CVEdetails.com the ultimate security vulnerability data source
(e.g.: CVE-2009-1234 or 2010-1234 or 20101234)
Log In   Register   Reset Password   Activate Account
Vulnerability Feeds & WidgetsNew   www.itsecdb.com  

Security Vulnerabilities Published In 2002(Overflow)

Press ESC to close
# CVE ID CWE ID # of Exploits Vulnerability Type(s) Publish Date Update Date Score Gained Access Level Access Complexity Authentication Conf. Integ. Avail.
1 CVE-2003-0061 Exec Code Overflow 2002-01-11 2008-09-05
7.2
Admin Local Low Not required Complete Complete Complete
Buffer overflow in passwd for HP UX B.10.20 allows local users to execute arbitrary commands with root privileges via a long LANG environment variable.
2 CVE-2002-2411 119 Exec Code Overflow 2002-12-31 2008-09-05
10.0
Admin Remote Low Not required Complete Complete Complete
Buffer overflow in badmin.c in BannerWheel 1.0 allows remote attackers to execute arbitrary code via a long rcmd command.
3 CVE-2002-2406 20 DoS Overflow 2002-12-31 2008-09-05
5.0
None Remote Low Not required None None Partial
Buffer overflow in HTTP server in LiteServe 2.0, 2.0.1 and 2.0.2 allows remote attackers to cause a denial of service (hang) via a large number of percent characters (%) in an HTTP GET request.
4 CVE-2002-2404 119 DoS Overflow 2002-12-31 2008-09-05
5.0
None Remote Low Not required None None Partial
Buffer overflow in IISPop email server 1.161 and 1.181 allows remote attackers to cause a denial of service (crash) via a long request to the POP3 port (TCP port 110).
5 CVE-2002-2400 119 DoS Exec Code Overflow 2002-12-31 2008-09-05
10.0
Admin Remote Low Not required Complete Complete Complete
Buffer overflow in the httpdProcessRequest function in LibHTTPD 1.2 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a long HTTP POST request.
6 CVE-2002-2396 119 Exec Code Overflow 2002-12-31 2008-09-05
7.2
Admin Local Low Not required Complete Complete Complete
Buffer overflow in Advanced TFTP (atftp) 0.5 and 0.6, if installed setuid or setgid, may allow local users to execute arbitrary code via a long argument to the -g option.
7 CVE-2002-2390 119 DoS Exec Code Overflow 2002-12-31 2008-09-05
10.0
Admin Remote Low Not required Complete Complete Complete
Buffer overflow in the IDENT daemon (identd) in Trillian 0.6351, 0.725, 0.73, 0.74 and 1.0 pro allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a long request.
8 CVE-2002-2388 119 DoS Overflow 2002-12-31 2008-09-05
5.0
None Remote Low Not required None None Partial
Buffer overflow in INweb POP3 mail server 2.01 allows remote attackers to cause a denial of service (crash) via a long HELO command.
9 CVE-2002-2385 119 DoS Exec Code Overflow 2002-12-31 2008-09-05
7.5
User Remote Low Not required Partial Partial Partial
Buffer overflow in hotfoon4.exe in Hotfoon 4.0 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a URL containing a long voice phone number.
10 CVE-2002-2381 119 DoS Exec Code Overflow 2002-12-31 2008-09-05
7.5
User Remote Low Not required Partial Partial Partial
Multiple buffer overflows in (1) tetrinet_inmessage, (2) speclist_add and (3) config-getthemeinfo of GTetrinet 0.4.3 and earlier allow remote attackers to casue a denial of service and possibly execute arbitrary code.
11 CVE-2002-2372 119 DoS Overflow 2002-12-31 2008-09-05
5.0
None Remote Low Not required None None Partial
The telnet server in Infoprint 21 running controller software before 1.056007 allows remote attackers to cause a denial of service (crash) via a long username, possibly due to a buffer overflow.
12 CVE-2002-2368 119 DoS Exec Code Overflow 2002-12-31 2008-09-05
10.0
Admin Remote Low Not required Complete Complete Complete
Multiple buffer overflows in NEC SOCKS5 1.0 r11 and earlier allow remote attackers to cause a denial of service and possibly execute arbitrary code via a long username to (1) the GetString function in proxy.c for the SOCKS5 module or (2) the HandleS4Connection function in proxy.c for the SOCKS4 module.
13 CVE-2002-2367 119 DoS Exec Code Overflow 2002-12-31 2008-09-05
7.8
None Remote Low Not required None None Complete
Off-by-one buffer overflow in NEC SOCKS5 1.0 r11 and earlier allows remote attackers to cause a denial of service and possibly execute arbitrary code via a long hostname.
