Vulnerability Index: Year 2003

Etherleak: Exploiting Unpadded Frames in Multiple Ethernet NIC Device Drivers Arbitrary Script Execution via REASONTXT Parameter in MCMS 2001 ManualLogin.asp Script Buffer Overflow Vulnerability in RPC Locator Service for Windows NT 4.0, Windows 2000, and Windows XP Windows XP Buffer Overflow Vulnerability Outlook 2002 Vulnerability: Information Disclosure via V1 Exchange Server Security Certificates Arbitrary Script Execution in Microsoft Windows Me Help and Support Center Integer Overflow in JsArrayFunctionHeapSort Function in JScript.dll Enables Remote Code Execution Denial of Service Vulnerability in ISA Server 2000 DNS Intrusion Detection Application Filter World-writable permissions vulnerability in Bugzilla data collection script Backup File Disclosure Vulnerability in Bugzilla Arbitrary File Overwrite Vulnerability in gsinterf.c Double-Free Vulnerability in CVS 1.11.4 and Earlier: Remote Code Execution and Denial of Service Apache Denial of Service and Arbitrary Code Execution Vulnerability Apache 2.0 Windows Platform File Disclosure Vulnerability Vulnerability: O_DIRECT Feature in Linux Kernel Allows Unauthorized File Access and File System Corruption Incorrect setuid root privileges in uml_net in the kernel-utils package for Red Hat Linux 8.0 Apache Error Log Escape Sequence Injection Vulnerability Arbitrary File Overwrite Vulnerability in Eterm 0.9.1 and Earlier Arbitrary File Overwrite Vulnerability in rxvt 2.7.8 via screen dump Feature Arbitrary Command Execution Vulnerability in rxvt 2.7.8's menuBar Feature aterm 0.42 MenuBar Command Injection Vulnerability SQL Injection Vulnerabilities in IMP 2.2.8 and Earlier: Unauthorized Database Activities and Privilege Escalation Stack-based buffer overflows in minires library allow remote code execution in ISC DHCPD 3.0 through 3.0.1RC10 KCMS Directory Traversal Vulnerability Integer Overflow in XDR Libraries Allows Remote Code Execution Buffer Overflow Vulnerabilities in Protegrity Secure.Data Extension Feature (SEF) before 2.2.3.9 Buffer Overflow Vulnerabilities in libmcrypt 2.5.5 and Earlier: Denial of Service (Crash) Memory Exhaustion Vulnerability in libmcrypt before 2.5.5 Buffer Overflow Vulnerability in Snort RPC Preprocessor Buffer Overflow in mtink Status Monitor Allows Arbitrary Code Execution Buffer Overflow Vulnerability in escputil Allows Arbitrary Code Execution Arbitrary File Overwrite Vulnerability in ml85p Printer Drivers for Mandrake Linux Buffer Overflow Vulnerability in Noffle News Server 1.0.1 and Earlier Mailman 2.1 options.py Cross-Site Scripting (XSS) Vulnerability Denial of Service Vulnerability in ISC dhcrelay PostgreSQL Auth Module SQL Injection Vulnerability in Courier 0.40 and Earlier Arbitrary Code Execution Vulnerability in Kerberos FTP Client Directory Listing and Source Code Disclosure Vulnerability in Jakarta Tomcat Privilege Escalation through Jakarta Tomcat Web.xml File Processing Cross-Site Scripting (XSS) Vulnerabilities in Jakarta Tomcat 3.x through 3.3.1a Denial of Service Vulnerability in Jakarta Tomcat on Windows Systems Insecure Memory Handling in AbsoluteTelnet SSH2 Client: Risk of SSH Credential Theft Insecure Storage of SSH Credentials in VanDyke SSH2 Clients Vulnerability: PuTTY 0.53b and Earlier Retains Logon Credentials in Memory AFP Vulnerability: Unauthorized User Access via Administrator Password Arbitrary Code Execution in parse_xml.cgi in Apple Darwin Streaming Administration Server 4.1.2 and QuickTime Streaming Server 4.1.1 Information Disclosure Vulnerability in parse_xml.cgi Arbitrary Directory Listing Vulnerability in parse_xml.cgi Arbitrary Script Injection via Filename Parameter in Apple Darwin Streaming Administration Server and QuickTime Streaming Server Remote Code Execution via Log File in Apple Darwin Streaming Administration Server 4.1.2 and QuickTime Streaming Server 4.1.1 Buffer Overflow in Apple Darwin Streaming Administration Server and QuickTime Streaming Server Buffer Overflow Vulnerability in slocate 2.7 Allows Arbitrary Code Execution Multiple Buffer Overflows in Hypermail 2 before 2.1.6: Remote Code Execution and Denial of Service Vulnerabilities Denial of Service Vulnerability in MIT Kerberos V5 Key Distribution Center (KDC) Impersonation Vulnerability in libkrb5 Library for MIT Kerberos V5 Format String Vulnerability in MIT Kerberos V5 Key Distribution Center (KDC) Logging Routines Buffer Overflow in passwd for HP UX B.10.20: Local Privilege Escalation via LANG Environment Variable Buffer Overflow Vulnerability in Eset Software NOD32 for UNIX Allows Arbitrary Code Execution Arbitrary Command Execution via Window Title Modification in xterm Terminal Emulator Title: Window Title Manipulation Vulnerability in dtterm Terminal Emulator Title: Arbitrary Command Execution Vulnerability in uxterm Terminal Emulator Command Injection via Window Title Modification in rxvt Terminal Emulator Title: Arbitrary Command Execution Vulnerability in aterm Terminal Emulator 0.42 Arbitrary Command Execution via Window Title Modification in Eterm Terminal Emulator PuTTY Terminal Emulator 0.53 Window Title Modification Vulnerability Arbitrary Command Execution via Window Title Modification in VTE Denial of Service Vulnerability in DEC UDK Processing Feature of Xterm Terminal Emulator Kerberos 5 Key Distribution Center (KDC) Denial of Service Vulnerability Double-Free Vulnerability in MySQL Server Allows Denial of Service via mysql_change_user Format String Vulnerability in plpnfsd of plptools Package Arbitrary Code Execution Vulnerability in BladeEnc 0.94.2 and Earlier Directory Traversal Vulnerability in Direct Connect 4 Linux (dcgui) before 0.2.2 Title: Arbitrary Command Execution Vulnerability in hanterm Terminal Emulator Vaudenay Timing Attack: Information Leakage in OpenSSL's ssl3_get_record Denial of Service Vulnerability in hanterm Terminal Emulator Missing FORWARD Rules in Gnome-lokkit iptables Configuration in Red Hat Linux 8.0 Format String Vulnerability in SOCKS Dissector of Ethereal 0.8.7 - 0.9.9 Kerberos 5 Key Distribution Center (KDC) Denial of Service Vulnerability Apache Access Log Escape Sequence Vulnerability Arbitrary Command Execution Vulnerability in mod_auth_any Package Remote Code Execution Vulnerability in Samba SMB/CIFS Packet Fragment Re-assembly Code Race Condition Vulnerability in Samba Allows Local Users to Overwrite Arbitrary Files Buffer Overflow Vulnerability in libIM Library on AIX Arbitrary File Overwrite and Root Privilege Escalation Vulnerability in TruBlueEnvironment for MacOS 10.2.3 and Earlier Buffer Overflow in HP-UX Software Distributor Utilities Root Privilege Escalation via Stack-based Buffer Overflow in bsd_queue() Function on Solaris 2.6 and 7 Heap-based Buffer Overflow in dtsession for Solaris: Local Privilege Escalation via HOME Environment Variable Denial of Service Vulnerability in RADIUS Decoder of tcpdump 3.6.2 and Earlier Insecure Entropy Source in mcookie Patch for Mandrake Linux Buffer Overflow Vulnerability in ORACLE.EXE for Oracle Database Server 9i, 8i, 8.1.7, and 8.0.6 Buffer Overflow Vulnerabilities in Oracle Database 9i, 8i, and 8.0.6 Arbitrary File Access and Potential Code Execution Vulnerability in PHP 4.3.0 CGI Module Remote Code Execution Vulnerability in apcupsd before 3.8.6 and 3.10.x before 3.10.5 Buffer Overflow Vulnerabilities in apcupsd: Denial of Service and Arbitrary Code Execution Cisco IOS Buffer Overflow Vulnerability in OSPF Neighbor Announcements CRLF Injection Vulnerability in Webmin and Usermin Buffer Overflow in tryelf() in readelf.c of the file command Nokia 6210 Handset Format String Vulnerability Arbitrary File Overwrite Vulnerability in PeopleTools SchedulerTransfer Servlet ServerMask 2.2 and earlier reveals IIS server identity in HTTP responses Bypassing Pattern Matching in Symantec Enterprise Firewall (SEF) 7.0 HTTP Proxy Buffer Overflow Vulnerability in zlib 1.1.4's gzprintf Function Denial of Service Vulnerability in tcpdump 3.6 through 3.7.1 via Malformed ISAKMP Packet Remote Code Execution Vulnerability in ntdll.dll via WebDAV Request in IIS 5.0 Denial of Service Vulnerability in Microsoft Proxy Server 2.0 and ISA Server 2000 Flaw in Microsoft VM Allows Arbitrary Code Execution via Java Applet Windows Kernel Buffer Overflow Vulnerability Allows Privilege Escalation via Debugger Buffer Overflow in URLMON.DLL in Microsoft Internet Explorer 5.01, 5.5, and 6.0 via Long Values in Content-Type and Content-Encoding Fields Automatic File Upload Vulnerability in Microsoft Internet Explorer 5.01, 5.5, and 6.0 Third Party Plugin Rendering Vulnerability in Microsoft Internet Explorer 5.01, 5.5, and 6.0 Modal Dialog Script Execution Vulnerability in Microsoft Internet Explorer 5.01, 5.5, and 6.0 Buffer Overflow Vulnerability in Microsoft BizTalk Server 2002 HTTP Receiver Function SQL Injection Vulnerability in Microsoft BizTalk Server 2000 and 2002 Document Tracking and Administration (DTA) Website Remote Code Execution Vulnerability in secldapclntd Daemon Symlink Attack Vulnerability in adb2mhc Package Bypassing Attachment Detection in Clearswift MAILsweeper 4.x Buffer Overflow in Notes Server Allows Remote Code Execution Buffer Overflow Vulnerability in Lotus Notes/Domino Web Retriever Client Arbitrary Code Execution Vulnerability in man before 1.5l Buffer Overflow Vulnerability in SOHO Routefinder 550 Web Interface Default admin Account with Blank Password in SOHO Routefinder 550 Firmware 4.63 and Earlier Privilege Escalation via Kernel Module Loader in Linux Kernel Remote Code Execution via UUE Header in Ximian Evolution Mail User Agent 1.2.2 and Earlier Denial of Service Vulnerability in Ximian Evolution Mail User Agent 1.2.2 and Earlier Arbitrary Data Injection via MIME Content-ID Header in Ximian Evolution Mail User Agent The Klima-Pokorny-Rosa Attack Apache 2.0 through 2.0.44 Memory Leak Vulnerability Denial of Service Vulnerability in GtkHTML Apache OS2 Filestat.c Denial of Service Vulnerability vsftpd FTP daemon in Red Hat Linux 9: Vulnerability in TCP Wrappers Integration Local Privilege Escalation via Symbolic Link Attack in psbanner Arbitrary Community String Vulnerability in Nokia SGSN SNMP Daemon Kerberos Protocol Version 4 Chosen-Plaintext Attack Vulnerability Kerberos Protocol Version 4 Vulnerability: Unauthorized Ticket Creation via Cut-and-Paste Attack and Ticket Splicing Remote Code Execution Vulnerability in Mutt and Related Programs Heap Corruption Vulnerability in RealOne Player and RealPlayer Vulnerability: Unauthorized Execution of Untrusted Plug-ins in Adobe Acrobat Reader 6 Buffer Overflow Vulnerability in qpopper 4.0.x Buffer Overflow in lprm Command in lpr Package Denial of Service Vulnerability in tcpdump before 3.7.2 due to Improper Handling of Unknown RADIUS Attributes NetPBM Multiple Vulnerabilities: Remote Code Execution and Denial of Service Timing-based Side Channel Attack on RSA Blinding in OpenSSL Arbitrary Code Execution Vulnerability in Default MSDE Installation via McAfee ePolicy Orchestrator Remote Code Execution Vulnerability in McAfee ePO Agent for ePolicy Orchestrator 2.0, 2.5, and 2.5.1 MySQL Privilege Escalation via World-Writeable Files and Configuration Overwrite Unrestricted Access to Administrative Servlets in BEA WebLogic Server and Express 6.0 through 7.0 Remote Code Execution in Bonsai Mozilla CVS Query Tool Bonsai Mozilla CVS Query Tool Path Disclosure Vulnerability Cross-Site Scripting (XSS) Vulnerabilities in Bonsai Mozilla CVS Query Tool Remote Code Execution in Bonsai Mozilla CVS Query Tool LXR Directory Traversal Vulnerability Heap-based Buffer Overflow in Ethereal 0.9.9 and Earlier: Remote Code Execution Vulnerability Arbitrary HTML Injection and Information Theft in SquirrelMail Buffer overflow vulnerability in Sendmail's prescan() function in parseaddr.c Ecartis 1.0.0 Password Reset and Privilege Escalation Vulnerability Arbitrary Heap Memory Overwrite Vulnerability in Gaim-Encryption Plugin EOG Format String Vulnerability Integer Signedness Error in emalloc() Function in PHP Off-by-one buffer overflows in IMAP capability in Mutt and Balsa Buffer Overflow Vulnerability in Apple QuickTime Player for Windows Denial of Service (CPU Consumption) Vulnerability in HP Instant TopTools Webserver Privilege Escalation Vulnerability in IBM AIX 5.2 FTPD with Kerberos 5 Authentication Arbitrary Command Execution via PATH Manipulation in MacOS X DirectoryServices Buffer Overflow Vulnerability in openlog Function in PHP 4.3.1 Insecure Creation of Quota Information Files in xfsdump Allows Local Privilege Escalation LDAP nsd in IRIX 6.5.19 and Earlier Allows Passwordless Login Denial of Service Vulnerability in SGI IRIX Kernel Panic via PIOCSWATCH ioctl Denial of Service Vulnerability in Name Service Daemon (nsd) on SGI IRIX 6.5.x through 6.5.20f Inadvertent Group Membership Processing Vulnerability in SGI IRIX 6.5.x through 6.5.20f Multiple Buffer Overflows in Lotus Domino Web Server before 6.0.1 Buffer Overflow in Lotus Domino COM Object Control Handler Denial of Service Vulnerability in Lotus Domino Web Server Denial of Service Vulnerability in Lotus Domino Web Server Denial of Service Vulnerability in Netfilter for Linux 2.4.20 Local File Inclusion Vulnerability in lv Thread Safety Vulnerability in Apache 2.0.40-2.0.45 Authentication Module Timing Attack Vulnerability in OpenSSH-portable Weak Cipher Suite Vulnerability in Apache 2 and mod_ssl Arbitrary File Overwrite Vulnerability in xlsview for catdoc 0.91 and Earlier Improper Privilege Dropping in tcpdump Startup Denial of Service Vulnerability in CUPS IPP Port (CVE-2002-1367) Multiple Buffer Overflows in Samba Before 2.2.8a: Remote Code Execution and Denial of Service Vulnerability Privilege Escalation via Buffer Overflow in Interbase Database 6.x Guest Users Can Modify DropBox Folder Permissions and Access Unauthorized Files in Mac OS X (before 10.2.5) Remote Code Execution Vulnerability in Samba 2.2.x and Samba-TNG 0.3.2 Arbitrary File