) or https:// means you've safely connected to the .gov website. Share sensitive information only on official, secure websites.
Search Results (Refine Search)
- Keyword (text search): virtual
| Vuln ID | Summary | CVSS Severity |
|---|---|---|
| CVE-2000-0025 |
IIS 4.0 and Site Server 3.0 allow remote attackers to read source code for ASP files if the file is in a virtual directory whose name includes extensions such as .com, .exe, .sh, .cgi, or .dll, aka the "Virtual Directory Naming" vulnerability. Published: December 21, 1999; 12:00:00 AM -0500 |
V4.0:(not available) V3.x:(not available) V2.0: 5.0 MEDIUM |
| CVE-1999-1530 |
cgiwrap as used on Cobalt RaQ 2.0 and RaQ 3i does not properly identify the user for running certain scripts, which allows a malicious site administrator to view or modify data located at another virtual site on the same system. Published: November 08, 1999; 12:00:00 AM -0500 |
V4.0:(not available) V3.x:(not available) V2.0: 3.6 LOW |
| CVE-1999-0766 |
The Microsoft Java Virtual Machine allows a malicious Java applet to execute arbitrary commands outside of the sandbox environment. Published: October 21, 1999; 12:00:00 AM -0400 |
V4.0:(not available) V3.x:(not available) V2.0: 9.3 HIGH |
| CVE-2000-0327 |
Microsoft Virtual Machine (VM) allows remote attackers to escape the Java sandbox and execute commands via an applet containing an illegal cast operation, aka the "Virtual Machine Verifier" vulnerability. Published: October 21, 1999; 12:00:00 AM -0400 |
V4.0:(not available) V3.x:(not available) V2.0: 7.6 HIGH |
| CVE-1999-1129 |
Cisco Catalyst 2900 Virtual LAN (VLAN) switches allow remote attackers to inject 802.1q frames into another VLAN by forging the VLAN identifier in the trunking tag. Published: September 01, 1999; 12:00:00 AM -0400 |
V4.0:(not available) V3.x:(not available) V2.0: 7.5 HIGH |
| CVE-2000-1206 |
Vulnerability in Apache httpd before 1.3.11, when configured for mass virtual hosting using mod_rewrite, or mod_vhost_alias in Apache 1.3.9, allows remote attackers to retrieve arbitrary files. Published: August 20, 1999; 12:00:00 AM -0400 |
V4.0:(not available) V3.x:(not available) V2.0: 5.0 MEDIUM |
| CVE-1999-1485 |
nsd in IRIX 6.5 through 6.5.2 exports a virtual filesystem on a UDP port, which allows remote attackers to view files and cause a possible denial of service by mounting the nsd virtual file system. Published: May 31, 1999; 12:00:00 AM -0400 |
V4.0:(not available) V3.x:(not available) V2.0: 6.4 MEDIUM |
| CVE-1999-0686 |
Denial of service in Netscape Enterprise Server (NES) in HP Virtual Vault (VVOS) via a long URL. Published: May 07, 1999; 12:00:00 AM -0400 |
V4.0:(not available) V3.x:(not available) V2.0: 5.0 MEDIUM |
| CVE-1999-0440 |
The byte code verifier component of the Java Virtual Machine (JVM) allows remote execution through malicious web pages. Published: March 01, 1999; 12:00:00 AM -0500 |
V4.0:(not available) V3.x:(not available) V2.0: 7.5 HIGH |
| CVE-1999-0479 |
Denial of service Netscape Enterprise Server with VirtualVault on HP-UX VVOS systems. Published: March 01, 1999; 12:00:00 AM -0500 |
V4.0:(not available) V3.x:(not available) V2.0: 5.0 MEDIUM |
| CVE-1999-0407 |
By default, IIS 4.0 has a virtual directory /IISADMPWD which contains files that can be used as proxies for brute force password attacks, or to identify valid users on the system. Published: February 09, 1999; 12:00:00 AM -0500 |
V4.0:(not available) V3.x:(not available) V2.0: 10.0 HIGH |
| CVE-1999-0348 |
IIS ASP caching problem releases sensitive information when two virtual servers share the same physical directory. Published: January 27, 1999; 12:00:00 AM -0500 |
V4.0:(not available) V3.x:(not available) V2.0: 5.0 MEDIUM |
| CVE-1999-1276 |
fte-console in the fte package before 0.46b-4.1 does not drop root privileges, which allows local users to gain root access via the virtual console device. Published: December 07, 1998; 12:00:00 AM -0500 |
V4.0:(not available) V3.x:(not available) V2.0: 7.2 HIGH |