CVEdetails.com the ultimate security vulnerability data source
(e.g.: CVE-2009-1234 or 2010-1234 or 20101234)
Log In   Register
Vulnerability Feeds & WidgetsNew   www.itsecdb.com  

Security Vulnerabilities (CVSS score between 3 and 3.99)

Press ESC to close
# CVE ID CWE ID # of Exploits Vulnerability Type(s) Publish Date Update Date Score Gained Access Level Access Complexity Authentication Conf. Integ. Avail.
4451 CVE-2005-1039 2005-05-02 2008-09-05
3.7
None Local High Not required Partial Partial Partial
Race condition in Core Utilities (coreutils) 5.2.1, when (1) mkdir, (2) mknod, or (3) mkfifo is running with the -m switch, allows local users to modify permissions of other files.
4452 CVE-2005-0988 2005-05-02 2017-10-10
3.7
None Local High Not required Partial Partial Partial
Race condition in gzip 1.2.4, 1.3.3, and earlier, when decompressing a gzipped file, allows local users to modify permissions of arbitrary files via a hard link attack on a file while it is being decompressed, whose permissions are changed by gzip after the decompression is complete.
4453 CVE-2005-0953 2005-05-02 2018-10-19
3.7
None Local High Not required Partial Partial Partial
Race condition in bzip2 1.0.2 and earlier allows local users to modify permissions of arbitrary files via a hard link attack on a file while it is being decompressed, whose permissions are changed by bzip2 after the decompression is complete.
4454 CVE-2005-0894 2005-05-02 2016-10-17
3.6
None Local Low Not required None Partial Partial
OpenmosixCollector and OpenMosixView in OpenMosixView 1.5 allow local users to overwrite or delete arbitrary files via a symlink attack on (1) temporary files in the openmosixcollector directory or (2) nodes.tmp.
4455 CVE-2005-0576 2005-05-02 2008-09-05
3.6
None Local Low Not required None Partial Partial
Unknown vulnerability in Standard Type Services Framework (STSF) Font Server Daemon (stfontserverd) in Solaris 9 allows local users to modify or delete arbitrary files.
4456 CVE-2005-0288 2005-01-11 2017-07-10
3.6
None Local Low Not required None Partial Partial
The change password functionality in Bottomline Webseries Payment Application does not require the old password when users enter a new password, which could allow remote authenticated users to change other users' passwords.
4457 CVE-2005-0180 Bypass 2005-03-07 2017-10-10
3.6
None Local Low Not required Partial Partial None
Multiple integer signedness errors in the sg_scsi_ioctl function in scsi_ioctl.c for Linux 2.6.x allow local users to read or modify kernel memory via negative integers in arguments to the scsi ioctl, which bypass a maximum length check before calling the copy_from_user and copy_to_user functions.
4458 CVE-2004-2778 264 Exec Code 2017-06-27 2017-07-05
3.6
None Local Low Not required Partial Partial None
Ebuild in Gentoo may change directory and file permissions depending on the order of installed packages, which allows local users to read or write to restricted directories or execute restricted commands via navigating to the affected directories, or executing the affected commands.
4459 CVE-2004-2728 119 DoS Overflow 2004-12-31 2017-07-28
3.5
None Remote Medium Single system None None Partial
Buffer overflow in the FTP server of Hummingbird Connectivity 7.1 and 9.0 allows remote, authenticated users to cause a denial of service (application crash) via a long argument to the XCWD command.
4460 CVE-2004-2643 1 Dir. Trav. 2004-12-31 2017-07-19
3.7
User Local High Not required Partial Partial Partial
Directory traversal vulnerability in Microsoft cabarc allows remote attackers to overwrite files via "../" sequences in file names in a CAB archive.
4461 CVE-2004-2626 2004-12-31 2017-07-19
3.7
User Local High Not required Partial Partial Partial
GUI overlay vulnerability in the Java API in Siemens S55 cellular phones allows remote attackers to send unauthorized SMS messages by overlaying a confirmation message with a malicious message.
4462 CVE-2004-2408 DoS +Info 2004-12-31 2017-07-10
3.6
None Local Low Not required Partial Partial None
Linux VServer 1.27 and earlier, 1.3.9 and earlier, and 1.9.1 and earlier shares /proc permissions across all virtual and host servers, which allows local users with the ability to set permissions in /proc to obtain system information or cause a denial of service on other virtual servers or the host server.
