search menu icon-carat-right cmu-wordmark
Carnegie Mellon University

Software Engineering Institute

CERT Coordination Center

CERT/CC Vulnerability Notes Database


Published Public Updated ID CVSS Title
2001-08-21 2000-11-22 2001-08-21 VU#227312 Aladdin Ghostscript creates insecure temporary files allowing a local user to create symbolic links to other files
2002-09-27 2000-11-22 2002-09-27 VU#675320 Microsoft Windows Media Player buffer overflow in Active Stream Redirector (.asx) file parser
2001-05-01 2000-11-21 2001-06-26 VU#818496 Microsoft Windows 2000 Workstation in mixed-mode domain may ignore domain account lockout restriction due to flaw in NTLM authentication
2000-12-22 2000-11-20 2002-03-05 VU#671444 Input validation error in quikstore.cgi allows attackers to execute commands
2001-05-10 2000-11-19 2001-06-19 VU#197477 AT&T WinVNC allows user access to passwords and configuration via weak registry permissions
2000-11-13 2000-11-13 2001-03-28 VU#626919 Race condition in periodic
2002-09-27 2000-11-10 2002-09-27 VU#829845 Microsoft Windows 2000 Indexing Services enumerates local file locations via ixsso.query ActiveX object
2001-08-15 2000-11-08 2001-08-15 VU#570330 MS Windows NT Terminal Server 4.0 buffer overflow in regapi.dll allows remote code execution or DoS
2001-05-11 2000-11-07 2002-01-25 VU#198355 ISC BIND 8.2.2-P6 vulnerable to DoS when processing SRV records, aka the "srv bug"
2000-11-10 2000-11-07 2001-08-08 VU#715973 ISC BIND 8.2.2-P6 vulnerable to DoS via compressed zone transfer, aka the "zxfr bug"
2001-08-21 2000-11-04 2001-08-21 VU#960877 Red Hat linux restore uses insecure environment variables allowing root compromise
2002-05-23 2000-11-02 2002-05-23 VU#183397 Microsoft Windows 2000 System Monitor ActiveX Control contains buffer overflow
2004-04-30 2000-11-01 2006-02-03 VU#540517 libgcc contains multiple flaws that allow integer type range vulnerabilities to occur at runtime
2001-08-21 2000-10-31 2001-08-21 VU#153653 Linux dump uses environment variables insecurely, allowing for root compromise
2000-10-27 2000-10-27 2002-03-05 VU#28027 Distributed GL Daemon (DGLD) allows attackers to identify IRIX systems

Sponsored by CISA.

Download PGP Key

Read CERT/CC Blog

Learn about Vulnerability Analysis