search menu icon-carat-right cmu-wordmark
Carnegie Mellon University

Software Engineering Institute

CERT Coordination Center

CERT/CC Vulnerability Notes Database


Published Public Updated ID CVSS Title
2000-10-31 1999-09-10 2000-10-31 VU#26924 Wang/Kodak Image Admin ActiveX Control
2000-10-31 1999-09-10 2000-10-31 VU#24839 Wang/Kodak Image Thumbnail ActiveX Control
2001-11-15 1999-08-31 2001-11-15 VU#1673 Eyedog ActiveX control incorrectly marked "safe for scripting"
2002-03-15 1999-08-23 2002-05-03 VU#634847 XDMCP leaks sensitive information by default configuration
2002-03-29 1999-08-21 2002-03-29 VU#12746 Microsoft scriptlet.typlib ActiveX object unsafe for scripting from Internet Explorer
2000-11-02 1999-07-29 2000-11-02 VU#34453 SystemWizard Launch ActiveX Control lacks authentication
2000-12-14 1999-07-29 2001-08-10 VU#3062 Cenroll ActiveX Control allows creation of arbitrary files.
2000-11-02 1999-07-21 2000-11-02 VU#22919 SystemWizard Registry Object ActiveX Control lacks authentication
2001-06-18 1999-05-30 2005-11-15 VU#23495 DNS implementations vulnerable to denial-of-service attacks via malformed DNS queries
2002-06-13 1999-05-19 2002-06-25 VU#13121 Microsoft Remote Access Service API contains buffer overflow vulnerability via phonebook entries
2002-10-01 1999-04-21 2002-10-16 VU#39965 DHTML Edit Control for IE5 allows local files to be uploaded to web server
2006-04-03 1999-04-19 2006-05-02 VU#808921 eBay contains a cross-site scripting vulnerability
2003-09-19 1999-04-03 2003-09-19 VU#41870 Sun Solstice AdminSuite ships with insecure default configuration
2002-05-23 1999-02-22 2002-05-23 VU#28370 Taskpads ActiveX Control incorrectly marked safe-for-scripting
2002-04-29 1999-02-01 2003-03-26 VU#2558 File Transfer Protocol allows data connection hijacking via PASV mode race condition

Sponsored by CISA.

Download PGP Key

Read CERT/CC Blog

Learn about Vulnerability Analysis