| CVE |
Vendors |
Products |
Updated |
CVSS v3.1 |
| The "AEDebug" registry key is installed with insecure permissions, which allows local users to modify the key to specify a Trojan Horse debugger which is automatically executed on a system crash. |
| Denial of service in Qmail through long SMTP commands. |
| Denial of service in talk program allows remote attackers to disrupt a user's display. |
| Novell 5 and earlier, when running over IPX with a packet signature level less than 3, allows remote attackers to gain administrator privileges by spoofing the MAC address in IPC fragmented packets that make NetWare Core Protocol (NCP) calls. |
| Buffer overflow in ircd allows arbitrary command execution. |
| Buffer overflow in War FTP allows remote execution of commands. |
| The info2www CGI script allows remote file access or remote command execution. |
| mSQL v2.0.1 and below allows remote execution through a buffer overflow. |
| Internet Explorer 4 treats a 32-bit number ("dotless IP address") in the a URL as the hostname instead of an IP address, which causes IE to apply Local Intranet Zone settings to the resulting web page, allowing remote malicious web servers to conduct unauthorized activities by using URLs that contain the dotless IP address for their server. |
| The WorkMan program can be used to overwrite any file to get root access. |
| Buffer overflow in chfn command in HP-UX 9.X through 10.20 allows local users to gain privileges via a long command line argument. |
| Buffer overflow in kscreensaver in KDE klock allows local users to gain root privileges via a long HOME environmental variable. |
| The Java Web Server would allow remote users to obtain the source code for CGI programs. |
| Microsoft NetMeeting 2.1 allows one client to read the contents of another client's clipboard via a CTRL-C in the chat box when the box is empty. |
| The WINS server in Microsoft Windows NT 4.0 before SP4 allows remote attackers to cause a denial of service (process termination) via invalid UDP frames to port 137 (NETBIOS Name Service), as demonstrated via a flood of random packets. |
| The WinGate proxy is installed without a password, which allows remote attackers to redirect connections without authentication. |
| Denial of service through Winpopup using large user names. |
| Kerberos 4 allows remote attackers to obtain sensitive information via a malformed UDP packet that generates an error string that inadvertently includes the realm name and the last user. |
| All records in a WINS database can be deleted through SNMP for a denial of service. |
| Kabsoftware Lydia utility uses weak encryption to store user passwords in the lydia.ini file, which allows local users to easily decrypt the passwords and gain privileges. |
