High
CVE-2002-1012
Buffer overflow in web server for Tivoli Management Framework (TMF) ManagedNode 3.6.x through 3.7.1 allows remote attackers to cause a denial of service or execute arbitrary code via a long HTTP GET…
Tag: Remote Code Execution
All CVEs associated with "Remote Code Execution". Page 342/345 • 41309 CVEs.
Subscribe CVEs: RSS for “Remote Code Execution” · RSS (High+Critical only)
About “Remote Code Execution”
A curated feed of “Remote Code Execution”-related CVEs appears below. We currently track 41309 CVEs for this tag (all time). In the last 365 days, 4654 were published. Average CVSS is 8.3 (all time; 8.2 over 365d), and 86% are rated High/Critical (all time). Top CWEs (last 365 days): CWE-94 - Improper Control of Generation of Code ('Code Injection'), CWE-434 - Unrestricted Upload of File with Dangerous Type, CWE-78 - Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection').
In our taxonomy this topic maps to a VERY HIGH impact class. Common exploitation patterns for this weakness can lead to very high. Use the filters to triage high risk first and validate exposure in your environment. Use the filters below to sort by CVSS, risk and CWE. Each detail page highlights vendor advisories and mitigation tips.
CVEs tagged with this topic. Filters apply to the whole list (loaded from JSON).
CVSS ≥ 0.0
2002-10-04
High
CVE-2002-1014
Buffer overflow in RealJukebox 2 1.0.2.340 and 1.0.2.379, and RealOne Player Gold 6.0.10.505, allows remote attackers to execute arbitrary code via an RFS skin file whose skin.ini contains a long val…
High
CVE-2002-1032
Buffer overflow in KeyFocus (KF) web server 1.0.5 and earlier allows remote attackers to cause a denial of service and possibly execute arbitrary code via a malformed HTTP header.
High
CVE-2002-1044
Buffer overflow in Ultrafunk Popcorn 1.20 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a long Subject field.
High
CVE-2002-1050
Buffer overflow in HylaFAX faxgetty before 4.1.3 allows remote attackers to cause a denial of service, and possibly execute arbitrary code, via a long line of image data.
Medium
CVE-2002-1051
Format string vulnerability in TrACESroute 6.0 GOLD (aka NANOG traceroute) allows local users to execute arbitrary code via the -T (terminator) command line argument.
High
CVE-2002-1057
Buffer overflow in SmartMax MailMax POP3 daemon (popmax) 4.8 allows remote attackers to execute arbitrary code via a long USER command.
High
CVE-2002-1059
Buffer overflow in Van Dyke SecureCRT SSH client before 3.4.6, and 4.x before 4.0 beta 3, allows an SSH server to execute arbitrary code via a long SSH1 protocol version string.
High
CVE-2002-1061
Multiple buffer overflows in Thomas Hauck Jana Server 2.x through 2.2.1, and 1.4.6 and earlier, allow remote attackers to cause a denial of service and possibly execute arbitrary code via (1) an HTTP…
High
CVE-2002-1062
Signedness error in Thomas Hauck Jana Server 2.x through 2.2.1, and 1.4.6 and earlier, allows remote attackers to execute arbitrary code via long (1) Username, (2) Password, or (3) Hostname entries.
High
CVE-2002-1066
Thomas Hauck Jana Server 1.4.6 and earlier allows remote attackers to cause a denial of service and possibly execute arbitrary code via a large message index value in a (1) RETR or (2) DELE command t…
High
CVE-2002-1073
Buffer overflow in the control service for MERCUR Mailserver 4.2 allows remote attackers to execute arbitrary code via a long password.
High
CVE-2002-1075
Buffer overflow in Pegasus mail client 4.01 and earlier allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via long (1) To or (2) From headers.
High
CVE-2002-1076
Buffer overflow in the Web Messaging daemon for Ipswitch IMail before 7.12 allows remote attackers to execute arbitrary code via a long HTTP GET request for HTTP/1.0.
High
CVE-2002-1088
Buffer overflow in Novell GroupWise 6.0.1 Support Pack 1 allows remote attackers to execute arbitrary code via a long RCPT TO command.
High
CVE-2002-1090
Buffer overflow in read_smtp_response of protocol.c in libesmtp before 0.8.11 allows a remote SMTP server to (1) execute arbitrary code via a certain response or (2) cause a denial of service via lon…
High
CVE-2002-1091
Netscape 6.2.3 and earlier, and Mozilla 1.0.1, allow remote attackers to corrupt heap memory and execute arbitrary code via a GIF image with a zero width.
High
CVE-2002-1114
config_inc2.php in Mantis before 0.17.4 allows remote attackers to execute arbitrary code or read arbitrary files via the parameters (1) g_bottom_include_page, (2) g_top_include_page, (3) g_css_inclu…
Medium
CVE-2002-1119
os._execvpe from os.py in Python 2.2.1 and earlier creates temporary files with predictable names, which could allow local users to execute arbitrary code via a symlink attack.
High
CVE-2002-1127
Buffer overflow in uucp in Compaq Tru64/OSF1 3.x allows local users to execute arbitrary code via a long source (-s) command line parameter.
High
CVE-2002-1128
Buffer overflow in inc mail utility for Compaq Tru64/OSF1 3.x allows local users to execute arbitrary code via a long MH environment variable.
High
CVE-2002-1129
Buffer overflow in dxterm allows local users to execute arbitrary code via a long -xrm argument.
2002-09-24
High
CVE-2002-0376
Buffer overflow in Apple QuickTime 5.0 ActiveX component allows remote attackers to execute arbitrary code via a long pluginspage field.
High
CVE-2002-0647
Buffer overflow in a legacy ActiveX control used to display specially formatted text in Microsoft Internet Explorer 5.01, 5.5, and 6.0 allows remote attackers to execute arbitrary code, aka "Buffer O…
High
CVE-2002-0726
Buffer overflow in Microsoft Terminal Services Advanced Client (TSAC) ActiveX control allows remote attackers to execute arbitrary code via a long server name field.
High
CVE-2002-0834
Buffer overflow in the ISIS dissector for Ethereal 0.9.5 and earlier allows remote attackers to cause a denial of service or execute arbitrary code via malformed packets.
Medium
CVE-2002-0971
Vulnerability in VNC, TightVNC, and TridiaVNC allows local users to execute arbitrary code as LocalSystem by using the Win32 Messaging System to bypass the VNC GUI and access the "Add new clients" di…
Medium
CVE-2002-0972
Buffer overflows in PostgreSQL 7.2 allow attackers to cause a denial of service and possibly execute arbitrary code via long arguments to the functions (1) lpad or (2) rpad.
High
CVE-2002-0977
Buffer overflow in Microsoft File Transfer Manager (FTM) ActiveX control before 4.0 allows remote attackers to execute arbitrary code via a long TS value.
High
CVE-2002-0979
The Java logging feature for the Java Virtual Machine in Internet Explorer writes output from functions such as System.out.println to a known pathname, which can be used to execute arbitrary code.
High
CVE-2002-0980
The Web Folder component for Internet Explorer 5.5 and 6.0 writes an error message to a known location in the temporary folder, which allows remote attackers to execute arbitrary code by injecting it…
High
CVE-2002-0981
Buffer overflow in ndcfg command for UnixWare 7.1.1 and Open UNIX 8.0.0 allows local users to execute arbitrary code via a long command line.
High
CVE-2002-0982
Microsoft SQL Server 2000 SP2, when configured as a distributor, allows attackers to execute arbitrary code via the @scriptfile parameter to the sp_MScopyscript stored procedure.
High
CVE-2002-0984
The IRC script included in Light 2.7.x before 2.7.30p5, and 2.8.x before 2.8pre10, running EPIC allows remote attackers to execute arbitrary code if the user joins a channel whose topic includes EPIC…
High
CVE-2002-1120
Buffer overflow in Savant Web Server 3.1 and earlier allows remote attackers to execute arbitrary code via a long HTTP GET request.
High
CVE-2002-1122
Buffer overflow in the parsing mechanism for ISS Internet Scanner 6.2.1, when using the license banner HTTP check, allows remote attackers to execute arbitrary code via a long web server response.
High
CVE-2002-1123
Buffer overflow in the authentication function for Microsoft SQL Server 2000 and Microsoft Desktop Engine (MSDE) 2000 allows remote attackers to execute arbitrary code via a long request to TCP port…
2002-09-13
High
CVE-2002-1615
Multiple buffer overflows in HP Tru64 UNIX 5.1a, 5.1, 5.0a, 4.0g, and 4.0f allow local users to execute arbitrary code via (1) msgchk or (2) .upd..loader.
2002-09-09
High
CVE-2002-1614
Buffer overflow in HP Tru64 UNIX allows local users to execute arbitrary code via a long argument to /usr/bin/at.
