CVE-2000-0842

The search97cgi/vtopic" in the UnixWare 7 scohelphttp webserver allows remote attackers to read arbitrary files via a .. (dot dot) attack.

Publication date: Tue, 14 Nov 2000 11:00:00 +0000

Cyber News related to CVE-2000-0842

CVE-2002-0841 - Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2002-0842. Reason: This candidate is a duplicate of CVE-2002-0842. The duplicate assignment was made before public disclosure. Notes: none ...
55 years ago Tenable.com

CVE-2000-0842 - The search97cgi/vtopic" in the UnixWare 7 scohelphttp webserver allows remote attackers to read arbitrary files via a .. (dot dot) attack. ...
16 years ago

CVE-2000-0744 - Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2000-0743. Reason: This candidate is a duplicate of CVE-2000-0743. Notes: All CVE users should reference CVE-2000-0743 instead of this candidate. All references and descriptions in ...
55 years ago Tenable.com

CVE-2008-5416 - Heap-based buffer overflow in Microsoft SQL Server 2000 SP4, 8.00.2050, 8.00.2039, and earlier; SQL Server 2000 Desktop Engine (MSDE 2000) SP4; SQL Server 2005 SP2 and 9.00.1399.06; SQL Server 2000 Desktop Engine (WMSDE) on Windows Server 2003 SP1 ...
6 years ago

CVE-2008-0086 - Buffer overflow in the convert function in Microsoft SQL Server 2000 SP4, 2000 Desktop Engine (MSDE 2000) SP4, and 2000 Desktop Engine (WMSDE) allows remote authenticated users to execute arbitrary code via a crafted SQL expression. ...
6 years ago

CVE-2008-0107 - Integer underflow in SQL Server 7.0 SP4, 2000 SP4, 2005 SP1 and SP2, 2000 Desktop Engine (MSDE 2000) SP4, 2005 Express Edition SP1 and SP2, and 2000 Desktop Engine (WMSDE); Microsoft Data Engine (MSDE) 1.0 SP4; and Internal Database (WYukon) SP2 ...
5 years ago

CVE-2008-0085 - SQL Server 7.0 SP4, 2000 SP4, 2005 SP1 and SP2, 2000 Desktop Engine (MSDE 2000) SP4, 2005 Express Edition SP1 and SP2, and 2000 Desktop Engine (WMSDE); Microsoft Data Engine (MSDE) 1.0 SP4; and Internal Database (WYukon) SP2 does not initialize ...
5 years ago

CVE-2021-47460 - In the Linux kernel, the following vulnerability has been resolved: ocfs2: fix data corruption after conversion from inline format Commit 6dbf7bb55598 ("fs: Don't invalidate page buffers in block_write_full_page()") uncovered a latent bug in ocfs2 ...
8 months ago Tenable.com

CVE-2024-49883 - In the Linux kernel, the following vulnerability has been resolved: ext4: aovid use-after-free in ext4_ext_insert_extent() As Ojaswin mentioned in Link, in ext4_ext_insert_extent(), if the path is reallocated in ext4_ext_create_new_leaf(), we'll use ...
3 months ago Tenable.com

CVE-2020-0779 - An elevation of privilege vulnerability exists in the Windows Installer when MSI packages process symbolic links, aka 'Windows Installer Elevation of Privilege Vulnerability'. This CVE ID is unique from CVE-2020-0798, CVE-2020-0814, ...
4 years ago

CVE-2020-0798 - An elevation of privilege vulnerability exists in the Windows Installer when the Windows Installer fails to properly sanitize input leading to an insecure library loading behavior.A locally authenticated attacker could run arbitrary code with ...
3 years ago

CVE-2020-0814 - An elevation of privilege vulnerability exists in Windows Installer because of the way Windows Installer handles certain filesystem operations.To exploit the vulnerability, an attacker would require unprivileged execution on the victim system, aka ...
3 years ago

CVE-2020-0843 - An elevation of privilege vulnerability exists in Windows Installer because of the way Windows Installer handles certain filesystem operations.To exploit the vulnerability, an attacker would require unprivileged execution on the victim system, aka ...
3 years ago

CVE-2020-0842 - An elevation of privilege vulnerability exists in Windows Installer because of the way Windows Installer handles certain filesystem operations.To exploit the vulnerability, an attacker would require unprivileged execution on the victim system, aka ...
3 years ago

CVE-2007-1145 - Multiple cross-site scripting (XSS) vulnerabilities in Kayako SupportSuite - ESupport 3.00.13 and 3.04.10 allow remote attackers to inject arbitrary web script or HTML via unspecified vectors related to a (1) lostpassword or (2) register action in ...
6 years ago

