Solaris chkperm allows local users to read files owned by bin via the VMSYS environmental variable and a symlink attack.

Solaris arp allows local users to read files via the -f parameter, which lists lines in the file that do not parse properly.

FreeBSD gdc program allows local users to modify files via a symlink attack.

Denial of service in BIND named via naptr.

The default permissions for Endymion MailMan allow local users to read email or modify files.

UnixWare pkg commands such as pkginfo, pkgcat, and pkgparam allow local users to read arbitrary files via the dacread permission.

By default, Internet Explorer 5.0 and other versions enables the "Navigate sub-frames across different domains" option, which allows frame spoofing.

The default permissions for UnixWare /var/mail allow local users to read and modify other users' mail.

The fwluser script in AIX eNetwork Firewall allows local users to write to arbitrary files via a symlink attack.

NIS finger allows an attacker to conduct a denial of service via a large number of finger requests, resulting in a large number of NIS queries.

Internet Explorer allows remote attackers to read files by redirecting data to a Javascript applet.

A remote attacker can read information from a Netscape user's cache via JavaScript.

The SSH authentication agent follows symlinks via a UNIX domain socket.

KDE kppp allows local users to create a directory in an arbitrary location via the HOME environmental variable.

Firewall-1 sets a long timeout for connections that begin with ACK or other packets except SYN, allowing an attacker to conduct a denial of service via a large number of connection attempts to unrespo...

When Javascript is embedded within the TITLE tag, Netscape Communicator allows a remote attacker to use the "about" protocol to gain access to browser information.

The ColdFusion CFCRYPT program for encrypting CFML templates has weak encryption, allowing attackers to decrypt the templates.

Buffer overflow in Microsoft Telnet client in Windows 95 and Windows 98 via a malformed Telnet argument.

Denial of service in BSDi Symmetric Multiprocessing (SMP) when an fstat call is made when the system has a high CPU load.

Trn allows local users to overwrite other users' files via symlinks.

The logging facility of the Debian smtp-refuser package allows local users to delete arbitrary files using symbolic links.

A remote attacker can disable the virus warning mechanism in Microsoft Excel 97.

Vulnerability in Compaq Tru64 UNIX edauth command.

A vulnerability in Caldera Open Administration System (COAS) allows the /etc/shadow password file to be made world-readable.