2002-09-05
High
CVE-2002-0093
Buffer overflow in ipcs for HP Tru64 UNIX 4.0f through 5.1a may allow attackers to execute arbitrary code, a different vulnerability than CVE-2001-0423.
Critical
CVE-2002-0679
Buffer overflow in Common Desktop Environment (CDE) ToolTalk RPC database server (rpc.ttdbserverd) allows remote attackers to execute arbitrary code via an argument to the _TT_CREATE_FILE procedure.
High
CVE-2002-0857
Format string vulnerabilities in Oracle Listener Control utility (lsnrctl) for Oracle 9.2 and 9.0, 8.1, and 7.3.4, allow remote attackers to execute arbitrary code on the Oracle DBA system by placing…
High
CVE-2002-0859
Buffer overflow in the OpenDataSource function of the Jet engine on Microsoft SQL Server 2000 allows remote attackers to execute arbitrary code.
2002-09-02
High
CVE-2002-1604
Multiple buffer overflows in HP Tru64 UNIX allow local and possibly remote attackers to execute arbitrary code via a long NLSPATH environment variable to (1) csh, (2) dtsession, (3) dxsysinfo, (4) im…
High
CVE-2002-1605
Buffer overflow in HP Tru64 UNIX 5.1a, 5.1, 5.0a, 4.0g, and 4.0f allows attackers to execute arbitrary code via a long _XKB_CHARSET environment variable to (1) dxpause, (2) dxconsole, or (3) dtsessio…
2002-08-31
Medium
CVE-2002-1607
Buffer overflow in ypmatch in HP Tru64 UNIX 5.1a, 5.1, 5.0a, 4.0g, and 4.0f allows local users to execute arbitrary code.
Medium
CVE-2002-1608
Buffer overflow in traceroute in HP Tru64 UNIX 5.1a, 5.1, 5.0a, 4.0g, and 4.0f allows local users to execute arbitrary code.
2002-08-14
High
CVE-2002-1452
Buffer overflow in the search capability for MyWebServer 1.0.2 allows remote attackers to execute arbitrary code via a long searchTarget parameter.
2002-08-12
Critical
CVE-2002-0391
Integer overflow in xdr_array function in RPC servers for operating systems that use libc, glibc, or other code based on SunRPC including dietlibc, allows remote attackers to execute arbitrary code b…
High
CVE-2002-0412
Format string vulnerability in TraceEvent function for ntop before 2.1 allows remote attackers to execute arbitrary code by causing format strings to be injected into calls to the syslog function, vi…
Critical
CVE-2002-0416
Buffer overflow in SH39 MailServer 1.21 and earlier allows remote attackers to cause a denial of service, and possibly execute arbitrary code, via a long command to the SMTP port.
Critical
CVE-2002-0423
Buffer overflow in efingerd 1.5 and earlier, and possibly up to 1.61, allows remote attackers to cause a denial of service and possibly execute arbitrary code via a finger request from an IP address…
Critical
CVE-2002-0467
Buffer overflows in Ecartis (formerly Listar) 1.0.0 before snapshot 20020125 allows remote attackers to execute arbitrary code via (1) address_match() of mystring.c or (2) other functions in tolist.c.
Critical
CVE-2002-0471
PHPNetToolpack 0.1 allows remote attackers to execute arbitrary code via shell metacharacters in the a_query variable.
Critical
CVE-2002-0473
db.php in phpBB 2.0 (aka phpBB2) RC-3 and earlier allows remote attackers to execute arbitrary code from remote servers via the phpbb_root_path parameter.
Critical
CVE-2002-0488
Linux Directory Penguin traceroute.pl CGI script 1.0 allows remote attackers to execute arbitrary code via shell metacharacters in the host parameter.
Critical
CVE-2002-0489
Linux Directory Penguin NsLookup CGI script (nslookup.pl) 1.0 allows remote attackers to execute arbitrary code via shell metacharacters in the (1) query or (2) type parameters.
High
CVE-2002-0501
Format string vulnerability in log_print() function of Posadis DNS server before version m5pre2 allows local users and possibly remote attackers to execute arbitrary code via format strings that are…
High
CVE-2002-0506
Buffer overflow in newt.c of newt windowing library (libnewt) 0.50.33 and earlier may allow attackers to cause a denial of service or execute arbitrary code in setuid programs that use libnewt.
