search menu icon-carat-right cmu-wordmark
Carnegie Mellon University

Software Engineering Institute

CERT Coordination Center

CERT/CC Vulnerability Notes Database


Published Public Updated ID CVSS Title
2004-02-03 2003-10-30 2004-03-19 VU#434566 Apache mod_rewrite vulnerable to buffer overflow via crafted regular expression
2003-11-05 2003-10-20 2003-11-05 VU#496340 Oracle command-line program buffer overflow in argument handling
2003-10-16 2003-10-15 2003-10-16 VU#467036 Microsoft Help and Support Center contains buffer overflow in code used to handle HCP protocol
2003-10-16 2003-10-15 2003-10-16 VU#575892 Buffer overflow in Microsoft Messenger Service
2003-10-16 2003-10-15 2003-10-16 VU#989932 Microsoft contains a buffer overflow in the Local Troubleshooter ActiveX control (Tshoot.ocx)
2003-10-16 2003-10-15 2003-10-22 VU#422156 Microsoft Exchange Server fails to properly handle specially crafted SMTP extended verb requests
2003-10-16 2003-10-15 2003-12-09 VU#838572 Microsoft Authenticode mechanism installs ActiveX controls without prompting user
2003-10-16 2003-10-15 2003-10-16 VU#435444 Microsoft Outlook Web Access (OWA) contains cross-site scripting vulnerability in the "Compose New Message" form
2003-10-16 2003-10-15 2003-10-22 VU#967668 Microsoft Windows ListBox and ComboBox controls vulnerable to buffer overflow when supplied crafted Windows message
2003-10-14 2003-10-10 2003-10-15 VU#547820 Microsoft Windows DCOM/RPC vulnerability
2003-10-09 2003-10-06 2003-10-10 VU#989580 Hummingbird CyberDOCS sets insecure permissions on script source code files
2003-10-09 2003-10-06 2003-10-09 VU#368300 Hummingbird CyberDOCS vulnerable to SQL injection
2003-10-09 2003-10-06 2003-10-10 VU#715548 Hummingbird CyberDOCS error page discloses web server installation path
2003-10-09 2003-10-06 2003-10-14 VU#488684 Hummingbird CyberDOCS contains multiple cross-site scripting vulnerabilities
2003-10-30 2003-10-03 2004-05-20 VU#473108 Cisco Lightweight Extensible Authentication Protocol (LEAP) uses passwords that are vulnerable to dictionary attacks

Sponsored by CISA.

Download PGP Key

Read CERT/CC Blog

Learn about Vulnerability Analysis