CVE Daily
← All tags

Tag: Remote Code Execution

All CVEs associated with "Remote Code Execution". Page 339/345 • 41309 CVEs.

Subscribe CVEs: RSS for “Remote Code Execution”  ·  RSS (High+Critical only)

About “Remote Code Execution”

A curated feed of “Remote Code Execution”-related CVEs appears below. We currently track 41309 CVEs for this tag (all time). In the last 365 days, 4654 were published. Average CVSS is 8.3 (all time; 8.2 over 365d), and 86% are rated High/Critical (all time). Top CWEs (last 365 days): CWE-94 - Improper Control of Generation of Code ('Code Injection'), CWE-434 - Unrestricted Upload of File with Dangerous Type, CWE-78 - Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection').

In our taxonomy this topic maps to a VERY HIGH impact class. Common exploitation patterns for this weakness can lead to very high. Use the filters to triage high risk first and validate exposure in your environment. Use the filters below to sort by CVSS, risk and CWE. Each detail page highlights vendor advisories and mitigation tips.

CVEs tagged with this topic. Filters apply to the whole list (loaded from JSON).

CVSS ≥ 0.0
2003-08-18
High

CVE-2003-0577

mpg123 0.59r allows remote attackers to cause a denial of service and possibly execute arbitrary code via an MP3 file with a zero bitrate, which creates a negative frame size.

CVSS: 7.5 CWE: N/A View on NVD
High

CVE-2003-0580

Buffer overflow in uvadmsh in IBM U2 UniVerse 10.0.0.9 and earlier allows the uvadm user to execute arbitrary code via a long -uv.install command line argument.

CVSS: 7.2 CWE: N/A View on NVD
High

CVE-2003-0581

X Fontserver for Truetype fonts (xfstt) 1.4 allows remote attackers to cause a denial of service and possibly execute arbitrary code via a (1) FS_QueryXExtents8 or (2) FS_QueryXBitmaps8 packet, and p…

CVSS: 7.5 CWE: N/A View on NVD
High

CVE-2003-0583

Buffer overflow in Backup and Restore Utility for Unix (BRU) 17.0 and earlier, when running setuid, allows local users to execute arbitrary code via a long command line argument.

CVSS: 7.2 CWE: N/A View on NVD
High

CVE-2003-0584

Format string vulnerability in Backup and Restore Utility for Unix (BRU) 17.0 and earlier, when running setuid, allows local users to execute arbitrary code via format string specifiers in a command…

CVSS: 7.2 CWE: N/A View on NVD
2003-08-07
High

CVE-2003-0450

Cistron RADIUS daemon (radiusd-cistron) 1.6.6 and earlier allows remote attackers to cause a denial of service and possibly execute arbitrary code via a large value in an NAS-Port attribute, which is…

CVSS: 7.5 CWE: N/A View on NVD
Medium

CVE-2003-0452

Buffer overflows in osh before 1.7-11 allow local users to execute arbitrary code and bypass shell restrictions via (1) long environment variables or (2) long "file redirections."

CVSS: 4.6 CWE: N/A View on NVD
Critical

CVE-2003-0453

traceroute-nanog 6.1.1 allows local users to overwrite unauthorized memory and possibly execute arbitrary code via certain "nprobes" and "max_ttl" arguments that cause an integer overflow that is use…

CVSS: 10.0 CWE: N/A View on NVD
High

CVE-2003-0469

Buffer overflow in the HTML Converter (HTML32.cnv) on various Windows operating systems allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via cut-and-pa…

CVSS: 7.5 CWE: N/A View on NVD
High

CVE-2003-0470

Buffer overflow in the "RuFSI Utility Class" ActiveX control (aka "RuFSI Registry Information Class"), as used for the Symantec Security Check service, allows remote attackers to execute arbitrary co…

CVSS: 7.5 CWE: N/A View on NVD
High

CVE-2003-0471

Buffer overflow in WebAdmin.exe for WebAdmin allows remote attackers to execute arbitrary code via an HTTP request to WebAdmin.dll with a long USER argument.

