Bugtraq etc.
- Windows Media Player directory traversal
- Microsoft Java vulnerabilities
- Netscape Java buffer overflow
- Internet Explorer cookie access vulnerability
- Linux glibc locale format string vulnerability
- KTH Kerberos IV various vulnerabilities
- PHP format string vulnerability
- UNIX ncurses library buffer overflow
- Linux klogd format string vulnerability
- UNIX screen(1) format string vulnerability
- IMP SQL injection vulnerability
- vBulletin remote code execution
- Apache Tomcat 3 directory & file disclosure
- Internet Explorer automatical downloading and running programs (“%00 bug”)
- Solaris libsldap buffer overflow
- Squid proxy FTP buffer overflow
In the news
- ZDNet: Multiple Facebook vulnerabilities reported on Full-Disclosure
- Digitoday: Xss-haavoittuvuus avaa oven Facebook-madolle (In Finnish)
- silicon.com: Windows and Linux exposed by Java flaw
- New Scientist: Java bug could hit PC operating systems
- BBC: Microsoft warns of Outlook flaw
- ComputerWeekly: MS Outlook hole is more serious than first thought
- SearchSecurity: Microsoft upgrades Outlook flaw to critical
- Enterprise Systems: New Breed of Attack Targets Microsoft Outlook XP Users
- PC World: Opera Patches Browser Flaws
- SecurityFocus: Gopher attacks are latest IE security threat
- CNN: IE hole could be used to open “back door”
- Computer User / Newsbytes: Microsoft to plug devastating download hole
- BBC:Microsoft closes browser holes
- News.com: Microsoft rushes to close IE security hole
- VNUNet: Java flaws burn Internet Explorer