Total
29739 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-1999-1030 | 1 Behold Software | 1 Web Page Counter | 2025-04-03 | N/A |
| counter.exe 2.70 allows a remote attacker to cause a denial of service (hang) via an HTTP request that ends in %0A (newline), which causes a malformed entry in the counter log that produces an access violation. | ||||
| CVE-1999-1033 | 1 Microsoft | 1 Outlook Express | 2025-04-03 | N/A |
| Microsoft Outlook Express before 4.72.3612.1700 allows a malicious user to send a message that contains a .., which can inadvertently cause Outlook to re-enter POP3 command mode and cause the POP3 session to hang. | ||||
| CVE-1999-1034 | 1 Att | 1 Svr4 | 2025-04-03 | N/A |
| Vulnerability in login in AT&T System V Release 4 allows local users to gain privileges. | ||||
| CVE-1999-1035 | 1 Microsoft | 1 Internet Information Server | 2025-04-03 | N/A |
| IIS 3.0 and 4.0 on x86 and Alpha allows remote attackers to cause a denial of service (hang) via a malformed GET request, aka the IIS "GET" vulnerability. | ||||
| CVE-1999-1068 | 1 Oracle | 1 Http Server | 2025-04-03 | N/A |
| Oracle Webserver 2.1, when serving PL/SQL stored procedures, allows remote attackers to cause a denial of service via a long HTTP GET request. | ||||
| CVE-1999-1070 | 1 Xylogics | 1 Annex | 2025-04-03 | N/A |
| Buffer overflow in ping CGI program in Xylogics Annex terminal service allows remote attackers to cause a denial of service via a long query parameter. | ||||
| CVE-1999-1071 | 1 Excite | 1 Ews | 2025-04-03 | N/A |
| Excite for Web Servers (EWS) 1.1 installs the Architext.conf authentication file with world-writeable permissions, which allows local users to gain access to Excite accounts by modifying the file. | ||||
| CVE-1999-1072 | 1 Excite | 1 Ews | 2025-04-03 | N/A |
| Excite for Web Servers (EWS) 1.1 allows local users to gain privileges by obtaining the encrypted password from the world-readable Architext.conf authentication file and replaying the encrypted password in an HTTP request to AT-generated.cgi or AT-admin.cgi. | ||||
| CVE-1999-1073 | 1 Excite | 1 Ews | 2025-04-03 | N/A |
| Excite for Web Servers (EWS) 1.1 records the first two characters of a plaintext password in the beginning of the encrypted password, which makes it easier for an attacker to guess passwords via a brute force or dictionary attack. | ||||
| CVE-1999-1074 | 1 Webmin | 1 Webmin | 2025-04-03 | N/A |
| Webmin before 0.5 does not restrict the number of invalid passwords that are entered for a valid username, which could allow remote attackers to gain privileges via brute force password cracking. | ||||
| CVE-1999-1075 | 1 Ibm | 1 Aix | 2025-04-03 | N/A |
| inetd in AIX 4.1.5 dynamically assigns a port N when starting ttdbserver (ToolTalk server), but also inadvertently listens on port N-1 without passing control to ttdbserver, which allows remote attackers to cause a denial of service via a large number of connections to port N-1, which are not properly closed by inetd. | ||||
| CVE-1999-1112 | 1 Irfanview | 1 Irfanview | 2025-04-03 | N/A |
| Buffer overflow in IrfanView32 3.07 and earlier allows attackers to execute arbitrary commands via a long string after the "8BPS" image type in a Photo Shop image header. | ||||
| CVE-1999-1113 | 1 Eudora | 1 Internet Mail Server | 2025-04-03 | N/A |
| Buffer overflow in Eudora Internet Mail Server (EIMS) 2.01 and earlier on MacOS systems allows remote attackers to cause a denial of service via a long USER command to port 106. | ||||
| CVE-1999-1114 | 1 Sgi | 1 Irix | 2025-04-03 | N/A |
| Buffer overflow in Korn Shell (ksh) suid_exec program on IRIX 6.x and earlier, and possibly other operating systems, allows local users to gain root privileges. | ||||
| CVE-1999-1148 | 1 Microsoft | 1 Internet Information Server | 2025-04-03 | N/A |
| FTP service in IIS 4.0 and earlier allows remote attackers to cause a denial of service (resource exhaustion) via many passive (PASV) connections at the same time. | ||||
| CVE-1999-1151 | 1 Compaq Microcom | 1 Microcom 6000 Access Integrator | 2025-04-03 | N/A |
| Compaq/Microcom 6000 Access Integrator does not cause a session timeout after prompting for a username or password, which allows remote attackers to cause a denial of service by connecting to the integrator without providing a username or password. | ||||
| CVE-1999-1153 | 1 Hamcards Postcard Cgi | 1 Hamcards Postcard Cgi | 2025-04-03 | N/A |
| HAMcards Postcard CGI script 1.0 allows remote attackers to execute arbitrary commands via shell metacharacters in the recipient email address. | ||||
| CVE-1999-1154 | 1 Lakeweb | 1 Filemail Cgi Script | 2025-04-03 | N/A |
| LakeWeb Filemail CGI script allows remote attackers to execute arbitrary commands via shell metacharacters in the recipient email address. | ||||
| CVE-1999-1155 | 1 Lakeweb | 1 Mail List Cgi Script | 2025-04-03 | N/A |
| LakeWeb Mail List CGI script allows remote attackers to execute arbitrary commands via shell metacharacters in the recipient email address. | ||||
| CVE-1999-1156 | 1 Bisonware | 1 Bisonware Ftp Server | 2025-04-03 | N/A |
| BisonWare FTP Server 4.1 and earlier allows remote attackers to cause a denial of service via a malformed PORT command that contains a non-numeric character and a large number of carriage returns. | ||||