search menu icon-carat-right cmu-wordmark
Carnegie Mellon University

Software Engineering Institute

CERT Coordination Center

CERT/CC Vulnerability Notes Database


Published Public Updated ID CVSS Title
2002-09-24 2001-12-01 2002-09-24 VU#597795 Easynews does not adequately validate user input thereby disclosing server installation path via crafted URL request
2002-09-24 2001-12-29 2002-09-24 VU#464827 Cherokee Web Server does not adequately validate user input thereby allowing directory traversal
2002-09-24 2001-12-13 2002-09-24 VU#413875 EFTP does not adequately validate user input thereby allowing directory traversal
2002-09-24 2001-12-19 2002-09-24 VU#283723 Exim does not adequately validate user input thereby allow execution of arbitrary commands
2002-09-24 2001-12-25 2002-09-24 VU#282403 AdCycle does not adequately validate user input thereby allowing for SQL injection
2002-09-24 2001-12-29 2002-09-24 VU#245795 Cherokee Web Server fails to drop privileges after daemon starts
2002-09-24 2001-10-22 2002-09-24 VU#222739 Handspring VisorPhone vulnerable to DoS via SMS image transfer
2002-09-24 2002-04-08 2002-09-24 VU#156123 Microsoft Office Web Components allows arbitary user to determine whether local file exists via Chart component "Load" method
2002-09-20 2002-08-01 2002-09-20 VU#137555 HP Tru64 UNIX "chfn" contains buffer overflow (SSRT2259)
2002-09-13 2002-09-12 2002-09-18 VU#836088 Multiple vendors' email content/virus scanners do not adequately check "message/partial" MIME entities
2002-09-18 2000-02-09 2002-09-18 VU#214555 Multiple vulnerabilities exist within credit card chips thereby allowing malicious user to bypass authentication mechanism
2002-06-04 2001-05-04 2002-09-18 VU#739123 ISC BIND 9 fails to process additional data chains in responses correctly thereby causing the server to fail an internal consistency check
2002-09-18 2002-01-09 2002-09-18 VU#250107 Mike Spice's Vote does not adequately validate user input
2002-09-18 2002-01-10 2002-09-18 VU#806091 Mike Spice's My Calendar does not adequately validate user input
2002-09-18 2001-11-05 2002-09-18 VU#243243 Entrust GetAccess does not validate user input thereby allowing users to read arbitrary files

Sponsored by CISA.

Download PGP Key

Read CERT/CC Blog

Learn about Vulnerability Analysis