|
358351
|
7.8 |
HIGH
|
mirabilis
|
icq
|
ICQ client 2001b, 2002a and 2002b allows remote attackers to cause a denial of service (CPU consumption or crash) via a message with a large number of emoticons.
|
CWE-20
不適切な入力確認
|
CVE-2002-2329
|
2008-09-6 05:32 |
2002-12-31 |
表示
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
358352
|
5.8 |
MEDIUM
|
cascadesoft
|
w3mail
|
W3Mail 1.0.2 through 1.0.5 with server side scripting (SSI) enabled in the attachments directory does not properly restrict the types of files that can be uploaded as attachments, which allows remote…
|
CWE-16
環境設定
|
CVE-2002-2331
|
2008-09-6 05:32 |
2002-12-31 |
表示
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
358353
|
5.0 |
MEDIUM
|
opera_software
|
opera_web_browser
|
Buffer overflow in Opera 6.01 allows remote attackers to cause a denial of service (crash) via an IMG tag with large width and height attributes.
|
CWE-119
バッファエラー
|
CVE-2002-2332
|
2008-09-6 05:32 |
2002-12-31 |
表示
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
358354
|
5.0 |
MEDIUM
|
kde
|
kde
|
Buffer overflow in konqueror in KDE 2.1 through 3.0 and 3.0.2 allows remote attackers to cause a denial of service (crash) via an IMG tag with large width and height attributes.
|
CWE-119
バッファエラー
|
CVE-2002-2333
|
2008-09-6 05:32 |
2002-12-31 |
表示
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
358355
|
3.6 |
LOW
|
joseph_allen
|
joe
|
Joe text editor 2.8 through 2.9.7 does not remove the group and user setuid bits for backup files, which could allow local users to execute arbitrary setuid and setgid root programs when root edits s…
|
CWE-264
認可・権限・アクセス制御
|
CVE-2002-2334
|
2008-09-6 05:32 |
2002-12-31 |
表示
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
358356
|
5.0 |
MEDIUM
|
john_drake
|
killer_protection
|
Killer Protection 1.0 stores the vars.inc include file under the web root with insufficient access control, which allows remote attackers to obtain user names and passwords and log in using protectio…
|
CWE-16
環境設定
|
CVE-2002-2335
|
2008-09-6 05:32 |
2002-12-31 |
表示
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
358357
|
4.3 |
MEDIUM
|
symantec
|
norton_personal_firewall
|
Norton Personal Firewall 2002 4.0, when configured to automatically block attacks, allows remote attackers to block IP addresses and cause a denial of service via spoofed packets.
|
CWE-16
環境設定
|
CVE-2002-2336
|
2008-09-6 05:32 |
2002-12-31 |
表示
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
358358
|
5.0 |
MEDIUM
|
kaspersky_lab
|
kaspersky_anti-hacker
|
Kaspersky Anti-Hacker 1.0, when configured to automatically block attacks, allows remote attackers to block IP addresses and cause a denial of service via spoofed packets.
|
NVD-CWE-Other
|
CVE-2002-2337
|
2008-09-6 05:32 |
2002-12-31 |
表示
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
358359
|
5.0 |
MEDIUM
|
mozilla
netscape
|
mozilla
communicator
navigator
|
The POP3 mail client in Mozilla 1.0 and earlier, and Netscape Communicator 4.7 and earlier, allows remote attackers to cause a denial of service (no new mail) via a mail message containing a dot (.) …
|
CWE-20
不適切な入力確認
|
CVE-2002-2338
|
2008-09-6 05:32 |
2002-12-31 |
表示
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
358360
|
4.3 |
MEDIUM
|
script_shed
|
ssgbook
|
Cross-site scripting (XSS) vulnerability in configure.asp in Script-Shed GuestBook 1.0 allows remote attackers to inject arbitrary web script or HTML via a javascript: URL in (1) image, (2) img, (3) …
|
CWE-79
クロスサイト・スクリプティング(XSS)
|
CVE-2002-2339
|
2008-09-6 05:32 |
2002-12-31 |
表示
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
358361
|
4.3 |
MEDIUM
|
sonicwall
|
soho3
|
Cross-site scripting (XSS) vulnerability in content blocking in SonicWALL SOHO3 6.3.0.0 allows remote attackers to inject arbitrary web script or HTML via a blocked URL.