14 CVE-2002-2366 119 DoS Exec Code Overflow 2002-12-31 2008-09-05
6.8
None Remote Medium Not required Partial Partial Partial
Buffer overflow in the XML parser of Trillian 0.6351, 0.725 and 0.73 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a skin with a long colors file name in trillian.xml.
15 CVE-2002-2357 119 DoS Overflow 2002-12-31 2008-09-05
5.0
None Remote Low Not required None None Partial
MailEnable 1.5 015 through 1.5 018 allows remote attackers to cause a denial of service (crash) via a long USER string, possibly due to a buffer overflow.
16 CVE-2002-2333 119 DoS Overflow 2002-12-31 2008-09-05
5.0
None Remote Low Not required None None Partial
Buffer overflow in konqueror in KDE 2.1 through 3.0 and 3.0.2 allows remote attackers to cause a denial of service (crash) via an IMG tag with large width and height attributes.
17 CVE-2002-2332 119 DoS Overflow 2002-12-31 2008-09-05
5.0
None Remote Low Not required None None Partial
Buffer overflow in Opera 6.01 allows remote attackers to cause a denial of service (crash) via an IMG tag with large width and height attributes.
18 CVE-2002-2300 119 DoS Overflow 2002-12-31 2008-09-05
7.5
None Remote Low Not required Partial Partial Partial
Buffer overflow in ftpd 5.4 in 3Com NBX 4.0.17 or ftpd 5.4.2 in 3Com NBX 4.1.4 allows remote attackers to cause a denial of service (crash) via a long CEL command.
19 CVE-2002-2295 119 DoS Exec Code Overflow 2002-12-31 2008-09-05
7.5
User Remote Low Not required Partial Partial Partial
Buffer overflow in Pico Server (pServ) 2.0 beta 1 through beta 5 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via (1) a 1024-byte TCP stream message, which triggers an off-by-one buffer overflow, or (2) a long method name in an HTTP request, (3) a long version number in an HTTP request, (4) a long User-Agent header, or (5) a long file path.
20 CVE-2002-2294 119 DoS Overflow 2002-12-31 2008-09-05
5.0
None Remote Low Not required None None Partial
Multiple buffer overflows in Symantec Raptor Firewall 6.5 and 6.5.3, Enterprise Firewall 6.5.2 and 7.0, VelociRaptor 500/700/1000 and 1100/1200/1300, and Gateway Security 5110/5200/5300 allow remote attackers to cause a denial of service (service termination) via (1) malformed RealAudio (rad) packets that are not properly handled by the RealAudio Proxy, or (2) crafted packets to the statistics service (statsd).
21 CVE-2002-2291 119 DoS Overflow 2002-12-31 2008-09-05
7.8
None Remote Low Not required None None Complete
Calisto Internet Talker 0.04 and earlier allows remote attackers to cause a denial of service (hang) via a long request, possibly triggering a buffer overflow.
22 CVE-2002-2272 119 DoS Overflow 2002-12-31 2008-09-05
7.8
None Remote Low Not required None None Complete
Tomcat 4.0 through 4.1.12, using mod_jk 1.2.1 module on Apache 1.3 through 1.3.27, allows remote attackers to cause a denial of service (desynchronized communications) via an HTTP GET request with a Transfer-Encoding chunked field with invalid values.
23 CVE-2002-2271 119 DoS Overflow 2002-12-31 2008-09-05
5.0
None Remote Low Not required None None Partial
Buffer overflow in BigFun 1.51b IRC client, when the Direct Client Connection (DCC) option is used, allows remote attackers to cause a denial of service (crash) via a long string.
24 CVE-2002-2268 119 Exec Code Overflow 2002-12-31 2008-09-05
9.4
None Remote Low Not required Complete Complete None
Buffer overflow in Webster HTTP Server allows remote attackers to execute arbitrary code via a long URL.
25 CVE-2002-2259 119 Exec Code Overflow 2002-12-31 2008-09-05
7.2
Admin Local Low Not required Complete Complete Complete
Buffer overflow in the French documentation patch for Gnuplot 3.7 in SuSE Linux before 8.0 allows local users to execute arbitrary code as root via unknown attack vectors.
26 CVE-2002-2258 119 DoS Overflow 2002-12-31 2008-09-05
5.0
None Remote Low Not required None None Partial
Moby NetSuite allows remote attackers to cause a denial of service (crash) via an HTTP POST request with a (1) large integer or (2) non-numeric value in the Content-Length header, which causes an access violation after a failed atoi function call.
