|
356401
|
- |
|
qnx
|
rtos
|
Certain patches for QNX Neutrino realtime operating system (RTOS) 6.2.0 set insecure permissions for the files (1) /sbin/io-audio by OS Update Patch A, (2) /bin/shutdown, (3) /sbin/fs-pkg, and (4) ph…
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2002-2407
|
2008-09-6 05:33 |
2002-12-31 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
356402
|
- |
|
gordano
|
ntmail
|
Gordano Messaging Server (GMS) Mail 8 (a.k.a. NTMail) only filters email messages for the first recipient, which allows remote attackers to bypass JUCE filters by sending a message to more than one u…
|
NVD-CWE-Other
|
CVE-2002-2408
|
2008-09-6 05:33 |
2002-12-31 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
356403
|
- |
|
qnx
|
neutrino_rtos
photon_microgui
|
Photon microGUI in QNX Neutrino realtime operating system (RTOS) 6.1.0 and 6.2.0 allows attackers to read user clipboard information via a direct request to the 1.TEXT file in a directory whose name …
|
CWE-200
Information Exposure
|
CVE-2002-2409
|
2008-09-6 05:33 |
2002-12-31 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
356404
|
- |
|
open_webmail
|
open_webmail
|
openwebmail.pl in Open WebMail 1.7 and 1.71 reveals sensitive information in error messages and generates different responses whether a user exists or not, which allows remote attackers to identify v…
|
CWE-200
Information Exposure
|
CVE-2002-2410
|
2008-09-6 05:33 |
2002-12-31 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
356405
|
- |
|
nullsoft
|
winamp
|
Winamp 2.80 stores authentication credentials in plaintext in the (1) [HTTP-AUTH] and (2) [winamp] sections in winamp.ini, which allows local users to gain access to other accounts.
|
CWE-255
Credentials Management
|
CVE-2002-2412
|
2008-09-6 05:33 |
2002-12-31 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
356406
|
- |
|
deerfield
|
website_pro
|
WebSite Pro 3.1.11.0 on Windows allows remote attackers to read script source code for files with extensions greater than 3 characters via a URL request that uses the equivalent 8.3 file name.
|
NVD-CWE-Other
|
CVE-2002-2413
|
2008-09-6 05:33 |
2002-12-31 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
356407
|
- |
|
alliedtelesyn
|
at-8024
rapier_24
|
Allied Telesyn AT-8024 1.3.1 and Rapier 24 switches allow remote authenticated users to cause a denial of service in the management interface via a stream of zero (null) bytes sent via UDP to a runni…
|
CWE-20
Improper Input Validation
|
CVE-2002-2415
|
2008-09-6 05:33 |
2002-12-31 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
356408
|
- |
|
zeroo
|
http_server
|
Directory traversal vulnerability in Zeroo web server 1.5 allows remote attackers to read arbitrary files via a .. (dot dot) in a URL GET request.
|
CWE-22
Path Traversal
|
CVE-2002-2416
|
2008-09-6 05:33 |
2002-12-31 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
356409
|
- |
|
acftp
|
acftp
|
acFTP 1.4 does not properly handle when an invalid password is provided by the user during authentication, which allows remote attackers to hide or misrepresent certain activity from log files and po…
|
CWE-287
Improper Authentication
|
CVE-2002-2417
|
2008-09-6 05:33 |
2002-12-31 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
356410
|
- |
|
acfp_project
|
acfreeproxy
|
Cross-site scripting (XSS) vulnerability in acFreeProxy (aka acFP) 1.33 beta 7 allows remote attackers to inject arbitrary web script or HTML via the URL, which is inserted into an error page.
|
CWE-79
Cross-site Scripting
|
CVE-2002-2418
|
2008-09-6 05:33 |
2002-12-31 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