High
CVE-2002-0644
Buffer overflow in several Database Consistency Checkers (DBCCs) for Microsoft SQL Server 2000 and Microsoft Desktop Engine (MSDE) 2000 allows members of the db_owner and db_ddladmin roles to execute…
High
CVE-2002-0649
Multiple buffer overflows in the Resolution Service for Microsoft SQL Server 2000 and Microsoft Desktop Engine 2000 (MSDE) allow remote attackers to cause a denial of service or execute arbitrary cod…
High
CVE-2002-0655
OpenSSL 0.9.6d and earlier, and 0.9.7-beta2 and earlier, does not properly handle ASCII representations of integers on 64 bit platforms, which could allow attackers to cause a denial of service and p…
High
CVE-2002-0656
Buffer overflows in OpenSSL 0.9.6d and earlier, and 0.9.7-beta2 and earlier, allow remote attackers to execute arbitrary code via (1) a large client master key in SSL2 or (2) a large session ID in SS…
High
CVE-2002-0657
Buffer overflow in OpenSSL 0.9.7 before 0.9.7-beta3, with Kerberos enabled, allows attackers to execute arbitrary code via a long master key.
High
CVE-2002-0660
Buffer overflow in libpng 1.0.12-3.woody.2 and libpng3 1.2.1-1.1.woody.2 on Debian GNU/Linux 3.0, and other operating systems, may allow attackers to cause a denial of service and possibly execute ar…
High
CVE-2002-0684
Buffer overflow in DNS resolver functions that perform lookup of network names and addresses, as used in BIND 4.9.8 and ported to glibc 2.2.5 and earlier, allows remote malicious DNS servers to execu…
High
CVE-2002-0695
Buffer overflow in the Transact-SQL (T-SQL) OpenRowSet component of Microsoft Data Access Components (MDAC) 2.5 through 2.7 for SQL Server 7.0 or 2000 allows remote attackers to execute arbitrary cod…
High
CVE-2002-0698
Buffer overflow in Internet Mail Connector (IMC) for Microsoft Exchange Server 5.5 allows remote attackers to execute arbitrary code via an EHLO request from a system with a long name as obtained thr…
High
CVE-2002-0735
Format string vulnerability in the logging() function in C-Note Squid LDAP authentication module (squid_auth_LDAP) 2.0.2 and earlier allows remote attackers to cause a denial of service and possibly…
Critical
CVE-2002-0753
Buffer overflow in Talentsoft Web+ 5.0 allows remote attackers to execute arbitrary code via an HTTP request with a long cookie.
High
CVE-2002-0768
Buffer overflow in lukemftp FTP client in SuSE 6.4 through 8.0, and possibly other operating systems, allows a malicious FTP server to execute arbitrary code via a long PASV command.
Critical
CVE-2002-0777
Buffer overflow in the LDAP component of Ipswitch IMail 7.1 and earlier allows remote attackers to execute arbitrary code via a long "bind DN" parameter.
High
CVE-2002-0789
Buffer overflow in search.cgi in mnoGoSearch 3.1.19 and earlier allows remote attackers to execute arbitrary code via a long query (q) parameter.
High
CVE-2002-0799
Buffer overflow in YoungZSoft CMailServer 3.30 allows remote attackers to execute arbitrary code via a long USER argument.
Critical
CVE-2002-0801
Buffer overflow in the ISAPI DLL filter for Macromedia JRun 3.1 allows remote attackers to execute arbitrary code via a direct request to the filter with a long HTTP host header field in a URL for a…
High
CVE-2002-0814
Buffer overflow in VMware Authorization Service for VMware GSX Server 2.0.0 build-2050 allows remote authenticated users to execute arbitrary code via a long GLOBAL argument.
High
CVE-2002-0818
wwwoffled in World Wide Web Offline Explorer (WWWOFFLE) allows remote attackers to cause a denial of service and possibly execute arbitrary code via a negative Content-Length value.
High
CVE-2002-0821
Buffer overflows in Ethereal 0.9.4 and earlier allow remote attackers to cause a denial of service or execute arbitrary code via (1) the BGP dissector, or (2) the WCP dissector.
High
CVE-2002-0823
Buffer overflow in Winhlp32.exe allows remote attackers to execute arbitrary code via an HTML document that calls the HTML Help ActiveX control (HHCtrl.ocx) with a long pathname in the Item parameter.
