CVSS: 7.5EPSS: 97%CPEs: 38EXPL: 3CVE-2003-0818 – Microsoft Windows - ASN.1 'LSASS.exe' Remote Denial of Service (MS04-007)
https://notcve.org/view.php?id=CVE-2003-0818
Multiple integer overflows in Microsoft ASN.1 library (MSASN1.DLL), as used in LSASS.EXE, CRYPT32.DLL, and other Microsoft executables and libraries on Windows NT 4.0, 2000, and XP, allow remote attackers to execute arbitrary code via ASN.1 BER encodings with (1) very large length fields that cause arbitrary heap data to be overwritten, or (2) modified bit strings. Múltiples desbordamientos de enteros en la librería ASN.1 de Microsoft (MSASN1.DLL), usada en LSASS.EXE, CRYPT32.DLL, y otros ejecutables de Microsoft y librerías en Windows NT/2000/XP, permite a atacantes remotos ejecutar código arbitrario mediante codificaciones ASN.1 BER con campos de longitud muy largos que hace que se sobreescriban datos arbitrarios del montón. • https://www.exploit-db.com/exploits/153 https://www.exploit-db.com/exploits/16377 https://www.exploit-db.com/exploits/3022 http://marc.info/?l=bugtraq&m=107643836125615&w=2 http://marc.info/?l=bugtraq&m=107643892224825&w=2 http://marc.info/?l=ntbugtraq&m=107650972617367&w=2 http://marc.info/?l=ntbugtraq&m=107650972723080&w=2 http://www.kb.cert.org/vuls/id/216324 http://www.kb.cert.org/vuls/id/583108 http://www.us-cert.gov/cas/techalerts/TA04 •
CVSS: 10.0EPSS: 1%CPEs: 2EXPL: 0CVE-2003-1357
https://notcve.org/view.php?id=CVE-2003-1357
ProxyView has a default administrator password of Administrator for Embedded Windows NT, which allows remote attackers to gain access. • http://securityreason.com/securityalert/3228 http://www.securityfocus.com/archive/1/308733 http://www.securityfocus.com/bid/6708 https://exchange.xforce.ibmcloud.com/vulnerabilities/11185 • CWE-16: Configuration •
CVSS: 7.2EPSS: 0%CPEs: 1EXPL: 2CVE-2003-1407 – Microsoft Windows NT/2000 - 'cmd.exe' CD Buffer Overflow (PoC)
https://notcve.org/view.php?id=CVE-2003-1407
Buffer overflow in cmd.exe in Windows NT 4.0 may allow local users to execute arbitrary code via a long pathname argument to the cd command. • https://www.exploit-db.com/exploits/22245 http://securityreason.com/securityalert/3251 http://www.securityfocus.com/archive/1/311359 http://www.securityfocus.com/bid/6829 https://exchange.xforce.ibmcloud.com/vulnerabilities/11329 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 2.1EPSS: 0%CPEs: 34EXPL: 0CVE-2003-1437
https://notcve.org/view.php?id=CVE-2003-1437
BEA WebLogic Express and WebLogic Server 7.0 and 7.0.0.1, stores passwords in plaintext when a keystore is used to store a private key or trust certificate authorities, which allows local users to gain access. • http://dev.bea.com/resourcelibrary/advisoriesnotifications/BEA03-25.jsp http://www.securityfocus.com/bid/6719 https://exchange.xforce.ibmcloud.com/vulnerabilities/11220 •
CVSS: 5.0EPSS: 2%CPEs: 7EXPL: 2CVE-2003-1469 – Macromedia ColdFusion MX 6.0 - Error Message Full Path Disclosure
https://notcve.org/view.php?id=CVE-2003-1469
The default configuration of ColdFusion MX has the "Enable Robust Exception Information" option selected, which allows remote attackers to obtain the full path of the web server via a direct request to CFIDE/probe.cfm, which leaks the path in an error message. • https://www.exploit-db.com/exploits/22544 http://securityreason.com/securityalert/3307 http://www.nii.co.in/vuln/pdmac.html http://www.securityfocus.com/archive/1/319867 http://www.securityfocus.com/bid/7443 https://exchange.xforce.ibmcloud.com/vulnerabilities/11879 • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •