|
Jan 9 2002
|
Allaire Forums Web Bulletin Board Authentication Flaw Lets Remote Users Impersonate Other Users on the Board
|
|
Jan 9 2002
|
PGP Outlook Plug-in May Automatically and Silently Store Certain Messages to Disk in Decrypted Form
|
|
Jan 8 2002
|
(A User Has Provided a Solution) Re: ActivePerl for Windows Discloses Directory Path Location to Remote Users
|
|
Jan 7 2002
|
(Vendor Responds to Say This is Due to a Major User Misconfiguration) Re: Apache Web Server in Virtual Hosting Mode Can Be Crashed By a Local User Removing a Log Directory
|
|
Jan 7 2002
|
ICQ Messaging Client Buffer Overflow Lets Remote Users Execute Arbitrary Code on the User's Host
|
|
Jan 7 2002
|
FAQManager Perl-based FAQ Page Management Software Discloses Files on the Server to Remote Users
|
|
Jan 7 2002
|
Microsoft Internet Explorer Can Be Crashed By Remote Users With Javascript That Calls an Endless Loop of Modeless Dialogs
|
|
Jan 7 2002
|
Apache Web Server in Virtual Hosting Mode Can Be Crashed By a Local User Removing a Log Directory
|
|
Jan 6 2002
|
BrowseFTP File Transfer Client Buffer Overflow Lets Malicious FTP Server Execute Arbitrary Code on the Client
|
|
Jan 4 2002
|
Microsoft Internet Explorer (IE) May Allow Malicious Javascript to Poll a User's System for Known Files
|
|
Jan 4 2002
|
PHP.EXE Windows CGI for Apache Web Server May Let Remote Users View Files on the Server Due to Configuration Error
|
|
Jan 3 2002
|
(AOL Issues Server-Side Fix) Re: AOL Instant Messenger (AIM) Buffer Overflow Lets Remote Users Execute Arbitrary Code and Gain Full Control of the AIM User's Computer
|
|
Jan 2 2002
|
(Additional Details Are Provided) Re: AOL Instant Messenger (AIM) Buffer Overflow Lets Remote Users Execute Arbitrary Code and Gain Full Control of the AIM User's Computer
|
|
Jan 2 2002
|
AOL Instant Messenger (AIM) Buffer Overflow Lets Remote Users Execute Arbitrary Code and Gain Full Control of the AIM User's Computer
|
|
Jan 2 2002
|
Microsoft Internet Explorer GetObject() Active Scripting Bug Lets Remote Code Access Files on the PC
|
|
Jan 1 2002
|
(A User Provides a Workaround) Re: ActivePerl for Windows Discloses Directory Path Location to Remote Users
|
|
Dec 30 2001
|
(Vendor Indicates That Fix Has Been Available for Several Months) Re: PGP Plug-in For Microsoft Outlook May Fail to Encrypt E-mail in Certain Situations
|
|
Dec 29 2001
|
ActivePerl for Windows Discloses Directory Path Location to Remote Users
|
|
Dec 28 2001
|
DeleGate Proxy Server Allows Cross-Site Scripting Attacks
|
|
Dec 27 2001
|
Stunnel Secure Tunneling Program Format String Flaw Allows Remote Malicious Stunnel Servers to Crash the Tunnel and May Allow Remote Malicious Servers to Execute Arbitrary Commands on the Peer Host
|
|
Dec 24 2001
|
Microsoft Internet Explorer Web Browser Can Be Crashed By Malicious Image Source Tag Javascript Supplied By Remote Users
|
|
Dec 24 2001
|
Microsoft Internet Explorer (IE) Text Form Processing Flaw May Cause IE to Crash
|
|
Dec 23 2001
|
PGP Plug-in For Microsoft Outlook May Fail to Encrypt E-mail in Certain Situations
|
|
Dec 23 2001
|
Microsoft Internet Explorer Web Browser SSL Security Flaw Lets Remote Users Conduct Man-in-the-Middle Attacks to Access Sensitive Information
|
|
Dec 22 2001
|
Microsoft Excel Password Protection Flaw Lets Local Users Obtain Contents of Password-Protect Cells
|
|
Dec 22 2001
|
Mozilla Web Browser Can Be Crashed By Malicious Image Source Tag Javascript Supplied By Remote Users
|
|
Dec 17 2001
|
