Vulnerabilities (CVE)

Filtered by NVD-CWE-Other
Total 29914 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2002-0089 1 Sun 2 Solaris, Sunos 2026-06-16 7.2 HIGH N/A
Buffer overflow in admintool in Solaris 2.5 through 8 allows local users to gain root privileges via long arguments to (1) the -d command line option, or (2) the PRODVERS argument in the .cdtoc file.
CVE-2002-0088 1 Sun 2 Solaris, Sunos 2026-06-16 7.2 HIGH N/A
Buffer overflow in admintool in Solaris 2.6, 7, and 8 allows local users to gain root privileges via a long media installation path.
CVE-2002-0087 1 Lotus 1 Domino 2026-06-16 2.1 LOW N/A
bindsock in Lotus Domino 5.07 on Solaris allows local users to create arbitrary files via a symlink attack on temporary files.
CVE-2002-0086 1 Ibm 1 Lotus Domino 2026-06-16 7.2 HIGH N/A
Buffer overflow in bindsock in Lotus Domino 5.0.4 and 5.0.7 on Linux allows local users to gain root privileges via a long (1) Notes_ExecDirectory or (2) PATH environment variable.
CVE-2002-0085 1 Sun 2 Solaris, Sunos 2026-06-16 5.0 MEDIUM N/A
cachefsd in Solaris 2.6, 7, and 8 allows remote attackers to cause a denial of service (crash) via an invalid procedure call in an RPC request.
CVE-2002-0084 1 Sun 2 Solaris, Sunos 2026-06-16 7.2 HIGH N/A
Buffer overflow in the fscache_setup function of cachefsd in Solaris 2.6, 7, and 8 allows local users to gain root privileges via a long mount argument.
CVE-2002-0082 2 Apache-ssl, Mod Ssl 2 Apache-ssl, Mod Ssl 2026-06-16 7.5 HIGH N/A
The dbm and shm session cache code in mod_ssl before 2.8.7-1.3.23, and Apache-SSL before 1.3.22+1.46, does not properly initialize memory using the i2d_SSL_SESSION function, which allows remote attackers to use a buffer overflow to execute arbitrary code via a large client certificate that is signed by a trusted Certificate Authority (CA), which produces a large serialized session.
CVE-2002-0081 1 Php 1 Php 2026-06-16 7.5 HIGH N/A
Buffer overflows in (1) php_mime_split in PHP 4.1.0, 4.1.1, and 4.0.6 and earlier, and (2) php3_mime_split in PHP 3.0.x allows remote attackers to execute arbitrary code via a multipart/form-data HTTP POST request when file_uploads is enabled.
CVE-2002-0079 1 Microsoft 2 Internet Information Server, Internet Information Services 2026-06-16 7.5 HIGH N/A
Buffer overflow in the chunked encoding transfer mechanism in Internet Information Server (IIS) 4.0 and 5.0 Active Server Pages allows attackers to cause a denial of service or execute arbitrary code.
CVE-2002-0078 1 Microsoft 1 Internet Explorer 2026-06-16 7.5 HIGH N/A
The zone determination function in Microsoft Internet Explorer 5.5 and 6.0 allows remote attackers to run scripts in the Local Computer zone by embedding the script in a cookie, aka the "Cookie-based Script Execution" vulnerability.
CVE-2002-0077 1 Microsoft 1 Internet Explorer 2026-06-16 7.5 HIGH N/A
Microsoft Internet Explorer 5.01, 5.5 and 6.0 treats objects invoked on an HTML page with the codebase property as part of Local Computer zone, which allows remote attackers to invoke executables present on the local system through objects such as the popup object, aka the "Local Executable Invocation via Object tag" vulnerability.
CVE-2002-0076 3 Hp, Microsoft, Sun 5 Java Jre-jdk, Virtual Machine, Jdk and 2 more 2026-06-16 7.5 HIGH N/A
Java Runtime Environment (JRE) Bytecode Verifier allows remote attackers to escape the Java sandbox and execute commands via an applet containing an illegal cast operation, as seen in (1) Microsoft VM build 3802 and earlier as used in Internet Explorer 4.x and 5.x, (2) Netscape 6.2.1 and earlier, and possibly other implementations that use vulnerable versions of SDK or JDK, aka a variant of the "Virtual Machine Verifier" vulnerability.
CVE-2002-0075 1 Microsoft 2 Internet Information Server, Internet Information Services 2026-06-16 7.5 HIGH N/A
Cross-site scripting vulnerability for Internet Information Server (IIS) 4.0, 5.0 and 5.1 allows remote attackers to execute arbitrary script as other web users via the error message used in a URL redirect (""302 Object Moved") message.
CVE-2002-0074 1 Microsoft 2 Internet Information Server, Internet Information Services 2026-06-16 7.5 HIGH N/A
Cross-site scripting vulnerability in Help File search facility for Internet Information Server (IIS) 4.0, 5.0 and 5.1 allows remote attackers to embed scripts into another user's session.
CVE-2002-0073 1 Microsoft 2 Internet Information Server, Internet Information Services 2026-06-16 5.0 MEDIUM N/A
The FTP service in Internet Information Server (IIS) 4.0, 5.0 and 5.1 allows attackers who have established an FTP session to cause a denial of service via a specially crafted status request containing glob characters.
CVE-2002-0072 1 Microsoft 2 Internet Information Server, Internet Information Services 2026-06-16 5.0 MEDIUM N/A
The w3svc.dll ISAPI filter in Front Page Server Extensions and ASP.NET for Internet Information Server (IIS) 4.0, 5.0, and 5.1 does not properly handle the error condition when a long URL is provided, which allows remote attackers to cause a denial of service (crash) when the URL parser accesses a null pointer.
CVE-2002-0071 1 Microsoft 2 Internet Information Server, Internet Information Services 2026-06-16 7.5 HIGH N/A
Buffer overflow in the ism.dll ISAPI extension that implements HTR scripting in Internet Information Server (IIS) 4.0 and 5.0 allows attackers to cause a denial of service or execute arbitrary code via HTR requests with long variable names.
CVE-2002-0069 2 Redhat, Squid 2 Linux, Squid 2026-06-16 2.6 LOW N/A
Memory leak in SNMP in Squid 2.4 STABLE3 and earlier allows remote attackers to cause a denial of service.
CVE-2002-0068 2 Redhat, Squid 2 Linux, Squid 2026-06-16 7.5 HIGH N/A
Squid 2.4 STABLE3 and earlier allows remote attackers to cause a denial of service (core dump) and possibly execute arbitrary code with an ftp:// URL with a larger number of special characters, which exceed the buffer when Squid URL-escapes the characters.
CVE-2002-0067 2 Redhat, Squid 2 Linux, Squid 2026-06-16 7.5 HIGH N/A
Squid 2.4 STABLE3 and earlier does not properly disable HTCP, even when "htcp_port 0" is specified in squid.conf, which could allow remote attackers to bypass intended access restrictions.