Unknown vulnerability in patches 108993-14 through 108993-19 and 108994-14 through 108994-19 for Solaris 8 may allow local users to cause a denial of service (automountd crash).
Max CVSS
2.1
EPSS Score
0.04%
Published
2003-07-23
Updated
2018-10-30
Solaris 8 with IPv6 enabled allows remote attackers to cause a denial of service (kernel panic) via a crafted IPv6 packet.
Max CVSS
5.0
EPSS Score
1.55%
Published
2003-07-23
Updated
2018-10-30
Buffer overflow in the nss_ldap.so.1 library for Sun Solaris 8 and 9 may allow local users to gain root access via a long hostname in an LDAP lookup.
Max CVSS
7.2
EPSS Score
0.04%
Published
2003-07-03
Updated
2018-10-30
Integer signedness error in the Linux Socket Filter implementation (filter.c) in Linux 2.4.3-pre3 to 2.4.22-pre10 allows attackers to cause a denial of service (crash).
Max CVSS
2.1
EPSS Score
0.06%
Published
2003-07-25
Updated
2008-09-10
Portmon 1.7 and possibly earlier versions allows local users to read and write arbitrary files via the (1) -c (host file) or (2) -l (log file) command line options.
Max CVSS
3.6
EPSS Score
0.04%
Published
2003-07-24
Updated
2016-10-18
The Custom HTTP Errors capability in Internet Explorer 5.01, 5.5 and 6.0 allows remote attackers to execute script in the Local Zone via an argument to shdocvw.dll that causes a "javascript:" link to be generated.
Max CVSS
5.1
EPSS Score
5.93%
Published
2003-07-24
Updated
2021-07-23
Cross-site scripting (XSS) in Internet Explorer 5.5 and 6.0, possibly in a component that is also used by other Microsoft products, allows remote attackers to insert arbitrary web script via an XML file that contains a parse error, which inserts the script in the resulting error message.
Max CVSS
4.3
EPSS Score
2.18%
Published
2003-07-24
Updated
2021-07-23
Buffer overflow in webfs before 1.17.1 allows remote attackers to execute arbitrary code via an HTTP request with a long Request-URI.
Max CVSS
7.5
EPSS Score
0.40%
Published
2003-07-24
Updated
2008-09-05
Cross-site scripting (XSS) vulnerability in the transparent SID support capability for PHP before 4.3.2 (session.use_trans_sid) allows remote attackers to insert arbitrary script via the PHPSESSID parameter.
Max CVSS
4.3
EPSS Score
1.97%
Published
2003-07-24
Updated
2018-05-03
eldav WebDAV client for Emacs, version 0.7.2 and earlier, allows local users to create or overwrite arbitrary files via a symlink attack on temporary files.
Max CVSS
1.2
EPSS Score
0.04%
Published
2003-07-24
Updated
2008-09-05
Buffer overflow in search.cgi for mnoGoSearch 3.2.10 allows remote attackers to execute arbitrary code via a long tmplt parameter.
Max CVSS
7.5
EPSS Score
1.84%
Published
2003-07-24
Updated
2008-09-10
Buffer overflow in search.cgi for mnoGoSearch 3.1.20 allows remote attackers to execute arbitrary code via a long ul parameter.
Max CVSS
7.5
EPSS Score
1.84%
Published
2003-07-24
Updated
2008-09-10
Buffer overflow in net_swapscore for typespeed 0.4.1 and earlier allows remote attackers to execute arbitrary code.
Max CVSS
7.5
EPSS Score
2.59%
Published
2003-07-24
Updated
2016-10-18
Various PDF viewers including (1) Adobe Acrobat 5.06 and (2) Xpdf 1.01 allow remote attackers to execute arbitrary commands via shell metacharacters in an embedded hyperlink.
Max CVSS
7.5
EPSS Score
5.07%
Published
2003-07-24
Updated
2017-10-11
Multiple buffer overflows in gnocatan 0.6.1 and earlier allow attackers to execute arbitrary code.
Max CVSS
7.5
EPSS Score
0.31%
Published
2003-07-24
Updated
2008-09-05
Ethereal 0.9.12 and earlier does not handle certain strings properly, with unknown consequences, in the (1) BGP, (2) WTP, (3) DNS, (4) 802.11, (5) ISAKMP, (6) WSP, (7) CLNP, (8) ISIS, and (9) RMI dissectors.
Max CVSS
10.0
EPSS Score
0.34%
Published
2003-07-24
Updated
2017-10-11
The tvb_get_nstringz0 function in Ethereal 0.9.12 and earlier does not properly handle a zero-length buffer size, with unknown consequences.
Max CVSS
10.0
EPSS Score
0.34%
Published
2003-07-24
Updated
2017-10-11
The SPNEGO dissector in Ethereal 0.9.12 and earlier allows remote attackers to cause a denial of service (crash) via an invalid ASN.1 value.
Max CVSS
5.0
EPSS Score
0.65%
Published
2003-07-24
Updated
2017-10-11
The OSI dissector in Ethereal 0.9.12 and earlier allows remote attackers to cause a denial of service and possibly execute arbitrary code via invalid IPv4 or IPv6 prefix lengths, possibly triggering a buffer overflow.
Max CVSS
7.5
EPSS Score
2.93%
Published
2003-07-24
Updated
2017-10-11
Unknown vulnerability in the DCERPC (DCE/RPC) dissector in Ethereal 0.9.12 and earlier allows remote attackers to cause a denial of service (memory consumption) via a certain NDR string.
Max CVSS
5.0
EPSS Score
1.63%
Published
2003-07-24
Updated
2017-10-11
Buffer overflow in mikmod 3.1.6 and earlier allows remote attackers to execute arbitrary code via an archive file that contains a file with a long filename.
Max CVSS
7.5
EPSS Score
4.82%
Published
2003-07-24
Updated
2017-10-11
SMC Networks Barricade Wireless Cable/DSL Broadband Router SMC7004VWBR allows remote attackers to cause a denial of service via certain packets to PPTP port 1723 on the internal interface.
Max CVSS
5.0
EPSS Score
0.25%
Published
2003-07-24
Updated
2008-09-05
The Linux 2.0 kernel IP stack does not properly calculate the size of an ICMP citation, which causes it to include portions of unauthorized memory in ICMP error responses.
Max CVSS
5.0
EPSS Score
0.25%
Published
2003-07-24
Updated
2016-10-18
Vignette StoryServer 4 and 5, Vignette V/5, and possibly other versions allows remote attackers to perform unauthorized SELECT queries by setting the vgn_creds cookie to an arbitrary value and directly accessing the save template.
Max CVSS
6.4
EPSS Score
0.38%
Published
2003-07-02
Updated
2016-10-18
Vignette StoryServer 4 and 5, and Vignette V/5 and V/6, with the SSI EXEC feature enabled, allows remote attackers to execute arbitrary code via a text variable to a Vignette Application that is later displayed.
Max CVSS
7.5
EPSS Score
1.79%
Published
2003-07-02
Updated
2016-10-18
48 vulnerabilities found
1 2
This web site uses cookies for managing your session, storing preferences, website analytics and additional purposes described in our privacy policy.
By using this web site you are agreeing to CVEdetails.com terms of use!