4463 CVE-2004-2319 2004-12-31 2017-07-10
3.6
None Local Low Not required Partial Partial None
IBM Informix Dynamic Server (IDS) before 9.40.xC3 allows local users to (1) create or overwrite files via the /001 log file to onedcu or (2) read arbitrary files via a symlink attack on a file in /tmp to onshowaudit.
4464 CVE-2004-2311 Dir. Trav. 2004-12-31 2017-07-10
3.6
None Local Low Not required Partial Partial None
Directory traversal vulnerability in webadmin.nsf in Lotus Domino R6 6.5.1 allows local users to create folders or determine the existence of files via a .. (dot dot) in the new folder dialog.
4465 CVE-2004-2303 2004-12-31 2017-07-10
3.6
None Local Low Not required Partial Partial None
MTools Mformat before 3.9.9, when installed setuid root, creates files with world-readable and world-writable permissions, which allows local users to read and overwrite files.
4466 CVE-2004-1683 +Priv 2004-09-13 2017-07-10
3.7
User Local High Not required Partial Partial Partial
A race condition in crrtrap for QNX RTP 6.1 allows local users to gain privileges by modifying the PATH environment variable to reference a malicious io-graphics program before is executed by crrtrap.
4467 CVE-2004-1465 Exec Code Overflow 2004-12-31 2017-07-10
3.7
User Local High Not required Partial Partial Partial
Multiple buffer overflows in WinZip 9.0 and earlier may allow attackers to execute arbitrary code via multiple vectors, including the command line.
4468 CVE-2004-1445 +Priv 2004-12-31 2017-07-10
3.7
User Local High Not required Partial Partial Partial
A race condition in nessus-adduser in Nessus 2.0.11 and possibly earlier versions, if the TMPDIR environment variable is not set, allows local users to gain privileges.
4469 CVE-2004-1066 DoS 2005-01-10 2017-07-10
3.6
None Local Low Not required Partial None Partial
The cmdline pseudofiles in (1) procfs on FreeBSD 4.8 through 5.3, and (2) linprocfs on FreeBSD 5.x through 5.3, do not properly validate a process argument vector, which allows local users to cause a denial of service (panic) or read portions of kernel memory. NOTE: this candidate might be SPLIT into 2 separate items in the future.
4470 CVE-2004-0698 2004-07-27 2017-07-10
3.6
None Local Low Not required Partial Partial None
4D WebSTAR 5.3.2 and earlier allows local users to read and modify arbitrary files via a symlink attack.
4471 CVE-2004-0435 2004-08-18 2017-07-10
3.6
None Local Low Not required None Partial Partial
Certain "programming errors" in the msync system call for FreeBSD 5.2.1 and earlier, and 4.10 and earlier, do not properly handle the MS_INVALIDATE operation, which leads to cache consistency problems that allow a local user to prevent certain changes to files from being committed to disk.
4472 CVE-2004-0217 2004-04-15 2017-07-10
3.7
User Local High Not required Partial Partial Partial
The LiveUpdate capability (liveupdate.sh) in Symantec AntiVirus Scan Engine 4.0 and 4.3 for Red Hat Linux allows local users to create or append to arbitrary files via a symlink attack on /tmp/LiveUpdate.log.
4473 CVE-2003-1570 287 2009-03-31 2017-08-16
3.5
None Remote Medium Single system Partial None None
The server in IBM Tivoli Storage Manager (TSM) 5.1.x, 5.2.x before 5.2.1.2, and 6.x before 6.1 does not require credentials to observe the server console in some circumstances, which allows remote authenticated administrators to monitor server operations by establishing a console mode session, related to "session exposure."
4474 CVE-2003-1463 20 2003-12-31 2017-07-28
3.5
None Remote Medium Single system None Partial None
Absolute path traversal vulnerability in Alt-N Technologies WebAdmin 2.0.0 through 2.0.2 allows remote attackers with administrator privileges to (1) determine the installation path by reading the contents of the Name parameter in a link, and (2) read arbitrary files via an absolute path in the Name parameter.
4475 CVE-2003-1460 264 +Info 2003-12-31 2008-09-05
3.6
None Local Low Not required Partial Partial None
Worker Filemanager 1.0 through 2.7 sets the permissions on the destination directory to world-readable and executable while copying data, which could allow local users to obtain sensitive information.
