|
356481
|
- |
|
cvsup
|
cvsup
|
cvsupd.sh in CVSup 1.2 allows local users to overwrite arbitrary files and gain privileges via a symlink attack on /var/tmp/cvsupd.out.
|
CWE-59
Link Following
|
CVE-2002-2382
|
2008-09-6 05:33 |
2002-12-31 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
356482
|
- |
|
hotfoon_corporation
|
hotfoon
|
hotfoon4.exe in Hotfoon 4.00 stores user names and passwords in cleartext in the hotfoon2 registry key, which allows local users to gain access to user accounts and steal phone service.
|
CWE-255
Credentials Management
|
CVE-2002-2384
|
2008-09-6 05:33 |
2002-12-31 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
356483
|
- |
|
hotfoon_corporation
|
hotfoon
|
Buffer overflow in hotfoon4.exe in Hotfoon 4.0 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a URL containing a long voice phone number.
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2002-2385
|
2008-09-6 05:33 |
2002-12-31 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
356484
|
- |
|
xoops
|
xoops
|
Cross-site scripting (XSS) vulnerability in the Quizz module for XOOPS 1.0, when allowing on-line question development, allows remote attackers to inject arbitrary web script or HTML via a javascript…
|
CWE-79
Cross-site Scripting
|
CVE-2002-2386
|
2008-09-6 05:33 |
2002-12-31 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
356485
|
- |
|
mollensoft_software
|
hyperion_ftp_server
|
Directory traversal vulnerability in Hyperion FTP server 2.8.1 allows remote attackers to read arbitrary files via a .. (dot dot) in the LS command.
|
CWE-22
Path Traversal
|
CVE-2002-2387
|
2008-09-6 05:33 |
2002-12-31 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
356486
|
- |
|
inweb
|
mail_server
|
Buffer overflow in INweb POP3 mail server 2.01 allows remote attackers to cause a denial of service (crash) via a long HELO command.
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2002-2388
|
2008-09-6 05:33 |
2002-12-31 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
356487
|
- |
|
fastlink_software
|
the_server
|
TheServer 1.74 web server stores server.ini under the web document root with insufficient access control, which allows remote attackers to obtain cleartext passwords and gain access to server log fil…
|
CWE-255
Credentials Management
|
CVE-2002-2389
|
2008-09-6 05:33 |
2002-12-31 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
356488
|
- |
|
cerulean_studios
|
trillian
trillian_pro
|
Buffer overflow in the IDENT daemon (identd) in Trillian 0.6351, 0.725, 0.73, 0.74 and 1.0 pro allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a l…
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2002-2390
|
2008-09-6 05:33 |
2002-12-31 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
356489
|
- |
|
webchat.org
xoops
|
webchat
xoops
|
SQL injection vulnerability in index.php of WebChat 1.5 included in XOOPS 1.0 allows remote attackers to execute arbitrary SQL commands via the roomid parameter.
|
CWE-89
SQL Injection
|
CVE-2002-2391
|
2008-09-6 05:33 |
2002-12-31 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
356490
|
- |
|
nullsoft
|
winamp
|
Winamp 2.65 through 3.0 stores skin files in a predictable file location, which allows remote attackers to execute arbitrary code via a URL reference to (1) wsz and (2) wal files that contain embedde…
|
NVD-CWE-Other
|
CVE-2002-2392
|
2008-09-6 05:33 |
2002-12-31 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
