search menu icon-carat-right cmu-wordmark
Carnegie Mellon University

Software Engineering Institute

CERT Coordination Center

CERT/CC Vulnerability Notes Database


Published Public Updated ID CVSS Title
2001-08-17 2001-07-02 2001-08-17 VU#672683 Apache Tomcat vulnerable to Cross-Site Scripting via passing of user input directly to default error page
2001-06-19 2001-06-18 2001-08-16 VU#952336 Microsoft Index Server/Indexing Service used by IIS 4.0/5.0 contains unchecked buffer used when encoding double-byte characters
2001-06-28 2001-06-27 2001-08-15 VU#620495 Oracle 8i contains buffer overflow in TNS Listener
2001-08-14 2001-07-02 2001-08-15 VU#888283 TrendMicro InterScan WebManager contains buffer overflow in RegGo.dll
2001-08-15 2000-11-08 2001-08-15 VU#570330 MS Windows NT Terminal Server 4.0 buffer overflow in regapi.dll allows remote code execution or DoS
2001-08-14 2001-08-13 2001-08-14 VU#544555 Microsoft Internet Information Server 4.0 (IIS) vulnerable to DoS when URL redirecting is enabled
2001-05-04 2001-02-14 2001-08-10 VU#268848 Hewlett Packard HP-UX text editors contain buffer overflow
2001-05-03 2001-03-27 2001-08-10 VU#266032 Microsoft Visual Studio VB-TSQL debugger object vbsdicli.exe contains buffer overflow via NewSPID method
2000-12-14 1999-07-29 2001-08-10 VU#3062 Cenroll ActiveX Control allows creation of arbitrary files.
2001-08-10 2000-05-30 2001-08-10 VU#26188 Keys generated with PGP5i batch mode do not contain sufficient randomness on systems that use /dev/random
2001-04-13 1998-04-02 2001-08-10 VU#17215 SGI systems may execute commands embedded in mail messages
2000-11-10 2000-11-07 2001-08-08 VU#715973 ISC BIND 8.2.2-P6 vulnerable to DoS via compressed zone transfer, aka the "zxfr bug"
2001-07-24 2001-07-24 2001-08-07 VU#994851 Microsoft Services for UNIX Telnet server is vulnerable to denial of service via memory leak
2001-07-27 2001-07-05 2001-08-07 VU#898931 Multiple vendors' RADIUS implementations do not adequately validate user input thereby permitting DoS and arbitrary command execution via 'radiusd' daemon
2001-05-25 2000-05-11 2001-08-07 VU#35085 Microsoft Internet Information Server (IIS) discloses contents of files via crafted request for .htr file

Sponsored by CISA.

Download PGP Key

Read CERT/CC Blog

Learn about Vulnerability Analysis