CVE Daily
← All tags

Tag: Remote Code Execution

All CVEs associated with "Remote Code Execution". Page 338/345 • 41309 CVEs.

Subscribe CVEs: RSS for “Remote Code Execution”  ·  RSS (High+Critical only)

About “Remote Code Execution”

A curated feed of “Remote Code Execution”-related CVEs appears below. We currently track 41309 CVEs for this tag (all time). In the last 365 days, 4654 were published. Average CVSS is 8.3 (all time; 8.2 over 365d), and 86% are rated High/Critical (all time). Top CWEs (last 365 days): CWE-94 - Improper Control of Generation of Code ('Code Injection'), CWE-434 - Unrestricted Upload of File with Dangerous Type, CWE-78 - Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection').

In our taxonomy this topic maps to a VERY HIGH impact class. Common exploitation patterns for this weakness can lead to very high. Use the filters to triage high risk first and validate exposure in your environment. Use the filters below to sort by CVSS, risk and CWE. Each detail page highlights vendor advisories and mitigation tips.

CVEs tagged with this topic. Filters apply to the whole list (loaded from JSON).

CVSS ≥ 0.0
2003-12-15
Medium

CVE-2003-0932

Buffer overflow in omega-rpg 0.90 allows local users to execute arbitrary code via a long (1) command line or (2) environment variable.

CVSS: 4.6 CWE: N/A View on NVD
High

CVE-2003-0939

eo420_GetStringFromVarPart in veo420.c for SAP database server (SAP DB) 7.4.03.27 and earlier may allow remote attackers to execute arbitrary code via a connect packet with a 256 byte segment to the…

CVSS: 7.5 CWE: N/A View on NVD
High

CVE-2003-0942

Buffer overflow in Web Agent Administration service in web-tools for SAP DB before 7.4.03.30 allows remote attackers to execute arbitrary code via a long Name parameter to waadmin.wa.

CVSS: 7.5 CWE: N/A View on NVD
High

CVE-2003-0944

Buffer overflow in the WAECHO default service in web-tools in SAP DB before 7.4.03.30 allows remote attackers to execute arbitrary code via a URL with a long requestURI.

CVSS: 7.5 CWE: N/A View on NVD
High

CVE-2003-0946

Format string vulnerability in clamav-milter for Clam AntiVirus 0.60 through 0.60p, and other versions before 0.65, allows remote attackers to cause a denial of service and possibly execute arbitrary…

CVSS: 7.5 CWE: N/A View on NVD
High

CVE-2003-0947

Buffer overflow in iwconfig, when installed setuid, allows local users to execute arbitrary code via a long OUT environment variable.

CVSS: 7.2 CWE: CWE-120 - Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') View on NVD
High

CVE-2003-0948

Buffer overflow in iwconfig allows local users to execute arbitrary code via a long HOME environment variable.

CVSS: 7.2 CWE: N/A View on NVD
Medium

CVE-2003-0955

OpenBSD kernel 3.3 and 3.4 allows local users to cause a denial of service (kernel panic) and possibly execute arbitrary code in 3.4 via a program with an invalid header that is not properly handled…

CVSS: 4.6 CWE: N/A View on NVD
High

CVE-2003-0962

Heap-based buffer overflow in rsync before 2.5.7, when running in server mode, allows remote attackers to execute arbitrary code and possibly escape the chroot jail.

CVSS: 7.5 CWE: N/A View on NVD
Critical

CVE-2003-0968

Stack-based buffer overflow in SMB_Logon_Server of the rlm_smb experimental module for FreeRADIUS 0.9.3 and earlier allows remote attackers to execute arbitrary code via a long User-Password attribut…

CVSS: 10.0 CWE: N/A View on NVD
Critical

CVE-2003-0972

Integer signedness error in ansi.c for GNU screen 4.0.1 and earlier, and 3.9.15 and earlier, allows local users to execute arbitrary code via a large number of ";" (semicolon) characters in escape se…

CVSS: 10.0 CWE: N/A View on NVD
2003-12-08
High

CVE-2003-1057

Unknown vulnerability in CDE Print Viewer (dtprintinfo) for Sun Solaris 2.6 through 9 may allow local users to execute arbitrary code.

