search menu icon-carat-right cmu-wordmark
Carnegie Mellon University

Software Engineering Institute

CERT Coordination Center

CERT/CC Vulnerability Notes Database


Published Public Updated ID CVSS Title
2002-05-22 2002-05-15 2002-05-30 VU#686939 Cisco Content Service Switch performs soft reset when XML data is sent to web management interface
2002-05-29 2002-03-08 2002-05-29 VU#970915 Quake II Server performs console variable expansion on client-supplied input values
2002-04-11 2002-03-21 2002-05-28 VU#124003 Apache HTTP Server on Win32 systems does not securely handle input passed to CGI programs
2001-11-21 2001-11-20 2002-05-28 VU#927256 MandrakeSoft Mandrake Linux Apache default configuration enables Perl ProxyPass server on 8200/tcp
2002-05-24 2001-02-26 2002-05-24 VU#201704 Microsoft Windows 2000 Event Viewer contains buffer overflow
2002-05-23 2000-11-02 2002-05-23 VU#183397 Microsoft Windows 2000 System Monitor ActiveX Control contains buffer overflow
2002-05-23 1999-02-22 2002-05-23 VU#28370 Taskpads ActiveX Control incorrectly marked safe-for-scripting
2001-07-18 2001-03-26 2002-05-20 VU#176888 Linux kernel contains race condition via ptrace/procfs/execve
2002-05-16 2002-04-05 2002-05-16 VU#544995 Computer Associates MLink "mclear" command vulnerable to buffer overflow via long string of characters
2002-05-16 2002-04-05 2002-05-16 VU#772915 Computer Associates MLink "mllock" command vulnerable to buffer overflow via long string of characters
2002-05-06 2002-05-05 2002-05-14 VU#635811 Sun Solaris cachefsd vulnerable to heap overflow in cfsd_calloc() function via long string of characters
2002-05-09 2002-04-30 2002-05-13 VU#161931 Sun Solaris cachefsd vulnerable to stack overflow in fscache_setup() function
2002-05-08 2002-04-08 2002-05-08 VU#744139 AOL Instant Messenger installer adds "http://free.aol.com" to Trusted Sites Zone in Microsoft Internet Explorer
2002-03-15 1999-08-23 2002-05-03 VU#634847 XDMCP leaks sensitive information by default configuration
2002-04-01 2001-09-17 2002-05-03 VU#657899 Lotus Notes does not adequately secure databases thereby permitting arbitrary user to extract file attachments via NSFDbReadObject function call

Sponsored by CISA.

Download PGP Key

Read CERT/CC Blog

Learn about Vulnerability Analysis