CVE List
| Id | CVE No. | Status | Description | Phase | Votes | Comments | Actions |
|---|---|---|---|---|---|---|---|
| 1627 | CVE-2000-0049 | Candidate | Buffer overflow in Winamp client allows remote attackers to execute commands via a long entry in a .pls file. | Modified (20071115) | ACCEPT(2) Cole, Wall | MODIFY(2) Baker, Frech | REVIEWING(1) Christey | Frech> XF:winamp-playlist-bo | Christey> This may have been discovered earlier in: | BUGTRAQ:19990512 Buffer overflow in WinAMP 2.x | URL:http://marc.theaimsgroup.com/?l=bugtraq&m=92662988700367&w=2 | See the following for possible confirmation: | URL:http://www.winamp.com/getwinamp/newfeatures.jhtml | Wall> This vulnerability has been seen in several versions of Winamp and part of ISS | X-Force | and SecuriTeam vulnerability checks. | CHANGE> [Christey changed vote from NOOP to REVIEWING] | Baker> The old confirm url doesn"t work any more... I am not sure where we can get the old changelog/error list. | View |
| 996 | CVE-1999-1016 | Candidate | Microsoft HTML control as used in (1) Internet Explorer 5.0, (2) FrontPage Express, (3) Outlook Express 5, and (4) Eudora, and possibly others, allows remote malicious web site or HTML emails to cause a denial of service (100% CPU consumption) via large HTML form fields such as text inputs in a table cell. | Modified (20040811) | ACCEPT(2) Cole, Wall | MODIFY(1) Frech | NOOP(2) Christey, Foat | Frech> XF:ms-html-table-form-dos(3246) | Frech> XF:ms-html-table-form-dos(3246) | Christey> Add period to the end of the description. | View |
| 1013 | CVE-1999-1033 | Candidate | Microsoft Outlook Express before 4.72.3612.1700 allows a malicious user to send a message that contains a .., which can inadvertently cause Outlook to re-enter POP3 command mode and cause the POP3 session to hang. | Proposed (20010912) | ACCEPT(2) Cole, Wall | MODIFY(1) Frech | NOOP(1) Foat | Frech> (Task 2241) | CHANGE> [Frech changed vote from REVIEWING to MODIFY] | Frech> XF:outlook-pop3-dot-dos(8926) | View |
| 1683 | CVE-2000-0105 | Candidate | Outlook Express 5.01 and Internet Explorer 5.01 allow remote attackers to view a user"s email messages via a script that accesses a variable that references subsequent email messages that are read by the client. | Proposed (20000208) | ACCEPT(2) Cole, Wall | MODIFY(1) Frech | NOOP(1) Baker | REVIEWING(1) Christey | Frech> email-active-script-html | Christey> Acknowledged via personal communication with Microsoft | personnel, but I need to look through my email logs to recall | whether they said that it is a duplicate of CVE-2000-0653 | CHANGE> [Christey changed vote from NOOP to REVIEWING] | View |
| 1697 | CVE-2000-0119 | Candidate | The default configurations for McAfee Virus Scan and Norton Anti-Virus virus checkers do not check files in the RECYCLED folder that is used by the Windows Recycle Bin utility, which allows attackers to store malicious code without detection. | Proposed (20000208) | ACCEPT(2) Cole, Wall | MODIFY(1) Frech | NOOP(1) Baker | REVIEWING(1) Christey | Christey> ADDREF BID:956 | | A followup post on Feb 8 by Paul L Schmehl claims that this | would not work, because the anti-virus checkers would | activate if the user attempts to execute the program. | Frech> XF:win-trojan-detection-bypass | Much earlier possible reference at NTBugtraq Mailing List, Wed, 22 Dec 1999 | 20:37:43 -0800, "Bypass Virus Checking under 95/98/NT" at | http://www.ntbugtraq.com/default.asp?pid=36&sid=1&A2=ind9912&L=ntbugtraq&F=&S=&P=6030 | CHANGE> [Cole changed vote from REVIEWING to ACCEPT] | Christey> NTBUGTRAQ:19991222 Bypass Virus Checking under 95/98/NT | http://www.ntbugtraq.com/default.asp?pid=36&sid=1&A2=ind9912&L=ntbugtraq&F=&S=&P=6030 | View |
Page 20096 of 20943, showing 5 records out of 104715 total, starting on record 100476, ending on 100480