CVSS: 7.2 CWE: N/A View on NVD
2003-12-01
Medium

CVE-2003-0564

Multiple vulnerabilities in multiple vendor implementations of the Secure/Multipurpose Internet Mail Extensions (S/MIME) protocol allow remote attackers to cause a denial of service and possibly exec…

CVSS: 5.0 CWE: N/A View on NVD
Medium

CVE-2003-0565

Multiple vulnerabilities in multiple vendor implementations of the X.400 protocol allow remote attackers to cause a denial of service and possibly execute arbitrary code via an X.400 message containi…

CVSS: 5.0 CWE: N/A View on NVD
High

CVE-2003-0834

Buffer overflow in CDE libDtHelp library allows local users to execute arbitrary code via (1) a modified DTHELPUSERSEARCHPATH environment variable and the Help feature, (2) DTSEARCHPATH, or (3) LOGNA…

CVSS: 7.2 CWE: N/A View on NVD
Critical

CVE-2003-0886

Format string vulnerability in hfaxd for Hylafax 4.1.7 and earlier allows remote attackers to execute arbitrary code.

CVSS: 10.0 CWE: N/A View on NVD
High

CVE-2003-0925

Buffer overflow in Ethereal 0.9.15 and earlier allows remote attackers to cause a denial of service and possibly execute arbitrary code via a malformed GTP MSISDN string.

CVSS: 7.5 CWE: N/A View on NVD
High

CVE-2003-0927

Heap-based buffer overflow in Ethereal 0.9.15 and earlier allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via the SOCKS dissector.

CVSS: 7.5 CWE: N/A View on NVD
Medium

CVE-2003-0933

Buffer overflow in conquest 7.2 and earlier may allow a local user to execute arbitrary code via a long environment variable.

CVSS: 4.6 CWE: N/A View on NVD
2003-11-17
Critical

CVE-2003-0545

Double free vulnerability in OpenSSL 0.9.7 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via an SSL client certificate with a certain invalid ASN.1…

CVSS: 9.8 CWE: CWE-415 - Double Free View on NVD
High

CVE-2003-0659

Buffer overflow in a function in User32.dll on Windows NT through Server 2003 allows local users to execute arbitrary code via long (1) LB_DIR messages to ListBox or (2) CB_DIR messages to ComboBox c…

CVSS: 7.2 CWE: N/A View on NVD
High

CVE-2003-0660

The Authenticode capability in Microsoft Windows NT through Server 2003 does not prompt the user to download and install ActiveX controls when the system is low on memory, which could allow remote at…

CVSS: 7.5 CWE: N/A View on NVD
Critical

CVE-2003-0662

Buffer overflow in Troubleshooter ActiveX Control (Tshoot.ocx) in Microsoft Windows 2000 SP4 and earlier allows remote attackers to execute arbitrary code via an HTML document with a long argument to…

CVSS: 9.3 CWE: CWE-119 - Improper Restriction of Operations within the Bounds of a Memory Buffer View on NVD
High

CVE-2003-0711

Stack-based buffer overflow in the PCHealth system in the Help and Support Center function in Windows XP and Windows Server 2003 allows remote attackers to execute arbitrary code via a long query in…

CVSS: 7.5 CWE: N/A View on NVD
High

CVE-2003-0717

The Messenger Service for Windows NT through Server 2003 does not properly verify the length of the message, which allows remote attackers to execute arbitrary code via a buffer overflow attack.

CVSS: 7.5 CWE: N/A View on NVD
High

CVE-2003-0809

Internet Explorer 5.01 through 6.0 does not properly handle object tags returned from a Web server during XML data binding, which allows remote attackers to execute arbitrary code via an HTML e-mail…

CVSS: 7.5 CWE: N/A View on NVD
Critical

CVE-2003-0831

ProFTPD 1.2.7 through 1.2.9rc2 does not properly translate newline characters when transferring files in ASCII mode, which allows remote attackers to execute arbitrary code via a buffer overflow usin…

CVSS: 9.0 CWE: CWE-119 - Improper Restriction of Operations within the Bounds of a Memory Buffer View on NVD
High

CVE-2003-0833

Stack-based buffer overflow in webfs before 1.20 allows attackers to execute arbitrary code by creating directories that result in a long pathname.

