CERT Vulnerability Notes Database

Published	Public	Updated	ID	CVSS	Title
2008-01-25	2007-12-10	2008-04-28	VU#203611		inet_network() off-by-one buffer overflow
2008-06-25	2007-12-05	2008-06-25	VU#305208		Caucho Resin vulnerable to XSS via "file" parameter to "viewfile"
2008-01-03	2007-11-30	2008-01-03	VU#150249		OpenSSL FIPS Object Module fails to properly generate random seeds
2007-12-10	2007-11-27	2008-01-18	VU#232881		Squid remote denial-of-service vulnerability
2007-11-27	2007-11-25	2007-11-27	VU#433819		Apple Mail remote command execution vulnerability
2007-11-24	2007-11-23	2008-01-11	VU#659761		Apple QuickTime RTSP Content-Type header stack buffer overflow
2008-02-04	2007-11-22	2008-08-13	VU#776931		Aurigma ImageUploader ActiveX control stack buffer overflows
2008-06-11	2007-11-21	2008-06-11	VU#315107		SkyPortal contains multiple SQL injection vulnerabilities
2007-11-20	2007-11-20	2007-11-20	VU#512193		IBM Director fails to properly time-out connection requests from clients
2007-11-19	2007-11-19	2008-02-26	VU#138633	0	Invensys Wonderware InTouch creates insecure NetDDE share
2008-03-22	2007-11-16	2008-05-13	VU#936529		Microsoft Jet Engine stack buffer overflow
2007-11-13	2007-11-13	2007-11-13	VU#484649		Microsoft Windows DNS Server vulnerable to cache poisoning
2007-11-08	2007-11-07	2008-11-20	VU#715737		Mozilla-based browsers jar: URI cross-site scripting vulnerability
2007-12-04	2007-11-05	2007-12-04	VU#438616		Mortbay Jetty fails to properly handle cookies with quotes
2007-11-08	2007-11-05	2007-11-08	VU#319771		Apple QuickTime for Java may allow Java applets to gain elevated privileges

Software Engineering Institute