|
CWE-79
クロスサイト・スクリプティング(XSS)
|
CVE-2002-2341
|
2008-09-6 05:32 |
2002-12-31 |
表示
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
358362
|
4.3 |
MEDIUM
|
nocc
|
nocc
|
Cross-site scripting (XSS) vulnerability in NOCC 0.9 through 0.9.5 allows remote attackers to inject arbitrary web script or HTML via email messages.
|
CWE-79
クロスサイト・スクリプティング(XSS)
|
CVE-2002-2343
|
2008-09-6 05:32 |
2002-12-31 |
表示
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
358363
|
5.0 |
MEDIUM
|
ensim
|
webppliance
|
Ensim WEBppliance 3.0 and 3.1 allows remote attackers to read mail intended for other users by defining an alias that is the target's email address.
|
CWE-264
認可・権限・アクセス制御
|
CVE-2002-2344
|
2008-09-6 05:32 |
2002-12-31 |
表示
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
358364
|
7.5 |
HIGH
|
oracle
|
application_server
|
Oracle 9i Application Server 9.0.2 stores the web cache administrator interface password in plaintext, which allows remote attackers to gain access.
|
CWE-255
証明書・パスワード管理
|
CVE-2002-2345
|
2008-09-6 05:32 |
2002-12-31 |
表示
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
358365
|
5.0 |
MEDIUM
|
phpbb
|
phpbb
|
phpBB 2.0 through 2.0.3 generates names for uploaded avatar files with the hex-encoded IP address of the client system, which allows remote attackers to obtain client IP addresses.
|
CWE-200
情報漏えい
|
CVE-2002-2346
|
2008-09-6 05:32 |
2002-12-31 |
表示
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
358366
|
4.3 |
MEDIUM
|
oracle
|
application_server
|
Cross-site scripting (XSS) vulnerability in Oracle Java Server Page (OJSP) demo files (1) hellouser.jsp, (2) welcomeuser.jsp and (3) usebean.jsp in Oracle 9i Application Server 9.0.2, 1.0.2.2, 1.0.2.…
|
CWE-79
クロスサイト・スクリプティング(XSS)
|
CVE-2002-2347
|
2008-09-6 05:32 |
2002-12-31 |
表示
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
358367
|
4.3 |
MEDIUM
|
authoria
|
authoria
|
Cross-site scripting (XSS) vulnerability in athcgi.exe in Authoria HR allows remote attackers to inject arbitrary web script or HTML via the command parameter.
|
CWE-79
クロスサイト・スクリプティング(XSS)
|
CVE-2002-2348
|
2008-09-6 05:32 |
2002-12-31 |
表示
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
358368
|
5.0 |
MEDIUM
|
phpbb
|
phpbbmod
|
phpinfo.php in phpBBmod 1.3.3 executes the phpinfo function, which allows remote attackers to obtain sensitive environment information.
|
CWE-200
情報漏えい
|
CVE-2002-2349
|
2008-09-6 05:32 |
2002-12-31 |
表示
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
358369
|
4.3 |
MEDIUM
|
phpoutsourcing
|
zorum
|
Cross-site scripting (XSS) vulnerability in z_user_show.php in dbtreelistproperty_method.php in Zorum 2.4 allows remote attackers to inject arbitrary web script or HTML via the class parameter.
|
CWE-79
クロスサイト・スクリプティング(XSS)
|
CVE-2002-2350
|
2008-09-6 05:32 |
2002-12-31 |
表示
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
358370
|
6.4 |
MEDIUM
|
qualcomm
|
eudora
|
Eudora 5.1 allows remote attackers to bypass security warnings and possibly execute arbitrary code via attachments with names containing a trailing "." (dot).
