search menu icon-carat-right cmu-wordmark
Carnegie Mellon University

Software Engineering Institute

CERT Coordination Center

CERT/CC Vulnerability Notes Database


Published Public Updated ID CVSS Title
2002-09-27 2000-11-10 2002-09-27 VU#829845 Microsoft Windows 2000 Indexing Services enumerates local file locations via ixsso.query ActiveX object
2002-09-27 2000-12-01 2002-09-27 VU#820957 Microsoft Internet Explorer 5.5 print template ActiveX control allows arbitrary command execution
2002-09-27 2001-05-23 2002-09-27 VU#739376 Microsoft Windows Media Player creates URL shortcut that may contain HTML code in known location in Local Computer Zone
2002-09-27 2001-05-10 2002-09-27 VU#910624 Microsoft Windows 2000 Indexing Service permits read access to files outside web root via crafted request
2002-09-27 2000-04-03 2002-09-27 VU#26493 MS Excel XLM Text Macro execution fails to trigger warning when default medium security set
2002-09-27 2001-10-13 2002-09-27 VU#921547 PostNuke does not adequately validate user input thereby allowing malicious user to bypass user authentication via SQL injection
2002-09-27 2001-06-07 2002-09-27 VU#771771 Shambala FTP Server does not adequately validate user input thereby allowing directory traversal
2002-09-27 2001-08-13 2002-09-27 VU#494307 SIX-webboard does not adequately validate user input thereby permitting directory traversal
2002-09-27 2001-10-15 2002-09-27 VU#341539 Novell GroupWise Server web-based front-end does not adequately validate user input thereby allowing directory traversal
2002-09-27 2001-04-05 2002-09-27 VU#339779 Savant Web Server has a buffer overflow vulnerability
2002-09-26 2002-07-22 2002-09-26 VU#940203 DansGuardian content filtering proxy fails to adequately validate user input thereby allowing user to access restricted site via hex encoded URLs
2002-09-26 2001-09-20 2002-09-26 VU#794211 Pi-Soft SpoonFTP does not adequately validate user input thereby allowing directory traversal
2002-09-26 2001-12-31 2002-09-26 VU#764027 zml.cgi does not adequately validate user input thereby allowing directory traversal
2002-09-26 2001-12-15 2002-09-26 VU#672419 Unix Manual PHP-Script does not adequately validate user input thereby allowing arbitrary command execution
2002-09-26 2001-04-23 2002-09-26 VU#951632 WebCalendar does not adequately validate user input

Sponsored by CISA.

Download PGP Key

Read CERT/CC Blog

Learn about Vulnerability Analysis