CVSS: 7.5 CWE: N/A View on NVD
Critical

CVE-2003-0478

Format string vulnerability in (1) Bahamut IRCd 1.4.35 and earlier, and other IRC daemons based on Bahamut including (2) digatech 1.2.1, (3) methane 0.1.1, (4) AndromedeIRCd 1.2.3-Release, and (5) ir…

CVSS: 10.0 CWE: N/A View on NVD
High

CVE-2003-0482

TUTOS 1.1 allows remote attackers to execute arbitrary code by uploading the code using file_new.php, then directly accessing the uploaded code via a request to the repository containing the code.

CVSS: 7.5 CWE: N/A View on NVD
Medium

CVE-2003-0485

Buffer overflow in Progress 4GL Compiler 9.1D06 and earlier allows attackers to execute arbitrary code via source code containing a long, invalid data type.

CVSS: 4.6 CWE: N/A View on NVD
High

CVE-2003-0487

Multiple buffer overflows in Kerio MailServer 5.6.3 allow remote authenticated users to cause a denial of service and possibly execute arbitrary code via (1) a long showuser parameter in the do_subsc…

CVSS: 7.5 CWE: N/A View on NVD
High

CVE-2003-0491

The Tutorials 2.0 module in XOOPS and E-XOOPS allows remote attackers to execute arbitrary code by uploading a PHP file without a MIME image type, then directly accessing the uploaded file.

CVSS: 7.5 CWE: N/A View on NVD
High

CVE-2003-0498

Caché Database 5.x installs the /cachesys/csp directory with insecure permissions, which allows local users to execute arbitrary code by adding server-side scripts that are executed with root privile…

CVSS: 7.2 CWE: CWE-94 - Improper Control of Generation of Code ('Code Injection') View on NVD
High

CVE-2003-0503

Buffer overflow in the ShellExecute API function of SHELL32.DLL in Windows 2000 before SP4 may allow attackers to cause a denial of service or execute arbitrary code via a long third argument.

CVSS: 7.5 CWE: N/A View on NVD
High

CVE-2003-0507

Stack-based buffer overflow in Active Directory in Windows 2000 before SP4 allows remote attackers to cause a denial of service (reboot) and possibly execute arbitrary code via an LDAP version 3 sear…

CVSS: 7.5 CWE: N/A View on NVD
High

CVE-2003-0508

Buffer overflow in the WWWLaunchNetscape function of Adobe Acrobat Reader (acroread) 5.0.7 and earlier allows remote attackers to execute arbitrary code via a .pdf file with a long mailto link.

CVSS: 7.5 CWE: N/A View on NVD
High

CVE-2003-0510

Format string vulnerability in ezbounce 1.0 through 1.50 allows remote attackers to execute arbitrary code via the "sessions" command.

CVSS: 7.5 CWE: N/A View on NVD
2003-07-24
High

CVE-2003-0349

Buffer overflow in the streaming media component for logging multicast requests in the ISAPI for the logging capability of Microsoft Windows Media Services (nsiislog.dll), as installed in IIS 5.0, al…

CVSS: 7.5 CWE: N/A View on NVD
High

CVE-2003-0427

Buffer overflow in mikmod 3.1.6 and earlier allows remote attackers to execute arbitrary code via an archive file that contains a file with a long filename.

CVSS: 7.5 CWE: N/A View on NVD
High

CVE-2003-0429

The OSI dissector in Ethereal 0.9.12 and earlier allows remote attackers to cause a denial of service and possibly execute arbitrary code via invalid IPv4 or IPv6 prefix lengths, possibly triggering…

CVSS: 7.5 CWE: N/A View on NVD
High

CVE-2003-0433

Multiple buffer overflows in gnocatan 0.6.1 and earlier allow attackers to execute arbitrary code.

CVSS: 7.5 CWE: N/A View on NVD
High

CVE-2003-0435

Buffer overflow in net_swapscore for typespeed 0.4.1 and earlier allows remote attackers to execute arbitrary code.

CVSS: 7.5 CWE: N/A View on NVD
High

CVE-2003-0436

Buffer overflow in search.cgi for mnoGoSearch 3.1.20 allows remote attackers to execute arbitrary code via a long ul parameter.

