search menu icon-carat-right cmu-wordmark

CERT Coordination Center

CERT/CC Vulnerability Notes Database


Published Public Updated ID CVSS Title
2001-05-10 2000-11-19 2001-06-19 VU#197477 AT&T WinVNC allows user access to passwords and configuration via weak registry permissions
2000-12-22 2000-11-20 2002-03-05 VU#671444 Input validation error in quikstore.cgi allows attackers to execute commands
2001-05-01 2000-11-21 2001-06-26 VU#818496 Microsoft Windows 2000 Workstation in mixed-mode domain may ignore domain account lockout restriction due to flaw in NTLM authentication
2002-09-27 2000-11-22 2002-09-27 VU#675320 Microsoft Windows Media Player buffer overflow in Active Stream Redirector (.asx) file parser
2001-08-21 2000-11-22 2001-08-21 VU#227312 Aladdin Ghostscript creates insecure temporary files allowing a local user to create symbolic links to other files
2001-08-21 2000-11-22 2001-08-22 VU#704976 Aladdin Ghostscript LD_RUN_PATH environment variable allows libraries to be loaded from current directory
2001-05-14 2000-11-28 2006-03-30 VU#959207 Lotus Notes Java VM leaks file existence through timing difference in ECLs
2001-09-28 2000-12-01 2001-09-28 VU#808633 IBM AIX digest buffer overflow in filename argument to command
2001-09-28 2000-12-01 2001-09-28 VU#872257 IBM AIX enq buffer overflow in -M argument
2002-09-27 2000-12-01 2002-09-27 VU#820957 Microsoft Internet Explorer 5.5 print template ActiveX control allows arbitrary command execution
2001-09-28 2000-12-01 2001-09-28 VU#739201 IBM AIX setclock buffer overflow in remote timeserver argument
2001-09-28 2000-12-01 2001-09-28 VU#886953 IBM AIX setsenv buffer overflow
2000-12-21 2000-12-04 2000-12-22 VU#593299 BSD-derived ftpd replydirname() in ftpd.c contains one-byte overflow
2001-08-13 2000-12-07 2002-05-30 VU#363181 OpenSSH disregards client configuration and allows server access to ssh-agent and/or X11 after session negotiation
2000-12-19 2000-12-09 2001-01-11 VU#602625 KTH Kerberos environment variables krb4proxy and KRBCONFDIR may be used insecurely

Sponsored by CISA.