(Vendor Patch Fails to Block 'application/hta' Content Types) Re: Microsoft Internet Explorer (IE 6) Browser May Automatically and Silently Execute Arbitrary Code from a Remote Web Site When the User Views a Web Page or HTML-based E-mail
|
|
Dec 15 2001
|
Microsoft Internet Explorer Version 6 Lets Remote Scripts Access and Send Local Files
|
|
Dec 14 2001
|
Microsoft Internet Explorer (IE 6) Browser May Automatically and Silently Execute Arbitrary Code from a Remote Web Site When the User Views a Web Page or HTML-based E-mail
|
|
Dec 14 2001
|
(Microsoft Issues Fix) Microsoft Internet Explorer May Execute Javascript Contained Within an 'About:' URL in an Unauthorized Security Domain When the URL Contains an Extraneous '%' Character
|
|
Dec 14 2001
|
(Microsoft Issues Fix) Microsoft Internet Explorer Allows Malicious Web Pages to Spoof Downloadable File Types And Execute Code on the User's Computer When Opened Directly from the Browser
|
|
Dec 13 2001
|
Citrix ICA Client for Windows Allows Remote Malicious Code to Execute on a User's PC Without Warning
|
|
Dec 12 2001
|
Microsoft Internet Explorer May Execute Javascript Contained Within an 'About:' URL in an Unauthorized Security Domain When the URL Contains an Extraneous '%' Character
|
|
Dec 11 2001
|
CSVForm Perl Script Input Validation Bug Lets Remote Users Execute Arbitrary Code With the Privileges of the Web Server
|
|
Dec 7 2001
|
Red Faction Game Server Can Be Crashed By Remote Users
|
|
Dec 7 2001
|
(Vendor Issues Patch) Re: Allaire's JRun Java Server May Issue Duplicate Session IDs in Certain Cases, Potentially Allowing a Remote User to Act as Another User
|
|
Dec 3 2001
|
Microsoft Internet Explorer Can Be Crashed By Malicious Javascript Causing a Stack Overflow in setTimeout() Function
|
|
Dec 1 2001
|
Easynews PHP Script Lets Remote Users Modify The News Database and Discloses the Administrator Password to Local Users
|
|
Dec 1 2001
|
RhinoSoft FTP Serv-U Remote Administration Client Discloses Administrator Passwords When Using S/KEY One-Time Passwords
|
|
Nov 29 2001
|
CoolSoft's PowerFTP Server Discloses Any File on the System to Remote Users and Can Be Crashed By Remote Users
|
|
Nov 28 2001
|
Allaire's JRun Java Server May Issue Duplicate Session IDs in Certain Cases, Potentially Allowing a Remote User to Act as Another User
|
|
Nov 26 2001
|
Microsoft Internet Explorer Fails to Enforce Cookie Prompting Preferences for Local Security Zone
|
|
Nov 26 2001
|
Microsoft Internet Explorer Allows Malicious Web Pages to Spoof Downloadable File Types And Execute Code on the User's Computer When Opened Directly from the Browser
|
|
Nov 26 2001
|
Microsoft Internet Explorer ActiveX Flaw Permits Remote Malicious HTML Code Containing an 'htmlfile' or 'htmlfile_FullWindowEmbed' Object to Access Local Files and Potentially Execute Commands
|
|
Nov 23 2001
|
Outlook Express Secure Password Authentication Method is Vulnerable to Man-in-the-Middle Attacks
|
|
Nov 22 2001
|
Yahoo Messenger Instant Messaging Client Uses Weak Authentication Allowing a Remote User to Gain Access to Another User's Account
|
|
Nov 22 2001
|
Opera Web Browser May Disclose Passwords Typed into an HTML Form to Local Users
|
|
Nov 16 2001
|
(A User Provides Additional Details) Re: Opera Web Browser May Disclose Web Pages, Cookies, and Links from a Separate Domain to a Remote Server Running Malicious Javascript Code
|
|
Nov 15 2001
|
Opera Web Browser May Disclose Web Pages, Cookies, and Links from a Separate Domain to a Remote Server Running Malicious Javascript Code
