search menu icon-carat-right cmu-wordmark
Carnegie Mellon University

Software Engineering Institute

CERT Coordination Center

CERT/CC Vulnerability Notes Database


Published Public Updated ID CVSS Title
2006-06-02 2006-06-01 2007-02-09 VU#575969 Mozilla may process content-defined setters on object prototypes with elevated privileges
2006-06-02 2006-06-01 2007-02-09 VU#237257 Mozilla privilege escalation using addSelectionListener
2006-06-02 2006-06-01 2007-02-09 VU#421529 Mozilla contains a buffer overflow vulnerability in crypto.signText()
2007-12-14 2006-05-31 2007-12-14 VU#312692 Shadow Utils useradd utility sets incorrect file permissions
2006-05-30 2006-05-30 2006-06-07 VU#635721 Secure Elements Class 5 AVR client fails to properly validate a messages target CEID
2006-05-30 2006-05-30 2007-05-04 VU#487617 Secure Elements Class 5 AVR server fails to properly authenticate session start messages
2006-05-30 2006-05-30 2006-06-07 VU#921017 Secure Elements Class 5 AVR client sends messages in cleartext
2006-05-30 2006-05-30 2006-06-07 VU#566553 Secure Elements Class 5 AVR uses the same RSA key for all installations
2006-05-30 2006-05-30 2006-06-07 VU#397417 Secure Elements Class 5 AVR server fails to properly enforce access controls on console operations
2006-05-30 2006-05-30 2006-06-07 VU#288121 Secure Elements Class 5 AVR client fails to validate source address of messages
2006-05-30 2006-05-30 2006-06-07 VU#353769 Secure Elements Class 5 AVR client fails to enforce integrity of message digests
2006-05-30 2006-05-30 2006-06-07 VU#207161 Secure Elements Class 5 AVR server fails to properly authenticate registration messages
2006-05-30 2006-05-30 2006-05-31 VU#378604 WeOnlyDo! SFTP ActiveX control fails to properly restrict access to methods
2006-05-30 2006-05-30 2006-06-07 VU#207337 Secure Elements Class 5 AVR server fails to properly validate peer certificate when downloading updates
2006-05-30 2006-05-30 2006-06-07 VU#764025 Secure Elements Class 5 AVR server fails to properly validate pathnames when downloading updates

Sponsored by CISA.

Download PGP Key

Read CERT/CC Blog

Learn about Vulnerability Analysis