Overwrite Vulnerability in Halstead and Gather_Stats Scripts Arbitrary Code Execution via Buffer Overflow in moxftp 2.2 and Earlier Arbitrary Command Execution Vulnerability in KDE Ghostscript Viewer Arbitrary Command Execution in gkrellm-newsticker Plugin Denial of Service Vulnerability in gkrellm-newsticker Plugin Insecure Temporary File Creation in ps2epsi Allows Local File Overwrite Flash ad user tracking capability XSS vulnerability TCP Stream Reassembly Module Integer Overflow Vulnerability Buffer Overflow Vulnerability in Cisco Secure ACS Administration Service Denial of Service Vulnerability in xinetd 2.3.10 via Memory Leak Denial of Service and Arbitrary Code Execution Vulnerability in rinetd Buffer Overflow Vulnerability in PoPToP PPTP Server Local Privilege Escalation via Symlink Attack in run-mailcap Authentication Bypass via SQL Injection in bttlxeForum 2.0 beta 3 and Earlier Cisco Catalyst 7.5(1) Local Authentication Bypass Vulnerability Neoteris Instant Virtual Extranet (IVE) 3.01 and Earlier Cross-Site Scripting (XSS) Vulnerability Buffer Overflow in PostMethod() Function in Monkey HTTP Daemon (monkeyd) 0.6.1 and Earlier: Remote Code Execution Vulnerability Remote Command Execution Vulnerability in Kerio Personal Firewall (KPF) 2.1.4 and Earlier Remote Code Execution Vulnerability in Kerio Personal Firewall (KPF) 2.1.4 and Earlier Privilege Escalation via Symlink Attack in HP Tru64 UNIX 5.1B PK1 and Earlier Oracle Net Services Stack-based Buffer Overflow in CREATE DATABASE LINK Query ASP Redirection XSS Vulnerability in Microsoft IIS 4.0, 5.0, and 5.1 Server Side Include Web Pages Buffer Overrun Vulnerability in IIS 5.0 Denial of Service Vulnerability in Response.AddHeader Function in IIS 4.0 and 5.0 Denial of Service Vulnerability in Microsoft IIS 5.0 and 5.1 Remote Code Execution Vulnerability in Microsoft Windows Media Services Arbitrary Code Execution via Directory Traversal in Windows Media Player Named Pipe Hijacking Vulnerability in Microsoft SQL Server 7, 2000, and MSDE Denial of Service Vulnerability in Microsoft SQL Server 7, 2000, and MSDE Buffer Overflow Vulnerability in Microsoft SQL Server 7, 2000, and MSDE Heap-based Buffer Overflow in plugin.ocx for Internet Explorer 5.01, 5.5, and 6.0 via Load() Method Format String Vulnerability in Mirabilis ICQ Pro 2003a POP3 Client Arbitrary Code Execution Vulnerability in Mirabilis ICQ Pro 2003a POP3 Client ICQ Pro 2003a Features on Demand Software Upgrade Spoofing Vulnerability Denial of Service Vulnerability in Mirabilis ICQ Pro 2003a Denial of Service Vulnerability in icqateimg32.dll Parsing/Rendering Library Axis Network Camera Products: Remote Access Bypass and Configuration Modification Vulnerability HTML Rendering Vulnerability in FrontRange GoldMine Mail Agent IPSec Vulnerability: Port Matching Bypass in Mac OS X Arbitrary Command Execution in Happymall 4.3 and 4.4 Denial of Service Vulnerability in Linux 2.4 Route Cache Implementation and Netfilter IP Conntrack Module Remote Code Execution Vulnerability in apr_psprintf function in Apache Portable Runtime (APR) Library Privilege Escalation via ioperm System Call in Linux Kernel 2.4.20 and Earlier Kernel Oops Vulnerability in Linux Kernel 2.4 TTY Layer Vulnerability: CPU State Register Modification via Malformed Address in Linux Kernel 2.4 PHP Method Spoofing Vulnerability Denial of Service Vulnerability in ypserv NIS Server Off-by-one Error in Linux NFS Utils Package Allows Remote Code Execution Denial of Service Vulnerability in Apache 2 Prefork MPM Denial of Service Vulnerability in Apache 2 FTP Proxy Server Key Validation Vulnerability in GnuPG: Failure to Detect Untrusted User IDs Command Injection Vulnerability in GnuPG Plugin in Kopete Printer Capability Format String Vulnerability in IBM AIX 3, 5.1, and 5.2 Unauthenticated Remote Access Vulnerability in Cisco VPN 3000 Series Concentrators and Cisco VPN 3002 Hardware Client Denial of Service Vulnerability in Cisco VPN 3000 Series Concentrators and Cisco VPN 3002 Hardware Client Denial of Service Vulnerability in Cisco VPN 3000 Series Concentrators and Cisco VPN 3002 Hardware Client Insecure Temporary File Creation in Fuzz 0.6 and Earlier: Local Privilege Escalation Vulnerability Privilege Escalation Vulnerability in leksbot 1.2.3 on Debian GNU/Linux Buffer Overflow Vulnerabilities in Floosietek FTGate Pro Mail Server (FTGatePro) 1.22 Multiple Buffer Overflows in SLMail 5.1.0.4420: Remote Code Execution Vulnerabilities SDBINST Race Condition Vulnerability in SAP Database 7.3.0.29 Multiple Buffer Overflows in SLWebMail 3 on Windows Systems Arbitrary File Read Vulnerability in ShowGodLog.dll in SLWebMail 3 on Windows Systems Path Disclosure Vulnerability in SLWebMail 3 on Windows Systems Buffer Overflow in Youbin: Privilege Escalation via Long HOME Environment Variable Weak Encryption Vulnerability in Apple AirPort 802.11 Wireless Access Point Devices Buffer Overflow in Personal FTP Server Allows Remote Code Execution via Long USER Argument Remote Code Execution in miniPortail via admin.php Cookie Manipulation XSS Vulnerability in Request Tracker (RT) Web Interface Allows Remote Code Execution Buffer Overflow in catmail for ListProc 8.2.09 and Earlier: Remote Code Execution via ULISTPROC_UMASK Value Remote Code Execution in YaBB SE 1.5.2 via SSI.php Pi3Web 2.0.1 Buffer Overflow Vulnerability Directory Traversal Vulnerability in Happymall 4.3 and 4.4 Arbitrary Web Script Injection via file Parameter in Happymall 4.3 and 4.4 SQL Injection Vulnerabilities in PHP-Nuke Web_Links Module Allow Remote Information Theft Buffer Overflow Vulnerabilities in ESMTP CMailServer 4.0.2003.03.27 SMTP Service Buffer Overflow Vulnerability in Firebird 1.0.2 and Earlier Versions UnZip 5.50 Directory Traversal Vulnerability Phorum XSS Vulnerability: Arbitrary Script Injection via Tag Name Arbitrary File Write Vulnerability in Adobe Acrobat 5 Open Mail Relay Vulnerability in IBM AIX 5.2 and Earlier SQL Injection Vulnerability in Snitz Forums 2000 Allows Remote Code Execution Arbitrary Script Injection in Movable Type Comment Name Field Buffer Overflow in IP Messenger for Win 2.00-2.02 File Transfer Mechanism Format String Vulnerability in cdrtools 2.0's scsiopen.c Allows Privilege Escalation Memory Leak Vulnerability in eServ 2.9x: Remote Denial of Service via Connection Exhaustion Memory Leakage in 3com OfficeConnect Remote 812 ADSL Router 1.1.7 Allows HTTP Request Identification via DHCP Sniffing Man-in-the-Middle XSS Vulnerability in Inktomi Traffic-Server 5.5.1 PalmOS Denial of Service Vulnerability via ICMP Echo Flood Arbitrary File Read Vulnerability in autohtml.php in php-proxima 6.0 and Earlier Arbitrary Script Injection in vBulletin 3.0.0 Beta 2 private.php Remote Code Execution and Denial of Service Vulnerability in Evolution IMAP Client 1.2.4 Remote Code Execution and Denial of Service Vulnerability in c-client IMAP Client Remote Code Execution and Denial of Service Vulnerability in Mozilla IMAP Client Remote Code Execution and Denial of Service Vulnerability in IMAP Client Remote Denial of Service Vulnerability in Sylpheed IMAP Client 0.8.11 Denial of Service Vulnerability in Outlook Express 6.00.2800.1106 IMAP Client Remote Code Execution and Denial of Service Vulnerability in Eudora 5.2.1 IMAP Client Arbitrary Ticket Description Modification Vulnerability in One||Zero Helpdesk 1.4 rc4 Remote Code Execution Vulnerability in One||Zero Helpdesk 1.4 rc4 Denial of Service Vulnerability in Cisco IOS Service Assurance Agent (SAA) Buffer Overflow Vulnerability in EXPLORER.EXE on Windows XP via Long .ShellClassInfo Parameter in desktop.ini Arbitrary Administrative Privilege Escalation in Poster Version.two Insecure Temporary File Creation in Sendmail 8.12.3 Package in Debian GNU/Linux 3.0 The File Download Dialog Vulnerability Arbitrary Web Script Injection Vulnerability in eZ Publish 2.2 Snowblind Web Server 1.0 Directory Traversal Vulnerability Snowblind Web Server 1.0 Directory Traversal Vulnerability Denial of Service Vulnerability in Snowblind Web Server 1.0 Snowblind Web Server 1.0 Buffer Overflow Vulnerability Open Proxy and SMTP Open Relay Vulnerability in Venturi Client Authentication Bypass Vulnerability in iisPROTECT 2.1 and 2.2 Arbitrary Web Script Injection via Year Parameter in PHP-Nuke Statistics Module Buffer Overflow Vulnerability in SmartMax MailMax IMAP Server Arbitrary PHP Code Injection in ttCMS 2.3 and Earlier via ttcms_user_admin Parameter Buffer Overflow Vulnerabilities in BitchX IRC Client 1.0-0c19 and Earlier Integer Overflow Vulnerability in BitchX IRC Client 1.0-0c19 and Earlier Multiple Buffer Overflows in ircII 20020912: Remote Code Execution and Denial of Service Vulnerabilities Buffer Overflow Vulnerability in EPIC IRC Client (EPIC4) 1.0.1 Buffer Overflow Vulnerability in Maelstrom 3.0.6 and Earlier Versions Arbitrary Code Execution Vulnerability in slocate's parse_decode_path() Function Heap-based Buffer Overflow in Sybase Adaptive Server Enterprise (ASE) 12.5 Remote Code Execution and Denial of Service Vulnerability in EPIC IRC Client (EPIC4) Plaintext Storage of User Credentials in CesarFTP 0.99g Buffer Overflow Vulnerability in Maelstrom Allows Arbitrary Code Execution via Long -player Command Line Argument SQL Injection Vulnerability in ttForum Preferences Page Allows Remote Attackers to Gain Administrator Privileges Authentication Bypass Vulnerability in BadBlue Web Server Buffer Overflow Vulnerabilities in HP-UX Kermit (C-Kermit 6.0.192 and earlier versions) Denial of Service Vulnerability in BitchX IRC Client 1.0c20cvs and Earlier Vulnerability: Insecure Mount Flags Reset in Slackware 9.0's rc.M Script Arbitrary File Read Vulnerability in Qualcomm Eudora 5.2.1 Arbitrary Program Execution Vulnerability in LSF 5.1's ckconfig Command WsMp3d Directory Traversal Vulnerability Heap-based Buffer Overflow in WsMp3d Allows Remote Code Execution Plaintext Storage of Authentication Information in Demarc Puresecure 1.6 Arbitrary Script Injection through Search Field in Owl Intranet Engine 0.71 and Earlier Plaintext Storage of User Credentials in BlackMoon FTP Server 2.6 Free Edition Account Enumeration Vulnerability in BlackMoon FTP Server 2.6 Free Edition Arbitrary Code Execution Vulnerability in Microsoft Internet Explorer Buffer Overflow Vulnerability in SMB Capability for Microsoft Windows XP, 2000, and NT Heap-based Buffer Overflow in Microsoft Windows DirectX MIDI Library Heap-based Buffer Overflow in VBE.DLL and VBE6.DLL of Microsoft Visual Basic for Applications (VBA) SDK 5.0 through 6.3 Remote Code Execution Vulnerability in Microsoft Windows Media Player 9 Series ActiveX Control Buffer Overflow Vulnerability in Microsoft Windows Media Services (nsiislog.dll) Windows 2000 Accessibility Utility Manager Local Code Execution Vulnerability Remote Code Execution Vulnerability in DCOM Interface for RPC in Microsoft Windows NT 4.0, 2000, XP, and Server 2003 Buffer Overflow in SQL-DMO Component of MDAC Allows Remote Code Execution Arbitrary Command Execution Vulnerability in GNU Ghostscript Safari 1.0 Beta 2 (v73) and earlier X.509 Certificate Spoofing Vulnerability Off-by-one vulnerabilities in multiple dissectors of Ethereal 0.9.11 and earlier Integer Overflow Vulnerabilities in Ethereal 0.9.11 and Earlier: Remote Code Execution and Denial of Service Buffer Overflow Vulnerability in Nethack and Falconseye Allows Privilege Escalation Insecure Permissions in Nethack 3.4.0 and Earlier: Privilege Escalation Vulnerability Buffer Overflow Vulnerabilities in gPS 1.0.0 and Earlier: Denial of Service and Arbitrary Code Execution Unauthorized Remote Connection Vulnerability in gPS before 1.1.0 Buffer Overflow Vulnerability in gPS 0.10.2 and Earlier: Local Denial of Service via Long Command Lines Format String Vulnerability in LICQ 1.2.6 and 1.0.3 TCP/IP Fragment Reassembly Denial of Service Vulnerability in Linux Kernel 2.4 Privilege Escalation via ICQLite 2003a ACE Vulnerability Denial of Service Vulnerability in Lyskom-Server 2.0.7 and Earlier Symlink Attack Vulnerability in znew of Gzip Package Denial of Service Vulnerability in Nokia GGSN via Malformed IP Packet X.509 Certificate Spoofing Vulnerability in Konqueror Embedded and KDE 2.2.2 and Earlier Buffer Overflow Vulnerability in Prishtina FTP Client 1.x Denial of Service and Arbitrary Code Execution Vulnerability in libnasl in Nessus Buffer Overflow Vulnerabilities in libnasl in Nessus Unidentified Vulnerabilities in Nessus Pre-2.0.6: Multiple Exploits in libnessus and libnasl Arbitrary HTML and Script Injection in XMBforum XMB 1.8.x (Partagium) via member.php Buffer Overflow Vulnerability in Eudora 5.2.1 with Attachment Converted Argument SQL Injection Vulnerability in iisPROTECT Web-Based Administration Interface Cleartext Password Vulnerability in Kerberos Login Authentication in Mac OS X Remote File Overwrite Vulnerability in Apple File Service (AFP Server) for Mac OS X Server Buffer Overflow Vulnerability in atftpd 0.6.1 and Earlier: Remote Code Execution Insecure Temporary File Creation in noweb 2.9 and Earlier Buffer Overflow Vulnerability in Eterm 0.9.2 via ETERMPATH Environment Variable Buffer Overflow Vulnerability in Xaos 3.0-23 and Earlier: Local Privilege Escalation via Long -language Option Bypassing from= and user@host Address Restrictions in OpenSSH 3.6.1 and Earlier Spoofing Privileges through pam_wheel Vulnerability in Linux-PAM 0.78 RSA ACE/Agent 5.0 and 5.x XSS Vulnerability in Secure Redirect Function Buffer Overflow Vulnerabilities in OPT Shared Library 3.18 and Earlier Format String Vulnerability in Magic WinMail Server 2.3 and Other 2.x Versions ST FTP Service 3.0 Directory Traversal Vulnerability Vulnerability in Privacyware Privatefirewall 3.0 Allows Remote Service Identification Arbitrary PHP Code Execution in objects.inc.php4 in BLNews 2.1.3 Arbitrary PHP Code Execution in Ultimate PHP Board (UPB) 1.9 via User-Agent Header Buffer Overflow Vulnerability in Linux-ATM Allows Privilege Escalation