CVSS: 7.2EPSS: 0%CPEs: 20EXPL: 3CVE-2003-1359 – HP-UX 10.x - stmkfont Alternate Typeface Library Buffer Overflow
https://notcve.org/view.php?id=CVE-2003-1359
Buffer overflow in stmkfont utility of HP-UX 10.0 through 11.22 allows local users to gain privileges via a long command line argument. • https://www.exploit-db.com/exploits/22246 https://www.exploit-db.com/exploits/22247 http://securityreason.com/securityalert/3236 http://www.securityfocus.com/advisories/4959 http://www.securityfocus.com/archive/1/324381 http://www.securityfocus.com/bid/6836 https://exchange.xforce.ibmcloud.com/vulnerabilities/11313 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A5587 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 7.2EPSS: 0%CPEs: 1EXPL: 0CVE-2003-1098
https://notcve.org/view.php?id=CVE-2003-1098
The Xserver for HP-UX 11.22 was not properly built, which introduced a vulnerability that allows local users to gain privileges. • http://www.kb.cert.org/vuls/id/862401 http://www.kb.cert.org/vuls/id/IAFY-5HVQDJ http://www.securityfocus.com/bid/6638 http://www.securitytracker.com/id?1005936 https://exchange.xforce.ibmcloud.com/vulnerabilities/11094 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A5765 •
CVSS: 7.8EPSS: 0%CPEs: 3EXPL: 0CVE-2003-1362
https://notcve.org/view.php?id=CVE-2003-1362
Bastille B.02.00.00 of HP-UX 11.00 and 11.11 does not properly configure the (1) NOVRFY and (2) NOEXPN options in the sendmail.cf file, which could allow remote attackers to verify the existence of system users and expand defined sendmail aliases. • http://archives.neohapsis.com/archives/hp/2003-q1/0033.html http://www.securityfocus.com/bid/6878 https://exchange.xforce.ibmcloud.com/vulnerabilities/11366 • CWE-16: Configuration •
CVSS: 7.2EPSS: 0%CPEs: 4EXPL: 2CVE-2003-1375 – HPUX 10.20/11 Wall Message - Local Buffer Overflow
https://notcve.org/view.php?id=CVE-2003-1375
Buffer overflow in wall for HP-UX 10.20 through 11.11 may allow local users to execute arbitrary code by calling wall with a large file as an argument. • https://www.exploit-db.com/exploits/22231 http://securityreason.com/securityalert/3264 http://www.securityfocus.com/advisories/5369 http://www.securityfocus.com/archive/1/310908 http://www.securityfocus.com/bid/6800 https://exchange.xforce.ibmcloud.com/vulnerabilities/11272 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A5439 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 2.1EPSS: 0%CPEs: 34EXPL: 0CVE-2003-1437
https://notcve.org/view.php?id=CVE-2003-1437
BEA WebLogic Express and WebLogic Server 7.0 and 7.0.0.1, stores passwords in plaintext when a keystore is used to store a private key or trust certificate authorities, which allows local users to gain access. • http://dev.bea.com/resourcelibrary/advisoriesnotifications/BEA03-25.jsp http://www.securityfocus.com/bid/6719 https://exchange.xforce.ibmcloud.com/vulnerabilities/11220 •