CVEdetails.com the ultimate security vulnerability data source
(e.g.: CVE-2009-1234 or 2010-1234 or 20101234)
Log In   Register
  Take a third party risk management course for FREE
Vulnerability Feeds & WidgetsNew   www.itsecdb.com  

Security Vulnerabilities Published In June 2003 (CVSS score >= 8)

Press ESC to close
# CVE ID CWE ID # of Exploits Vulnerability Type(s) Publish Date Update Date Score Gained Access Level Access Complexity Authentication Conf. Integ. Avail.
1 CVE-2003-0410 Exec Code Overflow 2003-06-30 2016-10-18
10.0
None Remote Low Not required Complete Complete Complete
Buffer overflow in AnalogX Proxy 4.13 allows remote attackers to execute arbitrary code via a long URL to port 6588.
2 CVE-2003-0409 DoS Exec Code Overflow 2003-06-30 2016-10-18
10.0
None Remote Low Not required Complete Complete Complete
Buffer overflow in BRS WebWeaver 1.04 and earlier allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a long HTTP (1) POST or (2) HEAD request.
3 CVE-2003-0407 Exec Code Overflow 2003-06-30 2016-10-18
10.0
None Remote Low Not required Complete Complete Complete
Buffer overflow in gbnserver for Gnome Batalla Naval 1.0.4 allows remote attackers to execute arbitrary code via a long connection string.
4 CVE-2003-0374 2003-06-16 2016-10-18
10.0
None Remote Low Not required Complete Complete Complete
Multiple unknown vulnerabilities in Nessus before 2.0.6, in libnessus and possibly libnasl, a different set of vulnerabilities than those identified by CVE-2003-0372 and CVE-2003-0373, aka "similar issues in other nasl functions as well as in libnessus."
5 CVE-2003-0356 DoS Exec Code 2003-06-09 2017-10-11
10.0
None Remote Low Not required Complete Complete Complete
Multiple off-by-one vulnerabilities in Ethereal 0.9.11 and earlier allow remote attackers to cause a denial of service and possibly execute arbitrary code via the (1) AIM, (2) GIOP Gryphon, (3) OSPF, (4) PPTP, (5) Quake, (6) Quake2, (7) Quake3, (8) Rsync, (9) SMB, (10) SMPP, and (11) TSP dissectors, which do not properly use the tvb_get_nstringz and tvb_get_nstringz0 functions.
6 CVE-2003-0331 +Priv Sql 2003-06-09 2016-10-18
10.0
None Remote Low Not required Complete Complete Complete
SQL injection vulnerability in ttForum allows remote attackers to execute arbitrary SQL and gain ttForum Administrator privileges via the Ignorelist-Textfield argument in the Preferences page.
7 CVE-2003-0304 2003-06-09 2016-10-18
10.0
None Remote Low Not required Complete Complete Complete
one||zero (aka One or Zero) Helpdesk 1.4 rc4 allows remote attackers to create administrator accounts by directly calling the install.php Helpdesk Installation script.
8 CVE-2003-0288 Exec Code Overflow 2003-06-16 2017-07-11
10.0
None Remote Low Not required Complete Complete Complete
Buffer overflow in the file & folder transfer mechanism for IP Messenger for Win 2.00 through 2.02 allows remote attackers to execute arbitrary code via file with a long filename, which triggers the overflow when the user saves the file.
9 CVE-2003-0280 Exec Code Overflow 2003-06-16 2017-07-11
10.0
None Remote Low Not required Complete Complete Complete
Multiple buffer overflows in the SMTP Service for ESMTP CMailServer 4.0.2003.03.27 allow remote attackers to execute arbitrary code via long (1) MAIL FROM or (2) RCPT TO commands.
10 CVE-2003-0248 2003-06-16 2017-10-11
10.0
None Remote Low Not required Complete Complete Complete
The mxcsr code in Linux kernel 2.4 allows attackers to modify CPU state registers via a malformed address.
11 CVE-2003-0240 Bypass 2003-06-09 2017-07-11
10.0
None Remote Low Not required Complete Complete Complete
The web-based administration capability for various Axis Network Camera products allows remote attackers to bypass access restrictions and modify configuration via an HTTP request to the admin/admin.shtml containing a leading // (double slash).
12 CVE-2003-0224 Exec Code Overflow 2003-06-09 2018-10-30
10.0
None Remote Low Not required Complete Complete Complete
Buffer overflow in ssinc.dll for Microsoft Internet Information Services (IIS) 5.0 allows local users to execute arbitrary code via a web page with a Server Side Include (SSI) directive with a long filename, aka "Server Side Include Web Pages Buffer Overrun."
Total number of vulnerabilities : 12   Page : 1 (This Page)
CVE is a registred trademark of the MITRE Corporation and the authoritative source of CVE content is MITRE's CVE web site. CWE is a registred trademark of the MITRE Corporation and the authoritative source of CWE content is MITRE's CWE web site. OVAL is a registered trademark of The MITRE Corporation and the authoritative source of OVAL content is MITRE's OVAL web site.
Use of this information constitutes acceptance for use in an AS IS condition. There are NO warranties, implied or otherwise, with regard to this information or its use. Any use of this information is at the user's risk. It is the responsibility of user to evaluate the accuracy, completeness or usefulness of any information, opinion, advice or other content. EACH USER WILL BE SOLELY RESPONSIBLE FOR ANY consequences of his or her direct or indirect use of this web site. ALL WARRANTIES OF ANY KIND ARE EXPRESSLY DISCLAIMED. This site will NOT BE LIABLE FOR ANY DIRECT, INDIRECT or any other kind of loss.