|
CWE-22
パス・トラバーサル
|
CVE-2002-2351
|
2008-09-6 05:32 |
2002-12-31 |
表示
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
358371
|
7.5 |
HIGH
|
aol
|
instant_messenger
|
AOL Instant Messenger (AIM) 4.7.2480 adds free.aol.com to the Trusted Sites Zone in Internet Explorer without user approval, which could allow code from free.aol.com to bypass intended access restric…
|
NVD-CWE-Other
|
CVE-2002-1591
|
2008-09-6 05:31 |
2002-04-8 |
表示
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
358372
|
10.0 |
HIGH
|
ibm
|
aix
|
Buffer overflow in the file_comp function in rcp for IBM AIX 4.3.x and 5.1 allows remote attackers to execute arbitrary code.
|
NVD-CWE-Other
|
CVE-2002-1621
|
2008-09-6 05:31 |
2002-04-22 |
表示
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
358373
|
7.5 |
HIGH
|
oracle
|
application_server
|
SQL injection vulnerability in the query.xsql sample page in Oracle 9i Application Server (9iAS) allows remote attackers to execute arbitrary code via the sql parameter.
|
NVD-CWE-Other
|
CVE-2002-1631
|
2008-09-6 05:31 |
2002-12-31 |
表示
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
358374
|
10.0 |
HIGH
|
oracle
|
application_server_web_cache
|
Multiple buffer overflows in Oracle Web Cache for Oracle 9i Application Server (9iAS) allow remote attackers to execute arbitrary code via unknown vectors.
|
NVD-CWE-Other
|
CVE-2002-1641
|
2008-09-6 05:31 |
2002-05-27 |
表示
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
358375
|
10.0 |
HIGH
|
ibm
|
aix
|
Buffer overflow in lscfg of unknown versions of AIX has unknown impact.
|
NVD-CWE-Other
|
CVE-2002-1686
|
2008-09-6 05:31 |
2002-12-31 |
表示
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
358376
|
2.1 |
LOW
|
ibm
|
aix
|
Buffer overflow in the diagnostics library in AIX allows local users to "cause data and instructions to be overwritten" via a long DIAGNOSTICS environment variable.
|
NVD-CWE-Other
|
CVE-2002-1687
|
2008-09-6 05:31 |
2002-12-31 |
表示
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
358377
|
10.0 |
HIGH
|
ibm
|
aix
|
Unknown vulnerability in the login program on AIX before 4.0 could allow remote users to specify 100 or more environment variables when logging on, which exceeds the length of a certain string, possi…
|
NVD-CWE-Other
|
CVE-2002-1689
|
2008-09-6 05:31 |
2002-12-31 |
表示
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
358378
|
10.0 |
HIGH
|
ibm
|
aix
|
Unknown vulnerability in AIX before 4.0 with unknown attack vectors and unknown impact, aka "security issue," as fixed by APAR IY28225.
|
NVD-CWE-Other
|
CVE-2002-1690
|
2008-09-6 05:31 |
2002-12-31 |
表示
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
358379
|
5.0 |
MEDIUM
|
phprojekt
|
phprojekt
|
Directory traversal vulnerability in PHProjekt 2.0 through 3.1 allows remote attackers to read arbitrary files via .. (dot dot) sequences.
|
NVD-CWE-Other
|
CVE-2002-1761
|
2008-09-6 05:31 |
2002-12-31 |
表示
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
358380
|
7.5 |
HIGH
|
symantec
|
norton_personal_firewall
|
The "block fragmented IP Packets" option in Symantec Norton Personal Firewall 2002 (NPW) does not properly protect against certain attacks on Windows vulnerabilities such as jolt2 (CVE-2000-0305).
