search menu icon-carat-right cmu-wordmark
Carnegie Mellon University

Software Engineering Institute

CERT Coordination Center

CERT/CC Vulnerability Notes Database


Published Public Updated ID CVSS Title
2002-02-28 2002-02-06 2002-03-15 VU#923395 Oracle9i Application Server Apache PL/SQL module vulnerable to buffer overflow via cache directory name
2002-02-28 2002-02-06 2002-03-15 VU#659043 Oracle9i Application Server Apache PL/SQL module vulnerable to buffer overflow via Database Access Descriptor password
2005-03-22 2002-02-02 2005-08-01 VU#273262 Multiple web browsers vulnerable to spoofing via Internationalized Domain Name support
2002-09-16 2002-01-25 2002-09-16 VU#800635 rsync fails to properly handle negative values specified for signed integers thereby allowing remote command execution
2002-05-30 2002-01-24 2007-05-10 VU#153043 SquirrelMail compose.php script does not adequately validate input thereby allowing arbitrary user to send messages
2001-09-26 2002-01-17 2002-07-31 VU#361600 Web-based email services filtering systems vulnerable to malicous script execution
2002-09-16 2002-01-16 2002-09-16 VU#221683 Input-validation vulnerability in PHP-Nuke allows arbitrary command execution via request for remote web site
2002-01-16 2002-01-16 2002-01-16 VU#185251 cgiemail web-based email system does not adequately validate user input thereby causing buffer overflow in cgisco.c
2002-03-29 2002-01-13 2003-05-08 VU#626395 Microsoft Internet Explorer Permits Remote Command Execution Through <OBJECT> Tag
2002-02-27 2002-01-10 2002-03-12 VU#717827 Multiple Oracle 9iAS sample pages contain vulnerabilities
2002-03-12 2002-01-10 2002-03-12 VU#736923 Oracle 9iAS SOAP components allow anonymous users to deploy applications by default
2002-02-27 2002-01-10 2002-02-27 VU#712723 Oracle 9iAS default configuration uses well-known default passwords
2002-03-13 2002-01-10 2003-07-02 VU#611776 Oracle9i Application Server PL/SQL Gateway web administration interface uses null authentication by default
2002-03-12 2002-01-10 2003-04-09 VU#168795 Oracle 9iAS allows anonymous remote users to view sensitive Apache services by default
2002-09-18 2002-01-10 2002-09-18 VU#806091 Mike Spice's My Calendar does not adequately validate user input

Sponsored by CISA.

Download PGP Key

Read CERT/CC Blog

Learn about Vulnerability Analysis