Total
207 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2004-0411 | 1 Kde | 1 Konqueror | 2024-02-28 | 7.5 HIGH | N/A |
| The URI handlers in Konqueror for KDE 3.2.2 and earlier do not properly filter "-" characters that begin a hostname in a (1) telnet, (2) rlogin, (3) ssh, or (4) mailto URI, which allows remote attackers to manipulate the options that are passed to the associated programs, possibly to read arbitrary files or execute arbitrary code. | |||||
| CVE-2002-0985 | 2 Openpkg, Php | 2 Openpkg, Php | 2024-02-28 | 7.5 HIGH | N/A |
| Argument injection vulnerability in the mail function for PHP 4.x to 4.2.2 may allow attackers to bypass safe mode restrictions and modify command line arguments to the MTA (e.g. sendmail) in the 5th argument to mail(), altering MTA behavior and possibly executing commands. | |||||
| CVE-2001-0150 | 1 Microsoft | 1 Internet Explorer | 2024-02-28 | 5.1 MEDIUM | N/A |
| Internet Explorer 5.5 and earlier executes Telnet sessions using command line arguments that are specified by the web site, which could allow remote attackers to execute arbitrary commands if the IE client is using the Telnet client provided in Services for Unix (SFU) 2.0, which creates session transcripts. | |||||
| CVE-2004-0480 | 1 Ibm | 1 Lotus Notes | 2024-02-28 | 10.0 HIGH | N/A |
| Argument injection vulnerability in IBM Lotus Notes 6.0.3 and 6.5 allows remote attackers to execute arbitrary code via a notes: URI that uses a UNC network share pathname to provide an alternate notes.ini configuration file to notes.exe. | |||||
| CVE-1999-0113 | 1 Ibm | 1 Aix | 2024-02-28 | 10.0 HIGH | N/A |
| Some implementations of rlogin allow root access if given a -froot parameter. | |||||
| CVE-2001-1246 | 1 Php | 1 Php | 2024-02-28 | 7.5 HIGH | N/A |
| PHP 4.0.5 through 4.1.0 in safe mode does not properly cleanse the 5th parameter to the mail() function, which allows local users and possibly remote attackers to execute arbitrary commands via shell metacharacters. | |||||
| CVE-2004-0121 | 1 Microsoft | 2 Office, Outlook | 2024-02-28 | 7.5 HIGH | N/A |
| Argument injection vulnerability in Microsoft Outlook 2002 does not sufficiently filter parameters of mailto: URLs when using them as arguments when calling OUTLOOK.EXE, which allows remote attackers to use script code in the Local Machine zone and execute arbitrary programs. | |||||