search menu icon-carat-right cmu-wordmark
Carnegie Mellon University

Software Engineering Institute

CERT Coordination Center

CERT/CC Vulnerability Notes Database


Published Public Updated ID CVSS Title
2007-04-10 2006-12-15 2007-04-11 VU#740636 Microsoft Windows CSRSS error handling vulnerability
2007-04-03 2007-04-03 2007-04-10 VU#556801 SolidWorks sldimdownload ActiveX control fails to restrict access to methods
2007-04-09 2007-04-03 2007-04-10 VU#388377 Yahoo! Messenger AudioConf ActiveX Control buffer overflow vulnerability
2007-04-10 2007-04-10 2007-04-10 VU#337953 Microsoft Windows Kernel vulnerable to privilege escalation
2007-04-09 2007-04-09 2007-04-09 VU#958609 Internet Pictures Corporation iPIX Image Well ActiveX controls contain buffer overflows
2007-04-05 2007-01-22 2007-04-09 VU#524332 0 Intel Centrino wireless drivers fail to properly process malformed frames
2007-03-07 2007-02-23 2007-04-05 VU#592796 Mozilla Network Security Services (NSS) fails to properly handle the client master key
2007-01-18 2006-12-19 2007-04-05 VU#447772 Mozilla JavaScript Engine multiple memory corruption vulnerabilities
2007-01-18 2006-12-19 2007-04-05 VU#428500 Mozilla LiveConnect vulnerable to crash finalizing JS objects
2007-03-07 2007-02-23 2007-04-05 VU#377812 Mozilla Network Security Services (NSS) fails to properly process malformed SSLv2 server messages
2006-11-08 2006-11-08 2007-04-05 VU#495288 Mozilla products contain several unspecified errors in the layout engine
2007-04-05 2007-03-30 2007-04-05 VU#478225 AOL SuperBuddy ActiveX fails to properly validate method arguments
2005-07-07 2005-07-02 2007-04-05 VU#680620 zlib inflate() routine vulnerable to buffer overflow
2007-03-14 2006-11-26 2007-03-30 VU#346656 Apple Mac OS X fails to properly handle corrupted Universal Mach-O Binaries
2007-01-30 2007-01-30 2007-03-30 VU#726548 Voice mail systems allow administrative access based on Caller ID

Sponsored by CISA.

Download PGP Key

Read CERT/CC Blog

Learn about Vulnerability Analysis