Search Results (29815 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2002-0975 1 Microsoft 1 Directx Files Viewer Control 2025-04-03 N/A
Buffer overflow in Microsoft DirectX Files Viewer ActiveX control (xweb.ocx) 2.0.6.15 and earlier allows remote attackers to execute arbitrary via a long File parameter.
CVE-2002-0977 1 Microsoft 1 File Transfer Manager 2025-04-03 N/A
Buffer overflow in Microsoft File Transfer Manager (FTM) ActiveX control before 4.0 allows remote attackers to execute arbitrary code via a long TS value.
CVE-2002-0979 1 Microsoft 1 Virtual Machine 2025-04-03 N/A
The Java logging feature for the Java Virtual Machine in Internet Explorer writes output from functions such as System.out.println to a known pathname, which can be used to execute arbitrary code.
CVE-2002-0987 1 Caldera 2 Openunix, Unixware 2025-04-03 N/A
X server (Xsco) in OpenUNIX 8.0.0 and UnixWare 7.1.1 does not drop privileges before calling programs such as xkbcomp using popen, which could allow local users to gain privileges.
CVE-2002-0996 1 Novell 2 Netmail, Netmail Xe 2025-04-03 N/A
Multiple buffer overflows in Novell NetMail (NIMS) 3.0.3 before 3.0.3C allows remote attackers to cause a denial of service and possibly execute arbitrary code via (1) WebAdmin or (2) ModWeb.
CVE-2002-0997 1 Novell 2 Netmail, Netmail Xe 2025-04-03 N/A
Buffer overflows in IMAP Agent (imapd) for Novell NetMail (NIMS) 3.0.3 before 3.0.3A allows remote attackers to cause a denial of service.
CVE-2002-1006 1 Bbc Education 1 Betsie 2025-04-03 N/A
Cross-site scripting (XSS) vulnerability in BBC Education Text to Speech Internet Enhancer (Betsie) 1.5.11 and earlier allows remote attackers to execute arbitrary web script via parserl.pl.
CVE-2002-1012 1 Ibm 1 Tivoli Management Framework 2025-04-03 N/A
Buffer overflow in web server for Tivoli Management Framework (TMF) ManagedNode 3.6.x through 3.7.1 allows remote attackers to cause a denial of service or execute arbitrary code via a long HTTP GET request.
CVE-2002-1021 1 Working Resources Inc. 1 Badblue 2025-04-03 N/A
BadBlue server allows remote attackers to read restricted files, such as EXT.INI, via an HTTP request that contains a hex-encoded null byte.
CVE-2002-1023 1 Working Resources Inc. 1 Badblue 2025-04-03 N/A
BadBlue server allows remote attackers to cause a denial of service (crash) via an HTTP GET request without a URI.
CVE-2002-1032 1 Key Focus 1 Kf Web Server 2025-04-03 N/A
Buffer overflow in KeyFocus (KF) web server 1.0.5 and earlier allows remote attackers to cause a denial of service and possibly execute arbitrary code via a malformed HTTP header.
CVE-2002-1035 1 Omnicron 1 Omnihttpd 2025-04-03 N/A
Omnicron OmniHTTPd 2.09 allows remote attackers to cause a denial of service (crash) via an HTTP request with a long, malformed HTTP 1version number.
CVE-2002-1040 1 Ibm 1 Aix 2025-04-03 N/A
Unknown vulnerability in the WebSecure (DFSWeb) configuration utilities in AIX 4.x, possibly related to relative pathnames.
CVE-2002-1041 1 Ibm 1 Aix 2025-04-03 N/A
Unknown vulnerability in DCE (1) SMIT panels and (2) configuration commands, possibly related to relative pathnames.
CVE-2002-1050 1 Hylafax 1 Hylafax 2025-04-03 N/A
Buffer overflow in HylaFAX faxgetty before 4.1.3 allows remote attackers to cause a denial of service, and possibly execute arbitrary code, via a long line of image data.
CVE-2002-1051 1 Ehud Gavron 1 Tracesroute 2025-04-03 N/A
Format string vulnerability in TrACESroute 6.0 GOLD (aka NANOG traceroute) allows local users to execute arbitrary code via the -T (terminator) command line argument.
CVE-2002-1052 1 W3c 1 Jigsaw 2025-04-03 N/A
Jigsaw 2.2.1 on Windows systems allows remote attackers to use MS-DOS device names in HTTP requests to (1) cause a denial of service using the "con" device, or (2) obtain the physical path of the server using two requests to the "aux" device.
CVE-2002-1054 1 Pablo Software Solutions 1 Pablo Ftp Server 2025-04-03 N/A
Directory traversal vulnerability in Pablo FTP server 1.0 build 9 and earlier allows remote authenticated users to list arbitrary directories via "..\" (dot-dot backslash) sequences in a LIST command.
CVE-2002-1699 1 Pascal Michaud 1 Asp Client Check 2025-04-03 N/A
SQL injection vulnerability in ASP Client Check (ASPCC) 1.3 and 1.5 allows remote attackers to bypass authentication and gain unauthorized access via the password field.
CVE-2002-1698 1 Microsoft 1 Msn Messenger 2025-04-03 N/A
Buffer overflow in Microsoft MSN Messenger Service 1.0 through 4.6 allows remote attackers to cause a denial of service (crash) via a long FN (font) argument in the message header.