United States   > change
Security at Xerox homeSecurity @ Xerox Home

Responses to US-CERT Advisories

Xerox Responses to CERT Advisories and Vulnerability Notes In these security conscious times, it is important that our customers become familiar with the resources that are available to help answer questions regarding network security for our products. Xerox has established this website specifically to address the topic of network security and to provide regular updates on the status of technical security concerns.

Submit a question or request more information on product security.

July 2002 – April 2007 Xerox Responses to CERT Advisories and Vulnerability Notes

Questions regarding post-April 2007 responses should be sent via e-mail to product security.
CERT Advisory or
Vulnerability Note Number:		Document Title:Sort By:
Revision Date:		File Size:
TA06-053AApple Mac OS X Safari Command Execution VulnerabilityApril 3, 200668 KB
TA06-062AApple Mac Products are Affected by Multiple VulnerabilitiesApril 3, 200668 KB
TA06-081ASendmail Race Condition VulnerabilityJuly 11, 200637 KB
TA06-101AMicrosoft Windows and Internet Explorer Vulnerabilities (MS06-013 through MS06-016)July 14, 200668 KB
TA06-220AMicrosoft Products Contain Multiple Vulnerabilities (MS06-040 through MS06-051)Aug. 15, 200685 KB
TA06-262AMicrosoft Internet Explorer VML Buffer Overflow (MS06-055)Sept. 29, 200687 KB
TA06-283AMicrosoft Updates for Vulnerabilities in Windows, Office, and Internet Explorer (MS06-056 to MS06-065)Nov. 20, 200687 KB
TA06-318AMicrosoft Security Updates for Windows, Internet Explorer, and Adobe Flash (MS06-066 to MS06-071)Nov. 20, 200687 KB
TA05-362AMicrosoft Windows Metafile Handling Buffer OverflowJuly 11, 200685 KB
TA05-347AMicrosoft Internet Explorer Vulnerabilities (MS05-054 & MS05-055)Feb. 27, 200685 KB
TA05-312AMicrosoft Windows Image Processing Vulnerabilities (MS05-053)Feb. 21, 200663 KB
TA05-284AMicrosoft Windows, Internet Explorer, and Exchange Server Vulnerabilities (MS05-044 through MS05-052)May 30, 200680 KB
TA05-012BMicrosoft Windows HTML Help ActiveX Control Cross-Domain Vulnerability (MS05-001)May 13, 2005101 KB
TA04-336AUpdate for Microsoft Internet Explorer HTML Elements Vulnerability (MS04-040)June 13, 2005103 KB
TA04-315ABuffer Overflow in Microsoft Internet ExplorerJune 13, 2005103 KB
TA04-293AMultiple Vulnerabilities in Microsoft Internet Explorer (MS04-038)May 13, 2005101 KB
TA04-260AMicrosoft Windows JPEG component buffer overflowMay 13, 2005101 KB
TA04-217AMultiple Vulnerabilities in libpngMay, 13 200572 KB
TA04-212ACritical Vulnerabilities in Microsoft Windows (MS04-025)June 13, 200587 KB
TA04-184AInternet Explorer Update to Disable ADODB.Stream ActiveX ControlJune 13, 200588 KB
TA04-174AMultiple Vulnerabilities in ISC DHCP 3Oct. 17, 200664 KB
TA04-163ACross-Domain Redirect Vulnerability in Internet ExplorerJune 13, 200581 KB
TA04-111AVulnerabilities in TCPJuly 18, 200569 KB
TA04-104AMultiple Vulnerabilities in Microsoft ProductsMay, 13 200596 KB
TA04-099ACross-Domain Vulnerability in Outlook Express MHTML Protocol HandlerMay, 13 200576 KB
TA04-078AMultiple Vulnerabilities in OpenSSLJune 10, 200564 KB
TA04-041AMultiple Vulnerabilities in Microsoft ASN.1 Library (MS04-007)May, 13 200586 KB
TA04-033AMultiple Vulnerabilities in Microsoft Internet Explorer (MS04-004)May, 13 200592 KB
CA-2004-01Multiple H.323 Message Vulnerabilities (MS04-001)April 5, 200564 KB
CA-2004-02Email-borne VirusesApril 5, 200557 KB
CA-2003-04MS-SQL Server Worm (MS02-061)Dec. 8, 200332 KB
CA-2003-07Remote Buffer Overflow in SendmailJan. 22, 200435 KB
CA-2003-12Buffer Overflow in SendmailJan. 22, 200435 KB
CA-2003-16Buffer Overflow in Microsoft RPC (MS03-026)Jan. 12, 200439 KB
CA-2003-19Exploitation of Vulnerabilities in Microsoft RPC Interface (MS03-026)Jan. 12, 200439 KB