CVSS: 7.5 CWE: N/A View on NVD
High

CVE-2003-0437

Buffer overflow in search.cgi for mnoGoSearch 3.2.10 allows remote attackers to execute arbitrary code via a long tmplt parameter.

CVSS: 7.5 CWE: N/A View on NVD
High

CVE-2003-0445

Buffer overflow in webfs before 1.17.1 allows remote attackers to execute arbitrary code via an HTTP request with a long Request-URI.

CVSS: 7.5 CWE: N/A View on NVD
2003-07-02
High

CVE-2003-0380

Buffer overflow in atftp daemon (atftpd) 0.6.1 and earlier, and possibly later versions, allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a long fi…

CVSS: 7.5 CWE: N/A View on NVD
Medium

CVE-2003-0390

Multiple buffer overflows in Options Parsing Tool (OPT) shared library 3.18 and earlier, when used in setuid programs, may allow local users to execute arbitrary code via long command line options th…

CVSS: 4.6 CWE: N/A View on NVD
High

CVE-2003-0391

Format string vulnerability in Magic WinMail Server 2.3, and possibly other 2.x versions, allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via format s…

CVSS: 7.5 CWE: N/A View on NVD
High

CVE-2003-0397

Buffer overflow in FastTrack (FT) network code, as used in Kazaa 2.0.2 and possibly other versions and products, allows remote attackers to execute arbitrary code via a packet containing a large list…

CVSS: 7.5 CWE: N/A View on NVD
High

CVE-2003-0398

Vignette StoryServer 4 and 5, and Vignette V/5 and V/6, with the SSI EXEC feature enabled, allows remote attackers to execute arbitrary code via a text variable to a Vignette Application that is late…

CVSS: 7.5 CWE: N/A View on NVD
2003-06-30
Critical

CVE-2003-0407

Buffer overflow in gbnserver for Gnome Batalla Naval 1.0.4 allows remote attackers to execute arbitrary code via a long connection string.

CVSS: 10.0 CWE: N/A View on NVD
Critical

CVE-2003-0409

Buffer overflow in BRS WebWeaver 1.04 and earlier allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a long HTTP (1) POST or (2) HEAD request.

CVSS: 10.0 CWE: N/A View on NVD
Critical

CVE-2003-0410

Buffer overflow in AnalogX Proxy 4.13 allows remote attackers to execute arbitrary code via a long URL to port 6588.

CVSS: 10.0 CWE: N/A View on NVD
2003-06-16
High

CVE-2002-1155

Buffer overflow in KON kon2 0.3.9b and earlier allows local users to execute arbitrary code via a long -Coding command line argument.

CVSS: 7.2 CWE: N/A View on NVD
High

CVE-2002-1565

Buffer overflow in url_filename function for wget 1.8.1 allows attackers to cause a denial of service (segmentation fault) and possibly execute arbitrary code via a long URL.

CVSS: 7.5 CWE: N/A View on NVD
Medium

CVE-2003-0276

Buffer overflow in Pi3Web 2.0.1 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a GET request with a large number of / characters.

CVSS: 5.0 CWE: N/A View on NVD
Critical

CVE-2003-0280

Multiple buffer overflows in the SMTP Service for ESMTP CMailServer 4.0.2003.03.27 allow remote attackers to execute arbitrary code via long (1) MAIL FROM or (2) RCPT TO commands.

CVSS: 10.0 CWE: N/A View on NVD
Medium

CVE-2003-0281

Buffer overflow in Firebird 1.0.2 and other versions before 1.5, and possibly other products that use the InterBase codebase, allows local users to execute arbitrary code via a long INTERBASE environ…

CVSS: 4.6 CWE: N/A View on NVD
Critical

CVE-2003-0288

Buffer overflow in the file & folder transfer mechanism for IP Messenger for Win 2.00 through 2.02 allows remote attackers to execute arbitrary code via file with a long filename, which triggers the…

CVSS: 10.0 CWE: N/A View on NVD
High

CVE-2003-0296

The IMAP Client for Evolution 1.2.4 allows remote malicious IMAP servers to cause a denial of service and possibly execute arbitrary code via certain large literal size values that cause either integ…

