search menu icon-carat-right cmu-wordmark
Carnegie Mellon University

Software Engineering Institute

CERT Coordination Center

CERT/CC Vulnerability Notes Database


Published Public Updated ID CVSS Title
2005-05-11 2005-05-06 2005-11-07 VU#790533 RSA Authentication Agent for Web for IIS vulnerable to heap overflow via overly large "chunk"
2005-05-10 2005-05-07 2005-08-01 VU#648758 Mozilla Firefox executes JavaScript in the "IconURL" parameter of "InstallTrigger.install()" with chrome privileges
2005-05-10 2005-05-07 2005-08-09 VU#534710 Mozilla fails to properly prevent "JavaScript:" URIs containing "eval()" from being executed in the context of other URIs in the history list
2005-05-10 2005-04-19 2005-05-13 VU#668916 Microsoft Windows Explorer vulnerable to script injection via the Web View DLL
2005-05-09 2005-05-03 2005-05-16 VU#258390 Apple Mac OS X with Bluetooth enabled may allow file exchange without prompting users
2005-05-09 2005-05-03 2005-07-06 VU#140470 Apple Mac OS X Server Admin fails to properly restrict users from using the proxy service
2005-05-09 2005-05-03 2005-05-11 VU#145486 Apple Cocoa applications vulnerable to denial of service via malformed TIFF image
2005-05-09 2005-05-09 2005-07-06 VU#302220 IPsec configurations may be vulnerable to information disclosure
2005-05-06 2005-05-03 2005-05-16 VU#356070 Apple Terminal fails to properly sanitize input for "x-man-page" URI
2005-05-05 2005-04-27 2005-05-11 VU#327037 Debian CVS "pserver" remote access authentication bypass vulnerability
2005-04-27 2005-04-12 2005-04-28 VU#948486 Oracle products contain multiple vulnerabilities
2005-04-20 2005-04-15 2005-12-22 VU#519317 Mozilla Firefox fails to properly perform security checks on "_search" target
2005-04-20 2005-04-20 2006-01-10 VU#604846 sendfile() system call may leak sections of kernel memory
2005-04-19 2005-04-15 2005-08-01 VU#973309 Mozilla may execute JavaScript with elevated privileges when defined in site icon tag
2005-04-19 2005-04-12 2005-04-29 VU#982109 Oracle contains multiple SQL injection vulnerabilities

Sponsored by CISA.

Download PGP Key

Read CERT/CC Blog

Learn about Vulnerability Analysis