High
CVE-2002-0825
Buffer overflow in the DNS SRV code for nss_ldap before nss_ldap-198 allows remote attackers to cause a denial of service and possibly execute arbitrary code.
High
CVE-2002-0826
Buffer overflow in WS_FTP FTP Server 3.1.1 allows remote authenticated users to execute arbitrary code via a long SITE CPWD command.
High
CVE-2002-0833
Buffer overflow in Eudora 5.1.1 and 5.0-J for Windows, and possibly other versions, allows remote attackers to execute arbitrary code via a multi-part message with a long boundary string.
High
CVE-2002-0844
Off-by-one overflow in the CVS PreservePermissions of rcs.c for CVSD before 1.11.2 allows local users to execute arbitrary code.
High
CVE-2002-0845
Buffer overflow in Sun ONE / iPlanet Web Server 4.1 and 6.0 allows remote attackers to execute arbitrary code via an HTTP request using chunked transfer encoding.
High
CVE-2002-0846
The decoder for Macromedia Shockwave Flash allows remote attackers to execute arbitrary code via a malformed SWF header that contains more data than the specified length.
High
CVE-2002-0847
tinyproxy HTTP proxy 1.5.0, 1.4.3, and earlier allows remote attackers to execute arbitrary code via memory that is freed twice (double-free).
2002-07-26
Medium
CVE-2002-0031
Buffer overflows in Yahoo! Messenger 5,0,0,1064 and earlier allows remote attackers to execute arbitrary code via a ymsgr URI with long arguments to (1) call, (2) sendim, (3) getimv, (4) chat, (5) ad…
Critical
CVE-2002-0369
Buffer overflow in ASP.NET Worker Process allows remote attackers to cause a denial of service (restart) and possibly execute arbitrary code via a routine that processes cookies while in StateServer…
Critical
CVE-2002-0393
Buffer overflow in Red-M 1050 (Bluetooth Access Point) management web interface allows remote attackers to cause a denial of service and possibly execute arbitrary code via a long administration pass…
Critical
CVE-2002-0398
Red-M 1050 (Bluetooth Access Point) PPP server allows bonded users to cause a denial of service and possibly execute arbitrary code via a long user name.
Critical
CVE-2002-0405
Buffer overflow in Transsoft Broker FTP Server 5.0 evaluation allows remote attackers to cause a denial of service and possibly execute arbitrary code via a CWD command with a large number of . (dot)…
Critical
CVE-2002-0432
Buffer overflow in (1) lprintf and (2) cprintf in sysdep.c of Citadel/UX 5.90 and earlier allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via attacks…
Critical
CVE-2002-0449
Buffer overflow in webpsvc.exe for Talentsoft Web+ 5.0 and earlier allows remote attackers to execute arbitrary code via a long argument to webplus.exe program, which triggers the overflow in webpsvc…
Critical
CVE-2002-0450
Buffer overflow in Talentsoft Web+ 5.0 and earlier allows remote attackers to execute arbitrary code via a long Web Markup Language (wml) file name to (1) webplus.dll or (2) webplus.exe.
High
CVE-2002-0663
Buffer overflow in HTTP Proxy for Symantec Norton Personal Internet Firewall 3.0.4.91 and Norton Internet Security 2001 allows remote attackers to cause a denial of service and possibly execute arbit…
Critical
CVE-2002-0702
Format string vulnerabilities in the logging routines for dynamic DNS code (print.c) of ISC DHCP daemon (DHCPD) 3 to 3.0.1rc8, with the NSUPDATE option enabled, allow remote malicious DNS servers to…
High
CVE-2002-0713
Buffer overflows in Squid before 2.4.STABLE6 allow remote attackers to cause a denial of service (crash) and possibly execute arbitrary code (1) via the MSNT auth helper (msnt_auth) when using denyus…
High
CVE-2002-0717
PHP 4.2.0 and 4.2.1 allows remote attackers to cause a denial of service and possibly execute arbitrary code via an HTTP POST request with certain arguments in a multipart/form-data form, which gener…
2002-07-23
High
CVE-2002-0624
Buffer overflow in the password encryption function of Microsoft SQL Server 2000, including Microsoft SQL Server Desktop Engine (MSDE) 2000, allows remote attackers to gain control of the database an…
High
CVE-2002-0641
Buffer overflow in bulk insert procedure of Microsoft SQL Server 2000, including Microsoft SQL Server Desktop Engine (MSDE) 2000, allows attackers with database administration privileges to execute a…
High
