| CVE |
Vendors |
Products |
Updated |
CVSS v3.1 |
| rctab in SuSE 7.0 and earlier allows local users to create or overwrite arbitrary files via a symlink attack on the rctmp temporary file. |
| Buffer overflow in jaZip Zip/Jaz drive manager allows local users to gain root privileges via a long DISPLAY environmental variable. |
| Format string vulnerability in splitvt before 1.6.5 allows local users to execute arbitrary commands via the -rcfile command line argument. |
| Multiple buffer overflows in splitvt before 1.6.5 allow local users to execute arbitrary commands. |
| Buffer overflow in arp command in Solaris 7 and earlier allows local users to execute arbitrary commands via a long -f parameter. |
| gpm 1.19.3 allows local users to overwrite arbitrary files via a symlink attack. |
| Buffer overflow in gopher client for Microsoft Internet Explorer 5.1 through 6.0, Proxy Server 2.0, or ISA Server 2000 allows remote attackers to execute arbitrary code via a gopher:// URL that redirects the user to a real or simulated gopher server that sends a long response. |
| sdiff 2.7 in the diffutils package allows local users to overwrite files via a symlink attack. |
| rdist 6.1.5 allows local users to overwrite arbitrary files via a symlink attack. |
| getty_ps 2.0.7j allows local users to overwrite arbitrary files via a symlink attack. |
| Microsoft Windows Media Player versions 6.4 and 7.1 and Media Player for Windows XP allow remote attackers to bypass Internet Explorer's (IE) security mechanisms and run code via an executable .wma media file with a license installation requirement stored in the IE cache, aka the "Cache Path Disclosure via Windows Media Player". |
| useradd program in shadow-utils program may allow local users to overwrite arbitrary files via a symlink attack. |
| ImageCast Control Center 4.1.0 allows remote attackers to cause a denial of service (resource exhaustion or system crash) via a long string to port 12002. |
| Kernel leak in AfpaCache module of the Fast Response Cache Accelerator (FRCA) component of IBM HTTP Server 1.3.x and Websphere 3.52 allows remote attackers to cause a denial of service via a series of malformed HTTP requests that generate a "bad request" error. |
| The Windows Media Device Manager (WMDM) Service in Microsoft Windows Media Player 7.1 on Windows 2000 systems allows local users to obtain LocalSystem rights via a program that calls the WMDM service to connect to an invalid local storage device, aka "Privilege Elevation through Windows Media Device Manager Service". |
| Directory traversal vulnerability in eXtropia bbs_forum.cgi 1.0 allows remote attackers to read arbitrary files via a .. (dot dot) attack on the file parameter. |
| Buffer overflow in exrecover in Solaris 2.6 and earlier possibly allows local users to gain privileges via a long command line argument. |
| Format string vulnerability in the logging function for the pam_ldap PAM LDAP module before version 144 allows attackers to execute arbitrary code via format strings in the configuration file name. |
| exmh 2.2 and earlier allows local users to overwrite arbitrary files via a symlink attack on the exmhErrorMsg temporary file. |
| Cross-site scripting vulnerability in sgdynamo.exe for Sgdynamo allows remote attackers to execute arbitrary Javascript via a URL with the script in the HTNAME parameter. |
