Buffer overflow in Skyfull mail server via MAIL FROM command.

Buffer overflow in Vixie cron allows local users to gain root access via a long MAILTO environment variable in a crontab file.

Internet Explorer 4.0 and 4.01 allow a remote attacker to read files via IE's cross frame security, aka the "Cross Frame Navigate" vulnerability.

Internet Explorer 4.01 allows remote attackers to read arbitrary files by pasting a file name into the file upload control, aka untrusted scripted paste.

Internet Explorer 3.x to 4.01 allows a remote attacker to insert malicious content into a frame of another web site, aka frame spoofing.

ucbmail allows remote attackers to execute commands via shell metacharacters that are passed to it from INN.

Denial of service in IIS 4.0 via a flood of HTTP requests with malformed headers.

Buffer overflow in UnixWare xauto program allows local users to gain root privilege.

Buffer overflow in CommuniGatePro via a long string to the HTTP configuration port.

UnixWare programs that dump core allow a local user to modify files via a symlink attack on the ./core.pid file.

Buffer overflow in FreeBSD seyon via HOME environmental variable, -emulator argument, -modems argument, or the GUI.

Insecure directory permissions in RPM distribution for PostgreSQL allows local users to gain privileges by reading a plaintext password file.

Race condition in the SSL ISAPI filter in IIS and other servers may leak information in plaintext.

Solaris chkperm allows local users to read files owned by bin via the VMSYS environmental variable and a symlink attack.

Solaris arp allows local users to read files via the -f parameter, which lists lines in the file that do not parse properly.

Internet Explorer 5 allows a remote attacker to modify the IE client's proxy configuration via a malicious Web Proxy Auto-Discovery (WPAD) server.

FreeBSD gdc program allows local users to modify files via a symlink attack.

login in Slackware 7.0 allows remote attackers to identify valid users on the system by reporting an encryption error when an account is locked or does not exist.

Buffer overflow in FreeBSD gdc program.

Ultimate Bulletin Board stores data files in the cgi-bin directory, allowing remote attackers to view the data if an error occurs when the HTTP server attempts to execute the file.