CVSS: 7.5 CWE: N/A View on NVD
High

CVE-2003-0297

c-client IMAP Client, as used in imap-2002b and Pine 4.53, allows remote malicious IMAP servers to cause a denial of service (crash) and possibly execute arbitrary code via certain large (1) literal…

CVSS: 7.5 CWE: N/A View on NVD
High

CVE-2003-0298

The IMAP Client for Mozilla 1.3 and 1.4a allows remote malicious IMAP servers to cause a denial of service and possibly execute arbitrary code via certain large (1) literal and possibly (2) mailbox s…

CVSS: 7.5 CWE: N/A View on NVD
High

CVE-2003-0299

The IMAP Client, as used in mutt 1.4.1 and Balsa 2.0.10, allows remote malicious IMAP servers to cause a denial of service and possibly execute arbitrary code via certain large mailbox size values th…

CVSS: 7.5 CWE: N/A View on NVD
Medium

CVE-2003-0302

The IMAP Client for Eudora 5.2.1 allows remote malicious IMAP servers to cause a denial of service and possibly execute arbitrary code via certain large literal size values that cause either integer…

CVSS: 5.0 CWE: N/A View on NVD
High

CVE-2003-0315

Snowblind Web Server 1.0 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a long HTTP request, which may trigger a buffer overflow.

CVSS: 7.5 CWE: N/A View on NVD
High

CVE-2003-0344

Buffer overflow in Microsoft Internet Explorer 5.01, 5.5, and 6.0 allows remote attackers to execute arbitrary code via / (slash) characters in the Type property of an Object tag in a web page.

CVSS: 7.5 CWE: N/A View on NVD
High

CVE-2003-0371

Buffer overflow in Prishtina FTP client 1.x allows remote FTP servers to cause a denial of service (crash) and possibly execute arbitrary code via a long FTP banner.

CVSS: 7.5 CWE: N/A View on NVD
Medium

CVE-2003-0372

Signed integer vulnerability in libnasl in Nessus before 2.0.6 allows local users with plugin upload privileges to cause a denial of service (core dump) and possibly execute arbitrary code by causing…

CVSS: 4.6 CWE: CWE-189 View on NVD
Medium

CVE-2003-0373

Multiple buffer overflows in libnasl in Nessus before 2.0.6 allow local users with plugin upload privileges to cause a denial of service (core dump) and possibly execute arbitrary code via (1) a long…

CVSS: 4.4 CWE: CWE-119 - Improper Restriction of Operations within the Bounds of a Memory Buffer View on NVD
Medium

CVE-2003-0376

Buffer overflow in Eudora 5.2.1 allows remote attackers to cause a denial of service (crash and failed restart) and possibly execute arbitrary code via an Attachment Converted argument with a large n…

CVSS: 5.0 CWE: N/A View on NVD
2003-06-09
High

CVE-2002-1456

Buffer overflow in mIRC 6.0.2 and earlier allows remote attackers to execute arbitrary code via a long $asctime value.

CVSS: 7.5 CWE: N/A View on NVD
Critical

CVE-2003-0224

Buffer overflow in ssinc.dll for Microsoft Internet Information Services (IIS) 5.0 allows local users to execute arbitrary code via a web page with a Server Side Include (SSI) directive with a long f…

CVSS: 10.0 CWE: N/A View on NVD
Medium

CVE-2003-0227

The logging capability for unicast and multicast transmissions in the ISAPI extension for Microsoft Windows Media Services in Microsoft Windows NT 4.0 and 2000, nsiislog.dll, allows remote attackers…

CVSS: 5.0 CWE: CWE-119 - Improper Restriction of Operations within the Bounds of a Memory Buffer View on NVD
High

CVE-2003-0241

FrontRange GoldMine mail agent 5.70 and 6.00 before 30503 directly sends HTML to the default browser without setting its security zone or otherwise labeling it untrusted, which allows remote attacker…

CVSS: 7.5 CWE: N/A View on NVD
Medium

CVE-2003-0245

Vulnerability in the apr_psprintf function in the Apache Portable Runtime (APR) library for Apache 2.0.37 through 2.0.45 allows remote attackers to cause a denial of service (crash) and possibly exec…

CVSS: 5.0 CWE: N/A View on NVD
High

CVE-2003-0306

Buffer overflow in EXPLORER.EXE on Windows XP allows attackers to execute arbitrary code as the XP user via a desktop.ini file with a long .ShellClassInfo parameter.