CVE-2002-0686
Buffer overflow in the search component for iPlanet Web Server (iWS) 4.1 and Sun ONE Web Server 6.0 allows remote attackers to execute arbitrary code via a long argument to the NS-rel-doc-name parame…
2002-07-11
High
CVE-2002-0653
Off-by-one buffer overflow in the ssl_compat_directive function, as called by the rewrite_command hook for mod_ssl Apache module 2.8.9 and earlier, allows local users to execute arbitrary code as the…
High
CVE-2002-0676
SoftwareUpdate for MacOS 10.1.x does not use authentication when downloading a software update, which could allow remote attackers to execute arbitrary code by posing as the Apple update server via t…
2002-07-03
High
CVE-2002-0186
Buffer overflow in the SQLXML ISAPI extension of Microsoft SQL Server 2000 allows remote attackers to execute arbitrary code via data queries with a long content-type parameter, aka "Unchecked Buffer…
High
CVE-2002-0364
Buffer overflow in the chunked encoding transfer mechanism in IIS 4.0 and 5.0 allows attackers to execute arbitrary code via the processing of HTR request sessions, aka "Heap Overrun in HTR Chunked E…
High
CVE-2002-0366
Buffer overflow in Remote Access Service (RAS) phonebook for Windows NT 4.0, 2000, XP, and Routing and Remote Access Server (RRAS) allows local users to execute arbitrary code by modifying the raspho…
High
CVE-2002-0371
Buffer overflow in gopher client for Microsoft Internet Explorer 5.1 through 6.0, Proxy Server 2.0, or ISA Server 2000 allows remote attackers to execute arbitrary code via a gopher:// URL that redir…
High
CVE-2002-0392
Apache 1.3 through 1.3.24, and Apache 2.0 through 2.0.36, allows remote attackers to cause a denial of service and possibly execute arbitrary code via a chunk-encoded HTTP request that causes Apache…
High
CVE-2002-0541
Buffer overflow in Tivoli Storage Manager TSM (1) Server or Storage Agents 3.1 through 5.1, and (2) the TSM Client Acceptor Service 4.2 and 5.1, allows remote attackers to cause a denial of service (…
High
CVE-2002-0547
Buffer overflow in the mini-browser for Winamp 2.79 and earlier allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a long string in the title field o…
High
CVE-2002-0550
Dynamic Guestbook 3.0 allows remote attackers to execute arbitrary code via shell metacharacters in the gbdaten parameter.
High
CVE-2002-0552
Multiple buffer overflows in Melange Chat server 2.02 allow remote or local attackers to cause a denial of service (crash) and possibly execute arbitrary code via (1) a long argument in the /yell com…
High
CVE-2002-0559
Buffer overflows in PL/SQL module 3.0.9.8.2 in Oracle 9i Application Server 1.0.2.x allow remote attackers to cause a denial of service or execute arbitrary code via (1) a long help page request with…
High
CVE-2002-0573
Format string vulnerability in RPC wall daemon (rpc.rwalld) for Solaris 2.5.1 through 8 allows remote attackers to execute arbitrary code via format strings in a message that is not properly provided…
High
CVE-2002-0623
Buffer overflow in AuthFilter ISAPI filter on Microsoft Commerce Server 2000 and 2002 allows remote attackers to execute arbitrary code via long authentication data, aka "New Variant of the ISAPI Fil…
Critical
CVE-2002-0639
Integer overflow in sshd in OpenSSH 2.9.9 through 3.3 allows remote attackers to execute arbitrary code during challenge response authentication (ChallengeResponseAuthentication) when OpenSSH is usin…
Critical
CVE-2002-0640
Buffer overflow in sshd in OpenSSH 2.3.1 through 3.3 may allow remote attackers to execute arbitrary code via a large number of responses during challenge response authentication when OpenBSD is usin…
High
CVE-2002-0651
Buffer overflow in the DNS resolver code used in libc, glibc, and libbind, as derived from ISC BIND, allows remote malicious DNS servers to cause a denial of service and possibly execute arbitrary co…
High
CVE-2002-0652
xfsmd for IRIX 6.5 through 6.5.16 allows remote attackers to execute arbitrary code via shell metacharacters that are not properly filtered from several calls to the popen() function, such as export_…
2002-06-25
High
CVE-2002-0313
Buffer overflow in Essentia Web Server 2.1 allows remote attackers to cause a denial of service, and possibly execute arbitrary code, via a long URL.