CA-2003-20W32/Blaster worm (MS03-026)Jan. 12, 200439 KB
CA-2003-22Multiple Vulnerabilities in Microsoft Internet Explorer (MS03-032)March 2, 200490 KB
CA-2003-23RPCSS Vulnerabilities in Microsoft Windows (MS03-039)June 17, 200469 KB
CA-2003-25Buffer Overflow in SendmailJan. 22, 200434 KB
CA-2003-28Buffer Overflow in Windows Workstation Service (MS03-049)March 2, 200483 KB
CA-2002-03Multiple Vulnerabilities in Many Implementations of SNMPJan. 15, 200331 KB
CA-2002-12Format String Vulnerability in ISC DHCPDJul. 17, 200273 KB
CA-2002-17Apache Web Server Chunk Handling VulnerabilityMay 13, 200394 KB
CA-2002-18OpenSSH Vulnerabilities in Challenge Response HandlingDec. 8, 200329 KB
CA-2002-23Multiple Vulnerabilities in OpenSSLDec. 8, 200327 KB
CA-2002-27Apache/mod_ssl WormDec. 8, 200328 KB
CA-2002-28Trojan Horse Sendmail DistributionDec. 8, 200329 KB
CA-2002-29Buffer Overflow in Kerberos Administration DaemonDec. 8, 200327 KB
CA-2002-30Trojan Horse tcpdump and libpcap DistributionsDec. 8, 200326 KB
CA-2002-36Multiple Vulnerabilities in SSH ImplementationsDec. 8, 200327 KB
VU#104555Buffer Overflow in mod_sslJan. 22, 200434 KB
VU#106324Microsoft Windows contains a vulnerability in the way the Windows Shell launches applications (MS04-024)May 13, 200581 KB
VU#108884Microsoft Indexing Services vulnerable to cross-site scripting (MS06-053)Sept. 19, 200669 KB
VU#111673SGI IRIX "xfsdump" creates quota information files insecurelyJan. 22, 200434 KB
VU#119262Microsoft Windows kernel fails to reset values in CPU data structures (MS04-032)May 13, 2005102 KB
VU#130614Microsoft Outlook Express vulnerable to remote code execution (MS05-030)Sept. 13 200574 KB
VU#136849Microsoft Internet Explorer UTF-8 decoding vulnerability (MS06-021)July 14, 200680 KB
VU#140470Apple Mac OS X Server Admin fails to properly restrict users from using the proxy service (Apple Security Update 2005-005)May 16, 200566 KB
VU#142121zlib "gzprintf()" function vulnerable to buffer overflowOct. 20, 200457 KB
VU#145486Apple Cocoa applications vulnerable to denial of service via malformed TIFF image (Apple Security Update 2005-005)May 16, 200566 KB
VU#146718Sendmail fails to handle malformed multipart MIME messagesAug. 25, 200634 KB
VU#149953ISC "dhcrelay" fails to limit hop count when malicious bootp packet is receivedJan. 22, 200427 KB
VU#172948Apple Mac OS X AppKit vulnerable to buffer overflow via maliciously crafted Microsoft Word files (Apple Security Update 2005-007)Aug. 18, 200566 KB
VU#177584Microsoft Windows kernel vulnerable to a denial-of-service condition via animated cursor (.ani) frame number (MS05-002) June 13, 2005104 KB
VU#187196Microsoft Windows fails to properly process showHelp URLs (MS04-023)May 13, 200579 KB
VU#189140Microsoft Server Service Mailslot vulnerable to heap overflow (MS06-035)July 14, 200678 KB
VU#189754Microsoft Internet Explorer buffer overflow in PNG image rendering component (MS05-025)July 29, 200591 KB
VU#192995Integer overflow in xdr_array() function when deserializing the XDR stream (MS02-027)Dec. 4, 200328 KB
VU#200132Various *NIX PDF readers/viewers execute commands embedded within hyperlinksJan. 22, 200434 KB
VU#206537Apache vulnerable to DoSJan. 22, 200427 KB
VU#210606Apple Mac OS X "disk://" URI handler stores arbitrary files in a known location (Apple Security Update 2004-06-07) June 13, 200570 KB
VU#218526Microsoft Windows contains vulnerability in Window Management API (MS04-032)May 13, 2005101 KB
VU#218621Microsoft Word buffer overflow in font processing routine (MS05-035)Sept. 12, 200568 KB
VU#220821Microsoft Print Spooler service contains a buffer overflow (MS05-043)Sept. 2, 200591 KB
VU#221788Oracle SYS.DBMS_AQ package vulnerable to PL/SQL injectionJan. 24, 200725 KB
VU#222050Microsoft Internet Explorer Content Advisor contains a buffer overflow (MS05-020)June 16, 200591 KB
