CVEdetails.com the ultimate security vulnerability data source
(e.g.: CVE-2009-1234 or 2010-1234 or 20101234)
Log In   Register
Vulnerability Feeds & WidgetsNew   www.itsecdb.com  

Security Vulnerabilities (CVSS score between 3 and 3.99)

Press ESC to close
# CVE ID CWE ID # of Exploits Vulnerability Type(s) Publish Date Update Date Score Gained Access Level Access Complexity Authentication Conf. Integ. Avail.
4351 CVE-2003-1463 20 2003-12-31 2017-07-28
3.5
None Remote Medium Single system None Partial None
Absolute path traversal vulnerability in Alt-N Technologies WebAdmin 2.0.0 through 2.0.2 allows remote attackers with administrator privileges to (1) determine the installation path by reading the contents of the Name parameter in a link, and (2) read arbitrary files via an absolute path in the Name parameter.
4352 CVE-2003-1460 264 +Info 2003-12-31 2008-09-05
3.6
None Local Low Not required Partial Partial None
Worker Filemanager 1.0 through 2.7 sets the permissions on the destination directory to world-readable and executable while copying data, which could allow local users to obtain sensitive information.
4353 CVE-2003-1452 16 Exec Code 2003-12-31 2017-07-28
3.6
None Local Low Not required Partial Partial None
Untrusted search path vulnerability in Qualcomm qpopper 4.0 through 4.05 allows local users to execute arbitrary code by modifying the PATH environment variable to reference a malicious smbpasswd program.
4354 CVE-2003-1426 16 Exec Code 2003-12-31 2017-07-28
3.3
None Local Medium Not required Partial Partial None
Openwebmail in cPanel 5.0, when run using suid Perl, adds the directory in the SCRIPT_FILENAME environment variable to Perl's @INC include array, which allows local users to execute arbitrary code by modifying SCRIPT_FILENAME to reference a directory containing a malicious openwebmail-shared.pl executable.
4355 CVE-2003-1366 200 +Info 2003-12-31 2017-07-28
3.3
None Local Medium Not required Partial Partial None
chpass in OpenBSD 2.0 through 3.2 allows local users to read portions of arbitrary files via a hard link attack on a temporary file used to store user database information.
4356 CVE-2003-1234 DoS Exec Code Overflow 2003-12-31 2018-10-19
3.6
None Local Low Not required None Partial Partial
Integer overflow in the f_count counter in FreeBSD before 4.2 through 5.0 allows local users to cause a denial of service (crash) and possibly execute arbitrary code via multiple calls to (1) fpathconf and (2) lseek, which do not properly decrement f_count through a call to fdrop.
4357 CVE-2003-1120 2003-12-31 2017-07-10
3.7
None Local High Not required Partial Partial Partial
Race condition in SSH Tectia Server 4.0.3 and 4.0.4 for Unix, when the password change plugin (ssh-passwd-plugin) is enabled, allows local users to obtain the server's private key.
4358 CVE-2003-1058 DoS 2003-12-03 2018-10-30
3.7
User Local High Not required Partial Partial Partial
The Xsun server for Sun Solaris 2.6 through 9, when running in Direct Graphics Access (DGA) mode, allows local users to cause a denial of service (Xsun crash) or to create or overwrite arbitrary files on the system, probably via a symlink attack on temporary server files.
4359 CVE-2003-0924 2004-02-17 2017-10-09
3.7
User Local High Not required Partial Partial Partial
netpbm 9.25 and earlier does not properly create temporary files, which allows local users to overwrite arbitrary files.
4360 CVE-2003-0596 2003-08-27 2016-12-07
3.6
None Local Low Not required Partial Partial None
FDclone 2.00a, and other versions before 2.02a, creates temporary directories with predictable names and uses them if they already exist, which allows local users to read or modify files of other fdclone users by creating the directory ahead of time.
4361 CVE-2003-0536 DoS Dir. Trav. 2003-08-18 2016-10-17
3.6
None Local Low Not required Partial None Partial
Directory traversal vulnerability in phpSysInfo 2.1 and earlier allows attackers with write access to a local directory to read arbitrary files as the PHP user or cause a denial of service via .. (dot dot) sequences in the (1) template or (2) lng parameters.