|
NVD-CWE-Other
|
CVE-2002-1779
|
2008-09-6 05:31 |
2002-12-31 |
表示
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
358381
|
5.0 |
MEDIUM
|
hp
|
tru64
|
Unknown vulnerability in inetd in HP Tru64 Unix 4.0f through 5.1a allows remote attackers to cause a denial of service via unknown attack vectors.
|
NVD-CWE-Other
|
CVE-2002-1784
|
2008-09-6 05:31 |
2002-12-31 |
表示
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
358382
|
1.9 |
LOW
|
zeus_technologies
|
zeus_web_server
|
Cross-site scripting (XSS) vulnerability in Zeus Administration Server in Zeus Web Server 4.0 through 4.1r2 allows remote authenticated users to inject arbitrary web script or HTML via the section pa…
|
NVD-CWE-Other
|
CVE-2002-1785
|
2008-09-6 05:31 |
2002-12-31 |
表示
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
358383
|
2.1 |
LOW
|
sgi
|
irix
|
SGI IRIX 6.5 through 6.5.14 applies a umask of 022 to root core dumps, which allows local users to read the core dumps and possibly obtain sensitive information.
|
NVD-CWE-Other
|
CVE-2002-1786
|
2008-09-6 05:31 |
2002-12-31 |
表示
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
358384
|
4.6 |
MEDIUM
|
sgi
|
irix
|
Buffer overflow in uux in eoe.sw.uucp package of SGI IRIX 6.5 through 6.5.17 allows local users to execute arbitrary code via unknown attack vectors.
|
NVD-CWE-Other
|
CVE-2002-1787
|
2008-09-6 05:31 |
2002-12-31 |
表示
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
358385
|
7.5 |
HIGH
|
kim_storm
|
nn
|
Format string vulnerability in the nn_exitmsg function in nn 6.6.0 through 6.6.3 allows remote NNTP servers to execute arbitrary code via format strings in server responses.
|
NVD-CWE-Other
|
CVE-2002-1788
|
2008-09-6 05:31 |
2002-12-31 |
表示
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
358386
|
7.2 |
HIGH
|
newsx
|
newsx
|
Format string vulnerability in newsx NNTP client before 1.4.8 allows local users to execute arbitrary code via format string specifiers that are not properly handled in a call to the syslog function.
|
NVD-CWE-Other
|
CVE-2002-1789
|
2008-09-6 05:31 |
2002-12-31 |
表示
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
358387
|
2.1 |
LOW
|
sgi
|
irix
|
SGI IRIX 6.5 through 6.5.17 creates temporary desktop files with world-writable permissions, which allows local users to overwrite or corrupt those files.
|
NVD-CWE-Other
|
CVE-2002-1791
|
2008-09-6 05:31 |
2002-12-31 |
表示
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
358388
|
5.0 |
MEDIUM
|
hp
|
virtualvault
vvos
|
HTTP Server mod_ssl module running on HP-UX 11.04 with Virtualvault OS (VVOS) 4.5 through 4.6 closes the connection when the Apache server times out during an SSL request, which may allow attackers t…
|
NVD-CWE-Other
|
CVE-2002-1793
|
2008-09-6 05:31 |
2002-12-31 |
表示
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
358389
|
4.3 |
MEDIUM
|
microsoft
|
tsac_activex_control
|
Cross-site scripting (XSS) vulnerability in connect.asp in Microsoft Terminal Services Advanced Client (TSAC) ActiveX control allows remote attackers to inject arbitrary web script or HTML via unknow…
|
NVD-CWE-Other
|
CVE-2002-1795
|
2008-09-6 05:31 |
2002-12-31 |
表示
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
358390
|
4.6 |
MEDIUM
|
hp
|
chaivm
|
ChaiVM for HP color LaserJet 4500 and 4550 or HP LaserJet 4100 and 8150 does not properly enforce access control restrictions, which could allow local users to add, delete, or modify any services hos…
|
NVD-CWE-Other
|
CVE-2002-1797
|
2008-09-6 05:31 |
2002-12-31 |
表示
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
358391
|
4.3 |
MEDIUM
|
phprank
|
phprank
|
Cross-site scripting (XSS) vulnerability in phpRank 1.8 allows remote attackers to inject arbitrary web script or HTML via the (1) email parameter to add.php or (2) banurl parameter.