VU#222750TCP/IP implementations do not adequately validate ICMP error messages (MS05-019; Sun Alert 57746)Oct. 18, 200575 KB
VU#226364Multiple vulnerabilities in Internet Key Exchange version 1 implementationsFeb. 27, 200660 KB
VU#228028Microsoft Windows Task Scheduler Buffer Overflow (MS04-022)May 13, 200578 KB
VU#229595Overly large OPT record assertionDec. 4, 200326 KB
VU#233754Microsoft Windows does not adequately validate IP options (MS05-019)June 7, 200565 KB
VU#247744OpenSSL may fail to properly parse invalid ASN.1 structuresOct. 17, 200633 KB
VU#252146Microsoft Outlook and Microsoft Exchange TNEF decoding buffer overflow (MS06-003)Feb. 12, 200668 KB
VU#257164Microsoft DHCP Client service contains a buffer overflow (MS06-036)July 14, 200680 KB
VU#258390Apple Mac OS X with Bluetooth enabled may allow file exchange without prompting users (Apple Security Update 2005-005)May 16, 200566 KB
VU#258721Various FTP clients fail to account for pipe (|) characters in default file namesJan. 22, 200434 KB
VU#258905Multiple implementations of LDAP Directory Server vulnerable to buffer overflowJuly 29, 200560 KB
VU#259197Microsoft Client Server Runtime System Vulnerability (MS05-018)June 16, 200591 KB
VU#259798MIT Kerberos 5 allows unauthenticated attacker to cause MIT krb5 Key Distribution Center to free unallocated memory (RHSA-2005:562-10; RHSA-2005:567-08; Sun Alert 101809)July 11, 200637 KB
VU#275193Microsoft Exchange Server contains unchecked buffer in SMTP extended verb handling (MS05-021)June 16, 200579 KB
VU#283646Microsoft ASP.NET fails to perform proper canonicalization (MS05-004)June 10, 200583 KB
VU#284857ISC DHCPD minires library contains multiple buffer overflows Dec. 4, 200333 KB
VU#303452Microsoft Exchange fails to properly handle vCal and iCal properties (MS06-019)May 30, 200664 KB
VU#312313Solaris X Window Font Service (XFS) daemon contains buffer overflow in Dispatch() funtionDec. 4, 200333 KB
VU#312956Microsoft WMF memory corruption vulnerability (MS06-004)July 11, 200681 KB
VU#313836Samba fails to properly handle multiple share connection requestsAug. 25, 200637 KB
VU#331694Apple Mac OS X chpass/chfn/chsh utilities do not properly validate external programs (Apple Security Update 2005-005)June 7, 200565 KB
VU#338828Microsoft Internet Explorer exception handling vulnerability (MS06-021)July 14, 200680 KB
VU#354486Apple Mac OS X Server NetInfo Setup Tool fails to validate command line parameters (Apple Security Update 2005-005)June 7, 200565 KB
VU#355284Sun Java Runtime Environment applet privilege escalation vulnerabilityJan. 4, 200637 KB
VU#356070Apple Terminal fails to properly sanitize input for "x-man-page" URI (Apple Security Update 2005-005)May 16, 200567 KB
VU#356600Microsoft Internet Explorer DHTML Editing ActiveX control contains a cross-domain vulnerability (MS05-013)June 13, 200591 KB
VU#377804Multiple Open Software Foundation Distributed Computing Environment (DCE) implementations vulnerable to DoSJan. 22, 200432 KB
VU#383779ZIP archives containing files with large filenames can cause buffer overflows (MS02-054)Dec. 4, 200334 KB
VU#386964OpenSSL SSLv2 client code fails to properly check for NULLOct. 17, 200633 KB
VU#388900Microsoft Web Client Service vulnerable to buffer overflow (MS06-008)July 11, 200685 KB
VU#390044Microsoft JScript memory corruption vulnerability (MS06-023)July 14, 200680 KB
VU#390742Sun Solaris Volume Manager (SVM) fails to properly handle malformed probe requestsApril 5, 200565 KB
VU#394792Microsoft Windows SMTP component vulnerable to remote code execution (MS04-035)April 5, 200586 KB
VU#395412Apache mod_rewrite contains off-by-one error in ldap scheme handlingAug. 25, 200639 KB