FastTrack Network Code Buffer Overflow Vulnerability Arbitrary Code Execution via Vignette Application with SSI EXEC Feature Arbitrary SELECT Query Vulnerability in Vignette StoryServer and V/5 Memory Leak Vulnerability in Vignette StoryServer and V/5 Information Disclosure Vulnerability in Vignette StoryServer and V/5 via /vgn/style Template Request Vulnerability: User Enumeration in Vignette StoryServer 5 and Vignette V/5 Login Template Vulnerability: Unauthorized Access and Denial of Service in Vignette StoryServer 5 and V/5 Arbitrary HTML and Script Injection in Vignette StoryServer and V/5 Arbitrary TCL Code Execution in Vignette StoryServer 5 and Vignette V/6 Plaintext Password Storage in PalmVNC 1.40 and Earlier: Privilege Escalation Vulnerability Remote Code Execution Vulnerability in Gnome Batalla Naval 1.0.4 Privilege Escalation via Buffer Overflow in Uptime Client (UpClient) 5.0b7 Buffer Overflow Vulnerability in BRS WebWeaver 1.04 and Earlier Buffer Overflow Vulnerability in AnalogX Proxy 4.13 Information Disclosure Vulnerability in Sun ONE Application Server 7.0 Incomplete URI Logging Vulnerability in Sun ONE Application Server 7.0 for Windows 2000/XP Cross-site scripting (XSS) vulnerability in Sun ONE Application Server and Sun Java System Web Server World-readable statefile in Sun ONE Application Server 7.0 for Windows 2000/XP allows privilege escalation through plaintext password exposure Denial of Service Vulnerability in Remote PC Access Server 2.2 Bandmin 1.4 Cross-Site Scripting (XSS) Vulnerability Son hServer 0.2 Directory Traversal Vulnerability Linux 2.0 Kernel IP Stack ICMP Error Response Memory Leakage Vulnerability Denial of Service Vulnerability in SMC Networks Barricade Wireless Cable/DSL Broadband Router SMC7004VWBR Local Information Leak in dsimportexport for Apple Macintosh OS X Server 10.2.6 Denial of Service Vulnerability in Apple QuickTime / Darwin Streaming Server Denial of Service Vulnerability in Apple QuickTime / Darwin Streaming Server Information Disclosure Vulnerability in parse_xml.cgi Information Disclosure Vulnerability in Apple QuickTime / Darwin Streaming Server Directory Traversal Vulnerability in Apple QuickTime / Darwin Streaming Server Remote Privilege Escalation in Apple QuickTime / Darwin Streaming Server Remote Code Execution Vulnerability in Mikmod 3.1.6 and Earlier via Long Filename in Archive File DCERPC Denial of Service Vulnerability in Ethereal 0.9.12 and Earlier Buffer Overflow Vulnerability in Ethereal 0.9.12 and Earlier SPNEGO Dissector Denial of Service Vulnerability Zero-length buffer size vulnerability in tvb_get_nstringz0 function in Ethereal 0.9.12 and earlier Multiple Vulnerabilities in Ethereal Dissectors Arbitrary Code Execution Vulnerability in Gnocatan 0.6.1 and Earlier Arbitrary Command Execution via Shell Metacharacters in PDF Hyperlinks Remote Code Execution Vulnerability in Typespeed 0.4.1 and Earlier Remote Code Execution Vulnerability in mnoGoSearch 3.1.20 via Buffer Overflow in search.cgi Remote Code Execution Vulnerability in mnoGoSearch 3.2.10 search.cgi Symlink Attack Vulnerability in eldav WebDAV Client for Emacs Local File Overwrite Vulnerability in Semi MIME Library and Wemi Privilege Escalation Vulnerabilities in Orville Write 2.53 and Earlier Arbitrary Script Injection via PHPSESSID Parameter in Transparent SID Support Capability Remote Code Execution Vulnerability in GTKSee 0.5 and 0.5.1 via PNG Image Buffer Overflow in webfs 1.17.1: Remote Code Execution via Long Request-URI Arbitrary Web Script Injection via XML Parse Error in Internet Explorer 5.5 and 6.0 Remote Code Execution via Custom HTTP Errors in Internet Explorer Arbitrary File Read and Write Vulnerability in Portmon 1.7 and Earlier Versions Privilege Escalation via Trusting User Input to Load Libraries in Progress Database 9.1 to 9.1D06 Buffer Overflow Vulnerability in Cistron RADIUS Daemon (radiusd-cistron) 1.6.6 and Earlier Buffer Overflow Vulnerabilities in xbl (Version 1.0k) Enable Local Privilege Escalation Buffer Overflow Vulnerabilities in osh: Arbitrary Code Execution and Shell Restriction Bypass Buffer Overflow Vulnerability in traceroute-nanog 6.1.1 Buffer Overflow Vulnerability in xgalaga 2.0.34 and Earlier via Long HOME Environment Variable Insecure Temporary File Creation in ImageMagick LibMagick Library 5.5 and Earlier Path Disclosure Vulnerability in VisNetic WebSite 3.5 Privilege Escalation Vulnerability in HP NonStop Server D40.00 through D48.03, and G01.00 through G06.20 KDE Konqueror HTTP-Referer Credential Leakage Vulnerability Denial of Service Vulnerability in Apache rotatelogs Program Information Disclosure Vulnerability in /proc/tty/driver/serial in Linux 2.4.x Race Condition in execve System Call Allows Denial of Service on Linux 2.4 Privileged Service Port Binding Vulnerability in Linux Kernel 2.4 Information Leak Vulnerability in Linux Kernel strncpy Function Buffer overflow vulnerability in fb_realpath() function allows for arbitrary code execution Denial of Service Vulnerability in ip_nat_sack_adjust of Netfilter in Linux Kernels Postfix Remote Bounce Scan and DDoS Vulnerability Buffer Overflow in HTML Converter Allows Remote Code Execution Buffer Overflow in RuFSI Utility Class ActiveX Control Allows Remote Code Execution Remote Code Execution Vulnerability in WebAdmin.exe via Long USER Argument IPv6 Capability Denial of Service Vulnerability in IRIX 6.5.19 Root-level packet processing vulnerability in IRIX 6.5.19's IPv6 capability iWeb Server Directory Traversal Vulnerability iWeb Server 2 Directory Traversal Vulnerability File Descriptor Leakage Vulnerability in Linux 2.4.x Denial of Service Vulnerability in wzdftpd 0.1rc4 and Earlier Format String Vulnerability in Bahamut IRCd and Related IRC Daemons Arbitrary Web Script Injection in WebBBS Guestbook Arbitrary File Overwrite and Privilege Escalation Vulnerability in VMware Workstation 4.0 for Linux Arbitrary Web Script Insertion Vulnerabilities in TUTOS 1.1 Arbitrary Code Execution in TUTOS 1.1 via File Upload Vulnerability Arbitrary Script Injection in XMB Forum 1.8 Partagium Arbitrary Web Script Injection in phpBB viewtopic.php (XSS Vulnerability) Arbitrary Code Execution Vulnerability in Progress 4GL Compiler 9.1D06 and Earlier SQL Injection Vulnerability in viewtopic.php for phpBB 2.0.5 and Earlier: Remote Password Hash Theft Multiple Buffer Overflow Vulnerabilities in Kerio MailServer 5.6.3 Cross-Site Scripting (XSS) Vulnerabilities in Kerio MailServer 5.6.3 Privilege Escalation via Incomplete Privilege Drop in tcptraceroute 1.4 and Earlier World-writable permissions in Dantz Retrospect Client 5.0.540 on MacOS X 10.2.6 and other versions allow privilege escalation Arbitrary Code Execution via Unrestricted File Upload in XOOPS and E-XOOPS Tutorials 2.0 Module Arbitrary Web Script Execution via Search Parameter in Snitz Forums 3.4.03 and Earlier Session Hijacking Vulnerability in Snitz Forums 3.4.03 and Earlier Privilege Escalation via Password Reset Vulnerability in Snitz Forums 3.4.03 and Earlier Arbitrary Web Script Injection Vulnerability in LedNews 0.7 Privilege Escalation via xp_fileexist Extended Stored Procedure in Microsoft SQL Server World-writable permissions in Caché Database 5.x allow local privilege escalation via cache and cuxs Insecure Permissions in Caché Database 5.x Allow Arbitrary Code Execution Cleartext Storage of Database Password in Mantis 0.17.5 and Earlier SQL Injection Vulnerability in ProFTPD PostgreSQL Authentication Module Insecure Ownership and Permissions in /proc/self Entries Denial of Service Vulnerability in Apple QuickTime / Darwin Streaming Server Buffer Overflow in ShellExecute API Function of SHELL32.DLL in Windows 2000 Cross-Site Scripting (XSS) Vulnerabilities in Phpgroupware 0.9.14.003 Directory Traversal Vulnerability in Microsoft NetMeeting 3.01 2000 before SP4 Denial of Service Vulnerability in Microsoft NetMeeting 3.01 Active Directory Stack-based Buffer Overflow Vulnerability Buffer Overflow in Adobe Acrobat Reader (acroread) 5.0.7 and Earlier via Long Mailto Link SQL Injection Vulnerability in Cyberstrong eShop 4.2 and Earlier: Remote Authentication Information Theft and Privilege Escalation Remote Code Execution Vulnerability in ezbounce 1.0 through 1.50 via sessions Command Denial of Service Vulnerability in Cisco Aironet AP1x00 Series Wireless Devices Cisco IOS 12.2 and Earlier Username Enumeration Vulnerability Directory Traversal Vulnerability in Microsoft Internet Explorer Directory Traversal Vulnerability in Apple Safari Allows Cookie Access Bypass SQL Injection Vulnerabilities in teapop 0.3.5 and Earlier: PostgreSQL and MySQL Authentication Modules Arbitrary Command Execution in mgetty 1.1.28 and Earlier Symlink Attack Vulnerability in mgetty 1.1.28 and Earlier via faxrunqd.in JOB Files Screen Saver Crash Vulnerability in MacOS X Allows Unauthorized Access Denial of Service Vulnerability in Internet Explorer 5 and 6 Remote Denial of Service Vulnerability in Trillian 1.0 Pro and 0.74 Freeware cPanel 6.4.2 XSS Vulnerability: Remote Code Injection and Privilege Escalation Multiple SQL Injection Vulnerabilities in ProductCart 1.5 through 2 Arbitrary Web Script Execution via msg.asp in ProductCart Symlink Attack Vulnerability in Qt on Knoppix 3.1 Live CD Heap Corruption Vulnerability in getCanonicalPath Function in Windows NT 4.0 XSS Vulnerability in Microsoft ISA Server 2000 Allows Injection of Arbitrary Web Script Heap-based Buffer Overflow in DCOM Interface of RPCSS Service Buffer Overflow in BR549.DLL ActiveX Control for Internet Explorer 5.01 SP3 through 6.0 SP1: Remote Code Execution Vulnerability Browser Cache Script Execution in My Computer Zone Vulnerability Object Type Vulnerability in Internet Explorer 5.01 SP3 through 6.0 SP1 Stack-based Buffer Overflow in LSASRV.DLL Allows Remote Code Execution Buffer Overflow in XBL 1.0k and Earlier: Privilege Escalation via Long -display Command Line Option Directory Traversal Vulnerability in phpSysInfo 2.1 and Earlier Insecure Temporary File Creation in liece Emacs IRC Client Remote Code Execution Vulnerability in Mozart 1.2.5 and Earlier Insecure Temporary File Creation in skk (Simple Kana to Kanji Conversion Program) and ddskk Package Denial of Service Vulnerability in Postfix 1.1.12 and Earlier Null Pointer Dereference Vulnerability in gtkhtml before 1.1.10 Stack-based Buffer Overflow Vulnerabilities in Apache Mod_Alias and Mod_Rewrite Denial of Service Vulnerability in OpenSSL 0.9.6 and 0.9.7 ASN.1 Input Length Tracking Vulnerability in OpenSSL 0.9.6 and 0.9.7 Double Free Vulnerability in OpenSSL 0.9.7: Remote Code Execution and Denial of Service Insecure RPM GPG Signature Verification in up2date 3.0.7 and 3.1.23 Arbitrary File Read Vulnerability in GDM's Examine Session Errors Feature Denial of Service Vulnerability in GDM XDMCP Support Denial of Service Vulnerability in GDM XDMCP Authorization Key Handling Insecure Design of STP Protocol in Linux 2.4.x Allows Unauthorized Modification of Bridge Topology Linux 2.4.x STP Protocol Length Verification Vulnerability Bridge Forwarding Table Spoofing Vulnerability in Linux 2.4.x Remote Code Execution Vulnerability in Netscape 7.02 CDT Plugin (npcdt.dll) via Long Filename Attachment Denial of Service Vulnerability in NeoModus Direct Connect 1.0 build 9 ImageMagick Format String Vulnerability Denial of Service Vulnerability in Polycom MGC 25 via Control Port 5003 SQL Injection Vulnerability in StoreFront 6.0 Login Page Remote Code Execution Vulnerability in LeapFTP 2.7.3.600 via Buffer Overflow Arbitrary PHP Code Execution in phpforum 2 RC-1 and Earlier Versions SQL Injection Vulnerability in VP-ASP's shopexd.asp Allows Remote Attackers to Gain Administrator Privileges Buffer Overflow Vulnerabilities in IglooFTP PRO 3.8 Buffer Overflow in CGI2PERL.NLM PERL Handler in Novell Netware 5.1 and 6.0 S/MIME Protocol Vulnerabilities: Denial of Service and Arbitrary Code Execution X.400 Protocol Vulnerabilities: Denial of Service and Arbitrary Code Execution Denial of Service Vulnerability in Cisco IOS 11.x and 12.0 through 12.2 Denial of Service Vulnerability in nsd in SGI IRIX 6.5.x through 6.5.20f Insufficient Sanity Checking in DNS Callbacks in SGI IRIX 6.5.x through 6.5.20f Local Privilege Escalation Vulnerability in SGI IRIX 6.5.x through 6.5.20 Heap-based Buffer Overflow in SGI IRIX Name Services Daemon (nsd) Allows Root Privilege Escalation via AUTH_UNIX GID List Denial of Service Vulnerability in SGI IRIX NFS Daemon (nfsd) Denial of Service and Arbitrary Code Execution Vulnerability in mpg123 0.59r Privilege Escalation via Hard Links in IBM U2 UniVerse 10.0.0.9 and Earlier Privilege Escalation via User-Controlled Pathname in IBM U2 UniVerse 10.0.0.9 and Earlier Buffer Overflow Vulnerability in uvadmsh in IBM U2 UniVerse 10.0.0.9 and Earlier Out-of-Bounds Array Access Vulnerability in X Fontserver for Truetype fonts (xfstt) 1.4 Buffer Overflow Vulnerability in BRU Backup and Restore Utility for Unix (Version 17.0 and Earlier) Format String Vulnerability in BRU Backup and Restore Utility for Unix (Version 17.0 and Earlier) SQL Injection Vulnerability in Brooky eStore Login Page Sensitive Path Disclosure in Brooky eStore 1.0.1 through 1.0.2b Arbitrary Web Script Execution and Administrative Access Vulnerability in Infopop Ultimate Bulletin Board (UBB) 6.x Improper Authentication in Digi-news 1.1 Allows Bypass via Cookie Authentication Bypass Vulnerability in Digi-ads 1.1 Arbitrary HTML and Script Injection in Splatt Forum's Post Icon Field Directory Traversal Vulnerability in Konqueror (KDE 3.1.3 and earlier) Allows Cookie Access Bypass Opera Browser Directory Traversal Vulnerability Directory Traversal Vulnerability in Mozilla Allows Cookie Access Bypass Buffer Overflow in WiTango Application Server and Tango 2000: Remote Code Execution via Long Cookie Predictable Temporary Directory Vulnerability in FDclone 2.00a and Earlier Versions Privilege Escalation Vulnerability in