| Max CVSS | 10.0 | Min CVSS | 4.3 | Total Count | 2 |
| ID | CVSS | Summary | Last (major) update | Published | |
| CVE-2003-0356 | 10.0 |
Multiple off-by-one vulnerabilities in Ethereal 0.9.11 and earlier allow remote attackers to cause a denial of service and possibly execute arbitrary code via the (1) AIM, (2) GIOP Gryphon, (3) OSPF, (4) PPTP, (5) Quake, (6) Quake2, (7) Quake3, (8) R
|
16-02-2024 - 20:39 | 09-06-2003 - 04:00 | |
| CVE-2003-0190 | 5.0 |
OpenSSH-portable (OpenSSH) 3.6.1p1 and earlier with PAM support enabled immediately sends an error message when a user does not exist, which allows remote attackers to determine valid usernames via a timing attack.
|
15-02-2024 - 18:46 | 12-05-2003 - 04:00 | |
| CVE-2003-0431 | 10.0 |
The tvb_get_nstringz0 function in Ethereal 0.9.12 and earlier does not properly handle a zero-length buffer size, with unknown consequences.
|
14-02-2024 - 01:17 | 24-07-2003 - 04:00 | |
| CVE-2003-0357 | 7.5 |
Multiple integer overflow vulnerabilities in Ethereal 0.9.11 and earlier allow remote attackers to cause a denial of service and possibly execute arbitrary code via the (1) Mount and (2) PPP dissectors.
|
14-02-2024 - 01:17 | 09-06-2003 - 04:00 | |
| CVE-2003-0430 | 5.0 |
The SPNEGO dissector in Ethereal 0.9.12 and earlier allows remote attackers to cause a denial of service (crash) via an invalid ASN.1 value.
|
14-02-2024 - 01:17 | 24-07-2003 - 04:00 | |
| CVE-2003-0429 | 7.5 |
The OSI dissector in Ethereal 0.9.12 and earlier allows remote attackers to cause a denial of service and possibly execute arbitrary code via invalid IPv4 or IPv6 prefix lengths, possibly triggering a buffer overflow.
|
14-02-2024 - 01:17 | 24-07-2003 - 04:00 | |
| CVE-2003-0428 | 5.0 |
Unknown vulnerability in the DCERPC (DCE/RPC) dissector in Ethereal 0.9.12 and earlier allows remote attackers to cause a denial of service (memory consumption) via a certain NDR string.
|
14-02-2024 - 01:17 | 24-07-2003 - 04:00 | |
| CVE-2003-0432 | 10.0 |
Ethereal 0.9.12 and earlier does not handle certain strings properly, with unknown consequences, in the (1) BGP, (2) WTP, (3) DNS, (4) 802.11, (5) ISAKMP, (6) WSP, (7) CLNP, (8) ISIS, and (9) RMI dissectors.
|
14-02-2024 - 01:17 | 24-07-2003 - 04:00 | |
| CVE-2002-1186 | 5.0 |
Internet Explorer 5.01 through 6.0 does not properly perform security checks on certain encoded characters within a URL, which allows a remote attacker to steal potentially sensitive information from a user by redirecting the user to another site tha
|
23-07-2021 - 12:55 | 11-12-2002 - 05:00 | |
| CVE-2003-0251 | 5.0 |
ypserv NIS server before 2.7 allows remote attackers to cause a denial of service via a TCP client request that does not respond to the server, which causes ypserv to block.
|
19-10-2018 - 15:29 | 24-07-2003 - 04:00 | |
| CVE-2003-0442 | 4.3 |
Cross-site scripting (XSS) vulnerability in the transparent SID support capability for PHP before 4.3.2 (session.use_trans_sid) allows remote attackers to insert arbitrary script via the PHPSESSID parameter.
|
03-05-2018 - 01:29 | 24-07-2003 - 04:00 | |
| CVE-2003-0440 | 4.6 |
The (1) semi MIME library 1.14.5 and earlier, and (2) wemi 1.14.0 and possibly other versions, allows local users to overwrite arbitrary files via a symlink attack on temporary files.
|
11-10-2017 - 01:29 | 18-08-2003 - 04:00 | |
| CVE-2003-0434 | 7.5 |
Various PDF viewers including (1) Adobe Acrobat 5.06 and (2) Xpdf 1.01 allow remote attackers to execute arbitrary commands via shell metacharacters in an embedded hyperlink.
|
11-10-2017 - 01:29 | 24-07-2003 - 04:00 |