CVEdetails.com the ultimate security vulnerability data source
(e.g.: CVE-2009-1234 or 2010-1234 or 20101234)
Log In   Register
  What's the CVSS score of your company?
Vulnerability Feeds & WidgetsNew   www.itsecdb.com  

Security Vulnerabilities Published In July 2002 (CVSS score >= 9)

Press ESC to close
# CVE ID CWE ID # of Exploits Vulnerability Type(s) Publish Date Update Date Score Gained Access Level Access Complexity Authentication Conf. Integ. Avail.
1 CVE-2002-0702 Exec Code 2002-07-26 2016-10-18
10.0
None Remote Low Not required Complete Complete Complete
Format string vulnerabilities in the logging routines for dynamic DNS code (print.c) of ISC DHCP daemon (DHCPD) 3 to 3.0.1rc8, with the NSUPDATE option enabled, allow remote malicious DNS servers to execute arbitrary code via format strings in a DNS server response.
2 CVE-2002-0667 2002-07-23 2008-09-10
10.0
None Remote Low Not required Complete Complete Complete
Pingtel xpressa SIP-based voice-over-IP phone 1.2.5 through 1.2.7.4 has a default null administrator password, which could allow remote attackers to gain access to the phone.
3 CVE-2002-0665 Bypass 2002-07-11 2016-10-18
10.0
None Remote Low Not required Complete Complete Complete
Macromedia JRun Administration Server allows remote attackers to bypass authentication on the login form via an extra slash (/) in the URL.
4 CVE-2002-0640 Exec Code Overflow 2002-07-03 2016-10-18
10.0
None Remote Low Not required Complete Complete Complete
Buffer overflow in sshd in OpenSSH 2.3.1 through 3.3 may allow remote attackers to execute arbitrary code via a large number of responses during challenge response authentication when OpenBSD is using PAM modules with interactive keyboard authentication (PAMAuthenticationViaKbdInt).
5 CVE-2002-0639 Exec Code Overflow 2002-07-03 2016-10-18
10.0
None Remote Low Not required Complete Complete Complete
Integer overflow in sshd in OpenSSH 2.9.9 through 3.3 allows remote attackers to execute arbitrary code during challenge response authentication (ChallengeResponseAuthentication) when OpenSSH is using SKEY or BSD_AUTH authentication.
6 CVE-2002-0539 +Priv Sql 2002-07-03 2008-09-05
10.0
None Remote Low Not required Complete Complete Complete
Demarc PureSecure 1.05 allows remote attackers to gain administrative privileges via a SQL injection attack in a session ID that is stored in the s_key cookie.
7 CVE-2002-0537 +Priv 2002-07-03 2008-09-05
10.0
None Remote Low Not required Complete Complete Complete
The admin.html file in StepWeb Search Engine (SWS) 2.5 stores passwords in links to manager.pl, which allows remote attackers who can access the admin.html file to gain administrative privileges to SWS.
8 CVE-2002-0450 Exec Code Overflow 2002-07-26 2008-09-10
10.0
None Remote Low Not required Complete Complete Complete
Buffer overflow in Talentsoft Web+ 5.0 and earlier allows remote attackers to execute arbitrary code via a long Web Markup Language (wml) file name to (1) webplus.dll or (2) webplus.exe.
9 CVE-2002-0449 Exec Code Overflow 2002-07-26 2017-07-19
10.0
None Remote Low Not required Complete Complete Complete
Buffer overflow in webpsvc.exe for Talentsoft Web+ 5.0 and earlier allows remote attackers to execute arbitrary code via a long argument to webplus.exe program, which triggers the overflow in webpsvc.exe.
10 CVE-2002-0437 Exec Code 2002-07-26 2008-09-05
10.0
None Remote Low Not required Complete Complete Complete
Smsd in SMS Server Tools (SMStools) before 1.4.8 allows remote attackers to execute arbitrary commands via shell metacharacters (backquotes) in message text, as described with the term "string format vulnerability" by some sources.