Merge before 5.3.23a on UnixWare 7.1.x Vulnerability in phpGroupWare VFS Capability with Web Document Root Exposure Password Bypass Vulnerability in Apple Mac OS X Server 10.2 through 10.2.6 Cross-Site Scripting (XSS) Vulnerabilities in Bugzilla 2.16.x and 2.17.x Symlink Attack Vulnerability in Bugzilla Arbitrary File Access and Execution Vulnerability in Windows Media Player Remote Code Execution Vulnerability in Windows 2000 SP3 and SP4 Local Privilege Escalation: Arbitrary File Overwrite in sup 1.8 and Earlier Buffer Overflow Vulnerability in xconq 7.4.1 Allows Local Users to Gain Elevated Privileges Stack-based Buffer Overflow in Solaris Runtime Linker (ld.so.1) Allows Privilege Escalation Arbitrary File Read Vulnerability in McAfee ePO Agent for ePolicy Orchestrator 3.0 Buffer Overflow Vulnerabilities in xtokkaetama 1.0 Allow Local Privilege Escalation Buffer Overflow Vulnerabilities in Crafty 19.3's main.c Buffer Overflow Vulnerability in zblast-svgalib of zblast 1.2.1 and Earlier: Arbitrary Code Execution via High Score File Arbitrary Web Script Injection Vulnerability in Gallery 1.1 through 1.3.4 CGI.pm start_form() XSS Vulnerability ePO Service Format String Vulnerability in McAfee ePolicy Orchestrator Arbitrary File Overwrite Vulnerability in Mindi 0.58 and Earlier Information Disclosure Vulnerability in suidperl 5.6.1 and Earlier Integer Signedness Error in NFSv3 Decode_fh Function Allows Remote Kernel Panic Multiple Buffer Overflows in man-db 2.4.1 and Earlier: Privilege Escalation Vulnerabilities File Disclosure Vulnerability in BEA Tuxedo Administration Console Denial of Service Vulnerability in BEA Tuxedo Administration Console Arbitrary Web Script Injection Vulnerability in BEA Tuxedo Administration Console Remote Code Injection via person parameter in InteractiveQuery.jsp for BEA WebLogic 8.1 and earlier Remote Memory Leak Vulnerability in xfstt Arbitrary File Read Vulnerability in psdoccgi.exe Denial of Service Vulnerability in psdoccgi.exe in PeopleSoft PeopleTools 8.4 through 8.43 Information Disclosure Vulnerability in PeopleSoft Gateway Administration Servlet Arbitrary Web Script Injection Vulnerability in PeopleSoft IScript Environment Buffer Overflow Vulnerabilities in Atari 800 Emulator (atari800) Allow Privilege Escalation Privilege Escalation via Environment Variables in VMware GSX Server and Workstation Buffer Overflow Vulnerability in Oracle E-Business Suite Web Report Review (FNDWRR.exe) CGI Program Information Disclosure Vulnerabilities in Oracle Applications AOL/J Setup Test Suite Stack-based Buffer Overflow in Oracle PL/SQL EXTPROC Functionality Unspecified Vulnerabilities in Novell iChain 2.2 URL Redirection Vulnerability in Novell iChain 2.2 before Support Pack 1 User Enumeration and Brute Force Vulnerability in Novell iChain 2.2 Buffer Overflow Vulnerabilities in Novell iChain 2.1 and 2.2 Unauthenticated Access Vulnerability in Novell iChain 2.2 Privilege Escalation Vulnerability in BEA WebLogic Server and Express Arbitrary Module Loading Vulnerability in WatchGuard ServerLock for Windows 2000 Local Privilege Escalation via Symlink Attack in WatchGuard ServerLock for Windows 2000 Denial of Service Vulnerability in Linux Socket Filter Implementation Local Privilege Escalation in Kdbg 1.1.0 through 1.2.8 Privilege Escalation Vulnerability in man-db Buffer Overflow Vulnerabilities in Trend Micro HouseCall and Damage Cleanup Server Cisco IOS HTTP Server Buffer Overflow Vulnerability Arbitrary Code Execution Vulnerabilities in vfte (FTE-based) Prior to 0.50 Buffer Overflow in xpcd-svga Allows Arbitrary Code Execution via Long HOME Environment Variable Directory Traversal Vulnerability in GSAPAK.EXE for GameSpy Arcade Buffer Overflow in mod_mylo's mylo_log Function Allows Remote Code Execution Buffer Overflow in xtokkaetama Allows Local Privilege Escalation via Long -nickname Argument Denial of Service Vulnerability in NetBSD's OSI Networking Kernel Buffer Overflow Vulnerability in Autorespond Allows Remote Code Execution via Qmail Local Privilege Escalation in rscsi in cdrtools 2.01 and earlier Symlink Attack Vulnerability in eroaster before 2.2.0 SQL Injection Vulnerabilities in phpgroupware's infolog Module Arbitrary File Read Vulnerability in Docview before 1.1-18 Buffer Overflow Vulnerability in User32.dll Allows Arbitrary Code Execution Memory-based bypass vulnerability in Authenticode capability in Microsoft Windows NT through Server 2003 allows remote code execution without user approval NetBT Name Service (NBNS) Vulnerability: Remote Information Disclosure Buffer Overflow in Troubleshooter ActiveX Control (Tshoot.ocx) Allows Remote Code Execution Denial of Service Vulnerability in LSASS Service on Windows 2000 Domain Controllers Macro Execution Bypass Vulnerability in Microsoft Word 2002, 2000, 97, and 98(J) Buffer Overflow Vulnerability in Microsoft Access Snapshot Viewer ActiveX Control Buffer Overflow in Microsoft WordPerfect Converter: Remote Code Execution Vulnerability Solaris Denial of Service Vulnerability: Rare Race Condition Exploitation Local Privilege Escalation Vulnerability in Sustworks IPNetSentryX and IPNetMonitorX Format String Vulnerability in tcpflow Allows Arbitrary Code Execution Remote Code Execution via Format String Vulnerability in pam-pgsql 0.5.2 and Earlier Directory Traversal Vulnerability in ViewLog for iPlanet Administration Server 5.1 (Sun ONE) Denial of Service Vulnerability in Cisco CSS 11000 Routers Local File Truncation and Overwrite Vulnerability in libcpr Library for SGI IRIX 6.5.21f and Earlier NFS Bypass Vulnerability in SGI IRIX 6.5.21 and Earlier Critical Buffer Overflow Vulnerability in Sendmail 8.12.9: Parsing Rulesets Undisclosed Memory Bugs in OpenSSH 3.7.1 and Earlier NFS Access Bypass Vulnerability in SGI 6.5.21m and 6.5.21f Remote Code Execution Vulnerability in Netris 0.52 and Earlier Versions Arbitrary Code Execution Vulnerability in PAM SMB Module (pam_smb) 1.1.6 and Earlier Denial of Service Vulnerability in Sendmail 8.12.8 and Earlier with enhdnsbl Feature Buffer Overflow Vulnerability in getgrouplist Function in GNU libc Privilege Escalation Vulnerability in KDM (KDE 3.1.3 and earlier) Weak Session Cookie Generation Algorithm in KDM Buffer Overflow Vulnerability in OpenSSH before 3.7 Buffer Overflow Vulnerability in Sendmail 8.12.9's Prescan Function Multiple Buffer Management Errors in OpenSSH before 3.7.1 Denial of Service Vulnerability in AIX 5.1 and 5.2 getipnodebyname() API Format String Vulnerability in lpd on AIX 4.3-5.2 with Debug Enabled C-Media PCI Sound Driver Privilege Escalation Vulnerability C-Media PCI Sound Driver Privilege Escalation Vulnerability Double-byte encoding buffer overflow vulnerability in Internet Explorer 6 SP1 for certain languages allows remote code execution via Object tag Type property (CVE-2003-0344 variant) ISAPI Plugin Denial of Service and Remote Code Execution Vulnerability in ISS Server Sensor 7.0 XPU 20.16, 20.18, and Earlier Versions Arbitrary Kernel Loading Vulnerability in KisMAC before 0.05d Privilege Escalation via User-Supplied Variables in KisMAC Remote Code Execution Vulnerability in Mah-Jong 1.5.6 and Earlier Denial of Service Vulnerability in Mah-Jong 1.5.6 and Earlier Remote Code Execution Vulnerability in LinuxNode (node) before 0.3.2 LinuxNode (node) before 0.3.2 Format String Vulnerability Buffer Overflow in Whois Client Allows Remote Code Execution Remote Code Execution Vulnerability in PCHealth System in Windows XP and Windows Server 2003 Arbitrary Web Script Execution via XSS in Microsoft Exchange Server 5.5 OWA Compose New Message Form SMTP Service Denial of Service Vulnerability Heap-based Buffer Overflow in DCOM Interface of RPCSS Service Windows Messenger Service Buffer Overflow Vulnerability WebDAV Message Handler Denial of Service Vulnerability Buffer Overflow in Microsoft SSL Library Allows Remote Code Execution via PCT 1.0 Handshake Packets Buffer Overflow Vulnerability in PINE 4.58: Remote Code Execution via Malformed MIME Type Integer Signedness Error in PINE's rfc2231_get_param Function Allows Remote Code Execution Weak Authentication in Default Installation of sadmind on Solaris Remote Code Execution Vulnerability in gkrellmd for gkrellm 2.1.x before 2.1.14 RSA Signature Handling Vulnerability in SSH on HP Tru64 UNIX 5.1B and 5.1A RTSP Protocol Parser Buffer Overflow Vulnerability in RealNetworks Helix Universal Server and RealSystem Server Arbitrary Script Execution Vulnerability in RealOne Player Buffer Overflow Vulnerabilities in Oracle 9i Database Release 2 XML Database (XDB) Functionality Session Hijacking Vulnerability in Horde Webmail Buffer Overflow in Tellurian TftpdNT 1.8: Remote Code Execution via Long Filename TFTP Request Font Library Integer Overflow Vulnerabilities Privilege Escalation Vulnerability in CiscoWorks Common Management Foundation (CMF) 2.1 and Earlier Privilege Escalation Vulnerability in CiscoWorks Common Management Foundation (CMF) Cross-Site Scripting (XSS) Vulnerabilities in WebLogic Integration, Liquid Data, and WebLogic Server Bypassing Host-Based Access Restrictions in pam_ldap Authentication SQL Injection Vulnerability in phpWebSite Calendar Module Multiple Cross-Site Scripting (XSS) Vulnerabilities in phpWebSite 0.9.x and Earlier Path Disclosure Vulnerability in phpWebSite Calendar Module Denial of Service Vulnerability in phpWebSite Calendar Module Symlink Attack Vulnerability in VMware Workstation 4.0.1 for Linux Privileged File Descriptor Leakage Vulnerability in Stunnel Server Arbitrary Program Execution Vulnerability in SCO Internet Manager (mana) Heap-based Buffer Overflow in Exim SMTP Server Denial of Service Vulnerability in fetchnews NNTP Client Client-side authentication vulnerability in SNMPc 6.0.8 and earlier allows remote attackers to gain privileges by decrypting the server's returned password. Distributed Computing Environment (DCE) Implementations Denial of Service Vulnerability Information Disclosure Vulnerability in SAP Internet Transaction Server (ITS) 4620.2.0.323011 via wgate.dll Arbitrary File Read Vulnerability in SAP Internet Transaction Server (ITS) 4620.2.0.323011 Arbitrary Web Script Injection and Cookie Theft Vulnerability in SAP Internet Transaction Server (ITS) 4620.2.0.323011 Authentication Bypass Vulnerability in PY-Membres 4.2 and Earlier SQL Injection Vulnerability in pass_done.php for PY-Membres 4.2 and Earlier: Remote Code Execution via Email Parameter SQL Injection Vulnerability in AttilaPHP 3.0 Allows Authentication Bypass Arbitrary File Read Vulnerability in newsPHP 216 and Earlier Authentication Bypass Vulnerability in newsPHP 216 and Earlier Buffer Overflow in gtkftpd 1.0.4 and Earlier: Remote Code Execution via Long Directory Names Directory Traversal Vulnerability in SiteBuilder 1.4: Arbitrary File Read Information Disclosure Vulnerability in Check Point FireWall-1 4.0 and 4.1 Buffer Overflow Vulnerability in db2dart in IBM DB2 Universal Database 7.2 before Fixpak 10 Buffer Overflow Vulnerability in db2licm in IBM DB2 Universal Database 7.2 before Fixpak 10a Blubster 2.5 Denial of Service Vulnerability via UDP Flood Buffer Overflow in get_msg_text of chan_sip.c in Asterisk SIP Protocol Implementation Remote Code Execution Vulnerability in Foxweb 2.5 via Buffer Overflow Arbitrary Script Injection via Method Parameter in Escapade Scripting Engine (ESP) Information Disclosure Vulnerability in Escapade Scripting Engine (ESP) Remote Code Execution Vulnerability in Winamp 2.91 via IN_MIDI.DLL Plugin Heap-based Buffer Overflow Vulnerabilities in FTP Desktop Client 3.5 Buffer Overflow Vulnerability in RogerWilco Graphical Server 1.4.1.6 and Earlier Bypassing Cross-Site Scripting (XSS) and Script Injection Protection in Microsoft ASP.Net 1.1 ICQ Web Front Guestbook XSS Vulnerability Arbitrary Code Execution via Improper Cleansing of lang Cookie in IkonBoard 3.1.2a and Earlier Arbitrary Code Execution Vulnerability in Apache::Gallery Buffer Overflow Vulnerabilities in WS_FTP 3 and 4: Remote Code Execution and Denial of Service Remote Code Execution Vulnerability in saned Denial of Service Vulnerability in saned in sane-backends 1.0.7 and Earlier Denial of Service Vulnerability in saned in sane-backends 1.0.7 and Earlier Vulnerability: Improper Validation of RPC Numbers in saned Denial of Service Vulnerability in saned (sane-backends 1.0.7 and earlier) Memory Allocation Vulnerability in saned Asterisk CDR Logging Functionality SQL Injection Vulnerability Buffer Overflow Vulnerability in MySQL's get_salt_from_password Function eCartis Before 1.0.0 User Input Validation Vulnerability Buffer Overflow Vulnerabilities in ecartis 1.0.0 and Earlier: Denial of Service and Arbitrary Code Execution Root Privilege Escalation via Multiple Buffer Overflows in hztty 2.0 Format String Vulnerability in tsm for bos.rte.security on AIX 5.2 IPMasq Vulnerability: Bypassing Filtering via Packet Forwarding Privilege Escalation via SSH1 PAM Challenge Response Authentication in OpenSSH 3.7.1 and 3.7.1p1 OpenSSH PAM Conversation Function Stack Modification Vulnerability Denial of Service Vulnerability in CUPS IPP Implementation Apache mod_cgid CGI Redirect Path Handling Vulnerability Arbitrary Code Execution via Script.prototype.freeze/thaw in Mozilla 1.4 and Earlier Memory Allocation Vulnerability in Fetchmail 6.2.4 and Earlier Denial of Service Vulnerability in GDM 2.4.4.x and 2.4.1.x Denial of Service Vulnerability in GDM 2.4.4.x and 2.4.1.x Denial of Service Vulnerability in Quagga and Zebra Telnet CLI Port Remote Mounting Vulnerability in rpc.mountd SGI IRIX 6.5.18 through 6.5.22 Denial of Service Vulnerability in rpc.mountd in SGI IRIX 6.5 through 6.5.22 Nokia Electronic Documentation (NED) 5.0 Cross-Site Scripting (XSS) Vulnerability Directory Listing and Path Disclosure Vulnerability in Nokia Electronic Documentation (NED) 5.0 Nokia Electronic Documentation (NED) 5.0 Open HTTP Proxy Vulnerability ARP Spoofing Vulnerability in FreeBSD 5.1 and Earlier, Mac