search menu icon-carat-right cmu-wordmark
Carnegie Mellon University

Software Engineering Institute

CERT Coordination Center

CERT/CC Vulnerability Notes Database


Published Public Updated ID CVSS Title
2002-04-02 2002-04-01 2004-02-23 VU#640827 IBM AIX Parallel Systems Support Program (PSSP) contains vulnerability in File Collections subsystem allowing arbitrary access to sensitive configuration files
2002-04-01 2001-09-17 2002-05-03 VU#657899 Lotus Notes does not adequately secure databases thereby permitting arbitrary user to extract file attachments via NSFDbReadObject function call
2002-03-29 2002-01-13 2003-05-08 VU#626395 Microsoft Internet Explorer Permits Remote Command Execution Through <OBJECT> Tag
2002-03-29 2001-04-13 2002-07-30 VU#125235 Apache Web Server vulnerable to DoS via crafted HTTP request
2002-03-29 2001-06-26 2002-03-29 VU#121099 ypbind contains buffer overflow
2002-03-29 2001-06-19 2004-02-23 VU#219043 Netwin Surge FTP Server does not adequately validate user input thereby allowing directory traversal
2002-03-29 2001-05-29 2002-03-29 VU#233200 GnuPG contains format-string vulnerability in handling of encrypted data filename
2002-03-29 2001-05-07 2002-03-29 VU#132099 Jana Server does not adequately validate user input thereby allowing directory traversal
2002-03-29 1999-08-21 2002-03-29 VU#12746 Microsoft scriptlet.typlib ActiveX object unsafe for scripting from Internet Explorer
2002-03-29 2002-03-29 2002-03-29 VU#585123 Microsoft Internet Explorer does not adequately evaluate malformed URLs
2002-03-28 2002-02-19 2002-07-29 VU#619707 Microsoft SQL Server contains buffer overflows in openrowset and opendatasource macros
2002-03-28 2002-02-12 2003-12-09 VU#726187 HP-UX kernel specifies incorrect arguments for setrlimit()
2002-03-15 1999-08-23 2002-05-03 VU#634847 XDMCP leaks sensitive information by default configuration
2002-03-13 2002-01-10 2003-07-02 VU#611776 Oracle9i Application Server PL/SQL Gateway web administration interface uses null authentication by default
2002-03-12 2002-01-10 2002-03-15 VU#313280 Oracle9i Application Server Apache PL/SQL module vulnerable to buffer overflow via HTTP Location header

Sponsored by CISA.

Download PGP Key

Read CERT/CC Blog

Learn about Vulnerability Analysis