Memory leak in lofiadm in Solaris 8 allows local users to cause a denial of service (kernel memory consumption).
Max CVSS
2.1
EPSS Score
0.04%
Published
2003-04-28
Updated
2018-10-30
Unknown vulnerability in rpcbind for Solaris 2.6 through 9 allows remote attackers to cause a denial of service (rpcbind crash).
Max CVSS
5.0
EPSS Score
7.91%
Published
2003-04-28
Updated
2018-10-30
mod_access_referer 1.0.2 allows remote attackers to cause a denial of service (crash) via a malformed Referer header that is missing a hostname, as parsed by the ap_parse_uri_components function in Apache, which triggers a null dereference.
Max CVSS
5.0
EPSS Score
3.79%
Published
2003-04-16
Updated
2008-09-05
Buffer overflow in moxftp 2.2 and earlier allows remote malicious FTP servers to execute arbitrary code via a long FTP banner.
Max CVSS
7.5
EPSS Score
1.28%
Published
2003-04-11
Updated
2017-07-11
Buffer overflow gds_lock_mgr of Interbase Database 6.x allows local users to gain privileges via a long ISC_LOCK_ENV environment variable (INTERBASE_LOCK).
Max CVSS
7.2
EPSS Score
0.04%
Published
2003-04-11
Updated
2016-10-18
Lotus Domino Web Server (nhttp.exe) before 6.0.1 allows remote attackers to cause a denial of service via a "Fictionary Value Field POST request" as demonstrated using the s_Validation form with a long, unknown parameter name.
Max CVSS
5.0
EPSS Score
0.69%
Published
2003-04-02
Updated
2017-07-11
Lotus Domino Web Server (nhttp.exe) before 6.0.1 allows remote attackers to cause a denial of service via an incomplete POST request, as demonstrated using the h_PageUI form.
Max CVSS
5.0
EPSS Score
0.90%
Published
2003-04-02
Updated
2017-07-11
Buffer overflow in the COM Object Control Handler for Lotus Domino 6.0.1 and earlier allows remote attackers to execute arbitrary code via multiple attack vectors, as demonstrated using the InitializeUsingNotesUserName method in the iNotes ActiveX control.
Max CVSS
7.5
EPSS Score
4.94%
Published
2003-04-02
Updated
2017-07-11
Multiple buffer overflows in Lotus Domino Web Server before 6.0.1 allow remote attackers to cause a denial of service or execute arbitrary code via (1) the s_ViewName option in the PresetFields parameter for iNotes, (2) the Foldername option in the PresetFields parameter for iNotes, or (3) a long Host header, which is inserted into a long Location header and used during a redirect operation.
Max CVSS
10.0
EPSS Score
91.78%
Published
2003-04-02
Updated
2017-07-11
Buffer overflow in openlog function for PHP 4.3.1 on Windows operating system, and possibly other OSes, allows remote attackers to cause a crash and possibly execute arbitrary code via a long filename argument.
Max CVSS
7.5
EPSS Score
14.35%
Published
2003-04-02
Updated
2017-07-11
hpnst.exe in the GoAhead-Webs webserver for HP Instant TopTools before 5.55 allows remote attackers to cause a denial of service (CPU consumption) via a request to hpnst.exe that calls itself, which causes an infinite loop.
Max CVSS
5.0
EPSS Score
1.36%
Published
2003-04-11
Updated
2016-10-18
Buffer overflow in Apple QuickTime Player 5.x and 6.0 for Windows allows remote attackers to execute arbitrary code via a long QuickTime URL.
Max CVSS
7.5
EPSS Score
13.75%
Published
2003-04-02
Updated
2018-10-19
Multiple off-by-one buffer overflows in the IMAP capability for Mutt 1.3.28 and earlier, and Balsa 1.2.4 and earlier, allow a remote malicious IMAP server to cause a denial of service (crash) and possibly execute arbitrary code via a specially crafted mail folder, a different vulnerability than CVE-2003-0140.
Max CVSS
7.5
EPSS Score
0.67%
Published
2003-04-02
Updated
2008-09-05
Integer signedness error in emalloc() function for PHP before 4.3.2 allow remote attackers to cause a denial of service (memory consumption) and possibly execute arbitrary code via negative arguments to functions such as (1) socket_recv, (2) socket_recvfrom, and possibly other functions.