CVSS: 7.5 CWE: N/A View on NVD
High

CVE-2003-0835

Multiple buffer overflows in asf_http_request of MPlayer before 0.92 allows remote attackers to execute arbitrary code via an ASX header with a long hostname.

CVSS: 7.5 CWE: N/A View on NVD
High

CVE-2003-0836

Stack-based buffer overflow in IBM DB2 Universal Data Base 7.2 before Fixpak 10 and 10a, and 8.1 before Fixpak 2, allows attackers with "Connect" privileges to execute arbitrary code via a LOAD comma…

CVSS: 7.5 CWE: N/A View on NVD
High

CVE-2003-0837

Stack-based buffer overflow in IBM DB2 Universal Data Base 7.2 for Windows, before Fixpak 10a, allows attackers with "Connect" privileges to execute arbitrary code via the INVOKE command.

CVSS: 7.5 CWE: N/A View on NVD
High

CVE-2003-0842

Stack-based buffer overflow in mod_gzip_printf for mod_gzip 1.3.26.1a and earlier, and possibly later official versions, when running in debug mode, allows remote attackers to execute arbitrary code…

CVSS: 7.5 CWE: N/A View on NVD
High

CVE-2003-0843

Format string vulnerability in mod_gzip_printf for mod_gzip 1.3.26.1a and earlier, and possibly later official versions, when running in debug mode and using the Apache log, allows remote attackers t…

CVSS: 7.5 CWE: N/A View on NVD
High

CVE-2003-0845

Unknown vulnerability in the HSQLDB component in JBoss 3.2.1 and 3.0.8 on Java 1.4.x platforms, when running in the default configuration, allows remote attackers to conduct unauthorized activities a…

CVSS: 7.5 CWE: CWE-89 - Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') View on NVD
High

CVE-2003-0849

Buffer overflow in net.c for cfengine 2.x before 2.0.8 allows remote attackers to execute arbitrary code via certain packets with modified length values, which is trusted by the ReceiveTransaction fu…

CVSS: 7.5 CWE: N/A View on NVD
High

CVE-2003-0850

The TCP reassembly functionality in libnids before 1.18 allows remote attackers to cause "memory corruption" and possibly execute arbitrary code via "overlarge TCP packets."

CVSS: 7.5 CWE: N/A View on NVD
Medium

CVE-2003-0853

An integer overflow in ls in the fileutils or coreutils packages may allow local users to cause a denial of service or execute arbitrary code via a large -w value, which could be remotely exploited v…

CVSS: 5.0 CWE: N/A View on NVD
High

CVE-2003-0865

Heap-based buffer overflow in readstring of httpget.c for mpg123 0.59r and 0.59s allows remote attackers to execute arbitrary code via a long request.

CVSS: 7.5 CWE: N/A View on NVD
High

CVE-2003-0870

Heap-based buffer overflow in Opera 7.11 and 7.20 allows remote attackers to execute arbitrary code via an HREF with a large number of escaped characters in the server name.

CVSS: 7.5 CWE: CWE-787 - Out-of-bounds Write View on NVD
Medium

CVE-2003-0894

Buffer overflow in the (1) oracle and (2) oracleO programs in Oracle 9i Database 9.0.x and 9.2.x before 9.2.0.4 allows local users to execute arbitrary code via a long command line argument.

CVSS: 4.6 CWE: N/A View on NVD
High

CVE-2003-0896

The loadClass method of the sun.applet.AppletClassLoader class in the Java Virtual Machine (JVM) in Sun SDK and JRE 1.4.1_03 and earlier allows remote attackers to bypass sandbox restrictions and exe…

CVSS: 7.5 CWE: N/A View on NVD
Medium

CVE-2003-0897

"Shatter" vulnerability in CommCtl32.dll in Windows XP may allow local users to execute arbitrary code by sending (1) BCM_GETTEXTMARGIN or (2) BCM_SETTEXTMARGIN button control messages to privileged…

CVSS: 4.6 CWE: N/A View on NVD
2003-11-04
High

CVE-2003-1141

Buffer overflow in NIPrint 4.10 allows remote attackers to execute arbitrary code via a long string to TCP port 515.