VU#395588Microsoft Internet Information Services vulnerable to remote code execution via specially crafted ASP file (MS06-034)July 14, 200676 KB
VU#405955util-linux package vulnerable to privilege escalation when "ptmptmp" file is not removed properly when using "chfn" utilityDec. 4, 200328 KB
VU#406121Apache mod-dav module vulnerable to DoSDec. 4, 200328 KB
VU#412115Network device drivers reuse old frame buffer data to pad packetsDec. 4, 200327 KB
VU#412566Solaris conv_fix insecure file handling vulnerabilityApril 5, 200559 KB
VU#417585Microsoft DXImageTransform Light filter fails to validate input (MS06-021)July 14, 200680 KB
VU#420316Apple Mac OS X Safari vulnerable to arbitrary command execution via URLs in PDF files (Apple Security Update 2005-007)Aug. 18, 200565 KB
VU#422156Microsoft Exchange Server fails to properly handle specially crafted SMTP extended verb requests (MS03-046)July 1, 200459 KB
VU#428230Multiple vulnerabilities in S/MIME implementationsJan. 22, 200431 KB
VU#435188Apple Mac OS X AppKit vulnerable to buffer overflow via the handling of maliciously crafted rich text files (Apple Security Update 2005-007)Aug. 18, 200566 KB
VU#435444Microsoft Outlook Web Access (OWA) contains cross-site scripting vulnerability in the "Compose New Message" form (MS03-047)July 1, 200459 KB
VU#442569MIT Kerberos vulnerable to ticket splicing when using Kerberos4 triple DES service ticketsJan. 22, 200434 KB
VU#455516Microsoft PGM vulnerable to remote code execution (MS06-052)Sept. 19, 200669 KB
VU#457875Various DNS service implementations generate multiple simultaneous queries for the same resource recordDec. 4, 200327 KB
VU#461412Apple Mac OS X Server servermgrd authentication vulnerable to buffer overflow (Apple Security Update 2005-007)Aug. 18, 200566 KB
VU#464113TCP/IP implementations handle unusual flag combinations inconsistentlyDec. 4, 200325 KB
VU#467036Microsoft Help and Support Center contains buffer overflow in code used to handle HCP protocol (MS03-044)July 1, 200469 KB
VU#481564Kerberos administration daemon fails to properly initialize function pointersJan. 26, 200724 KB
VU#489397Microsoft Server Message Block vulnerable to buffer overflow (MS05-027)July 29, 200588 KB
VU#490628Microsoft Windows Remote Desktop Protocol service input validation vulnerability (MS05-041)Sept. 12, 200593 KB
VU#516825Integer overflow in Sun RPC XDR library routinesDec. 4, 200329 KB
VU#524227GNU screen contains buffer overflowJan. 22, 200426 KB
VU#528719Multiple implementations of the Session Initiation Protocol (SIP) contain vulnerabilitiesApr. 7, 200435 KB
VU#546483Multiple networking devices fail to set the "Secure" attribute of a cookieApril 5, 200557 KB
VU#547300OpenSSL SSL_get_shared_ciphers() vulnerable to buffer overflowOct. 17, 200633 KB
VU#575892Buffer overflow in Microsoft Messenger Service (MS03-043)July 1, 200479 KB
VU#578798Apple Mac OS X help system may interpret inappropriate local script files (Apple Security Update 2004-06-07)July 1, 200459 KB
VU#580299Microsoft Internet Explorer contains URL decoding zone spoofing vulnerability (MS05-014)June 13, 200590 KB
VU#582934Apple Mac OS X Foundation Framework vulnerable to buffer overflow via incorrect handling of an environmental variable (Apple Security Update 2005-005)June 7, 200565 KB
VU#597889Microsoft COM Structured Storage Vulnerability (MS05-012)June 13, 200590 KB
VU#610133Microsoft Windows domain controller denial of service in Kerberos message handling (MS05-042)Sept. 12, 200593 KB
VU#623217Cryptographic weakness in Kerberos Version 4 protocolJan. 22, 200434 KB
VU#623332MIT Kerberos 5 contains double free vulnerability in "krb5_recvauth()" function (RHSA-2005:562-10; RHSA-2005:567-08; Sun Alert 101810)July 11, 200637 KB
VU#631516Microsoft Routing and Remote Access does not properly handle RPC requests (MS06-025)July 14, 200680 KB
