search menu icon-carat-right cmu-wordmark
Carnegie Mellon University

Software Engineering Institute

CERT Coordination Center

CERT/CC Vulnerability Notes Database


Published Public Updated ID CVSS Title
2002-01-04 2002-01-02 2002-07-05 VU#121891 Buffer overflow vulnerability in grpck command line utility
2002-01-04 2002-01-02 2002-07-05 VU#877811 Buffer overflow vulnerability in pwck command line utility
2002-01-03 2002-01-02 2002-01-16 VU#907819 AOL Instant Messenger client for Windows contains a buffer overflow while parsing TLV 0x2711 packets
2002-09-26 2001-12-31 2002-09-26 VU#764027 zml.cgi does not adequately validate user input thereby allowing directory traversal
2002-09-16 2001-12-30 2003-04-15 VU#216227 Vandyke Software SecureCRT contains buffer overflow vulnerability in password handling code
2002-09-24 2001-12-29 2002-09-24 VU#245795 Cherokee Web Server fails to drop privileges after daemon starts
2002-09-24 2001-12-29 2002-09-24 VU#464827 Cherokee Web Server does not adequately validate user input thereby allowing directory traversal
2002-09-24 2001-12-29 2002-09-24 VU#711315 Cherokee Web Server does not adequately validate user input thereby allowing remote command execution
2002-09-24 2001-12-25 2002-09-24 VU#282403 AdCycle does not adequately validate user input thereby allowing for SQL injection
2001-12-20 2001-12-20 2001-12-21 VU#951555 Microsoft Windows Universal Plug and Play (UPNP) service vulnerable to buffer overflow via malformed advertisement packets
2001-12-20 2001-12-20 2001-12-21 VU#411059 Microsoft Windows Universal Plug and Play service (UPNP) fails to limit the data returned in response to a NOTIFY message
2001-12-21 2001-12-20 2002-01-09 VU#700575 Buffer overflows in Microsoft SQL Server 7.0 and SQL Server 2000
2001-12-21 2001-12-19 2003-05-14 VU#598147 Microsoft Internet Explorer does not properly handle document.open()
2001-12-21 2001-12-19 2001-12-21 VU#249491 IBM AIX login fails to adequately authenticate user when configured to use loadable authentication modules
2002-09-24 2001-12-19 2002-09-24 VU#283723 Exim does not adequately validate user input thereby allow execution of arbitrary commands

Sponsored by CISA.

Download PGP Key

Read CERT/CC Blog

Learn about Vulnerability Analysis