search menu icon-carat-right cmu-wordmark
Carnegie Mellon University

Software Engineering Institute

CERT Coordination Center

CERT/CC Vulnerability Notes Database


Published Public Updated ID CVSS Title
2004-09-10 2001-10-21 2004-10-27 VU#490708 0 Microsoft Internet Explorer window.createPopup() method creates chromeless windows
2004-10-01 2004-09-15 2004-10-28 VU#369358 GdkPixbuf XPM parser contains a stack overflow vulnerability
2004-09-14 2004-08-18 2004-10-28 VU#526089 Microsoft Internet Explorer treats arbitrary files as images for drag and drop operations
2004-02-02 2003-09-10 2004-10-28 VU#413886 Microsoft Internet Explorer allows mouse events to manipulate window objects and perform "drag and drop" operations
2004-10-18 2004-10-13 2004-10-28 VU#630720 Microsoft Internet Explorer fails to honor "Drag and Drop" zone security preference
2004-10-01 2004-09-15 2004-11-01 VU#577654 GdkPixbuf ICO parser contains an integer overflow vulnerability
2004-10-01 2004-09-15 2004-11-01 VU#729894 GdkPixbuf XPM parser contains a heap overflow vulnerability
2004-10-01 2004-09-15 2004-11-02 VU#825374 GdkPixbuf BMP parser may enter an infinite loop
2004-11-03 2004-11-03 2004-11-03 VU#596046 MailPost vulnerable to cross-site scripting via an executable requested with a trailing slash appended to the filename
2004-11-03 2004-11-03 2004-11-03 VU#107998 MailPost vulnerable to cross-site scripting in the 'append' variable passed to the file as part of an HTTP GET request
2004-11-03 2004-11-03 2004-11-03 VU#306086 MailPost vulnerable file system information disclosure via HTTP GET request
2004-11-03 2004-11-03 2004-11-03 VU#858726 MailPost discloses sensitive system information when operating in debug mode
2004-11-04 2004-11-01 2004-11-04 VU#702086 Multiple web browsers do not properly interpret BASE and FORM elements when displaying URLs in the status bar
2004-11-04 2004-11-02 2004-11-05 VU#960454 Microsoft Internet Explorer does not properly interpret IFRAME elements when displaying URLs in the status bar
2004-11-04 2004-10-28 2004-11-05 VU#925430 Multiple web browsers do not properly interpret TABLE elements when displaying URLs in the status bar

Sponsored by CISA.

Download PGP Key

Read CERT/CC Blog

Learn about Vulnerability Analysis