CVSS: 7.5 CWE: N/A View on NVD
Critical

CVE-2003-1144

Buffer overflow in the log viewing interface in Perception LiteServe 1.25 through 2.2 allows remote attackers to execute arbitrary code via a GET request with a long file name.

CVSS: 10.0 CWE: N/A View on NVD
2003-11-03
High

CVE-2002-1570

Heap-based buffer overflow in snmpnetstat for ucd-snmp 4.2.3 and earlier, and net-snmp, allows remote attackers to execute arbitrary code via multiple getnextrequest PDU messages with conflicting ifi…

CVSS: 7.5 CWE: N/A View on NVD
High

CVE-2003-0542

Multiple stack-based buffer overflows in (1) mod_alias and (2) mod_rewrite for Apache before 1.3.29 allow attackers to create configuration files to cause a denial of service (crash) or execute arbit…

CVSS: 7.2 CWE: CWE-119 - Improper Restriction of Operations within the Bounds of a Memory Buffer View on NVD
Medium

CVE-2003-0895

Buffer overflow in the Mac OS X kernel 10.2.8 and earlier allows local users, and possibly remote attackers, to cause a denial of service (crash), access portions of memory, and possibly execute arbi…

CVSS: 4.6 CWE: N/A View on NVD
Critical

CVE-2003-0899

Buffer overflow in defang in libhttpd.c for thttpd 2.21 to 2.23b1 allows remote attackers to execute arbitrary code via requests that contain '<' or '>' characters, which trigger the overflow when th…

CVSS: 9.8 CWE: CWE-131 - Incorrect Calculation of Buffer Size View on NVD
High

CVE-2003-0901

Buffer overflow in to_ascii for PostgreSQL 7.2.x, and 7.3.x before 7.3.4, allows remote attackers to execute arbitrary code.

CVSS: 7.5 CWE: N/A View on NVD
Critical

CVE-2003-1192

Stack-based buffer overflow in IA WebMail Server 3.1.0 allows remote attackers to execute arbitrary code via a long GET request.

CVSS: 10.0 CWE: N/A View on NVD
2003-10-29
High

CVE-2003-1186

Buffer overflow in TelCondex SimpleWebServer 2.12.30210 Build3285 allows remote attackers to execute arbitrary code via a long HTTP Referer header.

CVSS: 7.5 CWE: N/A View on NVD
2003-10-27
Critical

CVE-2003-1140

Buffer overflow in Musicqueue 1.2.0 allows local users to execute arbitrary code via a long language variable in the configuration file.

CVSS: 10.0 CWE: N/A View on NVD
High

CVE-2003-1150

Buffer overflow in the portmapper service (PMAP.NLM) in Novell NetWare 6 SP3 and ZenWorks for Desktops 3.2 SP2 through 4.0.1 allows remote attackers to cause a denial of service and possibly execute…

CVSS: 7.5 CWE: N/A View on NVD
2003-10-20
Critical

CVE-2003-0347

Heap-based buffer overflow in VBE.DLL and VBE6.DLL of Microsoft Visual Basic for Applications (VBA) SDK 5.0 through 6.3 allows remote attackers to execute arbitrary code via a document with a long ID…

CVSS: 10.0 CWE: N/A View on NVD
High

CVE-2003-0665

Buffer overflow in the ActiveX control for Microsoft Access Snapshot Viewer for Access 97, 2000, and 2002 allows remote attackers to execute arbitrary code via long parameters to the control.

CVSS: 7.5 CWE: N/A View on NVD
High

CVE-2003-0666

Buffer overflow in Microsoft Wordperfect Converter allows remote attackers to execute arbitrary code via modified data offset and data size parameters in a Corel WordPerfect file.

CVSS: 7.5 CWE: N/A View on NVD
High

CVE-2003-0686

Buffer overflow in PAM SMB module (pam_smb) 1.1.6 and earlier, when authenticating to a remote service, allows remote attackers to execute arbitrary code.

