Double free vulnerability in OpenSSL 0.9.7 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via an SSL client certificate with a certain invalid ASN.1 encoding.
Max CVSS
10.0
EPSS Score
51.11%
Published
2003-11-17
Updated
2024-02-02
The SSH1 PAM challenge response authentication in OpenSSH 3.7.1 and 3.7.1p1, when Privilege Separation is disabled, does not check the result of the authentication attempt, which can allow remote attackers to gain privileges.
Max CVSS
10.0
EPSS Score
1.78%
Published
2003-11-17
Updated
2008-09-10
mod_cgid in Apache before 2.0.48, when using a threaded MPM, does not properly handle CGI redirect paths, which could cause Apache to send the output of a CGI program to the wrong client.
Max CVSS
10.0
EPSS Score
0.37%
Published
2003-11-03
Updated
2022-09-23
Buffer overflows in PHP before 4.3.3 have unknown impact and unknown attack vectors.
Max CVSS
10.0
EPSS Score
0.38%
Published
2003-11-17
Updated
2018-10-30
Integer overflows in (1) base64_encode and (2) the GD library for PHP before 4.3.3 have unknown impact and unknown attack vectors.
Max CVSS
10.0
EPSS Score
0.38%
Published
2003-11-17
Updated
2018-10-30
Help in NIPrint LPD-LPR Print Server 4.10 and earlier executes Windows Explorer with SYSTEM privileges, which allows local users to gain privileges.
Max CVSS
10.0
EPSS Score
0.68%
Published
2003-11-03
Updated
2017-07-11
Buffer overflow in the log viewing interface in Perception LiteServe 1.25 through 2.2 allows remote attackers to execute arbitrary code via a GET request with a long file name.
Max CVSS
10.0
EPSS Score
27.43%
Published
2003-11-04
Updated
2017-07-11

CVE-2003-1192

Public exploit
Stack-based buffer overflow in IA WebMail Server 3.1.0 allows remote attackers to execute arbitrary code via a long GET request.
Max CVSS
10.0
EPSS Score
96.55%
Published
2003-11-03
Updated
2017-07-11
Buffer overflow in defang in libhttpd.c for thttpd 2.21 to 2.23b1 allows remote attackers to execute arbitrary code via requests that contain '<' or '>' characters, which trigger the overflow when the characters are expanded to "&lt;" and "&gt;" sequences.
Max CVSS
9.8
EPSS Score
19.30%
Published
2003-11-03
Updated
2024-02-02
Buffer overflow in Troubleshooter ActiveX Control (Tshoot.ocx) in Microsoft Windows 2000 SP4 and earlier allows remote attackers to execute arbitrary code via an HTML document with a long argument to the RunQuery2 method.
Max CVSS
9.3
EPSS Score
96.60%
Published
2003-11-17
Updated
2019-04-30
ProFTPD 1.2.7 through 1.2.9rc2 does not properly translate newline characters when transferring files in ASCII mode, which allows remote attackers to execute arbitrary code via a buffer overflow using certain files.
Max CVSS
9.0
EPSS Score
13.38%
Published
2003-11-17
Updated
2017-10-05
Pan 0.13.3 and earlier allows remote attackers to cause a denial of service (crash) via a news post with a long author email address.
Max CVSS
7.8
EPSS Score
1.79%
Published
2003-11-03
Updated
2008-09-05
gv 3.5.8, and possibly earlier versions, allows remote attackers to execute arbitrary commands via shell metacharacters in the filename for (1) a PDF file or (2) a gzip file.
Max CVSS
7.5
EPSS Score
9.60%
Published
2003-11-17
Updated
2017-07-11
Heap-based buffer overflow in snmpnetstat for ucd-snmp 4.2.3 and earlier, and net-snmp, allows remote attackers to execute arbitrary code via multiple getnextrequest PDU messages with conflicting ifindex variables, which cause snmpnetstat to write variable data past the end of an array.
Max CVSS
7.5
EPSS Score
8.99%
Published
2003-11-03
Updated
2017-07-11
The Authenticode capability in Microsoft Windows NT through Server 2003 does not prompt the user to download and install ActiveX controls when the system is low on memory, which could allow remote attackers to execute arbitrary code without user approval.
Max CVSS
7.5
EPSS Score
10.39%
Published
2003-11-17
Updated
2019-04-30
NFS in SGI 6.5.21m and 6.5.21f does not perform access checks in certain configurations when an /etc/exports entry uses wildcards without any hostnames or groups, which could allow attackers to bypass intended restrictions.
Max CVSS
7.5
EPSS Score
0.40%
Published
2003-11-03
Updated
2008-09-05
Stack-based buffer overflow in the PCHealth system in the Help and Support Center function in Windows XP and Windows Server 2003 allows remote attackers to execute arbitrary code via a long query in an HCP URL.
Max CVSS
7.5
EPSS Score
55.76%
Published
2003-11-17
Updated
2019-04-30

CVE-2003-0714

Public exploit
The Internet Mail Service in Exchange Server 5.5 and Exchange 2000 allows remote attackers to cause a denial of service (memory exhaustion) by directly connecting to the SMTP service and sending a certain extended verb request, possibly triggering a buffer overflow in Exchange 2000.
Max CVSS
7.5
EPSS Score
9.16%
Published
2003-11-17
Updated
2020-04-09
The Messenger Service for Windows NT through Server 2003 does not properly verify the length of the message, which allows remote attackers to execute arbitrary code via a buffer overflow attack.
Max CVSS
7.5
EPSS Score
97.11%
Published
2003-11-17
Updated
2019-04-30
The PAM conversation function in OpenSSH 3.7.1 and 3.7.1p1 interprets an array of structures as an array of pointers, which allows attackers to modify the stack and possibly gain privileges.
Max CVSS
7.5
EPSS Score
0.67%
Published
2003-11-17
Updated
2008-09-10
Internet Explorer 5.01 through 6.0 does not properly handle object tags returned from a Web server during XML data binding, which allows remote attackers to execute arbitrary code via an HTML e-mail message or web page.
Max CVSS
7.5
EPSS Score
94.30%
Published
2003-11-17
Updated
2021-07-23
Stack-based buffer overflow in webfs before 1.20 allows attackers to execute arbitrary code by creating directories that result in a long pathname.
Max CVSS
7.5
EPSS Score
0.97%
Published
2003-11-17
Updated
2008-09-10
Multiple buffer overflows in asf_http_request of MPlayer before 0.92 allows remote attackers to execute arbitrary code via an ASX header with a long hostname.
Max CVSS
7.5
EPSS Score
13.28%
Published
2003-11-17
Updated
2016-10-18
Stack-based buffer overflow in IBM DB2 Universal Data Base 7.2 before Fixpak 10 and 10a, and 8.1 before Fixpak 2, allows attackers with "Connect" privileges to execute arbitrary code via a LOAD command.
Max CVSS
7.5
EPSS Score
0.52%
Published
2003-11-17
Updated
2022-08-16
Stack-based buffer overflow in IBM DB2 Universal Data Base 7.2 for Windows, before Fixpak 10a, allows attackers with "Connect" privileges to execute arbitrary code via the INVOKE command.
Max CVSS
7.5
EPSS Score
0.77%
Published
2003-11-17
Updated
2017-07-11
93 vulnerabilities found
1 2 3 4
This web site uses cookies for managing your session, storing preferences, website analytics and additional purposes described in our privacy policy.
By using this web site you are agreeing to CVEdetails.com terms of use!