Buffer overflow in POP3 and IMAP servers in the MERCUR mail server suite allows remote attackers to cause a denial of service.
CVE-2000-0197
The Windows NT scheduler uses the drive mapping of the interactive user who is currently logged onto the system, which allows the local user to gain privileges by providing a Trojan horse batch file in place of the original batch file.
CVE-2000-0196
Buffer overflow in mhshow in the Linux nmh package allows remote attackers to execute commands via malformed MIME headers in an email message.
CVE-2000-0195
setxconf in Corel Linux allows local users to gain root access via the -T parameter, which executes the user's .xserverrc file.
CVE-2000-0194
buildxconf in Corel Linux allows local users to modify or create arbitrary files via the -x or -f parameters.
CVE-2000-0193
The default configuration of Dosemu in Corel Linux 1.0 allows local users to execute the system.com program and gain privileges.
CVE-2000-0192
The default installation of Caldera OpenLinux 2.3 includes the CGI program rpm_query, which allows remote attackers to determine what packages are installed on the system.
CVE-2000-0191
Axis StorPoint CD allows remote attackers to access administrator URLs without authentication via a .. (dot dot) attack.
CVE-2000-0190
AOL Instant Messenger (AIM) client allows remote attackers to cause a denial of service via a message with a malformed ASCII value.
CVE-2000-0189
ColdFusion Server 4.x allows remote attackers to determine the real pathname of the server via an HTTP request to the application.cfm or onrequestend.cfm files.