CVSS: 7.5 CWE: N/A View on NVD
High

CVE-2003-0689

The getgrouplist function in GNU libc (glibc) 2.2.4 and earlier allows attackers to cause a denial of service (segmentation fault) and execute arbitrary code when a user is a member of a large number…

CVSS: 7.5 CWE: N/A View on NVD
Medium

CVE-2003-0702

Unknown vulnerability in an ISAPI plugin for ISS Server Sensor 7.0 XPU 20.16, 20.18, and possibly other versions before 20.19, allows remote attackers to cause a denial of service (crash) and possibl…

CVSS: 5.0 CWE: N/A View on NVD
High

CVE-2003-0707

Buffer overflow in LinuxNode (node) before 0.3.2 allows remote attackers to execute arbitrary code.

CVSS: 7.5 CWE: N/A View on NVD
High

CVE-2003-0708

Format string vulnerability in LinuxNode (node) before 0.3.2 may allow attackers to cause a denial of service or execute arbitrary code.

CVSS: 7.5 CWE: N/A View on NVD
High

CVE-2003-0709

Buffer overflow in the whois client, which is not setuid but is sometimes called from within CGI programs, may allow remote attackers to execute arbitrary code via a long command line option.

CVSS: 7.5 CWE: N/A View on NVD
High

CVE-2003-0723

Buffer overflow in gkrellmd for gkrellm 2.1.x before 2.1.14 may allow remote attackers to execute arbitrary code.

CVSS: 7.5 CWE: N/A View on NVD
High

CVE-2003-0725

Buffer overflow in the RTSP protocol parser for the View Source plug-in (vsrcplin.so or vsrcplin3260.dll) for RealNetworks Helix Universal Server 9 and RealSystem Server 8, 7 and RealServer G2 allows…

CVSS: 7.5 CWE: N/A View on NVD
High

CVE-2003-0729

Buffer overflow in Tellurian TftpdNT 1.8 allows remote attackers to execute arbitrary code via a TFTP request with a long filename.

CVSS: 7.5 CWE: N/A View on NVD
High

CVE-2003-0730

Multiple integer overflows in the font libraries for XFree86 4.3.0 allow local or remote attackers to cause a denial of service or execute arbitrary code via heap-based and stack-based buffer overflo…

CVSS: 7.5 CWE: N/A View on NVD
High

CVE-2003-0743

Heap-based buffer overflow in smtp_in.c for Exim 3 (exim3) before 3.36 and Exim 4 (exim4) before 4.21 may allow remote attackers to execute arbitrary code via an invalid (1) HELO or (2) EHLO argument…

CVSS: 7.5 CWE: N/A View on NVD
Critical

CVE-2003-0755

Buffer overflow in sys_cmd.c for gtkftpd 1.0.4 and earlier allows remote attackers to execute arbitrary code by creating long directory names and listing them with a LIST command.

CVSS: 10.0 CWE: N/A View on NVD
2003-10-06
Critical

CVE-2003-0694

The prescan function in Sendmail 8.12.9 allows remote attackers to execute arbitrary code via buffer overflow attacks, as demonstrated using the parseaddr function in parseaddr.c.

CVSS: 10.0 CWE: N/A View on NVD
High

CVE-2003-0695

Multiple "buffer management errors" in OpenSSH before 3.7.1 may allow attackers to cause a denial of service or execute arbitrary code using (1) buffer_init in buffer.c, (2) buffer_free in buffer.c,…

CVSS: 7.5 CWE: N/A View on NVD
High

CVE-2003-0805

Multiple buffer overflows in UMN gopher daemon (gopherd) 2.x and 3.x before 3.0.6 allows attackers to execute arbitrary code via (1) a long filename as a result of a LIST command, and (2) the GSisTex…

CVSS: 7.5 CWE: N/A View on NVD
High

CVE-2003-0826

lsh daemon (lshd) does not properly return from certain functions in (1) read_line.c, (2) channel_commands.c, or (3) client_keyexchange.c when long input is provided, which could allow remote attacke…

CVSS: 7.5 CWE: N/A View on NVD
2003-10-03
Medium

CVE-2003-1053

Multiple buffer overflows in XShisen allow attackers to execute arbitrary code via a long (1) -KCONV command line option or (2) XSHISENLIB environment variable.

