search menu icon-carat-right cmu-wordmark
Carnegie Mellon University

Software Engineering Institute

CERT Coordination Center

CERT/CC Vulnerability Notes Database


Published Public Updated ID CVSS Title
2002-10-01 2001-12-17 2002-10-02 VU#328163 Microsoft Windows XMLHTTP component allows remote access to local data sources
2002-08-05 2001-12-17 2003-04-11 VU#157795 Magic Enterprise contains multiple shell scripts that allow arbitrary file overwriting via symlink redirection of temporary file
2002-09-26 2001-12-15 2002-09-26 VU#672419 Unix Manual PHP-Script does not adequately validate user input thereby allowing arbitrary command execution
2002-01-09 2001-12-13 2002-03-15 VU#758483 Oracle9i Application Server Apache PL/SQL module does not properly decode URL
2002-09-24 2001-12-13 2002-09-24 VU#413875 EFTP does not adequately validate user input thereby allowing directory traversal
2002-01-03 2001-12-13 2002-03-15 VU#500203 Oracle9i Application Server Apache PL/SQL module vulnerable to buffer overflow via help page request
2001-12-14 2001-12-13 2002-06-07 VU#443699 Microsoft Internet Explorer Does Not Respect Content-Disposition and Content-Type MIME Headers
2001-12-14 2001-12-13 2002-01-03 VU#457787 Microsoft Internet Explorer download dialog may not display complete filenames
2001-12-12 2001-12-12 2002-04-11 VU#569272 System V derived login contains a remotely exploitable buffer overflow
2002-09-27 2001-12-05 2002-09-27 VU#960267 Microsoft Windows 2000 fails to apply Group Policy to clients when policy file has been opened using exclusive read access (MS02-016)
2001-12-04 2001-12-04 2002-01-02 VU#157447 OpenSSH UseLogin directive permits privilege escalation
2002-09-24 2001-12-01 2002-09-24 VU#597795 Easynews does not adequately validate user input thereby disclosing server installation path via crafted URL request
2001-12-04 2001-11-30 2001-12-04 VU#332299 Lotus Domino R5 Server vulnerable to DoS via nmap RPC scan on port 443/tcp
2002-09-27 2001-11-29 2003-09-18 VU#220715 Alchemy Eye HTTP Server does not adequately validate user input thereby allowing remote command execution
2002-03-04 2001-11-29 2002-04-16 VU#936683 Multiple implementations of the RADIUS protocol do not adequately validate the vendor-length of the vendor-specific attributes

Sponsored by CISA.

Download PGP Key

Read CERT/CC Blog

Learn about Vulnerability Analysis