search menu icon-carat-right cmu-wordmark
Carnegie Mellon University

Software Engineering Institute

CERT Coordination Center

CERT/CC Vulnerability Notes Database


Published Public Updated ID CVSS Title
2000-12-19 2000-12-09 2001-01-11 VU#426273 KTH Kerberos filesystem race condition on tickets stored in /tmp
2000-12-19 2000-12-09 2001-01-11 VU#602625 KTH Kerberos environment variables krb4proxy and KRBCONFDIR may be used insecurely
2000-12-12 2000-12-10 2000-12-12 VU#17566 sysback makes call to hostname without a fully qualified path specification
2002-04-05 2000-12-12 2002-04-05 VU#474592 AOL Instant Messenger contains buffer overflows in parsing of AIM URI handler requests
2001-01-05 2000-12-19 2001-08-30 VU#446689 Check Point FireWall-1 allows fragmented packets through firewall if Fast Mode is enabled
2001-10-08 2000-12-20 2001-10-08 VU#570952 Redhat Linux diskcheck.pl creates predictable temporary file and fails to check for existing symbolic link of same name
2004-03-29 2000-12-20 2004-03-31 VU#463944 Cisco Catalyst reboots in response to an SSH "protocol mismatch" error
2001-01-18 2000-12-21 2001-07-18 VU#124352 HP-UX kermit contains local buffer overflow that allows denial-of-service
2001-07-09 2000-12-22 2001-07-09 VU#610904 Oracle Internet Directory LDAP Daemon does not check write permissions properly
2001-05-17 2000-12-29 2001-06-20 VU#475645 Macromedia Flash plug-in contains buffer overflow
2002-09-27 2001-01-01 2003-03-26 VU#879920 Microsoft Windows Media Player ActiveX control allows execution of javascript in "already open" frames
2002-04-02 2001-01-04 2002-04-08 VU#496064 ibrow NewsDesk does not securely handle input passed to open()
2001-01-10 2001-01-05 2001-01-10 VU#590487 Lotus Domino vulnerable to directory traversal, aka "Domino Server Directory Transversal Vulnerability"
2001-05-17 2001-01-05 2001-06-20 VU#451096 Oliver Debon Flash plug-in vulnerable to buffer overflow processing incorrectly formatted sound file
2001-06-15 2001-01-08 2001-08-07 VU#264272 Microsoft Internet Information Server (IIS) discloses contents of files via crafted request containing "%3F+.htr"

Sponsored by CISA.

Download PGP Key

Read CERT/CC Blog

Learn about Vulnerability Analysis