27 CVE-2002-2257 119 Exec Code Overflow 2002-12-31 2008-09-05
10.0
None Remote Low Not required Complete Complete Complete
Stack-based buffer overflow in the parse_field function in cgi_lib.c for LIBCGI 1.0.2 and 1.0.3 allows remote attackers to execute arbitrary code via a long argument.
28 CVE-2002-2253 119 Exec Code Overflow 2002-12-31 2008-09-05
10.0
None Remote Low Not required Complete Complete Complete
Multiple buffer overflows in Cyrus Sieve / libSieve 2.1.2 and earlier allow remote attackers to execute arbitrary code via (1) a long header name, (2) a long IMAP flag, or (3) a script that generates a large number of errors that overflow the resulting error string.
29 CVE-2002-2251 119 Exec Code Overflow 2002-12-31 2008-09-05
10.0
None Remote Low Not required Complete Complete Complete
Buffer overflow in the changevalue function in libcgi.h for Marcos Luiz Onisto Lib CGI 0.1 allows remote attackers to execute arbitrary code via a long argument.
30 CVE-2002-2250 119 Exec Code Overflow 2002-12-31 2008-09-05
10.0
Admin Remote Low Not required Complete Complete Complete
Multiple buffer overflows in Sybase Adaptive Server 12.0 and 12.5 allow remote attackers to execute arbitrary code via (1) a long parameter to the xp_freedll extended stored procedure or (2) a long database name argument to the DBCC CHECKVERIFY function.
31 CVE-2002-2248 119 Exec Code Overflow 2002-12-31 2008-09-05
10.0
None Remote Low Not required Complete Complete Complete
Buffer overflow in the sun.awt.windows.WDefaultFontCharset Java class implementation in Netscape 4.0 allows remote attackers to execute arbitrary code via an applet that calls the WDefaultFontCharset constructor with a long string and invokes the canConvert method.
32 CVE-2002-2241 399 DoS Overflow 2002-12-31 2008-09-05
5.0
None Remote Low Not required None None Partial
Buffer overflow in httpd32.exe in Deerfield VisNetic WebSite before 3.5.15 allows remote attackers to cause a denial of service (crash) via a long HTTP OPTIONS request.
33 CVE-2002-2232 119 Exec Code Overflow 2002-12-31 2008-09-05
8.5
Admin Remote Medium Single system Complete Complete Complete
Buffer overflow in Enceladus Server Suite 3.9 allows remote attackers to execute arbitrary code via a long CD (CWD) command.
34 CVE-2002-2227 119 DoS Overflow Mem. Corr. 2002-12-31 2010-06-24
10.0
None Remote Low Not required Complete Complete Complete
Buffer underflow in ssldump 0.9b2 and earlier allows remote attackers to cause a denial of service (memory corruption) via a crafted SSLv2 challenge value.
35 CVE-2002-2226 119 Exec Code Overflow 2002-12-31 2009-11-24
7.5
User Remote Low Not required Partial Partial Partial
Buffer overflow in tftpd of TFTP32 2.21 and earlier allows remote attackers to execute arbitrary code via a long filename argument.
36 CVE-2002-2225 DoS Exec Code Overflow 2002-12-31 2008-09-05
5.1
User Remote High Not required Partial Partial Partial
SafeNet VPN client allows remote attackers to cause a denial of service and possibly execute arbitrary code via crafted Internet Key Exchange (IKE) response packets, possibly involving buffer overflows using (1) a large Security Parameter Index (SPI) field, (2) a large number of payloads, or (3) a long payload.
37 CVE-2002-2224 DoS Exec Code Overflow 2002-12-31 2008-09-05
5.1
User Remote High Not required Partial Partial Partial
Buffer overflow in PGPFreeware 7.03 running on Windows NT 4.0 SP6 allows remote attackers to cause a denial of service and possibly execute arbitrary code via crafted Internet Key Exchange (IKE) response packets, possibly including (1) a large Security Parameter Index (SPI) field, (2) large number of payloads, or (3) a long payload.
38 CVE-2002-2223 DoS Exec Code Overflow 2002-12-31 2008-09-05
5.1
User Remote High Not required Partial Partial Partial
Buffer overflow in NetScreen-Remote 8.0 allows remote attackers to cause a denial of service and possibly execute arbitrary code via crafted Internet Key Exchange (IKE) response packets, possibly including (1) a large Security Parameter Index (SPI) field, (2) large number of payloads, or (3) a long payload.
39 CVE-2002-2220 Overflow +Priv 2002-12-31 2008-09-05
6.2
Admin Local High Not required Complete Complete Complete
Buffer overflow in Pedro Lineu Orso chetcpasswd before 1.12, when configured for access from 0.0.0.0, allows local users to gain privileges via unspecified vectors.