Max CVSS
7.5
EPSS Score
10.97%
Published
2003-04-02
Updated
2018-10-30
Format string vulnerability in Eye Of Gnome (EOG) allows attackers to execute arbitrary code via format string specifiers in a command line argument for the file to display.
Max CVSS
4.6
EPSS Score
0.14%
Published
2003-04-02
Updated
2017-10-11
Ecartis 1.0.0 (formerly listar) before snapshot 20030227 allows remote attackers to reset passwords of other users and gain privileges by modifying hidden form fields in the HTML page.
Max CVSS
7.5
EPSS Score
1.22%
Published
2003-04-02
Updated
2017-07-11
The prescan() function in the address parser (parseaddr.c) in Sendmail before 8.12.9 does not properly handle certain conversions from char and int types, which can cause a length check to be disabled when Sendmail misinterprets an input value as a special "NOCHAR" control value, allowing attackers to cause a denial of service and possibly execute arbitrary code via a buffer overflow attack using messages, a different vulnerability than CVE-2002-1337.
Max CVSS
10.0
EPSS Score
17.22%
Published
2003-04-02
Updated
2018-10-30
Multiple cross-site scripting (XSS) vulnerabilities in SquirrelMail before 1.2.11 allow remote attackers to inject arbitrary HTML code and steal information from a client's web browser.
Max CVSS
5.8
EPSS Score
0.19%
Published
2003-04-02
Updated
2017-10-11
Heap-based buffer overflow in the NTLMSSP code for Ethereal 0.9.9 and earlier allows remote attackers to cause a denial of service and possibly execute arbitrary code.
Max CVSS
7.5
EPSS Score
2.93%
Published
2003-04-02
Updated
2017-10-11
bonsai Mozilla CVS query tool allows remote attackers to gain access to the parameters page without authentication.
Max CVSS
5.0
EPSS Score
0.66%
Published
2003-04-02
Updated
2008-09-05
Cross-site scripting vulnerabilities (XSS) in bonsai Mozilla CVS query tool allow remote attackers to execute arbitrary web script via (1) the file, root, or rev parameters to cvslog.cgi, (2) the file or root parameters to cvsblame.cgi, (3) various parameters to cvsquery.cgi, (4) the person parameter to showcheckins.cgi, (5) the module parameter to cvsqueryform.cgi, and (6) possibly other attack vectors as identified by Mozilla bug #146244.
Max CVSS
6.8
EPSS Score
1.14%
Published
2003-04-02
Updated
2016-10-18
bonsai Mozilla CVS query tool leaks the absolute pathname of the tool in certain error messages generated by (1) cvslog.cgi, (2) cvsview2.cgi, or (3) multidiff.cgi.
Max CVSS
5.0
EPSS Score
0.89%
Published
2003-04-02
Updated
2017-07-11
Unknown vulnerability in bonsai Mozilla CVS query tool allows remote attackers to execute arbitrary commands as the www-data user.
Max CVSS
7.5
EPSS Score
0.46%
Published
2003-04-02
Updated
2008-09-05
The PNG deflate algorithm in RealOne Player 6.0.11.x and earlier, RealPlayer 8/RealPlayer Plus 8 6.0.9.584, and other versions allows remote attackers to corrupt the heap and overwrite arbitrary memory via a PNG graphic file format containing compressed data using fixed trees that contain the length values 286-287, which are treated as a very large length.
Max CVSS
5.1
EPSS Score
1.22%
Published
2003-04-02
Updated
2016-10-18
vsftpd FTP daemon in Red Hat Linux 9 is not compiled against TCP wrappers (tcp_wrappers) but is installed as a standalone service, which inadvertently prevents vsftpd from restricting access as intended.
Max CVSS
7.5
EPSS Score
0.37%
Published
2003-04-11
Updated
2017-10-11
135 vulnerabilities found
1 2 3 4 5 6
This web site uses cookies for managing your session, storing preferences, website analytics and additional purposes described in our privacy policy.
By using this web site you are agreeing to CVEdetails.com terms of use!