In Microsoft Windows NT and Windows 2000, a trusting domain that receives authorization information from a trusted domain does not verify that the trusted domain is authoritative for all listed SIDs, which allows remote attackers to gain Domain Administrator privileges on the trusting domain by injecting SIDs from untrusted domains into the authorization data that comes from from the trusted domain.
Max CVSS
10.0
EPSS Score
3.72%
Published
2002-03-08
Updated
2018-10-12
Off-by-one error in the channel code of OpenSSH 2.0 through 3.0.2 allows local users or remote malicious servers to gain privileges.
Max CVSS
10.0
EPSS Score
0.87%
Published
2002-03-15
Updated
2024-02-02
The decompression algorithm in zlib 1.1.3 and earlier, as used in many different utilities and packages, causes inflateEnd to release certain memory more than once (a "double free"), which may allow local and remote attackers to execute arbitrary code via a block of malformed compression data.
Max CVSS
9.8
EPSS Score
47.29%
Published
2002-03-15
Updated
2024-02-02
Buffer overflow in Windows Shell (used as the Windows Desktop) allows local and possibly remote attackers to execute arbitrary code via a custom URL handler that has not been removed for an application that has been improperly uninstalled.
Max CVSS
7.6
EPSS Score
7.31%
Published
2002-03-15
Updated
2018-10-12
Buffer overflow in digest calculation function of multiple RADIUS implementations allows remote attackers to cause a denial of service and possibly execute arbitrary code via shared secret data.
Max CVSS
7.5
EPSS Score
3.66%
Published
2002-03-04
Updated
2018-10-30
Buffer overflow in telnet server in Windows 2000 and Interix 2.2 allows remote attackers to execute arbitrary code via malformed protocol options.
Max CVSS
7.5
EPSS Score
3.85%
Published
2002-03-08
Updated
2018-10-12
Buffer overflow in the implementation of an HTML directive in mshtml.dll in Internet Explorer 5.5 and 6.0 allows remote attackers to execute arbitrary code via a web page that specifies embedded ActiveX controls in a way that causes 2 Unicode strings to be concatenated.
Max CVSS
7.5
EPSS Score
9.62%
Published
2002-03-08
Updated
2021-07-23
File Download box in Internet Explorer 5.01, 5.5 and 6.0 allows an attacker to use the Content-Disposition and Content-Type HTML header fields to modify how the name of the file is displayed, which could trick a user into believing that a file is safe to download.
Max CVSS
7.5
EPSS Score
0.37%
Published
2002-03-08
Updated
2021-07-23
Internet Explorer 5.5 and 6.0 allows remote attackers to bypass restrictions for executing scripts via an object that processes asynchronous events after the initial security checks have been made.
Max CVSS
7.5
EPSS Score
0.84%
Published
2002-03-08
Updated
2021-07-23
Internet Explorer 5.5 and 6.0 allows remote attackers to read certain files and spoof the URL in the address bar by using the Document.open function to pass information between two frames from different domains, a new variant of the "Frame Domain Verification" vulnerability described in MS:MS01-058/CAN-2001-0874.
Max CVSS
7.5
EPSS Score
1.06%
Published
2002-03-08
Updated
2021-07-23
Buffer overflow in AuthFilter ISAPI filter on Microsoft Commerce Server 2000 allows remote attackers to execute arbitrary code via long authentication data.
Max CVSS
7.5
EPSS Score
2.97%
Published
2002-03-08
Updated
2018-10-12
Buffer overflow in SNMP agent service in Windows 95/98/98SE, Windows NT 4.0, Windows 2000, and Windows XP allows remote attackers to cause a denial of service or execute arbitrary code via a malformed management request. NOTE: this candidate may be split or merged with other candidates. This and other PROTOS-related candidates, especially CVE-2002-0012 and CVE-2002-0013, will be updated when more accurate information is available.
Max CVSS
7.5
EPSS Score
26.09%
Published
2002-03-08
Updated
2018-10-12
SMTP service in (1) Microsoft Windows 2000 and (2) Internet Mail Connector (IMC) in Exchange Server 5.5 does not properly handle responses to NTLM authentication, which allows remote attackers to perform mail relaying via an SMTP AUTH command using null session credentials.
Max CVSS
7.5
EPSS Score
1.20%
Published
2002-03-08
Updated
2020-04-09
Buffer overflow in SQL Server 7.0 and 2000 allows remote attackers to execute arbitrary code via a long OLE DB provider name to (1) OpenDataSource or (2) OpenRowset in an ad hoc connection.