CVSS: 7.2 CWE: N/A View on NVD
High

CVE-2003-0319

Buffer overflow in the IMAP server (IMAPMax) for SmartMax MailMax 5.0.10.8 and earlier allows remote authenticated users to execute arbitrary code via a long SELECT command.

CVSS: 7.5 CWE: N/A View on NVD
High

CVE-2003-0321

Multiple buffer overflows in BitchX IRC client 1.0-0c19 and earlier allow remote malicious IRC servers to cause a denial of service (crash) and possibly execute arbitrary code via long hostnames, nic…

CVSS: 7.5 CWE: N/A View on NVD
High

CVE-2003-0323

Multiple buffer overflows in ircII 20020912 allows remote malicious IRC servers to cause a denial of service (crash) and possibly execute arbitrary code via responses that are not properly fed to the…

CVSS: 7.5 CWE: N/A View on NVD
High

CVE-2003-0324

Buffer overflows in EPIC IRC Client (EPIC4) 1.0.1 allows remote malicious IRC servers to cause a denial of service (crash) and possibly execute arbitrary code via long replies that are not properly h…

CVSS: 7.5 CWE: N/A View on NVD
Medium

CVE-2003-0325

Buffer overflow in Maelstrom 3.0.6, 3.0.5, and earlier allows local users to execute arbitrary code via a long -server command line argument.

CVSS: 4.6 CWE: N/A View on NVD
Medium

CVE-2003-0326

Integer overflow in parse_decode_path() of slocate may allow attackers to execute arbitrary code via a LOCATE_PATH with a large number of ":" (colon) characters, whose count is used in a call to mall…

CVSS: 4.6 CWE: N/A View on NVD
High

CVE-2003-0328

EPIC IRC Client (EPIC4) pre2.002, pre2.003, and possibly later versions, allows remote malicious IRC servers to cause a denial of service (crash) and possibly execute arbitrary code via a CTCP reques…

CVSS: 7.5 CWE: N/A View on NVD
Medium

CVE-2003-0330

Buffer overflow in unknown versions of Maelstrom allows local users to execute arbitrary code via a long -player command line argument.

CVSS: 4.6 CWE: N/A View on NVD
Critical

CVE-2003-0356

Multiple off-by-one vulnerabilities in Ethereal 0.9.11 and earlier allow remote attackers to cause a denial of service and possibly execute arbitrary code via the (1) AIM, (2) GIOP Gryphon, (3) OSPF,…

CVSS: 9.8 CWE: CWE-193 - Off-by-one Error View on NVD
High

CVE-2003-0357

Multiple integer overflow vulnerabilities in Ethereal 0.9.11 and earlier allow remote attackers to cause a denial of service and possibly execute arbitrary code via the (1) Mount and (2) PPP dissecto…

CVSS: 7.5 CWE: N/A View on NVD
High

CVE-2003-0360

Multiple buffer overflows in gPS before 1.0.0 allow attackers to cause a denial of service and possibly execute arbitrary code.

CVSS: 7.5 CWE: N/A View on NVD
2003-05-27
High

CVE-2003-0228

Directory traversal vulnerability in Microsoft Windows Media Player 7.1 and Windows Media Player for Windows XP allows remote attackers to execute arbitrary code via a skins file with a URL containin…

CVSS: 7.5 CWE: N/A View on NVD
High

CVE-2003-0235

Format string vulnerability in POP3 client for Mirabilis ICQ Pro 2003a allows remote malicious servers to execute arbitrary code via format strings in the response to a UIDL command.

CVSS: 7.5 CWE: N/A View on NVD
High

CVE-2003-0236

Integer signedness errors in the POP3 client for Mirabilis ICQ Pro 2003a allow remote attackers to execute arbitrary code via the (1) Subject or (2) Date headers.

