |
2002-10-4 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
363580
|
6.8 |
MEDIUM
|
w3c
|
jigsaw
|
Cross-site scripting (XSS) vulnerability in W3C Jigsaw Proxy Server before 2.2.1 allows remote attackers to execute arbitrary script via a URL that contains a reference to a nonexistent host followed…
|
NVD-CWE-Other
|
CVE-2002-1053
|
2008-09-6 05:29 |
2002-10-4 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
363581
|
5.0 |
MEDIUM
|
brother
|
nc-3100h
|
Buffer overflow in administrative web server for Brother NC-3100h printer allows remote attackers to cause a denial of service via a long password.
|
NVD-CWE-Other
|
CVE-2002-1055
|
2008-09-6 05:29 |
2002-10-4 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
363582
|
7.5 |
HIGH
|
smartmax_software
|
mailmax
|
Buffer overflow in SmartMax MailMax POP3 daemon (popmax) 4.8 allows remote attackers to execute arbitrary code via a long USER command.
|
NVD-CWE-Other
|
CVE-2002-1057
|
2008-09-6 05:29 |
2002-10-4 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
363583
|
10.0 |
HIGH
|
cobalt
|
qube
|
Directory traversal vulnerability in splashAdmin.php for Cobalt Qube 3.0 allows local users and remote attackers, to gain privileges as the Qube Admin via .. (dot dot) sequences in the sessionId cook…
|
NVD-CWE-Other
|
CVE-2002-1058
|
2008-09-6 05:29 |
2002-10-4 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
363584
|
4.3 |
MEDIUM
|
bluecoat
|
cacheos
|
Cross-site scripting (XSS) vulnerability in Blue Coat Systems (formerly CacheFlow) CacheOS on Client Accelerator 4.1.06, Security Gateway 2.1.02, and Server Accelerator 4.1.06 allows remote attackers…
|
NVD-CWE-Other
|
CVE-2002-1060
|
2008-09-6 05:29 |
2002-10-4 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
363585
|
7.5 |
HIGH
|
t._hauck
|
jana_web_server
|
Multiple buffer overflows in Thomas Hauck Jana Server 2.x through 2.2.1, and 1.4.6 and earlier, allow remote attackers to cause a denial of service and possibly execute arbitrary code via (1) an HTTP…
|
NVD-CWE-Other
|
CVE-2002-1061
|
2008-09-6 05:29 |
2002-10-4 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
363586
|
7.5 |
HIGH
|
t._hauck
|
jana_web_server
|
Signedness error in Thomas Hauck Jana Server 2.x through 2.2.1, and 1.4.6 and earlier, allows remote attackers to execute arbitrary code via long (1) Username, (2) Password, or (3) Hostname entries.
|
NVD-CWE-Other
|
CVE-2002-1062
|
2008-09-6 05:29 |
2002-10-4 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
363587
|
5.0 |
MEDIUM
|
t._hauck
|
jana_web_server
|
Thomas Hauck Jana Server 2.x through 2.2.1, and 1.4.6 and earlier, allows remote attackers to cause a denial of service (resource exhaustion) via a large number of FTP PASV requests, which consumes a…
|
NVD-CWE-Other
|
CVE-2002-1063
|
2008-09-6 05:29 |
2002-10-4 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
363588
|
5.0 |
MEDIUM
|
t._hauck
|
jana_web_server
|
Thomas Hauck Jana Server 2.x through 2.2.1, and 1.4.6 and earlier, generates different responses for valid and invalid usernames, which allows remote attackers to identify valid users on the server.