|
NVD-CWE-Other
|
CVE-2002-1799
|
2008-09-6 05:31 |
2002-12-31 |
表示
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
358392
|
5.0 |
MEDIUM
|
bizdesign
|
imagefolio
|
ImageFolio 2.23 through 2.27 allows remote attackers to obtain sensitive information via a nonexistent image category, which leaks the web root in the resulting error message.
|
NVD-CWE-Other
|
CVE-2002-1801
|
2008-09-6 05:31 |
2002-12-31 |
表示
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
358393
|
4.3 |
MEDIUM
|
xoops
|
xoops
|
Cross-site scripting (XSS) vulnerability in Xoops 1.0 RC3 allows remote attackers to inject arbitrary web script or HTML via Javascript in an IMG tag when submitting news.
|
NVD-CWE-Other
|
CVE-2002-1802
|
2008-09-6 05:31 |
2002-12-31 |
表示
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
358394
|
4.3 |
MEDIUM
|
francisco_burzi
|
php-nuke
|
Cross-site scripting (XSS) vulnerability in PHP-Nuke 6.0 allows remote attackers to inject arbitrary web script or HTML via Javascript in an IMG tag.
|
NVD-CWE-Other
|
CVE-2002-1803
|
2008-09-6 05:31 |
2002-12-31 |
表示
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
358395
|
4.3 |
MEDIUM
|
npds
|
npds
|
Cross-site scripting (XSS) vulnerability in NPDS 4.8 allows remote attackers to inject arbitrary web script or HTML via Javascript in an IMG tag.
|
NVD-CWE-Other
|
CVE-2002-1804
|
2008-09-6 05:31 |
2002-12-31 |
表示
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
358396
|
4.3 |
MEDIUM
|
dacode
|
dacode
|
Cross-site scripting (XSS) vulnerability in DaCode 1.2.0 allows remote attackers to inject arbitrary web script or HTML via Javascript in an IMG tag.
|
NVD-CWE-Other
|
CVE-2002-1805
|
2008-09-6 05:31 |
2002-12-31 |
表示
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
358397
|
4.3 |
MEDIUM
|
drupal
|
drupal
|
Cross-site scripting (XSS) vulnerability in Drupal 4.0.0 allows remote attackers to inject arbitrary web script or HTML via Javascript in an IMG tag.
|
NVD-CWE-Other
|
CVE-2002-1806
|
2008-09-6 05:31 |
2002-12-31 |
表示
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
358398
|
4.3 |
MEDIUM
|
phpwebsite
|
phpwebsite
|
Cross-site scripting (XSS) vulnerability in phpWebSite 0.8.3 allows remote attackers to inject arbitrary web script or HTML via Javascript in an IMG tag.
|
NVD-CWE-Other
|
CVE-2002-1807
|
2008-09-6 05:31 |
2002-12-31 |
表示
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
358399
|
4.3 |
MEDIUM
|
zack_coburn
|
meunity_community_system
|
Cross-site scripting (XSS) vulnerability in Meunity Community System 1.1 allows remote attackers to inject arbitrary web script or HTML via Javascript in an IMG tag when creating a topic.
|
NVD-CWE-Other
|
CVE-2002-1808
|
2008-09-6 05:31 |
2002-12-31 |
表示
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
358400
|
5.0 |
MEDIUM
|
belkin
|
f5d6130_wnap
|
Belkin F5D6130 Wireless Network Access Point running firmware AP14G8 allows remote attackers to cause a denial of service (connection loss) by sending several SNMP GetNextRequest requests.
|
NVD-CWE-Other
|
CVE-2002-1811
|
2008-09-6 05:31 |
2002-12-31 |
表示
|
GitHub
Exploit DB
Packet Storm
|
|
|
