| CVE |
Vendors |
Products |
Updated |
CVSS v3.1 |
| Internet Explorer 5.5 and earlier does not properly validate digital certificates when Certificate Revocation List (CRL) checking is enabled, which could allow remote attackers to spoof trusted web sites, aka the "Server certificate validation vulnerability." |
| Internet Explorer 5.5 and earlier allows remote attackers to display a URL in the address bar that is different than the URL that is actually being displayed, which could be used in web site spoofing attacks, aka the "Web page spoofing vulnerability." |
| Microsoft Windows 2000 telnet service allows a local user to make a certain system call that allows the user to terminate a Telnet session and cause a denial of service. |
| Microsoft Windows 2000 telnet service creates named pipes with predictable names and does not properly verify them, which allows local users to execute arbitrary commands by creating a named pipe with the predictable name and associating a malicious program with it, the second of two variants of this vulnerability. |
| Buffer overflow in the line printer daemon (in.lpd) for Solaris 8 and earlier allows local and remote attackers to gain root privileges via a "transfer job" routine. |
| TheNet CheckBO 1.56 allows remote attackers to cause a denial of service via a flood of characters to the TCP ports which it is listening on. |
| Novell Groupwise 5.5 (sp1 and sp2) allows a remote user to access arbitrary files via an implementation error in Groupwise system policies. |
| FormMail.pl in FormMail 1.6 and earlier allows a remote attacker to send anonymous email (spam) by modifying the recipient and message parameters. |
| Buffer overflows in Sierra Half-Life build 1573 and earlier allow remote attackers to execute arbitrary code via (1) a long map command, (2) a long exec command, or (3) long input in a configuration file. |
| Format string vulnerability in Sierra Half-Life build 1573 and earlier allows a remote attacker to execute arbitrary code via the map command. |
| Directory traversal vulnerability in help.cgi in Ikonboard 2.1.7b and earlier allows a remote attacker to read arbitrary files via a .. (dot dot) attack in the helpon parameter. |
| The HTTP server in Compaq web-enabled management software for (1) Foundation Agents, (2) Survey, (3) Power Manager, (4) Availability Agents, (5) Intelligent Cluster Administrator, and (6) Insight Manager can be used as a generic proxy server, which allows remote attackers to bypass access restrictions via the management port, 2301. |
| Cisco PIX Firewall 515 and 520 with 5.1.4 OS running aaa authentication to a TACACS+ server allows remote attackers to cause a denial of service via a large number of authentication requests. |
| ipfw in FreeBSD does not properly handle the use of "me" in its rules when point to point interfaces are used, which causes ipfw to allow connections from arbitrary remote hosts. |
| Cross-site scripting vulnerability in TDForum 1.2 CGI script (tdforum12.cgi) allows remote attackers to execute arbitrary script on other clients via a forum message that contains the script. |
| Directory traversal vulnerability in ACI 4d webserver allows remote attackers to read arbitrary files via a .. (dot dot) or drive letter (e.g., C:) in an HTTP request. |
| Surf-Net ASP Forum before 2.30 uses easily guessable cookies based on the UserID, which allows remote attackers to gain administrative privileges by calculating the value of the admin cookie (UserID 1), i.e. "0888888." |
| BSCW groupware system 3.3 through 4.0.2 beta allows remote attackers to read or modify arbitrary files by uploading and extracting a tar file with a symlink into the data-bag space. |
| Format string vulnerabilities in Oracle Internet Directory Server (LDAP) 2.1.1.x and 3.0.1 allow remote attackers to execute arbitrary code, as demonstrated by the PROTOS LDAPv3 test suite. |
| Buffer overflow vulnerabilities in Oracle Internet Directory Server (LDAP) 2.1.1.x and 3.0.1 allow remote attackers to execute arbitrary code, as demonstrated by the PROTOS LDAPv3 test suite. |