U.S. flag   An official website of the United States government
Dot gov

Official websites use .gov
A .gov website belongs to an official government organization in the United States.

Https

Secure .gov websites use HTTPS
A lock (Dot gov) or https:// means you've safely connected to the .gov website. Share sensitive information only on official, secure websites.

Search Results (Refine Search)

Search Parameters:
There are 168,363 matching records.
Displaying matches 161,261 through 161,280.
Vuln ID Summary CVSS Severity
CVE-2003-0535

Buffer overflow in xbl 1.0k and earlier allows local users to gain privileges via a long -display command line option.

Published: August 18, 2003; 12:00:00 AM -0400
V3.x:(not available)
V2.0: 7.2 HIGH
CVE-2003-0536

Directory traversal vulnerability in phpSysInfo 2.1 and earlier allows attackers with write access to a local directory to read arbitrary files as the PHP user or cause a denial of service via .. (dot dot) sequences in the (1) template or (2) lng parameters.

Published: August 18, 2003; 12:00:00 AM -0400
V3.x:(not available)
V2.0: 3.6 LOW
CVE-2003-0537

The liece Emacs IRC client 2.0+0.20030527 and earlier creates temporary files insecurely, which could allow local users to overwrite arbitrary files as other users.

Published: August 18, 2003; 12:00:00 AM -0400
V3.x:(not available)
V2.0: 4.6 MEDIUM
CVE-2003-0538

The mailcap file for mozart 1.2.5 and earlier causes Oz applications to be passed to the Oz interpreter, which allows remote attackers to execute arbitrary Oz programs in a MIME-aware client program.

Published: August 18, 2003; 12:00:00 AM -0400
V3.x:(not available)
V2.0: 7.5 HIGH
CVE-2003-0539

skk (Simple Kana to Kanji conversion program) 12.1 and earlier, and the ddskk package which is based on skk, creates temporary files insecurely, which allows local users to overwrite arbitrary files.

Published: August 18, 2003; 12:00:00 AM -0400
V3.x:(not available)
V2.0: 4.6 MEDIUM
CVE-2003-0553

Buffer overflow in the Client Detection Tool (CDT) plugin (npcdt.dll) for Netscape 7.02 allows remote attackers to execute arbitrary code via an attachment with a long filename.

Published: August 18, 2003; 12:00:00 AM -0400
V3.x:(not available)
V2.0: 7.5 HIGH
CVE-2003-0554

NeoModus Direct Connect 1.0 build 9, and possibly other versions, allows remote attackers to cause a denial of service (connection and possibly memory exhaustion) via a flood of ConnectToMe requests containing arbitrary IP addresses and ports.

Published: August 18, 2003; 12:00:00 AM -0400
V3.x:(not available)
V2.0: 5.0 MEDIUM
CVE-2003-0555

ImageMagick 5.4.3.x and earlier allows attackers to cause a denial of service (crash) and possibly execute arbitrary code via a "%x" filename, possibly triggering a format string vulnerability.

Published: August 18, 2003; 12:00:00 AM -0400
V3.x:(not available)
V2.0: 7.5 HIGH
CVE-2003-0556

Polycom MGC 25 allows remote attackers to cause a denial of service (crash) via a large number of "user" requests to the control port 5003, as demonstrated using the blast TCP stress tester.

Published: August 18, 2003; 12:00:00 AM -0400
V3.x:(not available)
V2.0: 5.0 MEDIUM
CVE-2003-0557

SQL injection vulnerability in login.asp for StoreFront 6.0, and possibly earlier versions, allows remote attackers to obtain sensitive user information via SQL statements in the password field.

Published: August 18, 2003; 12:00:00 AM -0400
V3.x:(not available)
V2.0: 7.5 HIGH
CVE-2003-0558

Buffer overflow in LeapFTP 2.7.3.600 allows remote FTP servers to execute arbitrary code via a long IP address response to a PASV request.

Published: August 18, 2003; 12:00:00 AM -0400
V3.x:(not available)
V2.0: 7.5 HIGH
CVE-2003-0559

mainfile.php in phpforum 2 RC-1, and possibly earlier versions, allows remote attackers to execute arbitrary PHP code by modifying the MAIN_PATH parameter to reference a URL on a remote web server that contains the code.

Published: August 18, 2003; 12:00:00 AM -0400
V3.x:(not available)
V2.0: 7.5 HIGH
CVE-2003-0560

SQL injection vulnerability in shopexd.asp for VP-ASP allows remote attackers to gain administrator privileges via the id parameter.

Published: August 18, 2003; 12:00:00 AM -0400
V3.x:(not available)
V2.0: 10.0 HIGH
CVE-2003-0561

Multiple buffer overflows in IglooFTP PRO 3.8 allow remote FTP servers to execute arbitrary code via (1) a long FTP banner, or long responses to the client commands (2) USER, (3) PASS, (4) ACCT, and possibly other commands.

Published: August 18, 2003; 12:00:00 AM -0400
V3.x:(not available)
V2.0: 7.5 HIGH
CVE-2003-0567

Cisco IOS 11.x and 12.0 through 12.2 allows remote attackers to cause a denial of service (traffic block) by sending a particular sequence of IPv4 packets to an interface on the device, causing the input queue on that interface to be marked as full.

Published: August 18, 2003; 12:00:00 AM -0400
V3.x:(not available)
V2.0: 7.8 HIGH
CVE-2003-0572

Unknown vulnerability in nsd in SGI IRIX 6.5.x through 6.5.20f, and possibly earlier versions, allows attackers to cause a denial of service (memory consumption).

Published: August 18, 2003; 12:00:00 AM -0400
V3.x:(not available)
V2.0: 5.0 MEDIUM
CVE-2003-0573

The DNS callbacks in nsd in SGI IRIX 6.5.x through 6.5.20f, and possibly earlier versions, do not perform sufficient sanity checking, with unknown impact.

Published: August 18, 2003; 12:00:00 AM -0400
V3.x:(not available)
V2.0: 5.0 MEDIUM
CVE-2003-0574

Unknown vulnerability in SGI IRIX 6.5.x through 6.5.20, and possibly earlier versions, allows local users to cause a core dump in scheme and possibly gain privileges via certain environment variables, a different vulnerability than CVE-2001-0797 and CVE-1999-0028.

Published: August 18, 2003; 12:00:00 AM -0400
V3.x:(not available)
V2.0: 7.2 HIGH
CVE-2003-0577

mpg123 0.59r allows remote attackers to cause a denial of service and possibly execute arbitrary code via an MP3 file with a zero bitrate, which creates a negative frame size.

Published: August 18, 2003; 12:00:00 AM -0400
V3.x:(not available)
V2.0: 7.5 HIGH
CVE-2003-0578

cci_dir in IBM U2 UniVerse 10.0.0.9 and earlier creates hard links and unlinks files as root, which allows local users to gain privileges by deleting and overwriting arbitrary files.

Published: August 18, 2003; 12:00:00 AM -0400
V3.x:(not available)
V2.0: 4.6 MEDIUM