search menu icon-carat-right cmu-wordmark
Carnegie Mellon University

Software Engineering Institute

CERT Coordination Center

CERT/CC Vulnerability Notes Database


Published Public Updated ID CVSS Title
2002-09-27 2002-02-21 2002-09-27 VU#462451 Microsoft Internet Explorer allows read access to local files via incorrect VBScript handling
2002-06-05 2002-02-21 2002-10-24 VU#887319 Yahoo! Messenger contains buffer overflow in "IMvironment" field
2002-06-05 2002-02-21 2002-06-05 VU#952875 Yahoo! Messenger is vulnerable to DoS via multiple messages from spoofed names
2002-06-05 2002-02-21 2002-06-10 VU#393195 Yahoo! Messenger allows arbitrary users to be added to buddy list without proper authorization
2002-10-15 2002-02-22 2002-10-16 VU#868219 Multiple vendors' HTTP content/virus scanners do not check data tunneled via HTTP CONNECT method
2002-03-01 2002-02-25 2002-07-05 VU#230307 0 Linux kernel netfilter IRC DCC helper module creates overly permissive firewall rules
2002-06-05 2002-02-26 2002-06-05 VU#755755 Yahoo! Messenger contains a buffer overflow in "set_buddygrp" when adding users to a buddy list via the web
2002-03-04 2002-02-27 2002-03-05 VU#310387 Cisco IOS discloses fragments of previous packets when Express Forwarding is enabled
2002-03-01 2002-02-27 2002-04-22 VU#234971 mod_ssl and Apache_SSL modules contain a buffer overflow in the implementation of the OpenSSL "i2d_SSL_SESSION" routine
2002-02-27 2002-02-27 2002-02-27 VU#297363 PHP contains vulnerability in "php_mime_split" function allowing arbitrary code execution
2002-09-27 2002-02-27 2003-10-09 VU#874115 Microsoft Windows SMTP Service fails to properly handle responses from the NTLM authentication layer
2002-06-13 2002-02-28 2002-06-13 VU#132011 Snitz Forums 2000 vulnerable to cross-site scripting via crafted IMG tag
2002-06-11 2002-03-01 2002-06-19 VU#912659 AOL Instant Messenger vulnerable to denial-of-service attack via buddy list transfers
2002-06-11 2002-03-01 2002-06-13 VU#259435 AOL Instant Messenger vulnerable to buffer overflow via crafted "addbuddy" URI sent in message
2002-03-03 2002-03-02 2004-02-23 VU#165099 cryptcat does not encrypt data communications when -e command argument is used

Sponsored by CISA.

Download PGP Key

Read CERT/CC Blog

Learn about Vulnerability Analysis