National Vulnerability Database

National Vulnerability Database

National Vulnerability
Database

Search Results (Refine Search)

There are 127,488 matching records.
Displaying matches 126281 through 126300.
Vuln ID Summary CVSS Severity
CVE-1999-0704

Buffer overflow in Berkeley automounter daemon (amd) logging facility provided in the Linux am-utils package and others.

Published: September 16, 1999; 12:00:00 AM -04:00
    V2: 9.3 HIGH
CVE-1999-0890

iHTML Merchant allows remote attackers to obtain sensitive information or execute commands via a code parsing error.

Published: September 16, 1999; 12:00:00 AM -04:00
    V2: 7.5 HIGH
CVE-1999-0907

sccw allows local users to read arbitrary files.

Published: September 16, 1999; 12:00:00 AM -04:00
    V2: 2.1 LOW
CVE-1999-0953

WWWBoard stores encrypted passwords in a password file that is under the web root and thus accessible by remote attackers.

Published: September 16, 1999; 12:00:00 AM -04:00
    V2: 10.0 HIGH
CVE-1999-0954

WWWBoard has a default username and default password.

Published: September 16, 1999; 12:00:00 AM -04:00
    V2: 7.5 HIGH
CVE-1999-0817

Lynx WWW client allows a remote attacker to specify command-line parameters which Lynx uses when calling external programs to handle certain protocols, e.g. telnet.

Published: September 15, 1999; 12:00:00 AM -04:00
    V2: 10.0 HIGH
CVE-1999-0687

The ToolTalk ttsession daemon uses weak RPC authentication, which allows a remote attacker to execute commands.

Published: September 13, 1999; 12:00:00 AM -04:00
    V2: 7.5 HIGH
CVE-1999-0689

The CDE dtspcd daemon allows local users to execute arbitrary commands via a symlink attack.

Published: September 13, 1999; 12:00:00 AM -04:00
    V2: 7.2 HIGH
CVE-1999-0691

Buffer overflow in the AddSuLog function of the CDE dtaction utility allows local users to gain root privileges via a long user name.

Published: September 13, 1999; 12:00:00 AM -04:00
    V2: 7.2 HIGH
CVE-1999-0750

Hotmail allows Javascript to be executed via the HTML STYLE tag, allowing remote attackers to execute commands on the user's Hotmail account.

Published: September 13, 1999; 12:00:00 AM -04:00
    V2: 5.1 MEDIUM
CVE-1999-0751

Buffer overflow in Accept command in Netscape Enterprise Server 3.6 with the SSL Handshake Patch.

Published: September 13, 1999; 12:00:00 AM -04:00
    V2: 5.0 MEDIUM
CVE-1999-0759

Buffer overflow in FuseMAIL POP service via long USER and PASS commands.

Published: September 13, 1999; 12:00:00 AM -04:00
    V2: 10.0 HIGH
CVE-1999-1014

Buffer overflow in mail command in Solaris 2.7 and 2.7 allows local users to gain privileges via a long -m argument.

Published: September 13, 1999; 12:00:00 AM -04:00
    V2: 4.6 MEDIUM
CVE-1999-1053

guestbook.pl cleanses user-inserted SSI commands by removing text between "<!--" and "-->" separators, which allows remote attackers to execute arbitrary commands when guestbook.pl is run on Apache 1.3.9 and possibly other versions, since Apache allows other closing sequences besides "-->".

Published: September 13, 1999; 12:00:00 AM -04:00
    V2: 7.5 HIGH
CVE-1999-1521

Computalynx CMail 2.4 and CMail 2.3 SP2 SMTP servers are vulnerable to a buffer overflow attack in the MAIL FROM command that may allow a remote attacker to execute arbitrary code on the server.

Published: September 12, 1999; 12:00:00 AM -04:00
    V2: 10.0 HIGH
CVE-1999-0702

Internet Explorer 5.0 and 5.01 allows remote attackers to modify or execute files via the Import/Export Favorites feature, aka the "ImportExportFavorites" vulnerability.

Published: September 10, 1999; 12:00:00 AM -04:00
    V2: 10.0 HIGH
CVE-1999-0910

Microsoft Site Server and Commercial Internet System (MCIS) do not set an expiration for a cookie, which could then be cached by a proxy and inadvertently used by a different user.

Published: September 10, 1999; 12:00:00 AM -04:00
    V2: 5.0 MEDIUM
CVE-1999-1575

The Kodak/Wang (1) Image Edit (imgedit.ocx), (2) Image Annotation (imgedit.ocx), (3) Image Scan (imgscan.ocx), (4) Thumbnail Image (imgthumb.ocx), (5) Image Admin (imgadmin.ocx), (6) HHOpen (hhopen.ocx), (7) Registration Wizard (regwizc.dll), and (8) IE Active Setup (setupctl.dll) ActiveX controls for Internet Explorer (IE) 4.01 and 5.0 are marked as "Safe for Scripting," which allows remote attackers to create and modify files and execute arbitrary commands.

Published: September 10, 1999; 12:00:00 AM -04:00
    V2: 5.1 MEDIUM
CVE-1999-0697

SCO Doctor allows local users to gain root privileges through a Tools option.

Published: September 09, 1999; 12:00:00 AM -04:00
    V2: 7.2 HIGH
CVE-1999-1377

Matt Wright's download.cgi 1.0 allows remote attackers to read arbitrary files via a .. (dot dot) in the f parameter.

Published: September 09, 1999; 12:00:00 AM -04:00
    V2: 5.0 MEDIUM