VU#633257X.Org server buffer overflow in Xrender extensionAug. 25, 200637 KB
VU#640488Microsoft Windows contains an unchecked buffer in the NetDDE services (MS04-031)May 13, 2005102 KB
VU#647436Microsoft Windows contains a buffer overflow in the POSIX subsystem (MS04-020)May 13, 200577 KB
VU#648406Apple Mac OS X AppleFileServer fails to properly handle certain authentication requests (Apple Security Update 2004-05-03)July 1, 200459 KB
VU#649374Microsoft Windows processing of zip files contains a buffer overflow (MS04-034)May 13, 200598 KB
VU#650181Microsoft Object Management DoS Vulnerability (MS05-018)June 16, 200591 KB
VU#652537Microsoft Windows SMB packet validation vulnerability (MS05-011)June 13, 200589 KB
VU#673051Microsoft Windows Shell and HTML Application Host may allow remote code execution (MS05-016)June 16, 200591 KB
VU#680620zlib inflate() routine vulnerable to buffer overflow (RHSA-2005:569-03)July 11, 200650 KB
VU#681569Linux Kernel may fail to properly handle SNMP packetsAug. 25, 200634 KB
VU#694782Sun Solaris passwd command allows for privilege escalationApril 5, 200559 KB
VU#698835Microsoft DHTML Drag-and-Drop events insufficiently validated (MS05-008 & MS05-014)June 13, 200593 KB
VU#706838Apple Mac OS X vulnerable to buffer overflow via vpnd daemon (Apple Security Update 2005-005)June 7, 200565 KB
VU#709220Apple Safari fails to perform security checks on links in rich text content (Apple Security Update 2005-007)Aug. 18, 200565 KB
VU#717748Microsoft Internet Information Server (IIS) 4.0 contains a buffer overflow in the redirect function (MS04-021)May 13, 200471 KB
VU#717844Linux kernel fails to properly handle malformed SCTP packetsAug. 25, 200634 KB
VU#718542Microsoft Agent vulnerable to trusted site spoofing (MS05-032)Sept. 12 200590 KB
VU#720742Microsoft Color Management Module buffer overflow during profile tag validation (MS05-036)Sept. 12, 200584 KB
VU#722753Microsoft IP Source Route Vulnerability (MS06-032)July 14, 200680 KB
VU#738331Domain Name System (DNS) resolver libraries vulnerable to read buffer overflowDec. 4, 200327 KB
VU#740372Microsoft DDS Library Shape Control (msdds.dll) COM object contains an unspecified vulnerability (MS Security Advisory - 906267)Sept. 12, 200560 KB
VU#756122Microsoft Internet Explorer URL validation routine contains a buffer overflow (MS05-020)June 16, 200591 KB
VU#763513Microsoft Message Queuing vulnerable to buffer overflow (MS05-017)Sept. 12, 200574 KB
VU#774338Microsoft Internet Explorer DHTML objects contain a race condition (MS05-020)June 16, 200591 KB
VU#775933Microsoft Windows Kernel Vulnerability (MS05-018)June 16, 200591 KB
VU#800829Telnet Client Information Disclosure Vulnerability (MS05-033; RHSA-2005:504-06; Sun Alert 101665, 101671)July 11, 200683 KB
VU#803539Multiple vendors' Domain Name System (DNS) stub resolvers vulnerable to buffer overflowDec. 4, 200334 KB
VU#806278Microsoft Windows contains buffer overflow in processing of WMF and EMF image files (MS04-032)May 13, 2005102 KB
VU#814644Microsoft Remote Access Connection Manager service vulnerable to buffer overflow (MS06-025)July 14, 200680 KB
VU#820427Microsoft Hyperlink Object Library buffer overflow (MS05-015)June 13, 200590 KB
VU#823971Microsoft Internet Explorer contains a Channel Definition Format (CDF) cross-domain vulnerability (MS05-014)June 13, 200591 KB
VU#831452Kerberos administration daemon may free uninitialized pointersJan. 26, 200725 KB
VU#838572Microsoft Authenticode mechanism installs ActiveX controls without prompting user (MS03-041)July 1, 200478 KB
VU#839284Microsoft Windows TCP/IP fails to properly validate IGMP packets (MS06-007)July 11, 200685 KB
VU#844360Domain Name System (DNS) stub resolver libraries vulnerable to buffer overflows via network name or address lookupsDec. 4, 200326 KB