4476 CVE-2003-1452 16 Exec Code 2003-12-31 2017-07-28
3.6
None Local Low Not required Partial Partial None
Untrusted search path vulnerability in Qualcomm qpopper 4.0 through 4.05 allows local users to execute arbitrary code by modifying the PATH environment variable to reference a malicious smbpasswd program.
4477 CVE-2003-1426 16 Exec Code 2003-12-31 2017-07-28
3.3
None Local Medium Not required Partial Partial None
Openwebmail in cPanel 5.0, when run using suid Perl, adds the directory in the SCRIPT_FILENAME environment variable to Perl's @INC include array, which allows local users to execute arbitrary code by modifying SCRIPT_FILENAME to reference a directory containing a malicious openwebmail-shared.pl executable.
4478 CVE-2003-1366 200 +Info 2003-12-31 2017-07-28
3.3
None Local Medium Not required Partial Partial None
chpass in OpenBSD 2.0 through 3.2 allows local users to read portions of arbitrary files via a hard link attack on a temporary file used to store user database information.
4479 CVE-2003-1234 DoS Exec Code Overflow 2003-12-31 2018-10-19
3.6
None Local Low Not required None Partial Partial
Integer overflow in the f_count counter in FreeBSD before 4.2 through 5.0 allows local users to cause a denial of service (crash) and possibly execute arbitrary code via multiple calls to (1) fpathconf and (2) lseek, which do not properly decrement f_count through a call to fdrop.
4480 CVE-2003-1120 2003-12-31 2017-07-10
3.7
None Local High Not required Partial Partial Partial
Race condition in SSH Tectia Server 4.0.3 and 4.0.4 for Unix, when the password change plugin (ssh-passwd-plugin) is enabled, allows local users to obtain the server's private key.
4481 CVE-2003-1058 DoS 2003-12-03 2018-10-30
3.7
User Local High Not required Partial Partial Partial
The Xsun server for Sun Solaris 2.6 through 9, when running in Direct Graphics Access (DGA) mode, allows local users to cause a denial of service (Xsun crash) or to create or overwrite arbitrary files on the system, probably via a symlink attack on temporary server files.
4482 CVE-2003-0924 2004-02-17 2017-10-09
3.7
User Local High Not required Partial Partial Partial
netpbm 9.25 and earlier does not properly create temporary files, which allows local users to overwrite arbitrary files.
4483 CVE-2003-0596 2003-08-27 2016-12-07
3.6
None Local Low Not required Partial Partial None
FDclone 2.00a, and other versions before 2.02a, creates temporary directories with predictable names and uses them if they already exist, which allows local users to read or modify files of other fdclone users by creating the directory ahead of time.
4484 CVE-2003-0536 DoS Dir. Trav. 2003-08-18 2016-10-17
3.6
None Local Low Not required Partial None Partial
Directory traversal vulnerability in phpSysInfo 2.1 and earlier allows attackers with write access to a local directory to read arbitrary files as the PHP user or cause a denial of service via .. (dot dot) sequences in the (1) template or (2) lng parameters.
4485 CVE-2003-0499 2003-08-07 2016-12-07
3.6
None Local Low Not required Partial Partial None
Mantis 0.17.5 and earlier stores its database password in cleartext in a world-readable configuration file, which allows local users to perform unauthorized database operations.
4486 CVE-2003-0480 +Priv 2003-08-07 2016-10-17
3.7
User Local High Not required Partial Partial Partial
VMware Workstation 4.0 for Linux allows local users to overwrite arbitrary files and gain privileges via "symlink manipulation."
4487 CVE-2003-0448 2003-07-24 2016-10-17
3.6
None Local Low Not required Partial Partial None
Portmon 1.7 and possibly earlier versions allows local users to read and write arbitrary files via the (1) -c (host file) or (2) -l (log file) command line options.
4488 CVE-2003-0246 +Priv 2003-06-16 2017-10-10
3.6
None Local Low Not required Partial Partial None
The ioperm system call in Linux kernel 2.4.20 and earlier does not properly restrict privileges, which allows local users to gain read or write access to certain I/O ports.
4489 CVE-2003-0018 2003-02-19 2008-09-10
3.6
None Local Low Not required Partial None Partial
Linux kernel 2.4.10 through 2.4.21-pre4 does not properly handle the O_DIRECT feature, which allows local attackers with write privileges to read portions of previously deleted files, or cause file system corruption.