CVSS: 7.5 CWE: N/A View on NVD
High

CVE-2003-0263

Multiple buffer overflows in Floosietek FTGate Pro Mail Server (FTGatePro) 1.22 allow remote attackers to execute arbitrary code via long (1) MAIL FROM or (2) RCPT TO commands.

CVSS: 7.5 CWE: N/A View on NVD
High

CVE-2003-0264

Multiple buffer overflows in SLMail 5.1.0.4420 allows remote attackers to execute arbitrary code via (1) a long EHLO argument to slmail.exe, (2) a long XTRN argument to slmail.exe, (3) a long string…

CVSS: 7.5 CWE: N/A View on NVD
High

CVE-2003-0266

Multiple buffer overflows in SLWebMail 3 on Windows systems allows remote attackers to cause a denial of service and possibly execute arbitrary code via (1) a long Language parameter to showlogin.dll…

CVSS: 7.5 CWE: N/A View on NVD
High

CVE-2003-0271

Buffer overflow in Personal FTP Server allows remote attackers to execute arbitrary code via a long USER argument.

CVSS: 7.5 CWE: N/A View on NVD
Critical

CVE-2003-0274

Buffer overflow in catmail for ListProc 8.2.09 and earlier allows remote attackers to execute arbitrary code via a long ULISTPROC_UMASK value.

CVSS: 10.0 CWE: N/A View on NVD
2003-05-22
High

CVE-2003-0339

Multiple heap-based buffer overflows in WsMp3 daemon (WsMp3d) 0.0.10 and earlier allow remote attackers to execute arbitrary code via long HTTP requests.

CVSS: 7.5 CWE: N/A View on NVD
2003-05-12
High

CVE-2003-0113

Buffer overflow in URLMON.DLL in Microsoft Internet Explorer 5.01, 5.5 and 6.0 allows remote attackers to execute arbitrary code via an HTTP response containing long values in (1) Content-type and (2…

CVSS: 7.5 CWE: N/A View on NVD
High

CVE-2003-0117

Buffer overflow in the HTTP receiver function (BizTalkHTTPReceive.dll ISAPI) of Microsoft BizTalk Server 2002 allows attackers to execute arbitrary code via a certain request to the HTTP receiver.

CVSS: 7.5 CWE: N/A View on NVD
High

CVE-2003-0210

Buffer overflow in the administration service (CSAdmin) for Cisco Secure ACS before 3.1.2 allows remote attackers to cause a denial of service and possibly execute arbitrary code via a long user para…

CVSS: 7.5 CWE: N/A View on NVD
High

CVE-2003-0212

handleAccept in rinetd before 0.62 does not properly resize the connection list when it becomes full and sets an array index incorrectly, which allows remote attackers to cause a denial of service an…

CVSS: 7.5 CWE: N/A View on NVD
High

CVE-2003-0218

Buffer overflow in PostMethod() function for Monkey HTTP Daemon (monkeyd) 0.6.1 and earlier allows remote attackers to execute arbitrary code via a POST request with a large body.

CVSS: 7.5 CWE: CWE-119 - Improper Restriction of Operations within the Bounds of a Memory Buffer View on NVD
High

CVE-2003-0220

Buffer overflow in the administrator authentication process for Kerio Personal Firewall (KPF) 2.1.4 and earlier allows remote attackers to execute arbitrary code via a handshake packet.

CVSS: 7.5 CWE: N/A View on NVD
Critical

CVE-2003-0222

Stack-based buffer overflow in Oracle Net Services for Oracle Database Server 9i release 2 and earlier allows attackers to execute arbitrary code via a "CREATE DATABASE LINK" query containing a conne…

CVSS: 9.0 CWE: CWE-119 - Improper Restriction of Operations within the Bounds of a Memory Buffer View on NVD
High

CVE-2003-0233

Heap-based buffer overflow in plugin.ocx for Internet Explorer 5.01, 5.5 and 6.0 allows remote attackers to execute arbitrary code via the Load() method, a different vulnerability than CVE-2003-0115.