40 CVE-2002-2207 Exec Code Overflow 2002-12-31 2008-09-05
10.0
Admin Remote Low Not required Complete Complete Complete
Buffer overflow in ssldump 0.9b2 and earlier, when running in decryption mode, allows remote attackers to execute arbitrary code via a long RSA PreMasterSecret.
41 CVE-2002-2205 Exec Code Overflow 2002-12-31 2008-09-05
5.0
None Remote Low Not required None Partial None
Buffer overflow in Webresolve 0.1.0 and earlier allows remote attackers to execute arbitrary code by connecting to the server from an IP address that resolves to a long hostname.
42 CVE-2002-2198 Exec Code Overflow 2002-12-31 2008-09-05
10.0
Admin Remote Low Not required Complete Complete Complete
Buffer overflow in ZMailer before 2.99.51_1 allows remote attackers to execute arbitrary code during HELO processing from an IPv6 address, possibly using an address that resolves to a long hostname.
43 CVE-2002-2196 119 Exec Code Overflow 2002-12-31 2008-09-05
7.5
User Remote Low Not required Partial Partial Partial
Samba before 2.2.5 does not properly terminate the enum_csc_policy data structure, which may allow remote attackers to execute arbitrary code via a buffer overflow attack.
44 CVE-2002-2195 Exec Code Overflow 2002-12-31 2008-09-05
5.0
None Remote Low Not required None Partial None
Buffer overflow in the version update check for Winamp 2.80 and earlier allows remote attackers who can spoof www.winamp.com to execute arbitrary code via a long server response.
45 CVE-2002-2182 Exec Code Overflow 2002-12-31 2008-09-05
6.4
None Remote Low Not required None Partial Partial
Buffer overflow in Seunghyun Seo's MSN666 MSN Sniffer 1.0 and 1.0.1 allows remote attackers to execute arbitrary code via a long MSN packet.
46 CVE-2002-2173 Exec Code Overflow 2002-12-31 2008-09-05
7.5
User Remote Low Not required Partial Partial Partial
Buffer overflow in the IRC module of Trillian 0.725 and 0.73 allowing remote attackers to execute arbitrary code via a long DCC Chat message.
47 CVE-2002-2164 DoS Overflow 2002-12-31 2008-09-05
5.0
None Remote Low Not required None None Partial
Buffer overflow in Microsoft Outlook Express 5.0, 5.5, and 6.0 allows remote attackers to cause a denial of service (crash) via a long <A HREF> link.
48 CVE-2002-2156 Exec Code Overflow 2002-12-31 2008-09-05
7.5
User Remote Low Not required Partial Partial Partial
Buffer overflow in Trillian 0.73 allows remote IRC servers to execute arbitrary code via a long PING response.
49 CVE-2002-2149 DoS Overflow 2002-12-31 2008-09-05
5.0
None Remote Low Not required None None Partial
Buffer overflow in Lucent Access Point 300, 600, and 1500 Service Routers allows remote attackers to cause a denial of service (reboot) via a long HTTP request to the administrative interface.
50 CVE-2002-2140 DoS Overflow 2002-12-31 2008-09-05
5.0
None Remote Low Not required None None Partial
Buffer overflow in Cisco PIX Firewall 5.2.x to 5.2.8, 6.0.x to 6.0.3, 6.1.x to 6.1.3, and 6.2.x to 6.2.1 allows remote attackers to cause a denial of service via HTTP traffic authentication using (1) TACACS+ or (2) RADIUS.
Total number of vulnerabilities : 435   Page : 1 (This Page)2 3 4 5 6 7 8 9
CVE is a registred trademark of the MITRE Corporation and the authoritative source of CVE content is MITRE's CVE web site. CWE is a registred trademark of the MITRE Corporation and the authoritative source of CWE content is MITRE's CWE web site. OVAL is a registered trademark of The MITRE Corporation and the authoritative source of OVAL content is MITRE's OVAL web site.
Use of this information constitutes acceptance for use in an AS IS condition. There are NO warranties, implied or otherwise, with regard to this information or its use. Any use of this information is at the user's risk. It is the responsibility of user to evaluate the accuracy, completeness or usefulness of any information, opinion, advice or other content. EACH USER WILL BE SOLELY RESPONSIBLE FOR ANY consequences of his or her direct or indirect use of this web site. ALL WARRANTIES OF ANY KIND ARE EXPRESSLY DISCLAIMED. This site will NOT BE LIABLE FOR ANY DIRECT, INDIRECT or any other kind of loss.