CVSS: 4.6 CWE: N/A View on NVD
2003-09-22
Critical

CVE-2003-0693

A "buffer management error" in buffer_append_space of buffer.c for OpenSSH before 3.7 may allow remote attackers to execute arbitrary code by causing an incorrect amount of memory to be freed and cor…

CVSS: 10.0 CWE: N/A View on NVD
High

CVE-2003-0770

FUNC.pm in IkonBoard 3.1.2a and earlier, including 3.1.1, does not properly cleanse the "lang" cookie when it contains illegal characters, which allows remote attackers to execute arbitrary code when…

CVSS: 7.5 CWE: N/A View on NVD
Medium

CVE-2003-0771

Gallery.pm in Apache::Gallery (aka A::G) uses predictable temporary filenames when running Inline::C, which allows local users to execute arbitrary code by creating and modifying the files before Apa…

CVSS: 4.6 CWE: N/A View on NVD
High

CVE-2003-0772

Multiple buffer overflows in WS_FTP 3 and 4 allow remote authenticated users to cause a denial of service and possibly execute arbitrary code via long (1) APPE (append) or (2) STAT (status) arguments.

CVSS: 7.5 CWE: N/A View on NVD
Critical

CVE-2003-0780

Buffer overflow in get_salt_from_password from sql_acl.cc for MySQL 4.0.14 and earlier, and 3.23.x, allows attackers with ALTER TABLE privileges to execute arbitrary code via a long Password field.

CVSS: 9.0 CWE: N/A View on NVD
2003-09-17
Critical

CVE-2003-0528

Heap-based buffer overflow in the Distributed Component Object Model (DCOM) interface in the RPCSS Service allows remote attackers to execute arbitrary code via a malformed RPC request with a long fi…

CVSS: 10.0 CWE: N/A View on NVD
High

CVE-2003-0705

Buffer overflow in mah-jong 1.5.6 and earlier allows remote attackers to execute arbitrary code.

CVSS: 7.5 CWE: N/A View on NVD
Critical

CVE-2003-0715

Heap-based buffer overflow in the Distributed Component Object Model (DCOM) interface in the RPCSS Service allows remote attackers to execute arbitrary code via a malformed DCERPC DCOM object activat…

CVSS: 10.0 CWE: N/A View on NVD
High

CVE-2003-0720

Buffer overflow in PINE before 4.58 allows remote attackers to execute arbitrary code via a malformed message/external-body MIME type.

CVSS: 7.5 CWE: N/A View on NVD
High

CVE-2003-0721

Integer signedness error in rfc2231_get_param from strings.c in PINE before 4.58 allows remote attackers to execute arbitrary code via an email that causes an out-of-bounds array access using a negat…

CVSS: 7.5 CWE: CWE-129 - Improper Validation of Array Index View on NVD
High

CVE-2003-0761

Buffer overflow in the get_msg_text of chan_sip.c in the Session Initiation Protocol (SIP) protocol implementation for Asterisk releases before August 15, 2003, allows remote attackers to execute arb…

CVSS: 7.5 CWE: N/A View on NVD
High

CVE-2003-0762

Buffer overflow in (1) foxweb.dll and (2) foxweb.exe of Foxweb 2.5 allows remote attackers to execute arbitrary code via a long URL (PATH_INFO value).

CVSS: 7.5 CWE: N/A View on NVD
High

CVE-2003-0765

The IN_MIDI.DLL plugin 3.01 and earlier, as used in Winamp 2.91, allows remote attackers to execute arbitrary code via a MIDI file with a large "Track data size" value.

CVSS: 7.5 CWE: N/A View on NVD
High

CVE-2003-0766

Multiple heap-based buffer overflows in FTP Desktop client 3.5, and possibly earlier versions, allow remote malicious servers to execute arbitrary code via (1) a long FTP banner, (2) a long response…

CVSS: 7.5 CWE: N/A View on NVD
High

CVE-2003-0767

Buffer overflow in RogerWilco graphical server 1.4.1.6 and earlier, dedicated server 0.32a and earlier for Windows, and 0.27 and earlier for Linux and BSD, allows remote attackers to cause a denial o…

CVSS: 7.5 CWE: N/A View on NVD
2003-08-27
High

CVE-2003-0148

The default installation of MSDE via McAfee ePolicy Orchestrator 2.0 through 3.0 allows attackers to execute arbitrary code via a series of steps that (1) obtain the database administrator username a…

CVSS: 7.2 CWE: N/A View on NVD
High

CVE-2003-0149

Heap-based buffer overflow in ePO agent for McAfee ePolicy Orchestrator 2.0, 2.5, and 2.5.1 allows remote attackers to execute arbitrary code via a POST request containing long parameters.