OS X, and Other BSD-based Systems Buffer Overflow Vulnerabilities in UMN Gopher Daemon (gopherd) 2.x and 3.x Remote Code Execution Vulnerability in Windows Logon Process Buffer Overflow Vulnerability in COM Internet Services and RPC over HTTP Proxy Components Arbitrary Code Execution Vulnerability in Internet Explorer 5.01-6.0 Remote Code Execution via Stack-based Buffer Overflow in Windows Workstation Service Windows RPC DCOM Multi-Threaded Race Condition Vulnerability ExecCommand Cross Domain Vulnerability Function Pointer Override Cross Domain Vulnerability in Internet Explorer 6 SP1 and Earlier Script URLs Cross Domain Vulnerability Arbitrary File Reading Vulnerability in Internet Explorer 5.01 through 6 SP1 Multiple Integer Overflows in Microsoft ASN.1 Library: Remote Code Execution Vulnerability Buffer Overflow Vulnerability in Microsoft ISA Server 2000 H.323 Filter Buffer Overflow Vulnerability in Microsoft Word and Works Suites Arbitrary Code Execution via Malicious XLM Macro in Microsoft Excel 97, 2000, and 2002 Remote Code Execution Vulnerability in Microsoft FrontPage Server Extensions (FPSE) 2000 and 2002 HijackClick: Remote Window Manipulation Vulnerability in Internet Explorer 6 SP1 and Earlier Denial of Service Vulnerability in SmartHTML Interpreter (shtml.dll) WINS Packet Length Validation Vulnerability Heap-based Buffer Overflow in lshd Allows Remote Code Execution Denial of Service Vulnerability in DB2 Discovery Service Buffer Overflow Vulnerability in freesweep in Debian GNU/Linux 3.0 Allows Local Privilege Escalation Buffer Overflow in Marbles 1.0.2 and Earlier: Privilege Escalation via Long HOME Environment Variable Buffer Overflow Vulnerability in ProFTPD 1.2.7 through 1.2.9rc2 Webfs 1.20 Directory Traversal Vulnerability Arbitrary Code Execution via Stack-Based Buffer Overflow in webfs Buffer Overflow in CDE libDtHelp Library: Local Code Execution Vulnerability Buffer Overflow in MPlayer's asf_http_request Allows Remote Code Execution Stack-based Buffer Overflow in IBM DB2 Universal Database 7.2 and 8.1 Stack-based Buffer Overflow in IBM DB2 Universal Database 7.2 for Windows Arbitrary Code Execution via Zone Restriction Bypass in Internet Explorer Microsoft Windows Server 2003 Shell Folders Directory Traversal Vulnerability Buffer Overflow Vulnerability in dtprintinfo on HP-UX 11.00 and Other Operating Systems Directory Traversal Vulnerability in PeopleSoft 8.42 Grid Option Remote Code Execution Vulnerability in mod_gzip_printf Remote Code Execution via Format String Vulnerability in mod_gzip_printf Arbitrary File Overwrite Vulnerability in mod_gzip HSQLDB Component Remote Code Execution Vulnerability in JBoss 3.2.1 and 3.0.8 Symlink Attack Vulnerability in SuSEconfig.javarunt Package on SuSE Linux 7.3Pro Arbitrary File Overwrite Vulnerability in SuSEconfig.susewm on SuSE Linux 8.2Pro Heap-based Buffer Overflow in slocate 2.6 Allows Privilege Escalation Buffer Overflow Vulnerability in cfengine 2.x (CVE-2002-0083) Vulnerability: Memory Corruption and Arbitrary Code Execution via Overlarge TCP Packets in libnids Denial of Service Vulnerability in OpenSSL 0.9.6k via Malformed ASN.1 Sequences Format String Vulnerability in Sylpheed-Claws SMTP Server Integer Overflow Vulnerability in ls Command Memory Consumption Vulnerability in ls Command Denial of Service Vulnerability in Pan 0.13.3 and Earlier Denial of Service Vulnerability in iproute 2.4.7 and Earlier via Spoofed Messages Denial of Service Vulnerability in iptables' ipq_read and ipulog_read Functions Local User Denial of Service Vulnerability in Zebra and Quagga Denial of Service Vulnerability in getifaddrs Function in GNU libc Unspecified Buffer Overflow Vulnerability in PHP 4.3.3 and Earlier Unknown Impact and Attack Vectors of Integer Overflows in PHP's base64_encode and GD Library Vulnerability: Inconsistent Return Value in php_check_safe_mode_include_dir Function Buffer Overflow Vulnerability in m_join in IRCnet IRCD 2.10.x to 2.10.3p3 Heap-based Buffer Overflow in readstring of httpget.c in mpg123 0.59r and 0.59s Denial of Service Vulnerability in Tomcat 4.0.x up to 4.0.3 Heap-based Buffer Overflow in Opera 7.11 and 7.20 via Large Number of Escaped Characters in HREF QuickTime Java Unauthorized Access Vulnerability Symlink Attack Vulnerability in OpenServer before 5.0.6 Multiple SQL Injection Vulnerabilities in DeskPRO 1.1.0 and Earlier Symbolic Link Vulnerability in OpenSLP's slpd.all_init Script Finder in Mac OS X 10.2.8 and earlier: Global Permissions Vulnerability Symlink Attack Vulnerability in Mac OS X Core Files Local Privilege Escalation via Symlink Attack in slpd Daemon on Mac OS X Local Privilege Escalation Vulnerability in Mac OS X before 10.3 Insecure Authentication in Mac OS X Mail: Privilege Escalation via Password Sniffing TCP Timestamp Initialization Vulnerability in Mac OS X Insecure Access to Secure Preference Panes in Mac OS X Insecure Temporary File Creation Vulnerability in Xscreensaver 4.14 Remote Code Execution via Format String Vulnerability in Hylafax 4.1.7 and Earlier Insecure Temporary Cache File Vulnerability in ez-ipupdate 3.0.11b7 and Earlier Buffer Overflow Vulnerability in Oracle 9i Database 9.0.x and 9.2.x Buffer Overflow Vulnerability in Mac OS X Kernel 10.2.8 and Earlier Arbitrary Code Execution via Class Loading Vulnerability in Java Virtual Machine Shatter vulnerability in CommCtl32.dll: Arbitrary Code Execution via Button Control Messages Local Privilege Escalation via Symlink Attack in IBM DB2 7.2 and Earlier Versions Buffer Overflow in defang in libhttpd.c for thttpd 2.21 to 2.23b1 Insecure Random Number Generation in Perl 5.8.1 on Fedora Core Remote Code Execution Vulnerability in PostgreSQL 7.2.x and 7.3.x Arbitrary Command Execution Vulnerability in Minimalist Mailing List Manager Remote Code Execution Vulnerability in Microsoft Data Access Components (MDAC) NTLM Authentication Vulnerability in Microsoft Exchange 2003 and Outlook Web Access Denial of Service Vulnerability in Windows Media Services 4.1 Buffer Overflow Vulnerability in Windows Metafile (WMF) and Enhanced Metafile (EMF) Image Formats in Microsoft Windows NT 4.0 SP6a, 2000 SP2-SP4, and XP SP1 Arbitrary Code Execution via HCP URLs in Microsoft Windows XP SP1 Help and Support Center Privilege Escalation via Shatter-Style Attack in Microsoft Windows 2000 Utility Manager Elevated Privilege Execution Vulnerability in Windows XP NtSetLdtEntries Function Vulnerability: Local Privilege Escalation and Arbitrary Code Execution Terminal Application Unauthorized Access Vulnerability Remote Cache Poisoning Vulnerability in ISC BIND 8.3.x and 8.4.x Arbitrary File Overwrite Vulnerability in netpbm 9.25 and Earlier Buffer Overflow Vulnerability in Ethereal 0.9.15 and Earlier via Malformed GTP MSISDN String Denial of Service Vulnerability in Ethereal and Tethereal Ethereal 0.9.15 Heap-Based Buffer Overflow in SOCKS Dissector Bypassing Policy in Clearswift MAILsweeper before 4.3.15 via RAR 3.20 Encoded Files ZIP 6.0 Encoding Bypass Vulnerability in Clearswift MAILsweeper Bypassing Policy in Clearswift MAILsweeper before 4.3.15 through BinHex (HQX) Filename Detection Vulnerability Denial of Service Vulnerability in Sygate Enforcer 4.0 Buffer Overflow Vulnerability in Omega-RPG 0.90 Buffer Overflow Vulnerability in Conquest 7.2 and Earlier: Local Code Execution via Long Environment Variable Default WEP Keys Exposed in Symbol Access Portable Data Terminal (PDT) 8100 Unrestricted Access to MIB Objects in Net-SNMP Privilege Escalation via Symantec PCAnywhere Service Local Privilege Escalation in SCO UnixWare and Open UNIX Local Privilege Escalation in SAP DB Server Buffer Overflow Vulnerability in SAP DB Server 7.4.03.27 and Earlier Arbitrary File Read Vulnerability in SAP DB Web-Tools Remote Access and Configuration Modification Vulnerability in SAP DB Web-Tools Buffer Overflow in Web Agent Administration Service in web-tools for SAP DB Default Services Enabled in SAP DB Before 7.4.03.30: Information Disclosure and Database Redirection Vulnerability Buffer Overflow in SAP DB Web-Tools Allows Remote Code Execution Predictable Session IDs in Web Database Manager of SAP DB ClamAV-Milter Format String Vulnerability in MAIL FROM Command Buffer Overflow Vulnerability in iwconfig Allows Arbitrary Code Execution Buffer Overflow in iwconfig Allows Local Code Execution via Long HOME Environment Variable Privilege Escalation Vulnerability in xsok 1.02 Arbitrary Command Execution via Insufficiently Random Directory Name in PeopleSoft PeopleTools Certificate Validation Vulnerability in HP-UX Partition Manager (parmgr) Buffer Overflow Vulnerability in rcp for AIX 4.3.3, 5.1, and 5.2: Local Privilege Escalation Stack-based Buffer Overflow in OpenBSD Kernel 3.3 and 3.4 Race conditions in O_DIRECT handling leading to data leakage and corruption Integer Overflow Vulnerabilities in Linux 2.4 Kernel's 32-bit Emulation for AMD64 Architectures Certificate Chain Validation Vulnerability in OpenCA Integer Overflow in do_brk Function Allows Local Privilege Escalation Heap-based Buffer Overflow in Rsync Server Mode Remote Code Execution via Buffer Overflow in lftp 2.6.9 and Earlier Mailman 2.1.4 Admin CGI Script Cross-Site Scripting (XSS) Vulnerability Buffer Overflow Vulnerability in Elm Email Client Denial of Service Vulnerability in FreeRADIUS 0.9.2 and Earlier via Short RADIUS String Attribute Stack-based Buffer Overflow in FreeRADIUS rlm_smb Module Format String Vulnerability in mpg321 0.2.10 Denial of Service Vulnerability in Sun Fire B1600 Network Management Port ElGamal Key Reuse Vulnerability in GnuPG (GPG) 1.0.2 - 1.2.3 Buffer Overflow Vulnerability in GNU Screen 4.0.1 and Earlier Denial of Service Vulnerability in mod_python 3.0.x and 2.7.x Remote Code Execution Vulnerability in Applied Watch Command Center Cookie Theft Vulnerability in Apple Safari 1.0 through 1.1 NFS Server (XNFS.NLM) for Novell NetWare 6.5 Hostname Alias Vulnerability Arbitrary File and Directory Creation Vulnerability in CVS Server Format String Vulnerability in gpgkeys_hkp Allows Remote Code Execution Vulnerability: Unescaped Line Breaks in FreeScripts VisitorBook LE (visitorbook.pl) Arbitrary HTML and Script Injection in FreeScripts VisitorBook LE Reverse DNS Spoofing Vulnerability in FreeScripts VisitorBook LE (visitorbook.pl) Buffer Overflow Vulnerability in Cisco ACNS Authentication Module Default Settings Vulnerability in Cisco Unity on IBM Servers RTC Structure Initialization Vulnerability Linux Kernel mremap System Call Vulnerability Vulnerability: Lack of copy_from_user Function in PPC64 Architecture on Linux Kernel Insecure Nonce Verification in mod_digest for Apache Arbitrary Code Execution Vulnerability in KDE Personal Information Management Suite Denial of Service Vulnerability in tcpdump before 3.8.1 via ISAKMP Packets Remote Command Execution via Shell Metacharacters in To: Field Denial of Service Vulnerability in Mailman Command Handler Mailman 2.1.3 Cross-Site Scripting (XSS) Vulnerability Apache 1.3 mod_access IP Address Parsing Vulnerability Local Privilege Escalation in Symantec LiveUpdate 1.70.x through 1.90.x Remote Denial of Service Vulnerability in Microsoft Message Queue Manager (MSQM) Privilege Escalation Vulnerability in CA Unicenter Remote Control (URC) 6.0 via Help Interface Critical Denial of Service Vulnerability in CA Unicenter Remote Control (URC) 6.0 Privilege Escalation Vulnerability in Computer Associates (CA) Unicenter Remote Control and ControlIT Multiple Remote Code Execution and File Manipulation Vulnerabilities in Solaris 2.6 through 9 Remote Denial of Service Vulnerability in xchat 2.0.6 via Invalid ID Number in Passive DCC Request Cisco Firewall Services Module (FWSM) Buffer Overflow Vulnerability Denial of Service Vulnerability in Cisco Firewall Services Module (FWSM) Denial of Service Vulnerability in Cisco PIX Firewall Denial of Service Vulnerability in Cisco PIX Firewall 6.2.x through 6.2.3 Denial of Service Vulnerability in Mac OS X PKI Functionality Buffer Overflow Vulnerability in cd9660.util in Apple Mac OS X 10.0 through 10.3.2 and Apple Mac OS X Server 10.0 through 10.3.2 Malformed Request Handling Vulnerability in AppleFileServer (AFS) Screen Saver Login Bypass Vulnerability in Mac OS X 10.2.8 and 10.3.2 Privilege Escalation via Malicious DHCP Server in Apple Mac OS X and Mac OS X Server Privilege Escalation Vulnerability in fs_usage in Mac OS X 10.2.8 and 10.3.2 Local Privilege Escalation Vulnerability in Apple Mac OS X 10.0-10.2.8 Denial of Service Vulnerability in Ethereal SMB Dissector Q.931 Dissector Null Dereference Denial of Service Vulnerability MIME Field Name Confusion Vulnerability Whitespace Manipulation Vulnerability in Content Security Gateway and Antivirus Products MIME Header Quoting Vulnerability in Content Security Gateway and Antivirus Products Predictable File Location Vulnerability in Macromedia Flash Player Format String Vulnerability in enq Command in AIX 4.3, 5.1, and 5.2 Denial of Service Vulnerability in irssi's format_send_to_gui Function Privilege Escalation Vulnerability in scosession Program Directory Traversal Vulnerability in FSP (before 2.81.b18) Allows Remote File Access Arbitrary Code Execution via Stack-based Buffer Overflow in Midnight Commander (mc) Privilege Escalation Vulnerability in tcsh's ls-F Builtin Function on Solaris 8 Improper URL Canonicalization Vulnerability in Internet Explorer 5.01 through 6 SP1 Travel Log Cross Domain Vulnerability Method Caching Vulnerability in Internet Explorer 5.01 through 6 SP1 Cache Directory Disclosure Vulnerability in Internet Explorer 6 SP1 Denial of Service Vulnerability in tcpdump's L2TP Protocol Parser Buffer Overflow in DameWare Mini Remote Control: Remote Code Execution Vulnerability Arbitrary HTML and Script Injection in vBulletin 3.0 Beta 2 Register.php Denial of Service Vulnerability in Pi3Web Web Server 2.0.2 Beta 1 Privilege Escalation via User-Provided INSTROOT Path in SAP DB Development