CVEdetails.com the ultimate security vulnerability data source
(e.g.: CVE-2009-1234 or 2010-1234 or 20101234)
Log In   Register   Reset Password   Activate Account
Vulnerability Feeds & WidgetsNew   www.itsecdb.com  

HP : Security Vulnerabilities Published In 2002 (Execute Code)

Press ESC to close
# CVE ID CWE ID # of Exploits Vulnerability Type(s) Publish Date Update Date Score Gained Access Level Access Complexity Authentication Conf. Integ. Avail.
1 CVE-2003-0061 Exec Code Overflow 2002-01-11 2008-09-05
7.2
Admin Local Low Not required Complete Complete Complete
Buffer overflow in passwd for HP UX B.10.20 allows local users to execute arbitrary commands with root privileges via a long LANG environment variable.
2 CVE-2002-1794 Exec Code 2002-12-31 2009-03-04
10.0
Admin Remote Low Not required Complete Complete Complete
Unknown vulnerability in pam_authz in the LDAP-UX Integration product on HP-UX 11.00 and 11.11 allows remote attackers to execute r-commands with privileges of other users.
3 CVE-2002-1617 Exec Code Overflow 2002-12-31 2008-09-05
7.2
Admin Local Low Not required Complete Complete Complete
Multiple buffer overflows in HP Tru64 UNIX 5.x allow local users to execute arbitrary code via (1) a long -contextDir argument to dtaction, (2) a long -p argument to dtprintinfo, (3) a long -customization argument to dxterm, or (4) a long DISPLAY environment variable to dtterm.
4 CVE-2002-1615 Exec Code Overflow 2002-09-13 2008-09-05
7.2
Admin Local Low Not required Complete Complete Complete
Multiple buffer overflows in HP Tru64 UNIX 5.1a, 5.1, 5.0a, 4.0g, and 4.0f allow local users to execute arbitrary code via (1) msgchk or (2) .upd..loader.
5 CVE-2002-1614 Exec Code Overflow 2002-09-09 2008-09-05
7.2
Admin Local Low Not required Complete Complete Complete
Buffer overflow in HP Tru64 UNIX allows local users to execute arbitrary code via a long argument to /usr/bin/at.
6 CVE-2002-1608 Exec Code Overflow 2002-08-31 2008-09-05
4.6
None Local Low Not required Partial Partial Partial
Buffer overflow in traceroute in HP Tru64 UNIX 5.1a, 5.1, 5.0a, 4.0g, and 4.0f allows local users to execute arbitrary code.
7 CVE-2002-1607 Exec Code Overflow 2002-08-31 2008-09-05
4.6
None Local Low Not required Partial Partial Partial
Buffer overflow in ypmatch in HP Tru64 UNIX 5.1a, 5.1, 5.0a, 4.0g, and 4.0f allows local users to execute arbitrary code.
8 CVE-2002-1605 Exec Code Overflow 2002-09-02 2008-09-05
7.5
User Remote Low Not required Partial Partial Partial
Buffer overflow in HP Tru64 UNIX 5.1a, 5.1, 5.0a, 4.0g, and 4.0f allows attackers to execute arbitrary code via a long _XKB_CHARSET environment variable to (1) dxpause, (2) dxconsole, or (3) dtsession.
9 CVE-2002-1604 Exec Code Overflow 2002-09-02 2008-09-05
7.5
User Remote Low Not required Partial Partial Partial
Multiple buffer overflows in HP Tru64 UNIX allow local and possibly remote attackers to execute arbitrary code via a long NLSPATH environment variable to (1) csh, (2) dtsession, (3) dxsysinfo, (4) imapd, (5) inc, (6) uucp, (7) uux, (8) rdist, or (9) deliver.
10 CVE-2002-1318 DoS Exec Code Overflow 2002-12-11 2008-09-05
10.0
Admin Remote Low Not required Complete Complete Complete
Buffer overflow in samba 2.2.2 through 2.2.6 allows remote attackers to cause a denial of service and possibly execute arbitrary code via an encrypted password that causes the overflow during decryption in which a DOS codepage string is converted to a little-endian UCS2 unicode string.
11 CVE-2002-1317 DoS Exec Code Overflow 2002-12-11 2008-09-05
7.5
User Remote Low Not required Partial Partial Partial
Buffer overflow in Dispatch() routine for XFS font server (fs.auto) on Solaris 2.5.1 through 9 allows remote attackers to cause a denial of service (crash) or execute arbitrary code via a certain XFS query.
12 CVE-2002-0836 Exec Code 2002-10-28 2008-09-05
7.5
User Remote Low Not required Partial Partial Partial
dvips converter for Postscript files in the tetex package calls the system() function insecurely, which allows remote attackers to execute arbitrary commands via certain print jobs, possibly involving fonts.
13 CVE-2002-0679 Exec Code Overflow 2002-09-05 2008-09-10
10.0
Admin Remote Low Not required Complete Complete Complete
Buffer overflow in Common Desktop Environment (CDE) ToolTalk RPC database server (rpc.ttdbserverd) allows remote attackers to execute arbitrary code via an argument to the _TT_CREATE_FILE procedure.
14 CVE-2002-0076 Exec Code 2002-03-19 2008-09-05
7.5
User Remote Low Not required Partial Partial Partial
Java Runtime Environment (JRE) Bytecode Verifier allows remote attackers to escape the Java sandbox and execute commands via an applet containing an illegal cast operation, as seen in (1) Microsoft VM build 3802 and earlier as used in Internet Explorer 4.x and 5.x, (2) Netscape 6.2.1 and earlier, and possibly other implementations that use vulnerable versions of SDK or JDK, aka a variant of the "Virtual Machine Verifier" vulnerability.
Total number of vulnerabilities : 14   Page : 1 (This Page)
CVE is a registred trademark of the MITRE Corporation and the authoritative source of CVE content is MITRE's CVE web site. CWE is a registred trademark of the MITRE Corporation and the authoritative source of CWE content is MITRE's CWE web site. OVAL is a registered trademark of The MITRE Corporation and the authoritative source of OVAL content is MITRE's OVAL web site.
Use of this information constitutes acceptance for use in an AS IS condition. There are NO warranties, implied or otherwise, with regard to this information or its use. Any use of this information is at the user's risk. It is the responsibility of user to evaluate the accuracy, completeness or usefulness of any information, opinion, advice or other content. EACH USER WILL BE SOLELY RESPONSIBLE FOR ANY consequences of his or her direct or indirect use of this web site. ALL WARRANTIES OF ANY KIND ARE EXPRESSLY DISCLAIMED. This site will NOT BE LIABLE FOR ANY DIRECT, INDIRECT or any other kind of loss.