| CVE |
Vendors |
Products |
Updated |
CVSS v3.1 |
| Buffer overflow in ipcs in Solaris 7 x86 allows local users to execute arbitrary code via a long TZ (timezone) environmental variable, a different vulnerability than CAN-2002-0093. |
| BubbleMon 1.31 does not properly drop group privileges before executing programs, which allows local users to execute arbitrary commands with the kmem group id. |
| Buffer overflow in dtsession on Solaris, and possibly other operating systems, allows local users to gain privileges via a long LANG environmental variable. |
| Kaspersky Antivirus (KAV) 4.0.9.0 allows local users to cause a denial of service (CPU consumption or crash) and prevent malicious code from being detected via a file with a long pathname. |
| Cisco VPN 3000 series concentrators before 2.5.2(F) allow remote attackers to cause a denial of service via an IP packet with an invalid IP option. |
| Cisco Catalyst 5000 series switches 6.1(2) and earlier will forward an 802.1x frame on a Spanning Tree Protocol (STP) blocked port, which causes a network storm and a denial of service. |
| Vulnerability in exuberant-ctags before 3.2.4-0.1 insecurely creates temporary files. |
| Buffer overflow in the save_into_file function in save.c for Rogue 5.2-2 allows local users to execute arbitrary code with games group privileges by setting a long HOME environment variable and invoking the save game function with a ~ (tilde). |
| Vulnerability in iPlanet Web Server Enterprise Edition 4.x. |
| IBM WebSphere Advanced Server Edition 4.0.4 uses a weak encryption algorithm (XOR and base64 encoding), which allows local users to decrypt passwords when the configuration file is exported to XML. |
| Buffer overflows in various CGI programs in the remote administration service for Trend Micro Interscan VirusWall 3.01 allow remote attackers to execute arbitrary commands. |
| Buffer overflow in Savant 3.0 web server allows remote attackers to cause a denial of service, and possibly execute arbitrary commands, via a long Host HTTP header. |
| The split key mechanism used by PGP 7.0 allows a key share holder to obtain access to the entire key by setting the "Cache passphrase while logged on" option and capturing the passphrases of other share holders as they authenticate. |
| Cisco CBOS 2.3.0.053 sends output of the "sh nat" (aka "show nat") command to the terminal of the next user who attempts to connect to the router via telnet, which could allow that user to obtain sensitive information. |
| IBM WCS (WebSphere Commerce Suite) 4.0.1 with Application Server 3.0.2 allows remote attackers to read source code for .jsp files by appending a / to the requested URL. |
| Web configuration server in 602Pro LAN SUITE allows remote attackers to cause a denial of service, and possibly execute arbitrary commands, via a long HTTP request containing "%2e" (dot dot) characters. |
| Web configuration server in 602Pro LAN SUITE allows remote attackers to cause a denial of service via an HTTP GET HTTP request to the aux directory, and possibly other directories with legacy DOS device names. |
| Buffer overflow in WinZip 8.0 allows attackers to execute arbitrary commands via a long file name that is processed by the /zipandemail command line option. |
| Memory leak in the Windows 2000 kernel allows remote attackers to cause a denial of service (SMB request hang) via a NetBIOS continuation packet. |
| Directory traversal vulnerability in Transsoft FTP Broker before 5.5 allows attackers to (1) delete arbitrary files via DELETE, or (2) list arbitrary directories via LIST, via a .. (dot dot) in the file name. |