4490 CVE-2002-2409 200 +Info 2002-12-31 2008-09-05
3.5
None Remote Medium Single system Partial None None
Photon microGUI in QNX Neutrino realtime operating system (RTOS) 6.1.0 and 6.2.0 allows attackers to read user clipboard information via a direct request to the 1.TEXT file in a directory whose name is a hex-encoded user ID.
4491 CVE-2002-2401 264 Bypass 2002-12-31 2019-04-30
3.6
None Local Low Not required Partial Partial None
NT Virtual DOS Machine (NTVDM.EXE) in Windows 2000, NT and XP does not verify user execution permissions for 16-bit executable files, which allows local users to bypass the loader and execute arbitrary programs.
4492 CVE-2002-2384 255 2002-12-31 2008-09-05
3.6
None Local Low Not required Partial Partial None
hotfoon4.exe in Hotfoon 4.00 stores user names and passwords in cleartext in the hotfoon2 registry key, which allows local users to gain access to user accounts and steal phone service.
4493 CVE-2002-2334 264 2002-12-31 2008-09-05
3.6
None Local Low Not required Partial Partial None
Joe text editor 2.8 through 2.9.7 does not remove the group and user setuid bits for backup files, which could allow local users to execute arbitrary setuid and setgid root programs when root edits scripts owned by other users.
4494 CVE-2002-2301 255 2002-12-31 2017-07-28
3.3
None Local Medium Not required Partial Partial None
Lawson Financials 8.0, when configured to use a third party relational database, stores usernames and passwords in a world-readable file, which allows local users to read the passwords and log onto the database.
4495 CVE-2002-2270 264 2002-12-31 2017-10-10
3.6
None Local Low Not required Partial Partial None
Unspecified vulnerability in the ied command in HP-UX 10.10, 10.20, and 11.0 allows local users to view "normally invisible data" via unknown attack vectors.
4496 CVE-2002-2202 2002-12-31 2008-09-05
3.8
None Local High Single system Complete None None
Outlook Express 6.0 does not delete messages from dbx files, even when a user empties the Deleted items folder, which allows local users to read other users email.
4497 CVE-2002-2092 +Priv 2002-12-31 2017-12-18
3.7
User Local High Not required Partial Partial Partial
Race condition in exec in OpenBSD 4.0 and earlier, NetBSD 1.5.2 and earlier, and FreeBSD 4.4 and earlier allows local users to gain privileges by attaching a debugger to a process before the kernel has determined that the process is setuid or setgid.
4498 CVE-2002-2038 DoS 2002-12-31 2008-09-05
3.6
None Local Low Not required None Partial Partial
Next Generation POSIX Threading (NGPT) 1.9.0 uses a filesystem-based shared memory entry, which allows local users to cause a denial of service or in threaded processes or spoof files via unknown methods.
4499 CVE-2002-1710 2002-12-31 2017-07-10
3.6
None Local Low Not required Partial Partial None
The attachment capability in Compose Mail in BasiliX Webmail 1.1.0 does not check whether the attachment was uploaded by the user or came from a HTTP POST, which could allow local users to steal sensitive information like a password file.
4500 CVE-2002-1692 Exec Code Overflow 2002-12-31 2017-07-10
3.6
None Local Low Not required None Partial Partial
Buffer overflow in backup utility of Microsoft Windows 95 allows attackers to execute arbitrary code by causing a filename with a long extension to be placed in a folder to be backed up.
Total number of vulnerabilities : 4540   Page : 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 (This Page)91
CVE is a registred trademark of the MITRE Corporation and the authoritative source of CVE content is MITRE's CVE web site. CWE is a registred trademark of the MITRE Corporation and the authoritative source of CWE content is MITRE's CWE web site. OVAL is a registered trademark of The MITRE Corporation and the authoritative source of OVAL content is MITRE's OVAL web site.
Use of this information constitutes acceptance for use in an AS IS condition. There are NO warranties, implied or otherwise, with regard to this information or its use. Any use of this information is at the user's risk. It is the responsibility of user to evaluate the accuracy, completeness or usefulness of any information, opinion, advice or other content. EACH USER WILL BE SOLELY RESPONSIBLE FOR ANY consequences of his or her direct or indirect use of this web site. ALL WARRANTIES OF ANY KIND ARE EXPRESSLY DISCLAIMED. This site will NOT BE LIABLE FOR ANY DIRECT, INDIRECT or any other kind of loss.