11 CVE-2002-0436 Exec Code 2002-07-26 2018-10-30
10.0
None Remote Low Not required Complete Complete Complete
sscd_suncourier.pl CGI script in the Sun Sunsolve CD pack allows remote attackers to execute arbitrary commands via shell metacharacters in the email address parameter.
12 CVE-2002-0434 Exec Code 2002-07-26 2008-09-05
10.0
None Remote Low Not required Complete Complete Complete
Marcus S. Xenakis directory.php script allows remote attackers to execute arbitrary commands via shell metacharacters in the dir parameter.
13 CVE-2002-0432 DoS Exec Code Overflow 2002-07-26 2008-09-05
10.0
None Remote Low Not required Complete Complete Complete
Buffer overflow in (1) lprintf and (2) cprintf in sysdep.c of Citadel/UX 5.90 and earlier allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via attacks such as a long HELO command to the SMTP server.
14 CVE-2002-0405 DoS Exec Code Overflow 2002-07-26 2017-12-19
10.0
None Remote Low Not required Complete Complete Complete
Buffer overflow in Transsoft Broker FTP Server 5.0 evaluation allows remote attackers to cause a denial of service and possibly execute arbitrary code via a CWD command with a large number of . (dot) characters.
15 CVE-2002-0398 DoS Exec Code 2002-07-26 2017-10-10
10.0
None Remote Low Not required Complete Complete Complete
Red-M 1050 (Bluetooth Access Point) PPP server allows bonded users to cause a denial of service and possibly execute arbitrary code via a long user name.
16 CVE-2002-0395 2002-07-26 2017-10-10
10.0
None Remote Low Not required Complete Complete Complete
The TFTP server for Red-M 1050 (Bluetooth Access Point) can not be disabled and makes it easier for remote attackers to crack the administration password via brute force methods.
17 CVE-2002-0394 2002-07-26 2008-09-05
10.0
None Remote Low Not required Complete Complete Complete
Red-M 1050 (Bluetooth Access Point) uses case insensitive passwords, which makes it easier for attackers to conduct a brute force guessing attack due to the smaller space of possible passwords.
18 CVE-2002-0393 DoS Exec Code Overflow 2002-07-26 2017-07-11
10.0
None Remote Low Not required Complete Complete Complete
Buffer overflow in Red-M 1050 (Bluetooth Access Point) management web interface allows remote attackers to cause a denial of service and possibly execute arbitrary code via a long administration password.
19 CVE-2002-0369 DoS Exec Code Overflow 2002-07-26 2018-10-12
10.0
None Remote Low Not required Complete Complete Complete
Buffer overflow in ASP.NET Worker Process allows remote attackers to cause a denial of service (restart) and possibly execute arbitrary code via a routine that processes cookies while in StateServer mode.
20 CVE-2002-0359 +Priv 2002-07-03 2016-10-18
10.0
None Remote Low Not required Complete Complete Complete
xfsmd for IRIX 6.5 through 6.5.16 uses weak authentication, which allows remote attackers to call dangerous RPC functions, including those that can mount or unmount xfs file systems, to gain root privileges.
Total number of vulnerabilities : 20   Page : 1 (This Page)
CVE is a registred trademark of the MITRE Corporation and the authoritative source of CVE content is MITRE's CVE web site. CWE is a registred trademark of the MITRE Corporation and the authoritative source of CWE content is MITRE's CWE web site. OVAL is a registered trademark of The MITRE Corporation and the authoritative source of OVAL content is MITRE's OVAL web site.
Use of this information constitutes acceptance for use in an AS IS condition. There are NO warranties, implied or otherwise, with regard to this information or its use. Any use of this information is at the user's risk. It is the responsibility of user to evaluate the accuracy, completeness or usefulness of any information, opinion, advice or other content. EACH USER WILL BE SOLELY RESPONSIBLE FOR ANY consequences of his or her direct or indirect use of this web site. ALL WARRANTIES OF ANY KIND ARE EXPRESSLY DISCLAIMED. This site will NOT BE LIABLE FOR ANY DIRECT, INDIRECT or any other kind of loss.