CVSS: 7.5 CWE: N/A View on NVD
2003-05-05
High

CVE-2003-0111

The ByteCode Verifier component of Microsoft Virtual Machine (VM) build 5.0.3809 and earlier, as used in Windows and Internet Explorer, allows remote attackers to bypass security checks and execute a…

CVSS: 7.5 CWE: N/A View on NVD
Critical

CVE-2003-0196

Multiple buffer overflows in Samba before 2.2.8a may allow remote attackers to execute arbitrary code or cause a denial of service, as discovered by the Samba team and a different vulnerability than…

CVSS: 10.0 CWE: N/A View on NVD
Critical

CVE-2003-0201

Buffer overflow in the call_trans2open function in trans2.c for Samba 2.2.x before 2.2.8a, 2.0.10 and earlier 2.0.x versions, and Samba-TNG before 0.3.2, allows remote attackers to execute arbitrary…

CVSS: 10.0 CWE: N/A View on NVD
Critical

CVE-2003-0209

Integer overflow in the TCP stream reassembly module (stream4) for Snort 2.0 and earlier allows remote attackers to execute arbitrary code via large sequence numbers in packets, which enable a heap-b…

CVSS: 10.0 CWE: N/A View on NVD
2003-04-22
Critical

CVE-2002-1468

Buffer overflow in errpt in AIX 4.3.3 allows local users to execute arbitrary code as root.

CVSS: 10.0 CWE: N/A View on NVD
Medium

CVE-2002-1473

Multiple buffer overflows in lp subsystem for HP-UX 10.20 through 11.11 (11i) allow local users to cause a denial of service and possibly execute arbitrary code.

CVSS: 4.6 CWE: N/A View on NVD
Medium

CVE-2002-1476

Buffer overflow in setlocale in libc on NetBSD 1.4.x through 1.6, and possibly other operating systems, when called with the LC_ALL category, allows local attackers to execute arbitrary code via a us…

CVSS: 4.6 CWE: N/A View on NVD
2003-04-11
Critical

CVE-2002-0690

Format string vulnerability in McAfee Security ePolicy Orchestrator (ePO) 2.5.1 allows remote attackers to execute arbitrary code via an HTTP GET request with a URI containing format strings.

CVSS: 10.0 CWE: N/A View on NVD
High

CVE-2002-1412

Gallery photo album package before 1.3.1 allows local and possibly remote attackers to execute arbitrary code via a modified GALLERY_BASEDIR variable that points to a directory or URL that contains a…

CVSS: 7.5 CWE: N/A View on NVD
Medium

CVE-2002-1415

Format string vulnerability in SMTP service for WebEasyMail 3.4.2.2 and earlier allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via format strings in…

CVSS: 5.0 CWE: N/A View on NVD
Medium

CVE-2002-1424

Buffer overflow in munpack in mpack 1.5 and earlier allows remote attackers to cause a denial of service and possibly execute arbitrary code.

CVSS: 5.0 CWE: N/A View on NVD
High

CVE-2002-1441

Multiple buffer overflows in Tomahawk SteelArrow before 4.5 allow remote attackers to execute arbitrary code via (1) the Steelarrow Service (Steelarrow.exe) using a long UserIdent Cookie header, (2)…

CVSS: 7.5 CWE: N/A View on NVD
High

CVE-2003-0203

Buffer overflow in moxftp 2.2 and earlier allows remote malicious FTP servers to execute arbitrary code via a long FTP banner.

CVSS: 7.5 CWE: N/A View on NVD
2003-04-02
Medium

CVE-2002-0030

The digital signature mechanism for the Adobe Acrobat PDF viewer only verifies the PE header of executable code for a plug-in, which can allow attackers to execute arbitrary code in certified mode by…

CVSS: 4.6 CWE: N/A View on NVD
High

CVE-2002-1486

Multiple buffer overflows in the IRC component of Trillian 0.73 and 0.74 allows remote malicious IRC servers to cause a denial of service and possibly execute arbitrary code via (1) a large response…

CVSS: 7.5 CWE: N/A View on NVD
High

CVE-2002-1489

Buffer overflow in PlanetDNS PlanetWeb 1.14 and earlier allows remote attackers to execute arbitrary code via (1) an HTTP GET request with a long URL or (2) a request with a long method name.

