CVE List
| Id | CVE No. | Status | Description | Phase | Votes | Comments | Actions |
|---|---|---|---|---|---|---|---|
| 3141 | CVE-2001-0320 | Candidate | bb_smilies.php and bbcode_ref.php in PHP-Nuke 4.4 allows remote attackers to read arbitrary files and gain PHP administrator privileges by inserting a null character and .. (dot dot) sequences into a malformed username argument. | Proposed (20010404) | ACCEPT(2) Baker, Cole | MODIFY(1) Frech | NOOP(3) Bishop, Wall, Ziese | Frech> XF:php-nuke-elevate-privileges(6183) | CHANGE> [Bishop changed vote from REVIEWING to NOOP] | View |
| 3143 | CVE-2001-0322 | Candidate | MSHTML.DLL HTML parser in Internet Explorer 4.0, and other versions, allows remote attackers to cause a denial of service (application crash) via a script that creates and deletes an object that is associated with the browser window object. | Proposed (20010404) | ACCEPT(1) Frech | NOOP(2) Cole, Ziese | REJECT(1) LeBlanc | REVIEWING(2) Bishop, Wall | LeBlanc> I don"t believe that EX-CLIENT-DOS issues should be included | in CVE. | View |
| 3145 | CVE-2001-0324 | Candidate | Windows 98 and Windows 2000 Java clients allow remote attackers to cause a denial of service via a Java applet that opens a large number of UDP sockets, which prevents the host from establishing any additional UDP connections, and possibly causes a crash. | Proposed (20010404) | MODIFY(1) Frech | NOOP(2) Cole, Ziese | RECAST(1) LeBlanc | REVIEWING(3) Baker, Bishop, Wall | LeBlanc> Sun"s Java specification does not provide for limits on the | number of sockets that can be opened. We didn"t write the spec, we just | implemented it. Aside from the issue of EX-CLIENT-DOS issues noted in my | comments on CVE-2001-0322, the vuln would need to be recast to show that | the actual problem lies in Java. If the description is recast to show | that the issue is in Sun"s Java specification, then please change my | vote to NOOP, as per the "don"t vote on issues with other vendors" rule. | Frech> XF:win-udp-dos(6070) | View |
| 3146 | CVE-2001-0325 | Candidate | Buffer overflow in QNX RTP 5.60 allows remote attackers to cause a denial of service and possibly execute arbitrary commands via a large number of arguments to the stat command. | Proposed (20010404) | MODIFY(1) Frech | NOOP(3) Cole, Wall, Ziese | REVIEWING(1) Bishop | Frech> XF:qnx-rtp-ftpd-bo(6442) | View |
| 2966 | CVE-2001-0145 | Candidate | Buffer overflow in VCard handler in Outlook 2000 and 98, and Outlook Express 5.x, allows an attacker to execute arbitrary commands via a malformed vCard birthday field. | Proposed (20010404) | ACCEPT(4) Baker, Balinsky, Cole, Wall | MODIFY(1) Frech | REVIEWING(3) Bishop, Christey, Ziese | Christey> In a post to Bugtraq, Joel Moses notes that this is a | duplicate of CVE-2000-0756: | http://marc.theaimsgroup.com/?l=bugtraq&m=98322714210100&w=2 | | As of this writing, it is not certain which candidate | should be preferred: the candidate that has been publicly | known longer (i.e. CVE-2000-0756), or the more "official" | candidate, which has probably been publicized more (i.e. | CVE-2001-0145). | Balinsky> It seems that this is a more specific case of | CVE-2000-0756. The reference for 2000-0756 states that there is a | buffer overflow in the birthday AND the e-mail field, as well as other | suspected fields. As this current candidate only addresses the | birthday field, it seems that there are likely different lines of code | involved. | Microsoft is not specific about what specifically the patch | addresses. It is possible that the other overflows in 2000-0756 are | still vulnerable and that the @stake group just didn"t bother to test | them. | We will not know the answer until someone retests those other | fields to see if they are still vulnerable. | If they are, then 2000-0756 might deserve being split up. | Frech> XF:outlook-vcard-dos(5175) | Christey> Consider adding BID:2459 | View |
Page 20645 of 20943, showing 5 records out of 104715 total, starting on record 103221, ending on 103225
