Vixie Cron on Linux systems allows local users to set parameters of sendmail commands via the MAILTO environmental variable.

Buffer overflow in Vixie Cron on Red Hat systems via the MAILTO environmental variable.

Buffer overflow in Solaris libc, ufsrestore, and rcp via LC_MESSAGES environmental variable.

The Microsoft Java Virtual Machine allows a malicious Java applet to execute arbitrary commands outside of the sandbox environment.

SGI IRIX midikeys program allows local users to modify arbitrary files via a text editor.

NetBSD allows ARP packets to overwrite static ARP entries.

NetBSD on a multi-homed host allows ARP packets on one network to modify ARP entries on another connected network.

When Javascript is embedded within the TITLE tag, Netscape Communicator allows a remote attacker to use the "about" protocol to gain access to browser information.

Buffer overflow in FreeBSD fts library routines allows local user to modify arbitrary files via the periodic program.

Undocumented ColdFusion Markup Language (CFML) tags and functions in the ColdFusion Administrator allow users to gain additional privileges.

Buffer overflow in FuseMAIL POP service via long USER and PASS commands.

Netscape Enterprise 3.5.1 and FastTrack 3.01 servers allow a remote attacker to view source code to scripts by appending a %20 to the script's URL.

The ColdFusion CFCRYPT program for encrypting CFML templates has weak encryption, allowing attackers to decrypt the templates.

ColdFusion Administrator with Advanced Security enabled allows remote users to stop the ColdFusion server via the Start/Stop utility.

Windows NT RRAS and RAS clients cache a user's password even if the user has not selected the "Save password" option.

The INN inndstart program allows local users to gain privileges by specifying an alternate configuration file using the INNCONF environmental variable.

The w3-msql CGI script provided with Mini SQL allows remote attackers to view restricted directories.

Denial of service in Netscape Enterprise Server via a buffer overflow in the SSL handshake.

Buffer overflow in Accept command in Netscape Enterprise Server 3.6 with the SSL Handshake Patch.

Hotmail allows Javascript to be executed via the HTML STYLE tag, allowing remote attackers to execute commands on the user's Hotmail account.