CVSS: 7.5 CWE: N/A View on NVD
High

CVE-2002-1496

Heap-based buffer overflow in Null HTTP Server 0.5.0 and earlier allows remote attackers to execute arbitrary code via a negative value in the Content-Length HTTP header.

CVSS: 7.5 CWE: N/A View on NVD
High

CVE-2002-1506

Buffer overflow in Linuxconf before 1.28r4 allows local users to execute arbitrary code via a long LINUXCONF_LANG environment variable, which overflows an error string that is generated.

CVSS: 7.2 CWE: N/A View on NVD
Critical

CVE-2002-1519

Format string vulnerability in the CLI interface for WatchGuard Firebox Vclass 3.2 and earlier, and RSSA Appliance 3.0.2, allows remote attackers to cause a denial of service and possibly execute arb…

CVSS: 10.0 CWE: N/A View on NVD
Medium

CVE-2002-1522

Buffer overflow in PowerFTP FTP server 2.24, and possibly other versions, allows remote attackers to cause a denial of service and possibly execute arbitrary code via a long USER argument.

CVSS: 5.0 CWE: N/A View on NVD
High

CVE-2002-1524

Buffer overflow in XML parser in wsabi.dll of Winamp 3 (1.0.0.488) allows remote attackers to execute arbitrary code via a skin file (.wal) with a long include file tag.

CVSS: 7.5 CWE: N/A View on NVD
High

CVE-2003-0159

Heap-based buffer overflow in the NTLMSSP code for Ethereal 0.9.9 and earlier allows remote attackers to cause a denial of service and possibly execute arbitrary code.

CVSS: 7.5 CWE: N/A View on NVD
Critical

CVE-2003-0161

The prescan() function in the address parser (parseaddr.c) in Sendmail before 8.12.9 does not properly handle certain conversions from char and int types, which can cause a length check to be disable…

CVSS: 10.0 CWE: N/A View on NVD
Medium

CVE-2003-0165

Format string vulnerability in Eye Of Gnome (EOG) allows attackers to execute arbitrary code via format string specifiers in a command line argument for the file to display.

CVSS: 4.6 CWE: N/A View on NVD
High

CVE-2003-0166

Integer signedness error in emalloc() function for PHP before 4.3.2 allow remote attackers to cause a denial of service (memory consumption) and possibly execute arbitrary code via negative arguments…

CVSS: 7.5 CWE: N/A View on NVD
High

CVE-2003-0167

Multiple off-by-one buffer overflows in the IMAP capability for Mutt 1.3.28 and earlier, and Balsa 1.2.4 and earlier, allow a remote malicious IMAP server to cause a denial of service (crash) and pos…

CVSS: 7.5 CWE: N/A View on NVD
High

CVE-2003-0168

Buffer overflow in Apple QuickTime Player 5.x and 6.0 for Windows allows remote attackers to execute arbitrary code via a long QuickTime URL.

CVSS: 7.5 CWE: N/A View on NVD
High

CVE-2003-0172

Buffer overflow in openlog function for PHP 4.3.1 on Windows operating system, and possibly other OSes, allows remote attackers to cause a crash and possibly execute arbitrary code via a long filenam…

CVSS: 7.5 CWE: N/A View on NVD
Critical

CVE-2003-0178

Multiple buffer overflows in Lotus Domino Web Server before 6.0.1 allow remote attackers to cause a denial of service or execute arbitrary code via (1) the s_ViewName option in the PresetFields param…

CVSS: 10.0 CWE: N/A View on NVD
High

CVE-2003-0179

Buffer overflow in the COM Object Control Handler for Lotus Domino 6.0.1 and earlier allows remote attackers to execute arbitrary code via multiple attack vectors, as demonstrated using the Initializ…

CVSS: 7.5 CWE: N/A View on NVD
2003-03-31
High

CVE-2002-1549

Buffer overflow in Light HTTPd (lhttpd) 0.1 allows remote attackers to execute arbitrary code via a long HTTP GET request.

CVSS: 7.5 CWE: N/A View on NVD
Medium

CVE-2002-1551

Buffer overflow in nslookup in IBM AIX may allow attackers to cause a denial of service or execute arbitrary code.

CVSS: 4.6 CWE: N/A View on NVD