| CVE |
Vendors |
Products |
Updated |
CVSS v3.1 |
| Multiple unspecified vulnerabilities in sendmail 5, as installed on Sun SunOS 4.1.3_U1 and 4.1.4, have unspecified attack vectors and impact. NOTE: this might overlap CVE-1999-0129. |
| Mozilla Firefox 1.5 before 1.5.0.5, Thunderbird before 1.5.0.5, and SeaMonkey before 1.0.3 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via simultaneous XPCOM events, which causes a timer object to be deleted in a way that triggers memory corruption. |
| Heap-based buffer overflow in OpenOffice.org (aka StarOffice) 1.1.x up to 1.1.5 and 2.0.x before 2.0.3 allows user-assisted attackers to execute arbitrary code via a crafted OpenOffice XML document that is not properly handled by (1) Calc, (2) Draw, (3) Impress, (4) Math, or (5) Writer, aka "File Format / Buffer Overflow Vulnerability." |
| spread uses a temporary file with a static filename based on the port number, which allows local users to cause a denial of service by creating the file during a race condition between unlink and bind function calls. NOTE: spread deletes this temporary file before use, which could cause conflicts with other programs that use the same filename, but this is not a distinct issue. |
| UnixWare pkgtrans allows local users to read arbitrary files via a symlink attack. |
| RealMedia server allows remote attackers to cause a denial of service via a long ramgen request. |
| Format string vulnerability in Brian Wotring Osiris before 4.2.1 allows remote attackers to cause a denial of service (application crash) and possibly execute arbitrary code via unspecified attack vectors related to the logging functions. |
| Buffer overflow in Internet Explorer 5 directshow filter (MSDXM.OCX) allows remote attackers to execute commands via the vnd.ms.radio protocol. |
| Buffer overflow in UnixWare rtpm program allows local users to gain privileges via a long environmental variable. |
| Buffer overflow in GoodTech Telnet Server NT allows remote users to cause a denial of service via a long login name. |
| HP-UX aserver program allows local users to gain privileges via a symlink attack. |
| Memory leak in Network Security Services (NSS) 3.11, as used in Sun Java Enterprise System 2003Q4 through 2005Q1 and Java System Directory Server 5.2, allows remote attackers to cause a denial of service (memory consumption) by performing a large number of RSA cryptographic operations. |
| HP VirtualVault with the PHSS_17692 patch allows unprivileged processes to bypass access restrictions via the Trusted Gateway Proxy (TGP). |
| Trend Micro PC-Cillin does not restrict access to its internal proxy port, allowing remote attackers to conduct a denial of service. |
| Modifications to ACLs (Access Control Lists) in Microsoft Exchange 5.5 do not take effect until the directory store cache is refreshed. |
| FTPPro allows local users to read sensitive information, which is stored in plain text. |
| Windows NT with SYSKEY reuses the keystream that is used for encrypting SAM password hashes, allowing an attacker to crack passwords. |
| WebWho+ whois.cgi program allows remote attackers to execute commands via shell metacharacters in the TLD parameter. |
| Buffer overflow in Infoseek Ultraseek search engine allows remote attackers to execute commands via a long GET request. |
| Buffer overflow in AnalogX SimpleServer:WWW HTTP server allows remote attackers to execute commands via a long GET request. |