4362 CVE-2003-0499 2003-08-07 2016-12-07
3.6
None Local Low Not required Partial Partial None
Mantis 0.17.5 and earlier stores its database password in cleartext in a world-readable configuration file, which allows local users to perform unauthorized database operations.
4363 CVE-2003-0480 +Priv 2003-08-07 2016-10-17
3.7
User Local High Not required Partial Partial Partial
VMware Workstation 4.0 for Linux allows local users to overwrite arbitrary files and gain privileges via "symlink manipulation."
4364 CVE-2003-0448 2003-07-24 2016-10-17
3.6
None Local Low Not required Partial Partial None
Portmon 1.7 and possibly earlier versions allows local users to read and write arbitrary files via the (1) -c (host file) or (2) -l (log file) command line options.
4365 CVE-2003-0246 +Priv 2003-06-16 2017-10-10
3.6
None Local Low Not required Partial Partial None
The ioperm system call in Linux kernel 2.4.20 and earlier does not properly restrict privileges, which allows local users to gain read or write access to certain I/O ports.
4366 CVE-2003-0018 2003-02-19 2008-09-10
3.6
None Local Low Not required Partial None Partial
Linux kernel 2.4.10 through 2.4.21-pre4 does not properly handle the O_DIRECT feature, which allows local attackers with write privileges to read portions of previously deleted files, or cause file system corruption.
4367 CVE-2002-2409 200 +Info 2002-12-31 2008-09-05
3.5
None Remote Medium Single system Partial None None
Photon microGUI in QNX Neutrino realtime operating system (RTOS) 6.1.0 and 6.2.0 allows attackers to read user clipboard information via a direct request to the 1.TEXT file in a directory whose name is a hex-encoded user ID.
4368 CVE-2002-2401 264 Bypass 2002-12-31 2019-04-30
3.6
None Local Low Not required Partial Partial None
NT Virtual DOS Machine (NTVDM.EXE) in Windows 2000, NT and XP does not verify user execution permissions for 16-bit executable files, which allows local users to bypass the loader and execute arbitrary programs.
4369 CVE-2002-2384 255 2002-12-31 2008-09-05
3.6
None Local Low Not required Partial Partial None
hotfoon4.exe in Hotfoon 4.00 stores user names and passwords in cleartext in the hotfoon2 registry key, which allows local users to gain access to user accounts and steal phone service.
4370 CVE-2002-2334 264 2002-12-31 2008-09-05
3.6
None Local Low Not required Partial Partial None
Joe text editor 2.8 through 2.9.7 does not remove the group and user setuid bits for backup files, which could allow local users to execute arbitrary setuid and setgid root programs when root edits scripts owned by other users.
4371 CVE-2002-2301 255 2002-12-31 2017-07-28
3.3
None Local Medium Not required Partial Partial None
Lawson Financials 8.0, when configured to use a third party relational database, stores usernames and passwords in a world-readable file, which allows local users to read the passwords and log onto the database.
4372 CVE-2002-2270 264 2002-12-31 2017-10-10
3.6
None Local Low Not required Partial Partial None
Unspecified vulnerability in the ied command in HP-UX 10.10, 10.20, and 11.0 allows local users to view "normally invisible data" via unknown attack vectors.
4373 CVE-2002-2202 2002-12-31 2008-09-05
3.8
None Local High Single system Complete None None
Outlook Express 6.0 does not delete messages from dbx files, even when a user empties the Deleted items folder, which allows local users to read other users email.
4374 CVE-2002-2092 +Priv 2002-12-31 2017-12-18
3.7
User Local High Not required Partial Partial Partial
Race condition in exec in OpenBSD 4.0 and earlier, NetBSD 1.5.2 and earlier, and FreeBSD 4.4 and earlier allows local users to gain privileges by attaching a debugger to a process before the kernel has determined that the process is setuid or setgid.
4375 CVE-2002-2038 DoS 2002-12-31 2008-09-05
3.6
None Local Low Not required None Partial Partial
Next Generation POSIX Threading (NGPT) 1.9.0 uses a filesystem-based shared memory entry, which allows local users to cause a denial of service or in threaded processes or spoof files via unknown methods.