Max CVSS
7.5
EPSS Score
9.27%
Published
2002-03-08
Updated
2018-10-12
IRC connection tracking helper module in the netfilter subsystem for Linux 2.4.18-pre9 and earlier does not properly set the mask for conntrack expectations for incoming DCC connections, which could allow remote attackers to bypass intended firewall restrictions.
Max CVSS
7.5
EPSS Score
1.32%
Published
2002-03-08
Updated
2017-10-10
Apache for Win32 before 1.3.24, and 2.0.x before 2.0.34-beta, allows remote attackers to execute arbitrary commands via shell metacharacters (a | pipe character) provided as arguments to batch (.bat) or .cmd scripts, which are sent unfiltered to the shell interpreter, typically cmd.exe.
Max CVSS
7.5
EPSS Score
10.76%
Published
2002-03-21
Updated
2024-01-26
Buffer overflow in ippRead function of CUPS before 1.1.14 may allow attackers to execute arbitrary code via long attribute names or language values.
Max CVSS
7.5
EPSS Score
1.59%
Published
2002-03-08
Updated
2018-05-03
Squid 2.4 STABLE3 and earlier does not properly disable HTCP, even when "htcp_port 0" is specified in squid.conf, which could allow remote attackers to bypass intended access restrictions.
Max CVSS
7.5
EPSS Score
0.70%
Published
2002-03-08
Updated
2016-10-18
Squid 2.4 STABLE3 and earlier allows remote attackers to cause a denial of service (core dump) and possibly execute arbitrary code with an ftp:// URL with a larger number of special characters, which exceed the buffer when Squid URL-escapes the characters.
Max CVSS
7.5
EPSS Score
43.97%
Published
2002-03-08
Updated
2016-10-18
Java Runtime Environment (JRE) Bytecode Verifier allows remote attackers to escape the Java sandbox and execute commands via an applet containing an illegal cast operation, as seen in (1) Microsoft VM build 3802 and earlier as used in Internet Explorer 4.x and 5.x, (2) Netscape 6.2.1 and earlier, and possibly other implementations that use vulnerable versions of SDK or JDK, aka a variant of the "Virtual Machine Verifier" vulnerability.
Max CVSS
7.5
EPSS Score
0.82%
Published
2002-03-19
Updated
2018-10-12
The zone determination function in Microsoft Internet Explorer 5.5 and 6.0 allows remote attackers to run scripts in the Local Computer zone by embedding the script in a cookie, aka the "Cookie-based Script Execution" vulnerability.
Max CVSS
7.5
EPSS Score
74.64%
Published
2002-03-29
Updated
2021-07-23
Buffer overflows in (1) php_mime_split in PHP 4.1.0, 4.1.1, and 4.0.6 and earlier, and (2) php3_mime_split in PHP 3.0.x allows remote attackers to execute arbitrary code via a multipart/form-data HTTP POST request when file_uploads is enabled.
Max CVSS
7.5
EPSS Score
93.67%
Published
2002-03-08
Updated
2016-10-18
The dbm and shm session cache code in mod_ssl before 2.8.7-1.3.23, and Apache-SSL before 1.3.22+1.46, does not properly initialize memory using the i2d_SSL_SESSION function, which allows remote attackers to use a buffer overflow to execute arbitrary code via a large client certificate that is signed by a trusted Certificate Authority (CA), which produces a large serialized session.
Max CVSS
7.5
EPSS Score
47.59%
Published
2002-03-15
Updated
2016-10-18
Multiple CGI scripts in CIDER SHADOW 1.5 and 1.6 allows remote attackers to execute arbitrary commands via certain form fields.
Max CVSS
7.5
EPSS Score
1.50%
Published
2002-03-15
Updated
2008-09-05
config_converters.py in BSCW (Basic Support for Cooperative Work) 3.x and versions before 4.06 allows remote attackers to execute arbitrary commands via shell metacharacters in the file name during filename conversion.
Max CVSS
7.5
EPSS Score
1.31%
Published
2002-03-25
Updated
2008-09-05
104 vulnerabilities found
1 2 3 4 5
This web site uses cookies for managing your session, storing preferences, website analytics and additional purposes described in our privacy policy.
By using this web site you are agreeing to CVEdetails.com terms of use!