#ibm

By default, Internet Explorer 5.0 and other versions enables the "Navigate sub-frames across different domains" option, which allows frame spoofing.

Buffer overflow in SCO UnixWare Xsco command via a long argument.

HP Secure Web Console uses weak encryption.

Falcon web server allows remote attackers to determine the absolute path of the web root via long file names.

Buffer overflow in WU-FTPD and related FTP servers allows remote attackers to gain root privileges via macro variables in a message file.

Denial of service in WU-FTPD via the SITE NEWER command, which does not free memory properly.

Lynx WWW client allows a remote attacker to specify command-line parameters which Lynx uses when calling external programs to handle certain protocols, e.g. telnet.

Cfingerd with ALLOW_EXECUTION enabled does not properly drop privileges when it executes a program on behalf of the user, allowing local users to gain root privileges.

Denial of service in Samba NETBIOS name service daemon (nmbd).

Netscape Communicator 4.x with Javascript enabled does not warn a user of cookie settings, even if they have selected the option to "Only accept cookies originating from the same server as the page being viewed".