CERT Vulnerability Notes Database

Published	Public	Updated	ID	Title
2007-12-10	2007-11-27	2008-01-18	VU#232881	Squid remote denial-of-service vulnerability
2008-01-03	2007-11-30	2008-01-03	VU#150249	OpenSSL FIPS Object Module fails to properly generate random seeds
2008-06-25	2007-12-05	2008-06-25	VU#305208	Caucho Resin vulnerable to XSS via "file" parameter to "viewfile"
2008-02-20	2007-12-10	2008-02-25	VU#438395	Samba "send_mailslot()" function buffer overflow
2008-01-25	2007-12-10	2008-04-28	VU#203611	inet_network() off-by-one buffer overflow
2007-12-12	2007-12-11	2007-12-12	VU#520465	Microsoft SMBv2 signing vulnerability
2007-12-14	2007-12-11	2007-12-14	VU#321233	Microsoft DirectX remote code execution
2007-12-12	2007-12-11	2007-12-13	VU#319385	Microsoft Windows Media Format Runtime ASF handling buffer overflow
2008-04-21	2007-12-11	2008-04-21	VU#570089	Microsoft HeartbeatCtl ActiveX control buffer overflow
2007-12-17	2007-12-11	2007-12-19	VU#120593	Meridian Prolog Manager uses weak authentication to store and transmit user credentials
2007-12-11	2007-12-11	2007-12-11	VU#601073	Microsoft Windows Vista privilege escalation vulnerability
2007-12-14	2007-12-11	2007-12-14	VU#804089	Microsoft DirectX SAMI parsing buffer overflow
2008-05-01	2007-12-12	2009-06-09	VU#929656	BGP implementations do not properly handle UPDATE messages
2007-12-14	2007-12-14	2008-01-10	VU#205073	Gesytec Easylon OPC Server fails to properly validate OPC server handles
2007-12-18	2007-12-18	2008-01-07	VU#905292	Apple Safari code execution vulnerability

Software Engineering Institute