4376 CVE-2002-1710 2002-12-31 2017-07-10
3.6
None Local Low Not required Partial Partial None
The attachment capability in Compose Mail in BasiliX Webmail 1.1.0 does not check whether the attachment was uploaded by the user or came from a HTTP POST, which could allow local users to steal sensitive information like a password file.
4377 CVE-2002-1692 Exec Code Overflow 2002-12-31 2017-07-10
3.6
None Local Low Not required None Partial Partial
Buffer overflow in backup utility of Microsoft Windows 95 allows attackers to execute arbitrary code by causing a filename with a long extension to be placed in a folder to be backed up.
4378 CVE-2002-1673 Exec Code 2002-12-31 2017-07-10
3.6
None Local Low Not required Partial Partial None
The web interface for Webmin 0.92 does not properly quote or filter script code in files that are displayed to the interface, which allows local users to execute script and possibly steal cookies by inserting the script into certain files or fields, such as a real user name entry in the passwd file.
4379 CVE-2002-1518 2003-04-02 2008-09-05
3.6
None Local Low Not required Partial Partial None
mv in IRIX 6.5 creates a directory with world-writable permissions while moving a directory, which could allow local users to modify files and directories.
4380 CVE-2002-1509 2003-03-03 2008-09-10
3.6
None Local Low Not required Partial Partial None
A patch for shadow-utils 20000902 causes the useradd command to create a mail spool files with read/write privileges of the new user's group (mode 660), which allows other users in the same group to read or modify the new user's incoming email.
4381 CVE-2002-0430 Bypass 2002-08-12 2008-09-10
3.7
User Local High Not required Partial Partial Partial
MultiFileUploadHandler.php in the Sun Cobalt RaQ XTR administration interface allows local users to bypass authentication and overwrite arbitrary files via a symlink attack on a temporary file, followed by a request to MultiFileUpload.php.
4382 CVE-2002-0429 2002-08-12 2016-10-17
3.6
None Local Low Not required None Partial Partial
The iBCS routines in arch/i386/kernel/traps.c for Linux kernels 2.4.18 and earlier on x86 systems allow local users to kill arbitrary processes via a a binary compatibility interface (lcall).
4383 CVE-2002-0202 2002-05-16 2008-09-10
3.6
None Local Low Not required Partial Partial None
PaintBBS 1.2 installs certain files and directories with insecure permissions, which allows local users to (1) obtain the encrypted server password via the world-readable oekakibbs.conf file, or (2) modify the server configuration via the world-writeable /oekaki/ folder.
4384 CVE-2002-0044 2002-01-31 2017-10-09
3.6
None Local Low Not required Partial Partial None
GNU Enscript 1.6.1 and earlier allows local users to overwrite arbitrary files of the Enscript user via a symlink attack on temporary files.
4385 CVE-2001-1519 2001-12-31 2008-09-05
3.6
None Local Low Not required Partial Partial None
** DISPUTED ** RunAs (runas.exe) in Windows 2000 allows local users to create a spoofed named pipe when the service is stopped, then capture cleartext usernames and passwords when clients connect to the service. NOTE: the vendor disputes this issue, saying that administrative privileges are already required to exploit it.
4386 CVE-2001-1409 2003-07-24 2010-05-25
3.6
None Local Low Not required Partial Partial None
dexconf in XFree86 Xserver 4.1.0-2 creates the /dev/dri directory with insecure permissions (666), which allows local users to replace or create files in the root file system.
4387 CVE-2001-1396 2001-04-17 2016-12-07
3.6
None Local Low Not required Partial Partial None
Unknown vulnerabilities in strnlen_user for Linux kernel before 2.2.19, with unknown impact.
4388 CVE-2001-1395 2001-04-17 2016-12-07
3.6
None Local Low Not required Partial Partial None
Unknown vulnerability in sockfilter for Linux kernel before 2.2.19 related to "boundary cases," with unknown impact.
4389 CVE-2001-1349 DoS +Priv 2001-05-28 2008-09-05
3.7
User Local High Not required Partial Partial Partial
Sendmail before 8.11.4, and 8.12.0 before 8.12.0.Beta10, allows local users to cause a denial of service and possibly corrupt the heap and gain privileges via race conditions in signal handlers.