Tools 7.x World-writable permissions on RPM-installed SAP DB 7.x programs allow local privilege escalation Remote Account Lock Bypass Vulnerability in SAP R/3 46C/D Multiple Buffer Overflows in SAP Internet Transaction Server (ITS) AGate Component WGate Component Format String Vulnerability in SAP Internet Transaction Server (ITS) Sensitive Information Disclosure in AGate Component for SAP Internet Transaction Server (ITS) Multiple Buffer Overflows in mySAP.com Architecture Allow Remote Code Execution Denial of Service Vulnerability in kmod in Linux Kernel Arbitrary Program Execution via Directory Traversal in Internet Explorer 5.x and 6.0 Arbitrary SQL Execution Vulnerability in collectstats.pl for Bugzilla 2.16.3 and Earlier Arbitrary SQL Execution Vulnerability in Bugzilla 2.16.3 and Earlier, and 2.17.1 through 2.17.4 Unauthenticated Group Addition Vulnerability in Bugzilla 2.16.3 and Earlier Information Disclosure Vulnerability in Bugzilla's votes.cgi Improper Group Membership Verification in Bugzilla 2.17.3 and 2.17.4 Double Free Vulnerability in mshtml.dll Allows Remote Denial of Service via Malformed GIF Image Insecure Permissions in IBM DB2 Universal Database 7 before FixPak 12 Buffer Overflow Vulnerabilities in IBM DB2 Universal Database 8.1 Multiple Format String Vulnerabilities in IBM DB2 Universal Database 8.1 Privilege Escalation Vulnerability in IBM DB2 7.1 and 8.1 Buffer Overflow Vulnerabilities in XShisen Denial of Service Vulnerability in mod_access_referer 1.0.2 Buffer Overflow in nss_ldap.so.1 Library Allows Local Privilege Escalation Symlink Attack Vulnerability in ed Editor for Sun Solaris 2.6, 7, and 8 Arbitrary Code Execution Vulnerability in CDE Print Viewer (dtprintinfo) for Sun Solaris 2.6 through 9 Vulnerability: Local Privilege Escalation and Denial of Service in Xsun Server PGX32 Frame Buffer Library Vulnerability in Solaris: Local Privilege Escalation NFS Server Denial of Service Vulnerability in Solaris 7, 8, and 9 Solaris Local Privilege Escalation via Race Condition Kernel Memory Read Vulnerability in Solaris sysinfo System Call Cachefs Patch Vulnerability: Silent Service Reenabling and Security Policy Bypass IPv6 Denial of Service Vulnerability in Solaris 8 Denial of Service Vulnerability in Solaris 8 Patches 108993-14 through 108993-19 and 108994-14 through 108994-19 Buffer Overflow Vulnerability in Solaris Syslog Daemon Buffer Overflow Vulnerabilities in dbm_open and dbminit Functions in Solaris 2.6-9 Root Privilege Escalation via Buffer Overflow in utmp_update on Solaris 2.6-9 (Sun BugID 4659277) Solaris Telnet Daemon Denial of Service Vulnerability Denial of Service Vulnerability in Solaris rpcbind Arbitrary User ID Spoofing Vulnerability in Solaris rpc.walld Memory Leak Vulnerability in lofiadm in Solaris 8 Race Condition Vulnerability in Solaris at Command Allows Arbitrary File Deletion Root Privilege Escalation Vulnerability in Solaris 9 newtask Denial of Service Vulnerability in Solaris FTP Server Sendmail Local Privilege Escalation and Denial of Service Vulnerability UFS File System Hang Vulnerability in Solaris 9 for SPARC FTP Client Debug Mode Password Disclosure Vulnerability Denial of Service Vulnerability in Solaris UDP RPC Solaris Mail Local User Email Reading Vulnerability Symlink Attack Vulnerability in Aspppls for Solaris 8 Root Privilege Escalation via Buffer Overflow in utmp_update on Solaris 2.6-9 (Sun BugID 4705891) Remote Code Execution Vulnerability in Monit 1.4 to 4.1 via Long HTTP Request Denial of Service Vulnerability in Monit 1.4 to 4.1 Denial of Service Vulnerability in Thomson TWC305, TWC315, and TCW690 Cable Modem ST42.03.0a Remote File Inclusion Vulnerability in pMachine Free and pMachine Pro 2.2 and 2.2.1 Remote Denial of Service Vulnerability in diagmond and Other Applications in HP9000 Series 700/800 running HP-UX B.11.00, B.11.04, B.11.11, and B.11.22 Arbitrary Web Script Injection Vulnerability in Zorum 3.4 and 3.5 Path Disclosure Vulnerability in Zorum 3.4 index.php Buffer Overflow Vulnerability in AbsoluteTelnet: Remote Code Execution via Long Window Title Integer Overflow in MP3Broadcaster: Remote Code Execution and Denial of Service Vulnerability Memory Allocation Vulnerability in AFCTR Tool Version of File Package Password Leakage Vulnerability in BEA WebLogic Server 6.1, 7.0, and 7.0.0.1 Privilege Escalation Vulnerability in BEA WebLogic Server and Express version 7.0 SP3 Session Persistence Vulnerability in BEA WebLogic Server and Express 7.0 and 7.0.0.1 Cisco LEAP Vulnerability: Brute Force Password Guessing Attack Buffer Overflow Vulnerability in rexec on HP-UX B.10.20, B.11.00, and B.11.04 Privilege Escalation Vulnerability in HP-UX 11.22 Xserver Predictable Temporary File Names Vulnerability on HP-UX B.11.00, B.11.04, and B.11.11 Hummingbird CyberDOCS Multiple Cross-Site Scripting (XSS) Vulnerabilities Information Disclosure: Full Path Disclosure in Hummingbird CyberDOCS 3.5.1, 3.9, and 4.0 Insecure Permissions in Hummingbird CyberDOCS 3.5, 3.9, and 4.0 Allow Remote Source Code Disclosure SQL Injection Vulnerability in Hummingbird CyberDOCS Loginact.asp Buffer Overflow Vulnerability in IBM Tivoli Firewall Toolbox (TFST) 1.2 Denial of Service Vulnerability in Internet Explorer 5.01 SP3 through 6.0 SP1 Denial of Service Vulnerability in Microsoft Windows 2000 SMTP Service URL Command Bypass Vulnerability in Microsoft Windows Media Player Remote Code Execution and Denial of Service Vulnerability in Alcatel OmniPCX Enterprise 5.0 Lx Remote Code Execution and Denial of Service Vulnerability in Cisco SIP Implementation Remote Code Execution and Denial of Service Vulnerability in Columbia SIP User Agent (sipc) Remote Code Execution Vulnerability in Dynamicsoft SIP Implementation Remote Code Execution and Denial of Service Vulnerability in Ingate Firewall and Ingate SIParator Remote Code Execution and Denial of Service Vulnerability in IPTel SIP Express Router Remote Code Execution and Denial of Service Vulnerability in Mediatrix Telecom VoIP Access Devices and Gateways SIP-T Implementation Vulnerability in Nortel Networks Succession Communication Server 2000 Authentication Bypass and Information Disclosure in Oracle E-Business Suite's Report Review Agent (RRA) Communications Protocol Buffer Overflow Vulnerability in RealSystem Server and Proxy SETI@home Client Buffer Overflow Vulnerability Denial of Service Vulnerability in SSH Secure Shell before 3.2.9 Privilege Escalation Vulnerability in SSH Tectia Server 4.0.3 and 4.0.4 for Unix Privilege Escalation in ScriptLogic 4.01 and Earlier Versions Insecure Permissions in ScriptLogic 4.01 and Earlier: Log Modification and Code Execution Vulnerability Java Security Model Bypass Vulnerability Arbitrary File Creation and Modification Vulnerability in Sun Management Center (SunMC) Denial of Service Vulnerability in ns-ldapd for Sun ONE Directory Server 4.16, 5.0, and 5.1 Denial of Service Vulnerability in SunOne/iPlanet Web Server SP3 through SP5 on Windows Platforms Whale Communications e-Gap 2.5 on Windows 2000 Source Code Disclosure Vulnerability Arbitrary Command Execution Vulnerability in X2 XMMS Remote Buffer Overflow in Yahoo! Audio Conferencing ActiveX Control Allows Remote Code Execution Remote File Inclusion Vulnerability in KnowledgeBuilder Allows Arbitrary PHP Code Execution Denial of Service Vulnerability in Cisco Content Service Switch (CSS) 11000 and 11500 DNS Server Insecure ACLs in The Bat! Email Client Allow Unauthorized Access to User Emails Denial of Service Vulnerability in Sun Java 1.3.1, 1.4.1, and 1.4.2 Buffer Overflow Vulnerability in Yahoo! Messenger 5.6 Chi Kien Uong Guestbook 1.51 XSS Vulnerability Remote File Read and Arbitrary CGI Script Execution in Charles Steinkuehler sh-httpd 0.3 and 0.4 Directory Listing Vulnerability in Apache 2.0.40 on Red Hat Linux 9.0 Arbitrary File Overwrite Vulnerability in Musicqueue 1.2.0 Buffer Overflow in Musicqueue 1.2.0: Local Code Execution via Long Language Variable Remote Code Execution Vulnerability in NIPrint 4.10 via Buffer Overflow Privilege Escalation in NIPrint LPD-LPR Print Server 4.10 and Earlier Denial of Service Vulnerability in Croteam Serious Sam Games Buffer Overflow in Perception LiteServe Log Viewing Interface OpenAutoClassifieds 1.0 - Cross-Site Scripting (XSS) Vulnerability in friendmail.php John Beatty Easy PHP Photo Album 1.0 - Cross-Site Scripting (XSS) Vulnerability in dir Parameter PHP Remote File Inclusion Vulnerabilities in J-Pierre DEZELUS Les Visiteurs 2.0.1 Arbitrary Web Script Injection Vulnerability in Symantec Norton Internet Security 2003 Buffer Overflow Vulnerability in Novell NetWare 6 SP3 and ZenWorks for Desktops 3.2 SP2 through 4.0.1 Arbitrary Web Script Injection in Fastream NETFile Server 6.0.3.588 Arbitrary Directory Listing Vulnerability in WebTide 7.04 Arbitrary File and Directory Listing Vulnerability in byteHoard 0.7 and 0.71 Bypassing Virus Protection in MAILsweeper for SMTP 4.3 via Malformed Zip Attachment Local Privilege Escalation Vulnerability in X-CD-Roast 0.98 alpha10 through alpha14 Symlink Attack Vulnerability in Java Runtime Environment (JRE) and Software Development Kit (SDK) 1.4.2 through 1.4.2_02 Citrix MetaFrame XP Server 1.0 Login.asp Cross-Site Scripting (XSS) Vulnerability Buffer Overflow Vulnerabilities in Plug and Play Web Server FTP Service Denial of Service Vulnerability in Plug and Play Web Server Proxy 1.0002c Authentication Bypass Vulnerability in FlexWATCH Network Video Server 132 Backdoor Vulnerability in Linux Kernel 2.6-test9-CVS Allows Privilege Escalation Arbitrary Message Reading and Replying Vulnerability in Tritanium Bulletin Board 1.2.3 Out-of-Bounds Array Index Denial of Service in Ganglia gmond 2.5.3 Arbitrary Web Script Injection Vulnerability in Mldonkey 2.5-4 Buffer Overflow Vulnerability in BRS WebWeaver 1.06 and Earlier via Long User-Agent Header Directory Traversal Vulnerability in Openfile.aspx and Html.aspx in HTTP Commander 4.0 Privilege Escalation via PATH Variable Manipulation in KPopup 0.9.1 Information Disclosure Vulnerability in HTTP Commander 4.0 Insecure Write Permissions in DATEV Nutzungskontrolle Allow Local Users to Bypass Access Restrictions Format String Vulnerability in kpopup 0.9.1 and 0.9.5pre2 Allows Arbitrary Code Execution Heap-based Buffer Overflow in mod_security 1.7RC1 through 1.7.1 in Apache 2 Apache Cocoon Directory Traversal Vulnerability Sensitive Information Disclosure in Centrinity FirstClass 7.1 via URL Manipulation Buffer Overflow Vulnerability in NullSoft Shoutcast Server 1.9.2 Sympoll 1.5 index.php Cross-Site Scripting (XSS) Vulnerability Remote Code Execution in Web Wiz Forums 6.34 through 7.5 via FID Parameter Manipulation Buffer Overflow Vulnerability in MERCUR Mailserver 4.2 before SP3a Advanced Poll 2.0.2 - Remote Code Execution via Eval Injection in comments.php Multiple PHP Remote File Inclusion Vulnerabilities in Advanced Poll 2.0.2 Directory Traversal Vulnerability in Advanced Poll 2.0.2 Sensitive Information Disclosure in Advanced Poll 2.0.2 via info.php MPM Guestbook 1.2 Cross-Site Scripting (XSS) Vulnerability Local File Access Vulnerability in Oracle Files WebCache Multiple Cross-Site Scripting (XSS) Vulnerabilities in ThWboard Beta 2.8 and 2.81 Multiple SQL Injection Vulnerabilities in ThWboard before Beta 2.8.2 Buffer Overflow in TelCondex SimpleWebServer 2.12.30210 Build3285: Remote Code Execution via Long HTTP Referer Header Arbitrary Web Script Injection via contact_email Parameter in PHPKIT 1.6.02 and 1.6.03 Unichat Denial of Service Vulnerability through Duplicate ACTOR Entries Denial of Service Vulnerability in Nokia IPSO 3.7 IP Clusters Arbitrary Code Injection through Recipe in PHPRecipeBook 1.24-2.17 Denial of Service Vulnerability in e107 0.554 and 0.603 via HTML Injection in Name Field IA WebMail Server 3.1.0 Stack-Based Buffer Overflow Vulnerability SQL Injection Vulnerabilities in Oracle Oracle9i Application Server 9.0.2.00 through 3.0.9.8.5 Arbitrary Web Script Injection Vulnerability in Booby .1 through 0.2.3 SQL Injection Vulnerability in getmember.asp in VieBoard 2.6 Beta 1 SQL Injection Vulnerability in VieBoard 2.6 viewtopic.asp Cross-Site Scripting (XSS) Vulnerability in LedForums Beta 1 Denial of Service Vulnerability in Cherokee Web Server MyProxy 20030629 Cross-Site Scripting (XSS) Vulnerability Remote Code Execution Vulnerability in Alt-N MDaemon 6.5.2 through 6.8.5 Uninitialized Pointer Vulnerability in OpenLDAP 2.1.12 and Earlier Arbitrary Command Execution in omail.pl for omail webmail 0.98.4 and earlier Remote Code Execution via Cross-Site Scripting (XSS) in Mambo Site Server 4.0.10 Multiple Cross-Site Scripting (XSS) Vulnerabilities in Mambo Site Server 4.0.12 BETA and Earlier Denial of Service Vulnerability in Crob FTP Server 2.60.1 via con File Renaming Format String Vulnerability in Crob FTP Server 2.60.1 Allows Remote Denial of Service Denial of Service Vulnerability in Crob FTP Server 3.5.1 Buffer Overflow Vulnerabilities in Oracle 9i 9 before 9.2.0.3 Denial of Service Vulnerability in Monkey HTTP Daemon 0.6.2 SQL Injection Vulnerabilities in PHP-Nuke Downloads Module MaxWebPortal 1.30 XSS Vulnerability in search.asp MaxWebPortal 1.30 Remote Unauthorized Actions Vulnerability Insecure Access Control in MaxWebPortal 1.30 Allows Remote Information Disclosure Server Login Bypass Vulnerability in VisualShapers ezContents 2.02 and Earlier SQL Injection Vulnerability in groupcp.php for phpBB 2.0.6 and Earlier SQL Injection Vulnerability in phpBB 2.0.6 and Earlier: Remote Code Execution via search_id Parameter Arbitrary Web Script Injection Vulnerability in osCommerce Denial of Service Vulnerability in BEA WebLogic Server Proxy Plugin Insecure T3 Port Allows Session Sniffing in BEA WebLogic Server Cleartext Password Storage and Disclosure in BEA Weblogic Express and Server 8.0 through 8.1 SP 1 Denial of Service Vulnerability in BEA WebLogic Node Manager Clear-text Password Display Vulnerability in Weblogic.admin