search menu icon-carat-right cmu-wordmark
Carnegie Mellon University

Software Engineering Institute

CERT Coordination Center

CERT/CC Vulnerability Notes Database


Published Public Updated ID CVSS Title
2002-06-21 2002-03-19 2002-06-21 VU#636431 Verity's Search97 contains a Cross-Site Scripting vulnerability in the processing of search requests
2001-11-27 2000-08-10 2002-06-20 VU#635463 Microsoft SQL Server and Microsoft Data Engine (MSDE) ship with a null default password
2002-06-11 2002-03-01 2002-06-19 VU#912659 AOL Instant Messenger vulnerable to denial-of-service attack via buddy list transfers
2002-06-18 2002-06-17 2002-06-18 VU#664323 webMathematica discloses the contents of arbitrary files when file is requested using the absolute path
2002-06-04 2002-05-27 2002-06-13 VU#630091 Oracle9i Database TNS Listener vulnerable to buffer overflow via SERVICE_NAME parameter
2002-04-10 2002-04-10 2002-06-13 VU#610291 Microsoft Internet Information Server (IIS) 4.0 and 5.0 buffer overflow in chunked encoding transfer mechanism for ASP
2002-04-10 2002-04-10 2002-06-13 VU#669779 Microsoft Internet Information Server (IIS) 4.0, 5.0, and 5.1 buffer overflow in chunked encoding transfer mechanism for ASP
2002-06-13 2000-03-20 2002-06-13 VU#25716 Chunked encoding post can consume excessive memory on IIS 4.0 webserver
2002-06-11 2002-03-01 2002-06-13 VU#259435 AOL Instant Messenger vulnerable to buffer overflow via crafted "addbuddy" URI sent in message
2002-06-13 2001-09-20 2002-06-13 VU#133771 Lotus Domino Web Server discloses IP address
2002-06-13 2002-02-28 2002-06-13 VU#132011 Snitz Forums 2000 vulnerable to cross-site scripting via crafted IMG tag
2002-06-07 2001-07-09 2002-06-12 VU#797201 tcpdump vulnerable to buffer overflow via improper decoding of AFS RPC (Rx) packets
2002-06-12 2002-06-04 2002-06-12 VU#440275 Microsoft Internet Explorer contains buffer overflow in handling of gopher replies
2002-06-11 2002-05-29 2002-06-11 VU#116963 Apache Tomcat default installation contains sample applications that disclose webroot path
2002-06-05 2002-02-21 2002-06-10 VU#393195 Yahoo! Messenger allows arbitrary users to be added to buddy list without proper authorization

Sponsored by CISA.

Download PGP Key

Read CERT/CC Blog

Learn about Vulnerability Analysis