Total
5458 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2002-2425 | 1 Sun | 1 Solaris Answerbook2 | 2024-11-20 | N/A |
| Sun AnswerBook2 1.2 through 1.4.2 allows remote attackers to execute administrative scripts such as (1) AdminViewError and (2) AdminAddadmin via a direct request. | ||||
| CVE-2002-2407 | 1 Qnx | 1 Rtos | 2024-11-20 | N/A |
| Certain patches for QNX Neutrino realtime operating system (RTOS) 6.2.0 set insecure permissions for the files (1) /sbin/io-audio by OS Update Patch A, (2) /bin/shutdown, (3) /sbin/fs-pkg, and (4) phshutdown by QNX experimental patches, (5) cpim, (6) vpim, (7) phrelaycfg, and (8) columns, (9) othello, (10) peg, (11) solitaire, and (12) vpoker in the games pack 2.0.3, which allows local users to gain privileges by modifying the files before permissions are changed. | ||||
| CVE-2002-2405 | 1 Checkpoint | 1 Firewall-1 | 2024-11-20 | N/A |
| Check Point FireWall-1 4.1 and Next Generation (NG), with UserAuth configured to proxy HTTP traffic only, allows remote attackers to pass unauthorized HTTPS, FTP and possibly other traffic through the firewall. | ||||
| CVE-2002-2401 | 1 Microsoft | 3 Windows 2000, Windows Nt, Windows Xp | 2024-11-20 | N/A |
| NT Virtual DOS Machine (NTVDM.EXE) in Windows 2000, NT and XP does not verify user execution permissions for 16-bit executable files, which allows local users to bypass the loader and execute arbitrary programs. | ||||
| CVE-2002-2395 | 1 Trend Micro | 1 Interscan Viruswall | 2024-11-20 | N/A |
| InterScan VirusWall 3.52 for Windows allows remote attackers to bypass virus protection and possibly execute arbitrary code via HTTP 1.1 gzip content encoding. | ||||
| CVE-2002-2394 | 1 Trend Micro | 1 Interscan Viruswall | 2024-11-20 | N/A |
| InterScan VirusWall 3.6 for Linux and 3.52 for Windows allows remote attackers to bypass virus protection and possibly execute arbitrary code via HTTP 1.1 chunked transfer encoding. | ||||
| CVE-2002-2363 | 1 Hp | 1 Hp-ux | 2024-11-20 | N/A |
| VJE.VJE-RUN in HP-UX 11.00 adds bin to /etc/PATH, which could allow local users to gain privileges. | ||||
| CVE-2002-2361 | 1 Yahoo | 1 Messenger | 2024-11-20 | N/A |
| The installer in Yahoo! Messenger 4.0, 5.0 and 5.5 does not verify package signatures which could allow remote attackers to install trojan programs via DNS spoofing. | ||||
| CVE-2002-2360 | 1 Webmin | 1 Webmin | 2024-11-20 | N/A |
| The RPC module in Webmin 0.21 through 0.99, when installed without root or admin privileges, allows remote attackers to read and write to arbitrary files and execute arbitrary commands via remote_foreign_require and remote_foreign_call requests. | ||||
| CVE-2002-2356 | 1 Hamweather | 1 Hamweather | 2024-11-20 | N/A |
| HAMweather 2.x allows remote attackers to modify administrative settings and obtain sensitive information via a direct request to hwadmin.cgi. | ||||
| CVE-2002-2353 | 1 Tftpd32 | 1 Tftpd32 | 2024-11-20 | N/A |
| tftpd32 2.50 and 2.50.2 allows remote attackers to read or write arbitrary files via a full pathname in GET and PUT requests. | ||||
| CVE-2002-2344 | 1 Ensim | 1 Webppliance | 2024-11-20 | N/A |
| Ensim WEBppliance 3.0 and 3.1 allows remote attackers to read mail intended for other users by defining an alias that is the target's email address. | ||||
| CVE-2002-2334 | 1 Joseph Allen | 1 Joe | 2024-11-20 | N/A |
| Joe text editor 2.8 through 2.9.7 does not remove the group and user setuid bits for backup files, which could allow local users to execute arbitrary setuid and setgid root programs when root edits scripts owned by other users. | ||||
| CVE-2002-2327 | 1 Sun | 2 Sun Fire, Sunos | 2024-11-20 | N/A |
| Unspecified vulnerability in the environmental monitoring subsystem in Solaris 8 running on Sun Fire 280R, V480 and V880 allows local users to cause a denial of service by setting volatile properties. | ||||
| CVE-2002-2324 | 1 Microsoft | 1 Windows Xp | 2024-11-20 | N/A |
| The "System Restore" directory and subdirectories, and possibly other subdirectories in the "System Volume Information" directory on Windows XP Professional, have insecure access control list (ACL) permissions, which allows local users to access restricted files and modify registry settings. | ||||
| CVE-2002-2320 | 1 Mysimplenews | 1 Mysimplenews | 2024-11-20 | N/A |
| MySimpleNews 1.0 allows remote attackers to delete arbitrary email messages via a direct request to vider.php3. | ||||
| CVE-2002-2311 | 2 Microsoft, Opera Software | 2 Internet Explorer, Opera Web Browser | 2024-11-20 | N/A |
| Microsoft Internet Explorer 6.0 and possibly others allows remote attackers to upload arbitrary file contents when users press a key corresponding to the JavaScript (1) event.ctrlKey or (2) event.shiftKey onkeydown event contained in a webpage. NOTE: it was reported that the vendor has disputed the severity of this issue. | ||||
| CVE-2002-2302 | 1 3d3.com | 1 Shopfactory | 2024-11-20 | N/A |
| 3D3.Com ShopFactory 5.5 through 5.8 allows remote attackers to modify the prices in their shopping carts by modifying the price in a hidden form field. | ||||
| CVE-2002-2283 | 1 Microsoft | 1 Windows Xp | 2024-11-20 | N/A |
| Microsoft Windows XP with Fast User Switching (FUS) enabled does not remove the "show processes from all users" privilege when the user is removed from the administrator group, which allows that user to view processes of other users. | ||||
| CVE-2002-2270 | 1 Hp | 1 Hp-ux | 2024-11-20 | N/A |
| Unspecified vulnerability in the ied command in HP-UX 10.10, 10.20, and 11.0 allows local users to view "normally invisible data" via unknown attack vectors. | ||||