|
|
Nov 9 2001
|
(Vendor Issues Fix) Re: 602Pro LAN SUITE Internet Sharing Software Can Be Crashed Via the Network
|
|
Nov 5 2001
|
Microsoft Passport May Disclose Wallet Contents, Including Credit Card and Contact Information, to Remote Users
|
|
Oct 30 2001
|
Leoboard Bulletin Board Cookie Input Validation Flaw Lets Remote Users Write to Files on the System
|
|
Oct 30 2001
|
Ikonboard Bulletin Board Cookie Input Validation Flaw Lets Remote Users Write to Files on the System
|
|
Oct 30 2001
|
Seth Leonard's Post It! CGI Script Meta-Character Filtering Hole Lets Remote Users Execute Arbitrary Shell Commands on the Web Server
|
|
Oct 30 2001
|
Seth Leonard's Book of Guests CGI Script Meta-Character Filtering Hole Lets Remote Users Execute Arbitrary Shell Commands on the Web Server
|
|
Oct 23 2001
|
Hotmail E-mail Service Allows Malicious Javascript to be Passed via the HTML Image Tag and Executed on the User's Browser
|
|
Oct 23 2001
|
Sun Java Runtime Environment (JRE) Flaw May Let Malicious Applets Gain Unauthorized Access to the System Clipboard
|
|
Oct 20 2001
|
Mozilla Browser Will Return HTTP Cookies to an FTP Server at the Same Domain as the HTTP Server, Which Could Be a Different Domain if the HTTP Server is Hosting Virtual Domains
|
|
Oct 19 2001
|
Several Network Looking Glass Scripts Disclose Potentially Sensitive Information About the Network to Remote Users
|
|
Oct 14 2001
|
(Apache Issues a Fix) Re: Apache Web Server Virtual Hosting Split-Logfile Function Lets Remote Users Write Log Entries to Arbitrary Files on the System
|
|
Oct 14 2001
|
(Apache Issues Fix) Re: Apache Web Server May Disclose Directory Contents Even If an Index.html File is Present in the Directory
|
|
Oct 14 2001
|
(Apache Issues Fix) Re: Apache Web Server for Windows Lets Remote Users Crash the Web Server Application
|
|
Oct 14 2001
|
Apache Web Server Virtual Hosting Split-Logfile Function Lets Remote Users Write Log Entries to Arbitrary Files on the System
|
|
Oct 10 2001
|
Advanced Poll PHP-based Voting/Polling Software Gives Remote Users Administrative Access to the Application
|
|
Oct 7 2001
|
thatphpware PHP-based Web Portal Software Allows Remote Users to Execute Arbitrary Code
|
|
Sep 21 2001
|
Half-Life Gaming Server Can Execute Arbitrary Code on the Client
|
|
Sep 11 2001
|
Hotmail Web E-mail Service Allows Remote Users to Cause Malicious Javascript to be Executed by the Recipient's Browser, Potentially Stealing Authentication Cookies
|
|
Sep 7 2001
|
Directory Manager PHP Application Lets Remote Users Execute Commands on the Server
|
|
Aug 27 2001
|
Java Plug-in Fails to Recognize Expired Certificates, Giving Applets With Expired Certificates Access to the System
|
|
Jul 13 2001
|
Apache Web Server May Disclose Directory Contents Even If an Index.html File is Present in the Directory
|
|
Jun 16 2001
|
vBulletin Bulletin Board Software Lets Remote Users Cause Other Users to Execute Bulletin Board CGI Commands Without Warning
|
|
Jun 14 2001
|
(Another Similar Vulnerability is Reported) Re: Tomcat Java Server Reveals Script Source Code to Remote Users
|
|
Jun 13 2001
|
(Exploit Code Released) Re: Apache Web Server May Display Directory Index Listings Even if Directory Listings Are Disabled
|
|
Jun 1 2001
|
Microsoft Hotmail May Allow a Worm to Send Mail to Other Destinations Listed in a Remote User's Inbox
|
|
Jun 1 2001
|
Yahoo Mail May Allow a Worm to Send Mail to Other Destinations Listed in a Remote User's Inbox
|
