search menu icon-carat-right cmu-wordmark
Carnegie Mellon University

Software Engineering Institute

CERT Coordination Center

CERT/CC Vulnerability Notes Database


Published Public Updated ID CVSS Title
2004-11-03 2004-11-03 2004-11-03 VU#107998 MailPost vulnerable to cross-site scripting in the 'append' variable passed to the file as part of an HTTP GET request
2004-11-03 2004-11-03 2004-11-03 VU#596046 MailPost vulnerable to cross-site scripting via an executable requested with a trailing slash appended to the filename
2004-10-01 2004-09-15 2004-11-02 VU#825374 GdkPixbuf BMP parser may enter an infinite loop
2004-10-01 2004-09-15 2004-11-01 VU#729894 GdkPixbuf XPM parser contains a heap overflow vulnerability
2004-10-01 2004-09-15 2004-11-01 VU#577654 GdkPixbuf ICO parser contains an integer overflow vulnerability
2004-10-18 2004-10-13 2004-10-28 VU#630720 Microsoft Internet Explorer fails to honor "Drag and Drop" zone security preference
2004-02-02 2003-09-10 2004-10-28 VU#413886 Microsoft Internet Explorer allows mouse events to manipulate window objects and perform "drag and drop" operations
2004-09-14 2004-08-18 2004-10-28 VU#526089 Microsoft Internet Explorer treats arbitrary files as images for drag and drop operations
2004-10-01 2004-09-15 2004-10-28 VU#369358 GdkPixbuf XPM parser contains a stack overflow vulnerability
2004-09-10 2001-10-21 2004-10-27 VU#490708 0 Microsoft Internet Explorer window.createPopup() method creates chromeless windows
2004-10-19 2004-09-18 2004-10-27 VU#424358 sudoedit can expose protected file contents
2004-09-17 2004-09-14 2004-10-26 VU#113192 Mozilla allows signed scripts calling "enablePrivilege" to change contents of a "grant" dialog
2004-10-22 2004-08-25 2004-10-25 VU#981134 Linux kernel USB drivers do not initialize kernel memory properly
2004-10-21 2004-10-12 2004-10-22 VU#203126 0 Microsoft IIS contains vulnerability in NNTP service
2004-10-19 2004-10-12 2004-10-21 VU#795720 Microsoft Internet Explorer does not properly handle cached HTTPS contents

Sponsored by CISA.

Download PGP Key

Read CERT/CC Blog

Learn about Vulnerability Analysis