2002 CVE Vulnerabilities

2,393 CVEs published in 2002.

CVE IDSeverityCVSSDescription
CVE-2002-1641Multiple buffer overflows in Oracle Web Cache for Oracle 9i Application Server (9iAS) allow remote attackers to execute ...
CVE-2002-1638Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2002-2153. Reason: This candidate is a duplicate of...
CVE-2002-1280Memory leak in RealSecure Event Collector 6.5 allows attackers to cause a denial of service (memory consumption and cras...
CVE-2002-1056Microsoft Outlook 2000 and 2002, when configured to use Microsoft Word as the email editor, does not block scripts that ...
CVE-2002-0212The login for Hosting Controller 1.1 through 1.4.1 returns different error messages when a valid or invalid user is prov...
CVE-2002-0211Race condition in the installation script for Tarantella Enterprise 3 3.01 through 3.20 creates a world-writeable tempor...
CVE-2002-0201Cyberstop Web Server for Windows 0.1 allows remote attackers to cause a denial of service (crash) and possibly execute a...
CVE-2002-0219Buffer overflow in (1) sastcpd in SAS/Base 8.0 and 8.1 or (2) objspawn in SAS/Integration Technologies 8.0 and 8.1 allow...
CVE-2002-0220phpsmssend.php in PhpSmsSend 1.0 allows remote attackers to execute arbitrary commands via an SMS message containing she...
CVE-2002-0221Etype Eserv 2.97 allows remote attackers to cause a denial of service (resource exhaustion) via a large number of PASV c...
CVE-2002-0222Etype Eserv 2.97 allows remote attackers to redirect traffic to other sites (aka FTP bounce) via the PORT command.
CVE-2002-0223Infopop UBB.Threads 5.4 and Wired Community Software WWWThreads 5.0 through 5.0.9 allows remote attackers to upload arbi...
CVE-2002-0224The MSDTC (Microsoft Distributed Transaction Service Coordinator) for Microsoft Windows 2000, Microsoft IIS 5.0 and SQL ...
CVE-2002-0184HIGH7.8Sudo before 1.6.6 contains an off-by-one error that can result in a heap-based buffer overflow that may allow local user...
CVE-2002-0202PaintBBS 1.2 installs certain files and directories with insecure permissions, which allows local users to (1) obtain th...
CVE-2002-0203ttawebtop.cgi in Tarantella Enterprise 3.20 on SPARC Solaris and Linux, and 3.1x and 3.0x including 3.11.903, allows rem...
CVE-2002-0204Buffer overflow in GNU Chess (gnuchess) 5.02 and earlier, if modified or used in a networked capacity contrary to its ow...
CVE-2002-0171IRISconsole 2.0 may allow users to log into the icadmin account with an incorrect password in some circumstances, which ...
CVE-2002-0172/dev/ipfilter on SGI IRIX 6.5 is installed by /dev/MAKEDEV with insecure default permissions (644), which could allow a ...
CVE-2002-0173Buffer overflow in cpr for the eoe.sw.cpr SGI Checkpoint-Restart Software package on SGI IRIX 6.5.10 and earlier may all...
CVE-2002-0226retrieve_password.pl in DCForum 6.x and 2000 generates predictable new passwords based on a sessionID, which allows remo...
CVE-2002-0230Cross-site scripting vulnerability in fom.cgi of Faq-O-Matic 2.712 allows remote attackers to execute arbitrary Javascri...
CVE-2002-0229Safe Mode feature (safe_mode) in PHP 3.0 through 4.1.0 allows attackers with access to the MySQL database to bypass Safe...
CVE-2002-0225tac_plus Tacacs+ daemon F4.0.4.alpha, originally maintained by Cisco, creates files from the accounting directive with w...
CVE-2002-0228Microsoft MSN Messenger allows remote attackers to use Javascript that references an ActiveX object to obtain sensitive ...

Check if your code is affected by 2002 CVEs

Strix scans your code and infrastructure for known vulnerabilities automatically.

Scan your code now