Total
12142 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2003-1443 | 1 Kaspersky Lab | 1 Kaspersky Anti-virus | 2024-11-20 | N/A |
| Kaspersky Antivirus (KAV) 4.0.9.0 does not detect viruses in files with MS-DOS device names in their filenames, which allows local users to bypass virus protection, as demonstrated using aux.vbs and aux.com. | ||||
| CVE-2003-1441 | 1 Posadis | 1 Posadis | 2024-11-20 | N/A |
| Posadis 0.50.4 through 0.50.8 allows remote attackers to cause a denial of service (crash) via a DNS message without a question section, which triggers null dereference. | ||||
| CVE-2003-1440 | 1 Burton Computer Corporation | 1 Spamprobe | 2024-11-20 | N/A |
| SpamProbe 0.8a allows remote attackers to cause a denial of service (crash) via HTML e-mail with newline characters within an href tag, which is not properly handled by certain regular expressions. | ||||
| CVE-2003-1425 | 1 Cpanel | 1 Cpanel | 2024-11-20 | N/A |
| guestbook.cgi in cPanel 5.0 allows remote attackers to execute arbitrary commands via the template parameter. | ||||
| CVE-2003-1419 | 1 Netscape | 1 Navigator | 2024-11-20 | N/A |
| Netscape 7.0 allows remote attackers to cause a denial of service (crash) via a web page with an invalid regular expression argument to the JavaScript reformatDate function. | ||||
| CVE-2003-1416 | 1 Bisonftp | 1 Bisonftp Server 4 | 2024-11-20 | N/A |
| BisonFTP Server 4 release 2 allows remote attackers to cause a denial of service (CPU consumption) via a long (1) ls or (2) cwd command. | ||||
| CVE-2003-1405 | 1 Dotbr | 1 Botbr | 2024-11-20 | N/A |
| DotBr 0.1 allows remote attackers to execute arbitrary shell commands via the cmd parameter to (1) exec.php3 or (2) system.php3. | ||||
| CVE-2003-1403 | 1 Dotbr | 1 Botbr | 2024-11-20 | N/A |
| foo.php3 in DotBr 0.1 allows remote attackers to obtain sensitive information via a direct request, which calls the phpinfo function. | ||||
| CVE-2003-1402 | 1 Kietu | 1 Kietu | 2024-11-20 | N/A |
| PHP remote file inclusion vulnerability in hit.php for Kietu 2.0 and 2.3 allows remote attackers to execute arbitrary PHP code via the url_hit parameter, a different vulnerability than CVE-2006-5015. | ||||
| CVE-2003-1365 | 1 Perl | 1 Cgi Lite | 2024-11-20 | N/A |
| The escape_dangerous_chars function in CGI::Lite 2.0 and earlier does not correctly remove special characters including (1) "\" (backslash), (2) "?", (3) "~" (tilde), (4) "^" (carat), (5) newline, or (6) carriage return, which could allow remote attackers to read or write arbitrary files, or execute arbitrary commands, in shell scripts that rely on CGI::Lite to filter such dangerous inputs. | ||||
| CVE-2003-1364 | 1 Aprelium Technologies | 1 Abyss Web Server | 2024-11-20 | N/A |
| Aprelium Technologies Abyss Web Server 1.1.2, and possibly other versions before 1.1.4, allows remote attackers to cause a denial of service (crash) via an HTTP GET message with empty (1) Connection or (2) Range fields. | ||||
| CVE-2003-1350 | 1 List Site Pro | 1 List Site Pro | 2024-11-20 | N/A |
| List Site Pro 2.0 allows remote attackers to hijack user accounts by inserting a "|" (pipe), which is used as a field delimiter, into the bannerurl field. | ||||
| CVE-2003-1209 | 1 Monkey-project | 1 Monkey | 2024-11-20 | N/A |
| The Post_Method function in Monkey HTTP Daemon before 0.6.2 allows remote attackers to cause a denial of service (crash) via a POST request without a Content-Type header. | ||||
| CVE-2003-1025 | 1 Microsoft | 1 Internet Explorer | 2024-11-20 | N/A |
| Internet Explorer 5.01 through 6 SP1 allows remote attackers to spoof the domain of a URL via a "%01" character before an @ sign in the user@domain portion of the URL, which hides the rest of the URL, including the real site, in the address bar, aka the "Improper URL Canonicalization Vulnerability." | ||||
| CVE-2003-1003 | 1 Cisco | 2 Pix Firewall, Pix Firewall Software | 2024-11-20 | N/A |
| Cisco PIX firewall 5.x.x, and 6.3.1 and earlier, allows remote attackers to cause a denial of service (crash and reload) via an SNMPv3 message when snmp-server is set. | ||||
| CVE-2003-0825 | 1 Microsoft | 3 Windows 2000, Windows 2003 Server, Windows Nt | 2024-11-20 | N/A |
| The Windows Internet Naming Service (WINS) for Microsoft Windows Server 2003, and possibly Windows NT and Server 2000, does not properly validate the length of certain packets, which allows attackers to cause a denial of service and possibly execute arbitrary code. | ||||
| CVE-2003-0795 | 4 Gnu, Quagga, Redhat and 1 more | 5 Zebra, Quagga, Enterprise Linux and 2 more | 2024-11-20 | N/A |
| The vty layer in Quagga before 0.96.4, and Zebra 0.93b and earlier, does not verify that sub-negotiation is taking place when processing the SE marker, which allows remote attackers to cause a denial of service (crash) via a malformed telnet command to the telnet CLI port, which may trigger a null dereference. | ||||
| CVE-2003-0567 | 1 Cisco | 3 Ios, Ons 15454 Optical Transport Platform, Optical Networking Systems Software | 2024-11-20 | N/A |
| Cisco IOS 11.x and 12.0 through 12.2 allows remote attackers to cause a denial of service (traffic block) by sending a particular sequence of IPv4 packets to an interface on the device, causing the input queue on that interface to be marked as full. | ||||
| CVE-2003-0368 | 1 Nokia | 1 Ggsn | 2024-11-20 | N/A |
| Nokia Gateway GPRS support node (GGSN) allows remote attackers to cause a denial of service (kernel panic) via a malformed IP packet with a 0xFF TCP option. | ||||
| CVE-2003-0367 | 2 Debian, Gnu | 2 Debian Linux, Gzip | 2024-11-20 | 6.2 Medium |
| znew in the gzip package allows local users to overwrite arbitrary files via a symlink attack on temporary files. | ||||