|
NVD-CWE-Other
|
CVE-2002-1064
|
2008-09-6 05:29 |
2002-10-4 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
363589
|
7.5 |
HIGH
|
t._hauck
|
jana_web_server
|
Thomas Hauck Jana Server 2.x through 2.2.1, and 1.4.6 and earlier, does not restrict the number of unsuccessful login attempts, which makes it easier for remote attackers to gain privileges via brute…
|
NVD-CWE-Other
|
CVE-2002-1065
|
2008-09-6 05:29 |
2002-10-4 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
363590
|
7.5 |
HIGH
|
t._hauck
|
jana_web_server
|
Thomas Hauck Jana Server 1.4.6 and earlier allows remote attackers to cause a denial of service and possibly execute arbitrary code via a large message index value in a (1) RETR or (2) DELE command t…
|
NVD-CWE-Other
|
CVE-2002-1066
|
2008-09-6 05:29 |
2002-10-4 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
363591
|
5.0 |
MEDIUM
|
seh
|
ic9_pocket_print_server_firmware
|
Administrative web interface for IC9 Pocket Print Server Firmware 7.1.30 and 7.1.36f allows remote attackers to cause a denial of service (reboot and reset) via a long password, possibly due to a buf…
|
NVD-CWE-Other
|
CVE-2002-1067
|
2008-09-6 05:29 |
2002-10-4 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
363592
|
7.5 |
HIGH
|
php-wiki
|
php-wiki
|
Cross-site scripting vulnerability in PHPWiki Postnuke wiki module allows remote attackers to execute script as other PHPWiki users via the pagename parameter.
|
NVD-CWE-Other
|
CVE-2002-1070
|
2008-09-6 05:29 |
2002-10-4 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
363593
|
5.0 |
MEDIUM
|
zyxel
|
prestige
|
ZyXEL Prestige 642R allows remote attackers to cause a denial of service in the Telnet, FTP, and DHCP services (crash) via a TCP packet with both the SYN and ACK flags set.
|
NVD-CWE-Other
|
CVE-2002-1071
|
2008-09-6 05:29 |
2002-10-4 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
363594
|
5.0 |
MEDIUM
|
zyxel
|
prestige
|
ZyXEL Prestige 642R 2.50(FA.1) and Prestige 310 V3.25(M.01), allows remote attackers to cause a denial of service via an oversized, fragmented "jolt" style ICMP packet.
|
NVD-CWE-Other
|
CVE-2002-1072
|
2008-09-6 05:29 |
2002-10-4 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
363595
|
7.5 |
HIGH
|
atrium_software
|
mercur_mailserver
|
Buffer overflow in the control service for MERCUR Mailserver 4.2 allows remote attackers to execute arbitrary code via a long password.
|
NVD-CWE-Other
|
CVE-2002-1073
|
2008-09-6 05:29 |
2002-10-4 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
363596
|
7.5 |
HIGH
|
david_harris
|
pegasus_mail
|
Buffer overflow in Pegasus mail client 4.01 and earlier allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via long (1) To or (2) From headers.
|
NVD-CWE-Other
|
CVE-2002-1075
|
2008-09-6 05:29 |
2002-10-4 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
363597
|
7.5 |
HIGH
|
ipswitch
|
imail
|
Buffer overflow in the Web Messaging daemon for Ipswitch IMail before 7.12 allows remote attackers to execute arbitrary code via a long HTTP GET request for HTTP/1.0.
|
NVD-CWE-Other
|
CVE-2002-1076
|
2008-09-6 05:29 |
2002-10-4 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
363598
|
5.0 |
MEDIUM
|
ipswitch
|
imail
|
IPSwitch IMail Web Calendaring service (iwebcal) allows remote attackers to cause a denial of service (crash) via an HTTP POST request without a Content-Length field.
|
NVD-CWE-Other
|
CVE-2002-1077
|
2008-09-6 05:29 |
2002-10-4 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
363599
|
5.0 |
MEDIUM
|
aprelium_technologies
|
abyss_web_server
|
Abyss Web Server 1.0.3 allows remote attackers to list directory contents via an HTTP GET request that ends in a large number of / (slash) characters.
|
NVD-CWE-Other
|
CVE-2002-1078
|
2008-09-6 05:29 |
2002-10-4 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
363600
|
5.0 |
MEDIUM
|
aprelium_technologies
|
abyss_web_server
|
Directory traversal vulnerability in Abyss Web Server 1.0.3 allows remote attackers to read arbitrary files via ..\ (dot-dot backslash) sequences in an HTTP GET request.
|
NVD-CWE-Other
|
CVE-2002-1079
|
2008-09-6 05:29 |
2002-10-4 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|