CVSS: 7.5 CWE: N/A View on NVD
High

CVE-2003-0232

Microsoft SQL Server 7, 2000, and MSDE allows local users to execute arbitrary code via a certain request to the Local Procedure Calls (LPC) port that leads to a buffer overflow.

CVSS: 7.2 CWE: N/A View on NVD
High

CVE-2003-0346

Multiple integer overflows in a Microsoft Windows DirectX MIDI library (QUARTZ.DLL) allow remote attackers to execute arbitrary code via a MIDI (.mid) file with (1) large length for a Text or Copyrig…

CVSS: 7.5 CWE: N/A View on NVD
High

CVE-2003-0353

Buffer overflow in a component of SQL-DMO for Microsoft Data Access Components (MDAC) 2.5 through 2.7 allows remote attackers to execute arbitrary code via a long response to a broadcast request to U…

CVSS: 7.5 CWE: N/A View on NVD
Critical

CVE-2003-0466

Off-by-one error in the fb_realpath() function, as derived from the realpath function in BSD, may allow attackers to execute arbitrary code, as demonstrated in wu-ftpd 2.5.0 through 2.6.2 via command…

CVSS: 9.8 CWE: CWE-193 - Off-by-one Error View on NVD
High

CVE-2003-0530

Buffer overflow in the BR549.DLL ActiveX control for Internet Explorer 5.01 SP3 through 6.0 SP1 allows remote attackers to execute arbitrary code.

CVSS: 7.5 CWE: N/A View on NVD
High

CVE-2003-0532

Internet Explorer 5.01 SP3 through 6.0 SP1 does not properly determine object types that are returned by web servers, which could allow remote attackers to execute arbitrary code via an object tag wi…

CVSS: 7.5 CWE: N/A View on NVD
High

CVE-2003-0595

Buffer overflow in WiTango Application Server and Tango 2000 allows remote attackers to execute arbitrary code via a long cookie to Witango_UserReference.

CVSS: 7.5 CWE: CWE-120 - Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') View on NVD
Medium

CVE-2003-0613

Buffer overflow in zblast-svgalib of zblast 1.2.1 and earlier allows local users to execute arbitrary code via the high score file.

CVSS: 4.6 CWE: N/A View on NVD
High

CVE-2003-0616

Format string vulnerability in ePO service for McAfee ePolicy Orchestrator 2.0, 2.5, and 2.5.1 allows remote attackers to execute arbitrary code via a POST request with format strings in the computer…

CVSS: 7.5 CWE: N/A View on NVD
High

CVE-2003-0632

Buffer overflow in the Oracle Applications Web Report Review (FNDWRR) CGI program (FNDWRR.exe) of Oracle E-Business Suite 11.0 and 11.5.1 through 11.5.8 may allow remote attackers to execute arbitrar…

CVSS: 7.5 CWE: N/A View on NVD
High

CVE-2003-0634

Stack-based buffer overflow in the PL/SQL EXTPROC functionality for Oracle9i Database Release 2 and 1, and Oracle 8i, allows authenticated database users, and arbitrary database users in some cases,…

CVSS: 7.5 CWE: N/A View on NVD
High

CVE-2003-0638

Multiple buffer overflows in Novell iChain 2.1 before Field Patch 3, and iChain 2.2 before Field Patch 1a, allow attackers to cause a denial of service (ABEND) and possibly execute arbitrary code via…

CVSS: 7.5 CWE: N/A View on NVD
High

CVE-2003-0646

Multiple buffer overflows in ActiveX controls used by Trend Micro HouseCall 5.5 and 5.7, and Damage Cleanup Server 1.0, allow remote attackers to execute arbitrary code via long parameter strings.

CVSS: 7.5 CWE: N/A View on NVD
High

CVE-2003-0647

Buffer overflow in the HTTP server for Cisco IOS 12.2 and earlier allows remote attackers to execute arbitrary code via an extremely long (2GB) HTTP GET request.