Cleartext Password Storage Vulnerability in BEA WebLogic Server and Express 7.0 and 7.0.0.1 Insecure Storage of Password Encryption Secrets in BEA WebLogic Server and Express 7.0 and 7.0.0.1 PHP Remote File Include Vulnerability in Gallery 1.4 and 1.4-pl1 Buffer Overflow Vulnerability in Mathopd Web Server Improper Validation of Digital Certificates in X509TrustManager SYN Cookies Vulnerability in FreeBSD 4.5 through 5.0-RELEASE-p3 Arbitrary Script Injection in ECW-Shop 5.5 via cat Parameter Arbitrary Command Execution in Emacs 21.2.1 via Local Variables Vulnerability: Privileged Bypass of File Access Restrictions in Pedestal Software Integrity Protection Driver (IPD) 1.3 and Earlier Integer Overflow Vulnerability in FreeBSD f_count Counter Sensitive Server Environment Information Disclosure in BRW WebWeaver 1.03 Arbitrary Code Execution via Format String Vulnerabilities in Tanne 0.6.17 Logger Function Cross-Site Scripting (XSS) Vulnerability in WWWBoard 2.0A2.1 and Earlier Cross-Site Scripting (XSS) Vulnerability in Nuked-Klan 1.3 Beta and Earlier Directory Traversal Vulnerability in WihPhoto 0.86: Arbitrary File Read CuteNews 0.88 PHP Remote File Inclusion Vulnerability Remote Code Execution via Cross-Site Scripting (XSS) in MyGuestbook 3.0 Root Web Server Path Disclosure in Sage 1.0 b3 Arbitrary HTML and Web Script Injection Vulnerability in Sage 1.0 b3 SQL Injection Vulnerability in phpBB 2.0, 2.0.1, and 2.0.2 via forum_id parameter in index.php Remote Code Execution in Mambo 4.0.12 via Session ID Manipulation Arbitrary File Overwrite Vulnerability in Integrity Protection Driver (IPD) Multiple Buffer Overflows in H-Sphere WebShell 2.3 Arbitrary Command Execution in H-Sphere WebShell 2.3 Session Hijacking Vulnerability in WebIntelligence 2.7.1 Denial of Service Vulnerability in Efficient Networks 5861 DSL Router Firmware 5.3.80 Remote Code Execution in N/X 2002 via Arbitrary PHP Code Execution Arbitrary PHP Command Execution in S8Forum 3.0 via User Registration Bookmark4U 1.8.3 PHP Remote File Inclusion Vulnerability Remote Code Execution in Active PHP Bookmarks (APB) 1.1.01 via APB_SETTINGS Parameter Arbitrary Bookmark Addition Vulnerability in Active PHP Bookmarks (APB) 1.1.01 Remote Code Execution in aff_liste_langue.php in E-theni Remote Code Execution via phpinfo in find_theni_home.php Unauthorized Administrative Access Vulnerability in versatileBulletinBoard (vBB) 0.9.5 and 0.9.6 Buffer Overflow Vulnerability in CuteFTP 4.2 and 5.0 via Long FTP Server Banner CuteFTP 5.0 Buffer Overflow Vulnerability Buffer Overflow Vulnerability in CuteFTP 5.0 and 5.0.1: Denial of Service via Long URL Buffer Overflow Vulnerability in HTTP Fetcher 1.0.0 and 1.0.1: Remote Code Execution and Denial of Service Remote Denial of Service Vulnerability in iCal 3.7 via Malformed HTTP Request Unauthenticated Remote Access and Privilege Escalation in Longshine WAP LCS-883R-AC-B and D-Link DI-614+ 2.0 Trash Folder Vulnerability in Netscape 7.0 and Mozilla 5.0 Denial of Service Vulnerability in EServer 2.92 through 2.98 Denial of Service Vulnerability in GuildFTPd 0.999 via GET Request for MS-DOS Device Names Multiple SQL Injection Vulnerabilities in a.shopKart 2.0.3 Root Web Server Path Disclosure Vulnerability HTTP 1.41e Denial of Service Vulnerability XSS Vulnerability in AN HTTP 1.41e Allows Remote Code Execution Buffer Overflow Vulnerabilities in Winamp 3.0 Denial of Service Vulnerability in Winamp 3.0 with Non-English Playlist Names Denial of Service Vulnerability in Winamp 3.0 via .b4s File with File Argument Denial of Service Vulnerability in Pocket Internet Explorer (PIE) 3.0 via Recursive JavaScript Function Weak Encryption and Plaintext Storage of User Credentials in NetTelephone 3.5.6 Arbitrary Script Execution and Cookie Theft in Yet Another Bulletin Board (YaBB) 1.5.0 OpenTopic 2.3.1 Cross-Site Scripting (XSS) Vulnerability Local File Overwrite and Privilege Escalation Vulnerabilities in S-PLUS 6.0 Arbitrary File Creation Vulnerability in cgihtml 1.69 Local File Overwrite Vulnerability in cgihtml 1.69 Sensitive Information Disclosure in IBM Net.Data Remote Code Execution Vulnerability in KaZaA Media Desktop (KMD) 2.0 Information Disclosure Vulnerability in Sambar Server before 6.0 beta 6 Multiple Cross-Site Scripting (XSS) Vulnerabilities in Sambar Server before 6.0 beta 6 HTTP Proxy Bypass Vulnerability in Sambar Server before 6.0 beta 6 Arbitrary Code Execution via MS-DOS Device Name in Sambar Server Race conditions in Linux-VServer 1.22 with Linux kernel 2.4.23 and SMP leading to kernel oops Memory Disclosure Vulnerability in iBCS2 System Call Translator Information Disclosure Vulnerability in BEA WebLogic Server and WebLogic Express Arbitrary Program Execution Vulnerability in VMware ESX Server 1.5.2 Remote File Inclusion Vulnerability in Derek Ashauer ashNews 0.83 Cross-Site Scripting (XSS) Vulnerabilities in NukedWeb GuestBookHost Insecure Temporary File Creation Vulnerability in Xscreensaver Unspecified Vulnerability in xscreensaver 4.12 and Other Versions: User-Password Verification Crash Denial of Service Vulnerability in Easy File Sharing (EFS) Web Server 1.2 Insufficient Access Control in Easy File Sharing (EFS) Web Server 1.2 Allows Remote Information Disclosure Multiple Directory Traversal Vulnerabilities in AnyPortal(php) 12 MAY 00 Directory Traversal Vulnerability in Baby FTP Server 1.2 and Earlier Versions Denial of Service Vulnerability in Baby FTP Server (BabyFTP) 1.2 and Earlier Versions Denial of Service Vulnerability in Sun Java Runtime Environment (JRE) IMAP Denial of Service Vulnerability in PHP Buffer Overflow Vulnerability in PHP IMAP Functionality Insufficient Access Control in EarlyImpact ProductCart 1.0 through 2.0 Allows Remote Database Information Retrieval Denial of Service Vulnerability in Microsoft Internet Explorer via Recursive Javascript Loading Information Disclosure Vulnerability in Microsoft URLScan 2.5 Apache mod_php Local Privilege Escalation Vulnerability CRLF Injection Vulnerability in fvwm-menu-directory Privilege Escalation Vulnerability in ZoneAlarm DeviceIoControl Function Device Driver Attack: Privilege Escalation in Norton AntiVirus 2002 Arbitrary Redirection Vulnerability in Netegrity SiteMinder Session ID Exposure in Netegrity SiteMinder's SMSESSION Parameter PHP Remote File Inclusion Vulnerabilities in EternalMart Mailing List Manager (EMLM) 1.32 Remote File Inclusion Vulnerability in EternalMart Guestbook (EMGB) 1.1 SQL Injection Vulnerability in LDU v601 and Earlier: Remote Code Execution Information Disclosure Vulnerability in mod.php in eNdonesia 8.2 eNdonesia 8.2 mod.php Cross-Site Scripting (XSS) Vulnerability Denial of Service Vulnerability in Twilight Webserver 1.3.3.0 Multiple Buffer Overflows in SmartFTP 1.0.973 and Earlier Versions Denial of Service and Remote Code Execution Vulnerability in SonicWALL Firmware Buffer Overflow Vulnerability in Avant Browser 8.02 Multiple stack-based buffer overflows in Atrium MERCUR IMAPD in MERCUR Mailserver before 4.2.15.0 Local Privilege Escalation in Elm ME+ 2.4 before PL109S Race condition vulnerability in can_open function in Elm ME+ 2.4 allows local users to read and modify files with mail group privileges Denial of Service Vulnerability in Half-Life CSTRIKE Dedicated Server 1.1.1.0 and Earlier Improper Cross Domain Security Validation with Dialog Box Vulnerability in Microsoft Internet Explorer 5.5 and 6.0 Buffer Overflow in SockPrintf Function in wu-ftpd 2.6.2 and Earlier Improper Cross Domain Security Validation with ShowHelp Functionality Vulnerability Denial of Service Vulnerability in wu-ftpd 2.6.2 Bypassing E-mail Attachment Filtering Policies in Clearswift MAILsweeper for SMTP 4.3.6 SP1 Stack-based Buffer Overflow in mysql_real_connect Function in libmysqlclient 4.0.13 and Earlier Stack-based Buffer Overflow in Samba 2.2.7a and Earlier: Remote Code Execution Vulnerability Remote Code Execution Vulnerability in InterSystems Cache' Server Page (CSP) Implementation Arbitrary Web Script Injection in Kai Blankenhorn Bitfolge Simple and Nice Index File (snif) Directory Traversal Vulnerability in Kai Blankenhorn Bitfolge Simple and Nice Index File (aka snif) before 1.2.5 Buffer Overflow in mIRC: Remote Code Execution via Long irc:// URL Aprelium Abyss Web Server Heap-Based Buffer Overflow Vulnerability CRLF Injection Vulnerability in Aprelium Abyss Web Server 1.1.2 and Earlier Stack-based Buffer Overflow in eZnet.exe Allows Remote Code Execution Multiple SQL Injection Vulnerabilities in Francisco Burzi PHP-Nuke 5.6 and 6.5 Authentication Bypass Vulnerability in Trend Micro OfficeScan Denial of Service Vulnerability in Trend Micro Virus Control System (TVCS) 1.8 Backdoor Account Vulnerability in Trend Micro ScanMail for Exchange (SMEX) Trend Micro Virus Control System (TVCS) Log Collector Information Disclosure Vulnerability WebCollection Plus 5.00 Directory Traversal Vulnerability Remote Factory Default Setting Vulnerability in D-Link DWL-900AP+ Access Point Multiple Cross-Site Scripting (XSS) Vulnerabilities in Geeklog 1.3.7 Arbitrary Web Script Injection in ftls.org Guestbook 1.1 NITE ftp-server (NiteServer) 1.83 Directory Traversal Vulnerability Account Hijacking Vulnerability in List Site Pro 2.0 Arbitrary File Read Vulnerability in EditTag 1.1 Email Leakage Vulnerability in Gabber 0.8.7 Arbitrary Web Script Injection in Outreach Project Tool (OPT) 0.946b GameSpy 3D 2.62 Servers Vulnerable to UDP Amplification DDoS Attacks Remote Console Buffer Overflow Vulnerability in Battlefield 1942 1.2 and 1.3 HP-UX File Handling Vulnerability Default Administrator Password Vulnerability in ProxyView for Embedded Windows NT Privilege Escalation via PATH Manipulation in rs.F300 for HP-UX 10.0 through 11.22 Buffer Overflow Vulnerability in stmkfont Utility of HP-UX 10.0 through 11.22 Buffer Overflow in setupterm Function of HP-UX Programs Allows Arbitrary Code Execution Root Privilege Escalation Vulnerability in VERITAS Bare Metal Restore (BMR) of Tivoli Storage Manager (TSM) 3.1.0 through 3.2.1 Improper Configuration of NOVRFY and NOEXPN Options in HP-UX 11.00 and 11.11 Sendmail.cf File Unlogged Connection Attempts Vulnerability in Abyss Web Server Denial of Service Vulnerability in Abyss Web Server 1.1.2 Vulnerability: Improper Filtering of Dangerous Characters in CGI::Lite Hard Link Attack Vulnerability in chpass in OpenBSD 2.0 through 3.2 Majordomo 2.0 through 1.94.4 Vulnerability: Email Address Disclosure via which Command Buffer Overflow Vulnerability in 32bit FTP Client 9.49.1 Buffer Overflow in ByteCatcher FTP Client 1.04b: Remote Code Execution and Denial of Service Vulnerability Cross-Site Scripting (XSS) Vulnerabilities in Nuked-Klan 1.2b Sensitive Server Information Disclosure in Nuked-Klan 1.3b Arbitrary HTML and Web Script Injection in myPHPNuke 1.8.8 Directory Traversal Vulnerability in PhpBB 1.4.0 through 1.4.4 Buffer Overflow Vulnerability in HP-UX 11.0 Disable Command Buffer Overflow Vulnerability in HP-UX Wall Command Weak Random Number Generation in WinZip 8.0 Allows Brute Force Attack on Password-Protected ZIP Files Remote Code Execution Vulnerability in Smart IRC Daemon (SIRCD) 0.4.0 and 0.4.4 via Long Hostname Arbitrary Program Execution via HTML Email in Microsoft Outlook Express 6.0 and Outlook 2000 Sensitive Information Disclosure in ClarkConnect Linux 1.2 BisonFTP Server 4 release 2 Directory Traversal Vulnerability AMX 0.9.2 Format String Vulnerability in Half-Life Server Plugin Remote Code Execution Vulnerability in ISMail 1.4.3 and Earlier via Long Domain Names in MAIL FROM and RCPT TO Fields Sensitive Information Disclosure in WEB-ERP 0.1.4 and Earlier PY-Livredor 1.0 - Cross-Site Scripting (XSS) Vulnerability in index.php Arbitrary PHP Code Execution in Invision Power Board 1.1.1 Information Disclosure Vulnerability in AXIS 2400 Video Server Remote Code Execution Vulnerability in Opera 6.05 and 6.06 via Long Username URL Buffer Overflow Vulnerability in Opera 7.02 Build 2668 Passphrase Truncation Vulnerability in RTS CryptoBuddy 1.2 and Earlier Plaintext Storage of Passphrase Bytes in RTS CryptoBuddy 1.2 and Earlier Weak Encryption Algorithm and Predictable Key Generation in RTS CryptoBuddy 1.0 and 1.2 Insecure Encryption Implementation in CryptoBuddy 1.0 and 1.2 Gupta SQLBase 8.1.0 Buffer Overflow Vulnerability Insufficient Access Control in CoffeeCup Software Password Wizard 4.0 Allows Remote Information Disclosure Buffer Overflow Vulnerability in KaZaA Media Desktop 2.0 Heap-based Buffer Overflow in Opera 6.05 through 7.10 via Long Filename Extension Denial of Service Vulnerability in Opera 6.05 and 7.0 PluginContext Object Cisco IOS Denial of Service Vulnerability Information Disclosure Vulnerability in Eject 2.0.10 Arbitrary Web Script Injection Vulnerability in PHP-Nuke Your_Account Module Insufficient Access Control in php-Board 1.0 Allows Password Disclosure Remote File Inclusion Vulnerability in Kietu 2.0 and 2.3 hit.php Sensitive Information Disclosure via Direct Request in DotBr 0.1 Insufficient Access Control in DotBr 0.1 Allows Remote Information Disclosure Arbitrary Shell Command Execution in DotBr 0.1 Remote File Inclusion Vulnerability in D-Forum 1.00 through 1.11 Buffer Overflow Vulnerability in cmd.exe in Windows NT 4.0 Source Code Disclosure Vulnerability in Lotus Domino Server 5.0 and 6.0 Sensitive Information Disclosure in TOPo 1.43 via Invalid Parameter in.php and out.php Cedric Email Reader 0.2 and 0.3 - Remote File Inclusion Vulnerability in email.php Cedric Email Reader 0.4 PHP Remote File Inclusion Vulnerability Remote File Inclusion Vulnerability in GONiCUS System Administrator (GOsa) 1.0 Arbitrary File Existence Disclosure in parse_xml.cgi in Apple Darwin Streaming Server 4.1.1 Directory Traversal Vulnerability in Apple Darwin Streaming Server and Quicktime Streaming Server Information Disclosure Vulnerability in NetCharts XBRL Server 4.0.0 Denial of Service Vulnerability in BisonFTP Server 4 Release 2 Unsecured