CVE-1999-0842 - Symantec Mail-Gear 1.0 web interface server allows remote users to read arbitrary files via a .. (dot dot) attack. ...
16 years ago

CVE-2016-0842 - The H.264 decoder in libstagefright in Android 6.x before 2016-04-01 mishandles Memory Management Control Operation (MMCO) data, which allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted ...
8 years ago

CVE-2001-0842 - Directory traversal vulnerability in Search.cgi in Leoboard LB5000 LB5000II 1029 and earlier allows remote attackers to overwrite files and gain privileges via .. (dot dot) sequences in the amembernamecookie cookie. ...
8 years ago

CVE-2002-0842 - Format string vulnerability in certain third party modifications to mod_dav for logging bad gateway messages (e.g. Oracle9i Application Server 9.0.2) allows remote attackers to execute arbitrary code via a destination URI that forces a "502 Bad ...
8 years ago

CVE-2003-0842 - Stack-based buffer overflow in mod_gzip_printf for mod_gzip 1.3.26.1a and earlier, and possibly later official versions, when running in debug mode, allows remote attackers to execute arbitrary code via a long filename in a GET request with an ...
8 years ago

CVE-2005-0842 - Cross-site scripting (XSS) vulnerability in index.php in Kayako eSupport 2.3 allows remote attackers to inject arbitrary web script or HTML via the (1) _i or (2) _c parameter. ...
8 years ago

CVE-2006-0842 - Cross-site scripting (XSS) vulnerability in Calacode @Mail 4.3 allows remote attackers to inject arbitrary web script or HTML via a modified javascript: string in the SRC attribute of an IMG element in an e-mail message, as demonstrated by ...
7 years ago

CVE-2014-0842 - The account-creation functionality in IBM Rational Focal Point 6.4.x and 6.5.x before 6.5.2.3 and 6.6.x before 6.6.1 places the new user's default password within the creation page, which allows remote attackers to obtain sensitive information by ...
7 years ago

CVE-2013-0842 - Google Chrome before 24.0.1312.56 does not properly handle %00 characters in pathnames, which has unspecified impact and attack vectors. ...
7 years ago

CVE-2008-0842 - SQL injection vulnerability in index.php in the Classifier (com_clasifier) component for Joomla! allows remote attackers to execute arbitrary SQL commands via the cat_id parameter. ...
7 years ago

Latest Cyber News

CVE-2024-40890 - 20 hours ago
CVE-2024-40891 - 20 hours ago
CVE-2025-0847 - 21 hours ago
CVE-2025-0848 - 21 hours ago
CVE-2025-0849 - 21 hours ago
CVE-2025-0846 - 22 hours ago
CVE-2025-0844 - 23 hours ago
CVE-2025-21415 - 1 day ago
CVE-2025-21396 - 1 day ago
CVE-2025-0843 - 1 day ago
CVE-2024-57665 - 1 day ago
CVE-2024-57513 - 1 day ago
CVE-2025-0842 - 1 day ago
CVE-2025-0851 - 1 day ago
CVE-2024-48761 - 1 day ago
CVE-2024-51182 - 1 day ago
CVE-2024-54851 - 1 day ago
CVE-2024-54852 - 1 day ago
CVE-2024-57395 - 1 day ago
CVE-2024-57509 - 1 day ago

Cyber Trends (last 7 days)

Okta - 1 year ago
23andMe - 1 year ago
Kimsuky - 1 year ago
LogoFAIL - 1 year ago
Gh0st rat - 1 year ago

Trending Cyber News (last 7 days)

CVE-2025-24099 - 1 day ago
CVE-2024-12749 - 1 day ago
CVE-2024-13696 - 1 day ago
CVE-2024-7695 - 1 day ago
CVE-2024-57965 - 1 day ago
CVE-2021-3978 - 1 day ago
CVE-2025-0617 - 1 day ago
CVE-2024-13561 - 1 day ago
CVE-2024-41140 - 1 day ago
CVE-2024-54461 - 1 day ago
CVE-2024-54462 - 1 day ago
CVE-2025-0353 - 1 day ago
CVE-2024-57436 - 1 day ago
CVE-2024-57437 - 1 day ago
CVE-2024-57438 - 1 day ago
CVE-2024-57439 - 1 day ago
CVE-2025-24374 - 1 day ago
CVE-2025-24792 - 1 day ago
CVE-2023-35907 - 1 day ago
CVE-2023-37398 - 1 day ago