4390 CVE-2001-1322 2001-07-10 2008-09-10
3.6
None Local Low Not required Partial Partial None
xinetd 2.1.8 and earlier runs with a default umask of 0, which could allow local users to read or modify files that are created by an application that runs under xinetd but does not set its own safe umask.
4391 CVE-2001-1258 2001-07-21 2008-09-05
3.6
None Local Low Not required Partial Partial None
Horde Internet Messaging Program (IMP) before 2.2.6 allows local users to read IMP configuration files and steal the Horde database password by placing the prefs.lang file containing PHP code on the server.
4392 CVE-2001-1085 2001-07-05 2017-10-09
3.7
User Local High Not required Partial Partial Partial
Lmail 2.7 and earlier allows local users to overwrite arbitrary files via a symlink attack on a temporary file.
4393 CVE-2001-1079 DoS 2002-02-13 2017-10-09
3.6
None Local Low Not required None Partial Partial
create_keyfiles in PSSP 3.2 with DCE 3.1 authentication on AIX creates keyfile directories with world-writable permissions, which could allow a local user to delete key files and cause a denial of service.
4394 CVE-2001-1059 2001-07-30 2017-10-09
3.6
None Local Low Not required Partial Partial None
VMWare creates a temporary file vmware-log.USERNAME with insecure permissions, which allows local users to read or modify license information.
4395 CVE-2001-0946 DoS 2001-12-04 2017-10-09
3.6
None Local Low Not required None Partial Partial
apmscript in Apmd in Red Hat 7.2 "Enigma" allows local users to create or change the modification dates of arbitrary files via a symlink attack on the LOW_POWER temporary file, which could be used to cause a denial of service, e.g. by creating /etc/nologin and disabling logins.
4396 CVE-2001-0806 2001-12-06 2017-10-09
3.6
None Local Low Not required Partial Partial None
Apple MacOS X 10.0 and 10.1 allow a local user to read and write to a user's desktop folder via insecure default permissions for the Desktop when it is created in some languages.
4397 CVE-2001-0627 2001-08-22 2017-10-09
3.7
User Local High Not required Partial Partial Partial
vi as included with SCO OpenServer 5.0 - 5.0.6 allows a local attacker to overwrite arbitrary files via a symlink attack.
4398 CVE-2001-0430 2001-07-02 2017-10-09
3.6
None Local Low Not required Partial Partial None
Vulnerability in exuberant-ctags before 3.2.4-0.1 insecurely creates temporary files.
4399 CVE-2001-0317 +Priv 2001-05-03 2017-10-09
3.7
None Local High Not required Partial Partial Partial
Race condition in ptrace in Linux kernel 2.4 and 2.2 allows local users to gain privileges by using ptrace to track and modify a running setuid process.
4400 CVE-2001-0259 2001-06-02 2017-10-09
3.6
None Local Low Not required Partial Partial None
ssh-keygen in ssh 1.2.27 - 1.2.30 with Secure-RPC can allow local attackers to recover a SUN-DES-1 magic phrase generated by another user, which the attacker can use to decrypt that user's private key file.
Total number of vulnerabilities : 4400   Page : 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 (This Page)
CVE is a registred trademark of the MITRE Corporation and the authoritative source of CVE content is MITRE's CVE web site. CWE is a registred trademark of the MITRE Corporation and the authoritative source of CWE content is MITRE's CWE web site. OVAL is a registered trademark of The MITRE Corporation and the authoritative source of OVAL content is MITRE's OVAL web site.
Use of this information constitutes acceptance for use in an AS IS condition. There are NO warranties, implied or otherwise, with regard to this information or its use. Any use of this information is at the user's risk. It is the responsibility of user to evaluate the accuracy, completeness or usefulness of any information, opinion, advice or other content. EACH USER WILL BE SOLELY RESPONSIBLE FOR ANY consequences of his or her direct or indirect use of this web site. ALL WARRANTIES OF ANY KIND ARE EXPRESSLY DISCLAIMED. This site will NOT BE LIABLE FOR ANY DIRECT, INDIRECT or any other kind of loss.