CVSS: 7.5 CWE: N/A View on NVD
High

CVE-2003-0649

Buffer overflow in xpcd-svga for xpcd 2.08 and earlier allows local users to execute arbitrary code via a long HOME environment variable.

CVSS: 7.2 CWE: N/A View on NVD
High

CVE-2003-0650

Directory traversal vulnerability in GSAPAK.EXE for GameSpy Arcade, possibly versions before 1.3e, allows remote attackers to overwrite arbitrary files and execute arbitrary code via .. (dot dot) seq…

CVSS: 7.5 CWE: N/A View on NVD
High

CVE-2003-0651

Buffer overflow in the mylo_log logging function for mod_mylo 0.2.1 and earlier allows remote attackers to execute arbitrary code via a long HTTP GET request.

CVSS: 7.5 CWE: N/A View on NVD
High

CVE-2003-0654

Buffer overflow in autorespond may allow remote attackers to execute arbitrary code as the autorespond user via qmail.

CVSS: 7.5 CWE: N/A View on NVD
High

CVE-2003-0671

Format string vulnerability in tcpflow, when used in a setuid context, allows local users to execute arbitrary code via the device name argument, as demonstrated in Sustworks IPNetSentryX and IPNetMo…

CVSS: 7.2 CWE: N/A View on NVD
High

CVE-2003-0672

Format string vulnerability in pam-pgsql 0.5.2 and earlier allows remote attackers to execute arbitrary code via the username that isp rovided during authentication, which is not properly handled whe…

CVSS: 7.5 CWE: N/A View on NVD
High

CVE-2003-0685

Buffer overflow in Netris 0.52 and earlier, and possibly other versions, allows remote malicious Netris servers to execute arbitrary code on netris clients via a long server response.

CVSS: 7.5 CWE: N/A View on NVD
High

CVE-2003-0701

Buffer overflow in Internet Explorer 6 SP1 for certain languages that support double-byte encodings (e.g., Japanese) allows remote attackers to execute arbitrary code via the Type property of an Obje…

CVSS: 7.5 CWE: N/A View on NVD
2003-08-18
Critical

CVE-2003-0252

Off-by-one error in the xlog function of mountd in the Linux NFS utils package (nfs-utils) before 1.0.4 allows remote attackers to cause a denial of service and possibly execute arbitrary code via ce…

CVSS: 9.8 CWE: CWE-193 - Off-by-one Error View on NVD
High

CVE-2003-0345

Buffer overflow in the SMB capability for Microsoft Windows XP, 2000, and NT allows remote attackers to cause a denial of service and possibly execute arbitrary code via an SMB packet that specifies…

CVSS: 7.5 CWE: N/A View on NVD
Medium

CVE-2003-0350

The control for listing accessibility options in the Accessibility Utility Manager on Windows 2000 (ListView) does not properly handle Windows messages, which allows local users to execute arbitrary…

CVSS: 4.6 CWE: N/A View on NVD
High

CVE-2003-0352

Buffer overflow in a certain DCOM interface for RPC in Microsoft Windows NT 4.0, 2000, XP, and Server 2003 allows remote attackers to execute arbitrary code via a malformed message, as exploited by t…

CVSS: 7.5 CWE: N/A View on NVD
High

CVE-2003-0553

Buffer overflow in the Client Detection Tool (CDT) plugin (npcdt.dll) for Netscape 7.02 allows remote attackers to execute arbitrary code via an attachment with a long filename.

CVSS: 7.5 CWE: N/A View on NVD
High

CVE-2003-0555

ImageMagick 5.4.3.x and earlier allows attackers to cause a denial of service (crash) and possibly execute arbitrary code via a "%x" filename, possibly triggering a format string vulnerability.

CVSS: 7.5 CWE: N/A View on NVD
High

CVE-2003-0558

Buffer overflow in LeapFTP 2.7.3.600 allows remote FTP servers to execute arbitrary code via a long IP address response to a PASV request.

CVSS: 7.5 CWE: N/A View on NVD
High

CVE-2003-0561

Multiple buffer overflows in IglooFTP PRO 3.8 allow remote FTP servers to execute arbitrary code via (1) a long FTP banner, or long responses to the client commands (2) USER, (3) PASS, (4) ACCT, and…

CVSS: 7.5 CWE: N/A View on NVD