Key Storage in nCipher Support Software 6.00 Sensitive Information Disclosure in Apache HTTP Server 1.3.22-1.3.27 on OpenBSD Denial of Service Vulnerability in Netscape 7.0's JavaScript reformatDate Function Opera 6.0-7.0 Cross-Site Scripting (XSS) Vulnerability with HTTP Location Header Injection Unspecified Denial of Service Vulnerability in SuckBot 0.006 mod_mysql_logger Unspecified Privilege Escalation Vulnerabilities in SYSLINUX 2.01 Installer Insufficient Access Control in Petitforum Allows Remote Information Disclosure Improper User Authentication in Petitforum's message.php Arbitrary Command Execution in cPanel 5.0 via guestbook.cgi Arbitrary Code Execution via Openwebmail in cPanel 5.0 Netgear FM114P 1.4 Directory Traversal Vulnerability Insecure Directory Permissions in Gallery 1.3.3: Local Users Can Access and Manipulate Photos Buffer Overflow Vulnerability in Proxomitron Naoko 4.4: Remote Code Execution Unreal Tournament Server 436 and Earlier Directory Traversal Vulnerability Buffer Overflow Vulnerability in Unreal Engine: Remote Denial of Service via Long Host String in Unreal URL Remote Code Execution and Denial of Service Vulnerability in Epic Games Unreal Engine Unreal Engine Remote Player Limit Exhaustion Vulnerability Unauthenticated Bind Vulnerability in login_ldap 3.1 and 3.2 SQL Injection Vulnerability in PHP-Nuke 5.6 and 6.0 Search Module Remote File Inclusion Vulnerability in Nukebrowser 2.1 to 2.5 via filhead Parameter Plaintext Password Storage Vulnerability in BEA WebLogic Server 7.0 and 7.0.0.1 Session Data Leakage Vulnerability in BEA WebLogic Server and Express Plaintext Password and Session Storage Vulnerability in SILC 0.9.11 and 0.9.12 Denial of Service Vulnerability in SpamProbe 0.8a Denial of Service Vulnerability in Posadis DNS Server (Versions 0.50.4 - 0.50.8) Unauthenticated Access Vulnerability in Ericsson HM220dp ADSL Modem Web Administration Page Kaspersky Antivirus (KAV) 4.0.9.0 Vulnerability: Bypassing Virus Protection with MS-DOS Device Names Denial of Service and Evasion Vulnerability in Kaspersky Antivirus (KAV) 4.0.9.0 Stack-based Buffer Overflow in Far Manager 1.70beta1 and Earlier Buffer Overflow in save_into_file function in Rogue 5.2-2 Weak Encryption Algorithm in IBM WebSphere Advanced Server Edition 4.0.4 Allows Password Decryption Windows 2000 Kernel Memory Leak Vulnerability Incomplete Content Vectoring Protocol (CVP) Data Checking in Aladdin Knowledge Systems eSafe Gateway 3.5.126.0 Remote Denial of Service Vulnerability in BitchX 75p3 and 1.0c16 through 1.0c20cvs Remote Code Execution Vulnerability in Symantec Norton AntiVirus 2002 via Long Filename in Compressed ZIP Attachment Untrusted Search Path Vulnerability in Qualcomm qpopper 4.0 through 4.05 Arbitrary Web Script Injection via MytextSanitizer in XOOPS Insecure Storage of Administrator Password in Plaintext Cookie Buffer Overflow Vulnerabilities in PoPToP PPTP Server Arbitrary Command Execution in Album.pl 6.1 Default runasositron User Account with Easily Guessable Password in Auerswald COMsuite CTI ControlCenter 3.1 Arbitrary SQL Command Execution in ttCMS 2.2 and ttForum via Profile.php PHP Remote File Inclusion Vulnerabilities in ttCMS 2.2 and ttForum World-readable and executable permissions set during data copying in Worker Filemanager 1.0 through 2.7 Buffer Overflow Vulnerability in rwrite for HP-UX 11.0 Denial of Service Vulnerability in mod_survey 3.0.0 through 3.0.15-pre6 Alt-N Technologies WebAdmin 2.0.0 through 2.0.2 Absolute Path Traversal Vulnerability Buffer Overflow Vulnerability in Siemens 45 Series Mobile Phones via Long Image Name in SMS Message Phorum 3.4 - 3.4.2 Directory Traversal File Read Vulnerability Proxy Connection Vulnerability in Phorum 3.4 through 3.4.2 Multiple Cross-Site Scripting (XSS) Vulnerabilities in Phorum before 3.4.3 Path Disclosure Vulnerability in PHP-Nuke Web_Links Module Path Disclosure Vulnerability in ColdFusion MX Buffer Overflow Vulnerability in MDaemon IMAP Service Denial of Service Vulnerability in MDaemon POP Server 6.0.7 and Earlier Buffer Overflow Vulnerability in 3D-FTP Client 4.0 Buffer Overflow Vulnerability in LTris 1.0.1 of FreeBSD Ports Collection 2003-02-25 and Earlier Vulnerability: Privilege Escalation in slashem-tty with Group Games Write Permissions Multiple Unauthenticated Connections Vulnerability in Netbus 1.5-1.7 Cerberus FTP Server 2.1 Plaintext Password Storage Vulnerability Denial of Service Vulnerability in MAILsweeper for SMTP 4.3.6 and 4.3.7 Denial of Service Vulnerability in Konqueror 3.0.3 Arbitrary Web Script Injection Vulnerability in webcamXP 1.02.432 and 1.02.535 Weak Password Hashing Algorithm in MySQL 3.20 through 4.1.0 Session Hijacking Vulnerability in CommuniGate Pro 3.1 through 4.0.6 Plaintext Storage of Administrative Passwords in Microsoft MN-500 Wireless Base Station Backup Configuration File Weak Encryption Algorithm in FlashFXP 1.4 Allows Password Decryption and Unauthorized Access Denial of Service Vulnerability in Microsoft Internet Explorer 6.0 SP1 Bypassing Filtering in Clearswift MAILsweeper 4.0-4.3.7 via File Attachment with Multiple Extensions and White Space Path Disclosure Vulnerability in Phorum 3.4 through 3.4.2 Command Injection Vulnerabilities in Phorum 3.4 through 3.4.2 Remote Code Execution Vulnerability in Truegalerie 1.0 Arbitrary File Read Vulnerability in Truegalerie 1.0 Buffer Overflow Vulnerability in SonicWall Pro Firmware 6.4.0.1 Default Rule Bypass Vulnerability in Kerio Personal Firewall (KPF) 2.1.4 Cookie Information Disclosure Vulnerability Denial of Service Vulnerability in HP OpenView Network Node Manager (NNM) 6.2 and 6.4 Denial of Service Vulnerability in HP OpenView Network Node Manager (NNM) 6.2 and 6.4 Unspecified Privilege Escalation Vulnerability in HP Management Agent Products Unspecified Privilege Escalation Vulnerability in CDE dtmailpr of HP Tru64 4.0F through 5.1B Buffer Overflow Vulnerability in Linksys BEFSX41 1.44.3 System Log Viewer Arbitrary Web Script Injection in WRENSOFT Zoom Search Engine 2.0 Build 1018 and Earlier Arbitrary File Read Vulnerability in Bytehoard 0.7 Remote Code Execution in cpCommerce 0.5f via PHP Remote File Inclusion in _functions.php Arbitrary File Write Vulnerability in Gast Arbeiter 1.3 File Upload CGI Local Privilege Escalation in mod_throttle 3.0 Buffer Overflow Vulnerability in AOL Instant Messenger (AIM) 5.2.3292 via aim:getfile URL SQL Injection Vulnerability in Goldlink 3.0: Remote Code Execution via Variables.php Denial of Service Vulnerability in Microsoft Internet Explorer 6.0 Arbitrary Script Execution via Cross-Site Scripting (XSS) in Adelix CensorNet 3.0-3.2 Default superuser Account with planet Password in Planet Technology Ethernet Switches Buffer Overflow Vulnerability in mIRC 6.12 DCC Get Dialog Window Arbitrary Script Execution Vulnerability in RealOne Player Denial of Service Vulnerability in TinyWeb 1.9 via HTTP GET Request Bajie Java HTTP Server 0.95 - Cross-Site Scripting (XSS) Vulnerability Buffer Overflow Vulnerability in mIRC 6.1 and 6.11 via Long DCC SEND Request Multiple Cross-Site Scripting (XSS) Vulnerabilities in Caucho Technology Resin 2.0 through 2.1.2 Buffer Overflow Vulnerability in eMule 0.29c Allows Remote Denial of Service Origo ASR-8100 ADSL Router 3.21 Denial of Service Vulnerability Shared Variable Vulnerability in org.apache.xalan.processor.XSLProcessorVersion Path Disclosure Vulnerability in cart.pl of Dansie Shopping Cart Denial of Service Vulnerability in Adiscon WinSyslog 4.21 SP1 Vivisimo Clustering Engine XSS Vulnerability SQL Injection Vulnerability in FuzzyMonkey My Classifieds 2.11: Remote Code Execution via Email Parameter Remote Access to Floppy Drive via Sun Java Plug-In 1.4 - 1.4.2_02 Arbitrary Web Script Injection in PSCS VPOP3 Web Mail Server 2.0e and 2.0f SQL Injection Vulnerability in dbmail 1.1 IMAP Daemon PGPi PGPDisk 6.0.2i Local User Data Access Vulnerability Unspecified Vulnerability in My Photo Gallery 3.5 PHP-Nuke 7.0 Path Disclosure Vulnerability Denial of Service Vulnerability in BlackICE Defender and Server Protection Arbitrary File Overwrite Vulnerability in Fujitsu Siemens NetWorker 6.0 Directory Traversal Vulnerability in Seagull Software Systems J Walk Application Server 3.2C9 and Earlier Versions SQL Injection Vulnerability in privmsg.php in phpBB 2.0.3 and Earlier Ceilidh 2.70 and Earlier: Cross-Site Scripting (XSS) Vulnerability in testcgi.exe SQL Injection Vulnerability in PhpMyShop 1.00 - Remote Code Execution via compte.php SQL Injection Vulnerability in PhpPass 2's accesscontrol.php Allows Remote Code Execution Arbitrary Web Script Injection in Justice Guestbook 1.3 Path Disclosure Vulnerability in Justice Guestbook 1.3 Multiple Cross-Site Scripting (XSS) Vulnerabilities in Codeworx Technologies DCP-Portal 5.3.1 Arbitrary File Inclusion Vulnerability in PostNuke 0.723 and Earlier Remote Code Execution in SuSE Linux 8.1, Enterprise Server 8, Office Server, and Openexchange Server 4 via CGI Queries Arbitrary Code Injection through ONEdotOH Simple File Manager (SFM) Insufficient Access Control in WF-Chat 1.0 Beta Allows Remote Authentication Information Retrieval Insufficient Access Control in PlanetMoon Guestbook tr3.a Allows Remote Password Disclosure Arbitrary File Read Vulnerability in phpWebFileManager Arbitrary Web Script Injection in Bajie Http Web Server 0.95zxe and 0.95zxc Resource Lock Denial of Service Vulnerability in Terminal Services for Windows 2000 and Windows XP Absolute Path Traversal Vulnerability in Nukestyles.com Viewpage.php Addon for PHP-Nuke Arbitrary Script Injection in Filebased Guestbook 1.1.3 Arbitrary Web Script Injection Vulnerability in Splatt Forum Module for PHP-Nuke 6.x Information Disclosure Vulnerability in MyABraCaDaWeb 1.0.2 and Earlier Arbitrary Web Script Injection Vulnerability in MyABraCaDaWeb 1.0.2 and Earlier Information Disclosure Vulnerability in XOOPS 2.0 and Earlier Versions Unspecified Vulnerability in Novell GroupWise 6 SP3 WebAccess Allows for Malicious Script Execution Arbitrary Code Execution via Unrestricted File Upload in Uploader 1.1 Sensitive Information Exposure in Haakon Nilsen Simple Internet Publishing System (SIPS) 0.2.2 Cross-Site Scripting (XSS) Vulnerability in ScozNet ScozBook 1.1 BETA's add.php Sensitive Information Disclosure in ScozNet ScozBook 1.1 BETA via Invalid PG Parameter in view.php Arbitrary Web Script Injection in cc_guestbook.pl Off-by-one buffer overflow vulnerability in spamc of SpamAssassin 2.40 through 2.43 Buffer Overflow Vulnerability in fnord 1.6's httpd.c Allows Remote Code Execution Referer Leakage Vulnerability in Microsoft Internet Explorer 5.22 and 5 through 6 SP1 Versions Referer Leakage Vulnerability in Netscape 4 Referer Leakage Vulnerability in Opera Browser Timing-based Password Guessing Vulnerability in OpenSSH 3.6.1p2 and earlier Denial of Service Vulnerability in Sun Cluster for Oracle Parallel Server / Real Application Clusters Billion Laughs Attack: Denial of Service Vulnerability in libxml2 IIS 5.0 Vulnerability: Undetected Information Disclosure via TRACK Method Undocumented TRACK Method in Microsoft IIS 5.0 Allows for Cookie and Authentication Credential Theft Denial of Service Vulnerability in GoAhead WebServer before 2.1.6 Denial of Service Vulnerability in GoAhead WebServer on Windows 95, 98, and ME Unauthenticated Remote Monitoring of IBM Tivoli Storage Manager Server Console Insufficient Access Control in Web Wiz Guestbook 6.0 and 8.21 Allows Remote Database Download Denial of Service and Unauthorized Memory Access in Sun Java Media Framework (JMF) 2.1.1 through 2.1.1c Remote Code Execution and Denial of Service Vulnerability in PointBase 4.6 Database Component Authentication Bypass Vulnerability in TikiWiki 1.6.1 Inheritance of Default ACLs Vulnerability in VERITAS File System (VxFS) Buffer Overflow Vulnerability in PAM Verifier in Change Manager (CM) 1.0 for Sun Management Center (SunMC) 3.0 Arbitrary Text Injection and Cross-Site Scripting (XSS) Vulnerability in Sun ONE (aka iPlanet) Web Server Inverse Lookup Log Corruption (ILLC) vulnerability in Sun ONE (aka iPlanet) Web Server 4.1 through SP12 and 6.0 through SP5 Unresolved IP Address Spoofing Vulnerability in Sun ONE Web Server 6 Unresolved IP Address Spoofing Vulnerability in Apache HTTP Server 2.0.44 Apache HTTP Server 2.0.44 DNS Resolution Log Injection Vulnerability Inverse Lookup Log Corruption (ILLC) Vulnerability in Microsoft IIS 6.0 WebTrends Cross-Site Scripting (XSS) Vulnerability via Crafted Client Domain Name SurfStats Cross-Site Scripting (XSS) Vulnerability WebLogExpert Cross-Site Scripting (XSS) Vulnerability via Crafted Client Domain Name WebExpert User-Agent Header XSS Vulnerability LoganPro User-Agent Header Cross-Site Scripting (XSS) Vulnerability Cleartext Storage of Database Credentials in Sun Cluster 2.2 Unspecified Denial of Service Vulnerability in Sun ONE Web Server Unspecified Denial of Service Vulnerability in Sun ONE Web Server 6.0 SP3-SP5 Denial of Service Vulnerability in NWFTPD.nlm in Novell NetWare 6.0 and 6.5 Buffer Overflow Vulnerabilities in NWFTPD.nlm FTP Server in Novell NetWare 6.0 and 6.5 FTP Server Domain Name Bypass Vulnerability FTP Server Access Restriction Bypass in NWFTPD.nlm Intruder Detection Bypass in NWFTPD.nlm FTP Server in Novell NetWare 6.5 Filesystem Restriction Bypass in NWFTPD.nlm FTP Server in Novell NetWare SQL Injection Vulnerability in WordPress log.header.php WordPress 0.70 wp-links/links.all.php Remote File Inclusion Vulnerability Default Password Vulnerability in GE Healthcare Discovery VH Denial of Service Vulnerability in Linux Kernel's ipt_REDIRECT.c Proxy Credential Leakage in cURL 7.x before 7.10.7 Critical Privilege Escalation Vulnerability in ISS BlackICE PC Protection's Cross Site Scripting Detection Cleartext Data Transmission Vulnerability in Unsupported ISS BlackICE PC Protection Products Cross-Site Scripting Vulnerability in Unsupported ISS BlackICE PC Protection Update Handler