| # |
CVE ID
|
CWE ID
|
# of Exploits
|
Vulnerability Type(s)
|
Publish Date
|
Update Date
|
Score
|
Gained Access Level
|
Access
|
Complexity
|
Authentication
|
Conf.
|
Integ.
|
Avail.
|
|
1 |
CVE-2003-1104 |
|
|
Exec Code Overflow |
2003-12-31 |
2008-09-05 |
10.0 |
Admin |
Remote |
Low |
Not required |
Complete |
Complete |
Complete |
|
Buffer overflow in IBM Tivoli Firewall Toolbox (TFST) 1.2 allows remote attackers to execute arbitrary code via unknown vectors. |
|
2 |
CVE-2003-0954 |
|
|
Overflow +Priv |
2003-12-31 |
2008-09-05 |
7.2 |
Admin |
Local |
Low |
Not required |
Complete |
Complete |
Complete |
|
Buffer overflow in rcp for AIX 4.3.3, 5.1 and 5.2 allows local users to gain privileges. |
|
3 |
CVE-2003-0837 |
|
|
Exec Code Overflow |
2003-11-17 |
2008-09-05 |
7.5 |
User |
Remote |
Low |
Not required |
Partial |
Partial |
Partial |
|
Stack-based buffer overflow in IBM DB2 Universal Data Base 7.2 for Windows, before Fixpak 10a, allows attackers with "Connect" privileges to execute arbitrary code via the INVOKE command. |
|
4 |
CVE-2003-0836 |
|
|
Exec Code Overflow |
2003-11-17 |
2008-09-10 |
7.5 |
User |
Remote |
Low |
Not required |
Partial |
Partial |
Partial |
|
Stack-based buffer overflow in IBM DB2 Universal Data Base 7.2 before Fixpak 10 and 10a, and 8.1 before Fixpak 2, allows attackers with "Connect" privileges to execute arbitrary code via a LOAD command. |
|
5 |
CVE-2003-0759 |
|
|
Overflow +Priv |
2003-10-06 |
2008-09-05 |
7.2 |
Admin |
Local |
Low |
Not required |
Complete |
Complete |
Complete |
|
Buffer overflow in db2licm in IBM DB2 Universal Data Base 7.2 before Fixpak 10a allows local users to gain root privileges via a long command line argument. |
|
6 |
CVE-2003-0758 |
|
|
Overflow +Priv |
2003-10-06 |
2008-09-05 |
7.2 |
Admin |
Local |
Low |
Not required |
Complete |
Complete |
Complete |
|
Buffer overflow in db2dart in IBM DB2 Universal Data Base 7.2 before Fixpak 10 allows local users to gain root privileges via a long command line argument. |
|
7 |
CVE-2003-0694 |
|
|
Exec Code Overflow |
2003-10-06 |
2008-09-10 |
10.0 |
Admin |
Remote |
Low |
Not required |
Complete |
Complete |
Complete |
|
The prescan function in Sendmail 8.12.9 allows remote attackers to execute arbitrary code via buffer overflow attacks, as demonstrated using the parseaddr function in parseaddr.c. |
|
8 |
CVE-2003-0681 |
|
|
Overflow |
2003-10-06 |
2008-09-10 |
7.5 |
User |
Remote |
Low |
Not required |
Partial |
Partial |
Partial |
|
A "potential buffer overflow in ruleset parsing" for Sendmail 8.12.9, when using the nonstandard rulesets (1) recipient (2), final, or (3) mailer-specific envelope recipients, has unknown consequences. |
|
9 |
CVE-2003-0580 |
|
|
Exec Code Overflow |
2003-08-18 |
2008-09-10 |
7.2 |
Admin |
Local |
Low |
Not required |
Complete |
Complete |
Complete |
|
Buffer overflow in uvadmsh in IBM U2 UniVerse 10.0.0.9 and earlier allows the uvadm user to execute arbitrary code via a long -uv.install command line argument. |
|
10 |
CVE-2003-0179 |
|
|
Exec Code Overflow |
2003-04-02 |
2008-09-05 |
7.5 |
User |
Remote |
Low |
Not required |
Partial |
Partial |
Partial |
|
Buffer overflow in the COM Object Control Handler for Lotus Domino 6.0.1 and earlier allows remote attackers to execute arbitrary code via multiple attack vectors, as demonstrated using the InitializeUsingNotesUserName method in the iNotes ActiveX control. |
|
11 |
CVE-2003-0178 |
|
|
DoS Exec Code Overflow |
2003-04-02 |
2008-09-05 |
10.0 |
Admin |
Remote |
Low |
Not required |
Complete |
Complete |
Complete |
|
Multiple buffer overflows in Lotus Domino Web Server before 6.0.1 allow remote attackers to cause a denial of service or execute arbitrary code via (1) the s_ViewName option in the PresetFields parameter for iNotes, (2) the Foldername option in the PresetFields parameter for iNotes, or (3) a long Host header, which is inserted into a long Location header and used during a redirect operation. |
|
12 |
CVE-2003-0123 |
|
|
DoS Overflow |
2003-03-18 |
2008-09-05 |
5.0 |
None |
Remote |
Low |
Not required |
None |
None |
Partial |
|
Buffer overflow in Web Retriever client for Lotus Notes/Domino R4.5 through R6 allows remote malicious web servers to cause a denial of service (crash) via a long HTTP status line. |
|
13 |
CVE-2003-0122 |
|
|
Exec Code Overflow |
2003-03-18 |
2008-09-05 |
5.0 |
None |
Remote |
Low |
Not required |
None |
None |
Partial |
|
Buffer overflow in Notes server before Lotus Notes R4, R5 before 5.0.11, and early R6 allows remote attackers to execute arbitrary code via a long distinguished name (DN) during NotesRPC authentication and an outer field length that is less than that of the DN field. |
|
14 |
CVE-2003-0028 |
|
|
Exec Code Overflow |
2003-03-25 |
2008-09-10 |
7.5 |
User |
Remote |
Low |
Not required |
Partial |
Partial |
Partial |
|
Integer overflow in the xdrmem_getbytes() function, and possibly other functions, of XDR (external data representation) libraries derived from SunRPC, including libnsl, libc, glibc, and dietlibc, allows remote attackers to execute arbitrary code via certain integer values in length fields, a different vulnerability than CVE-2002-0391. |
|
15 |
CVE-2002-1551 |
|
|
DoS Exec Code Overflow |
2003-03-31 |
2008-09-05 |
4.6 |
User |
Local |
Low |
Not required |
Partial |
Partial |
Partial |
|
Buffer overflow in nslookup in IBM AIX may allow attackers to cause a denial of service or execute arbitrary code. |
|
16 |
CVE-2002-1468 |
|
|
Exec Code Overflow |
2003-04-22 |
2008-09-05 |
10.0 |
None |
Remote |
Low |
Not required |
Complete |
Complete |
Complete |
|
Buffer overflow in errpt in AIX 4.3.3 allows local users to execute arbitrary code as root. |
