search menu icon-carat-right cmu-wordmark
Carnegie Mellon University

Software Engineering Institute

CERT Coordination Center

CERT/CC Vulnerability Notes Database


Published Public Updated ID CVSS Title
2002-05-16 2002-04-05 2002-05-16 VU#772915 Computer Associates MLink "mllock" command vulnerable to buffer overflow via long string of characters
2002-05-06 2002-05-05 2002-05-14 VU#635811 Sun Solaris cachefsd vulnerable to heap overflow in cfsd_calloc() function via long string of characters
2002-05-09 2002-04-30 2002-05-13 VU#161931 Sun Solaris cachefsd vulnerable to stack overflow in fscache_setup() function
2002-05-08 2002-04-08 2002-05-08 VU#744139 AOL Instant Messenger installer adds "http://free.aol.com" to Trusted Sites Zone in Microsoft Internet Explorer
2002-03-15 1999-08-23 2002-05-03 VU#634847 XDMCP leaks sensitive information by default configuration
2002-04-01 2001-09-17 2002-05-03 VU#657899 Lotus Notes does not adequately secure databases thereby permitting arbitrary user to extract file attachments via NSFDbReadObject function call
2002-04-30 2002-04-29 2002-05-02 VU#638099 rpc.rwalld contains remotely exploitable format string vulnerability
2001-01-29 2001-01-29 2002-05-01 VU#196945 ISC BIND 8 contains buffer overflow in transaction signature (TSIG) handling code
2001-01-29 2001-01-29 2002-05-01 VU#325431 Queries to ISC BIND servers may disclose environment variables
2001-01-29 2001-01-29 2002-05-01 VU#572183 ISC BIND 4 contains buffer overflow in nslookupComplain()
2001-12-20 2001-08-17 2002-04-30 VU#860296 CDE dtprintinfo contains local buffer overflow in Help window via clipboard copy
2002-04-26 2002-04-25 2002-04-26 VU#820083 sudo vulnerable to heap corruption via -p parameter
2002-03-01 2002-02-27 2002-04-22 VU#234971 mod_ssl and Apache_SSL modules contain a buffer overflow in the implementation of the OpenSSL "i2d_SSL_SESSION" routine
2001-07-24 2001-07-18 2002-04-16 VU#745371 Multiple vendor telnet daemons vulnerable to buffer overflow via crafted protocol options
2002-03-04 2001-11-29 2002-04-16 VU#936683 Multiple implementations of the RADIUS protocol do not adequately validate the vendor-length of the vendor-specific attributes

Sponsored by CISA.

Download PGP Key

Read CERT/CC Blog

Learn about Vulnerability Analysis