VU#843771Microsoft Internet Explorer contains a DHTML method heap memory corruption vulnerability (MS05-014)June 13, 200591 KB
VU#849993Some implementations of mod_dav contain a format string vulnerability in "ap_log_rerror()" functionDec. 4, 200328 KB
VU#850785Sun KCMS library service daemon does not adequately validate location of KCMS profilesJan. 22, 200432 KB
VU#851869Microsoft HTML Help input validation error (MS05-026)Sept. 12, 200589 KB
VU#852283Cached malformed SIG record buffer overflowDec. 4, 200326 KB
VU#868580Microsoft Windows Utility Manager launches applications with system privileges (MS04-019)May 13, 200471 KB
VU#869640Microsoft Outlook Express fails to properly validate malformed e-mail headers (MS04-018)April 5, 200560 KB
VU#879386Multiple Buffer Overflow Vulnerabilities in QNXOct. 31, 2002 19.2 KB
VU#881254Sun Java System Portal Server fails to properly handle changes to display optionsApril 5, 200560 KB
VU#881872Sun Solaris telnet authentication bypass vulnerabilityApril 9, 200742 KB
VU#885830MIT Kerberos 5 allows unauthenticated attacker to cause MIT krb5 Key Distribution Center to overflow a heap buffer by one byte (RHSA-2005:562-10; RHSA-2005:567-08; Sun Alert 101809)July 11, 200651 KB
VU#886601Internet Key Exchange (IKE) protocol discloses identity when Aggressive Mode shared secret authentication is usedDec. 8, 200326 KB
VU#895508Postfix vulnerable to DoS by supplying a remote SMTP listener with a malformed envelope addressJan. 22, 200431 KB
VU#910998Microsoft Windows kernel fails to properly handle invalid opcodes used in DOS emulation (MS04-032)May 13, 2005102 KB
VU#911505Pam_xauth may insecurely forward "X MIT-Magic-Cookies" to new sessions Jan. 22, 200434 KB
VU#913820Apple Mac OS X Directory Services contains a buffer overflow (Apple Security Update 2005-007)Aug. 18, 200566 KB
VU#915930Microsoft embedded web font buffer overflow (MS06-002)Feb. 21, 200664 KB
VU#920060Microsoft Windows HTML Help component fails to properly validate input data (MS04-023)May 13, 200579 KB
VU#927278Multiple vulnerabilities in X.400 implementationsJan. 22, 200431 KB
VU#927889Microsoft OLE buffer overflow (MS05-012)June 13, 200591 KB
VU#929115PHP fails to properly parse the headers of HTTP POST requestsJan. 26, 200737 KB
VU#931684Sun Java Management Extensions privilege escalation vulnerabilityJan. 4, 200637 KB
VU#939074Microsoft Windows XP named pipe fails to restrict anonymous access (MS05-007)June 13, 200581 KB
VU#939605JVIEW Profiler (javaprxy.dll) COM object contains an unspecified vulnerability (MS05-037)Sept. 12, 200567 KB
VU#943749Microsoft font processing buffer overflow vulnerability (MS05-018)June 16, 200591 KB
VU#944241rpc.walld fails to properly validate messages before broadcasting to clientsJan. 22, 200434 KB
VU#955777Multiple vulnerabilities in DNS implementationsNov. 14, 200652 KB
VU#959049Multiple COM objects cause memory corruption in Microsoft Internet Explorer (MS05-038; MS06-021)June 26, 200693 KB
VU#965206Microsoft Internet Explorer JPEG rendering library vulnerable to buffer overflow (MS05-038)Sept. 12, 200593 KB
VU#967668Microsoft Windows ListBox and ComboBox controls vulnerable to buffer overflow when supplied crafted Windows message (MS03-045)July 1, 200471 KB
VU#973654Linux kernel fails to properly handle floating point signals generated by "fsave" and "frstor"Sept. 2, 200559 KB
VU#974188Sun Java Reflection API privilege escalation vulnerabilitiesJan. 4, 200637 KB
VU#978316Vulnerability in OpenSSH daemon (sshd)Jan. 22, 200433 KB
VU#989932Microsoft contains a buffer overflow in the Local Troubleshooter ActiveX control (Tshoot.ocx) (MS03-042)July 1, 200474 KB
VU#998653Microsoft Plug and Play contains a buffer overflow vulnerability (MS05-039)Sept. 2, 200591 KB

Related Links
US-CERT - United States Computer Emergency Readiness Team