Published Advisories

The following is a list of all publicly disclosed vulnerabilities discovered by TippingPoint Zero Day Initiative researchers. While the affected vendor is working on a patch for these vulnerabilities, TippingPoint customers are protected from exploitation by IPS filters delivered ahead of public disclosure. TippingPoint customers are additionally protected against 0day vulnerabilities discovered by our own DVLabs researchers. A list of published advisories discovered by TippingPoint's DVLabs research group is available from:

http://dvlabs.tippingpoint.com/advisories/published/

ZDI Advisories: 2010 | 2009 | 2008 | 2007 | 2006 | 2005

ZDI-10-032	CVE:	Published: 2010-03-16
SAP MaxDB Malformed Handshake Request Remote Code Execution Vulnerability

ZDI-10-031	CVE: CVE-2010-0050	Published: 2010-03-16
Apple Webkit Blink Event Dangling Pointer Remote Code Execution Vulnerability

ZDI-10-030	CVE: CVE-2010-0053	Published: 2010-03-16
Apple WebKit CSS run-in Attribute Rendering Remote Code Execution Vulnerability

ZDI-10-029	CVE: CVE-2010-0047	Published: 2010-03-15
Apple WebKit innerHTML element Substitution Remote Code Execution Vulnerability

ZDI-10-028	CVE:	Published: 2010-03-11
Skype URI Processing Arbitrary XML File Deletion Vulnerability

ZDI-10-027	CVE:	Published: 2010-03-11
Skype Protocol Handler datapath Argument Injection Credential Disclosure Vulnerability

ZDI-10-026	CVE: CVE-2010-0447	Published: 2010-03-09
Hewlett-Packard OVPI helpmanager Servlet Remote Code Execution Vulnerability

ZDI-10-025	CVE: CVE-2010-0263	Published: 2010-03-09
Microsoft Office Excel XLSX File Parsing Remote Code Execution Vulnerability

ZDI-10-024	CVE:	Published: 2010-03-02
Novell eDirectory SOAP Request Parsing Denial of Service Vulnerability

ZDI-10-023	CVE: CVE-2009-2754	Published: 2010-03-01
Multiple Vendor librpc.dll Signedness Error Remote Code Execution Vulnerability

ZDI-10-022	CVE: CVE-2009-2753	Published: 2010-03-01
IBM Informix librpc.dll Multiple Remote Code Execution Vulnerabilities

ZDI-10-021	CVE:	Published: 2010-02-23
Novell NetStorage xsrvd Long Pathname Remote Code Execution Vulnerability

ZDI-10-020	CVE: CVE-2010-0620	Published: 2010-02-23
EMC HomeBase SSL Service Arbitrary File Upload Remote Code Execution Vulnerability

ZDI-10-019	CVE: CVE-2009-3988	Published: 2010-02-19
Mozilla Firefox showModalDialog Cross-Domain Scripting Vulnerability

ZDI-10-018	CVE:	Published: 2010-02-18
IBM Cognos Server Backdoor Account Remote Code Execution Vulnerability

ZDI-10-017	CVE: CVE-2010-0033	Published: 2010-02-09
Microsoft Office PowerPoint Viewer TextBytesAtom Record Remote Code Execution Vulnerability

ZDI-10-016	CVE: CVE-2010-0027	Published: 2010-02-09
Microsoft Windows ShellExecute Improper Sanitization Code Execution Vulnerability

ZDI-10-015	CVE: CVE-2010-0250	Published: 2010-02-09
Microsoft Windows RLE Video Decompressor Remote Code Execution Vulnerability

ZDI-10-014	CVE: CVE-2010-0248	Published: 2010-01-21
Microsoft Internet Explorer item Object Memory Corruption Remote Code Execution Vulnerability

ZDI-10-013	CVE: CVE-2010-0245	Published: 2010-01-21
Microsoft Internet Explorer Table Layout Reuse Remote Code Execution Vulnerability

ZDI-10-012	CVE: CVE-2010-0246	Published: 2010-01-21
Microsoft Internet Explorer Baseline Tag Rendering Remote Code Execution Vulnerability

ZDI-10-011	CVE: CVE-2010-0244	Published: 2010-01-21
Microsoft Internet Explorer Table Layout Col Tag Cache Update Remote Code Execution Vulnerability

ZDI-10-010	CVE: CVE-2009-4246	Published: 2010-01-21
RealNetworks RealPlayer Skin Parsing Remote Code Execution Vulnerability

ZDI-10-009	CVE: CVE-2009-0376	Published: 2010-01-21
RealNetworks RealPlayer IVR Format Remote Code Execution Vulnerability

ZDI-10-008	CVE: CVE-2009-4244	Published: 2010-01-21
RealNetworks RealPlayer SIPR Codec Remote Code Execution Vulnerability

ZDI-10-007	CVE: CVE-2009-4257	Published: 2010-01-21
RealNetworks RealPlayer SMIL getAtom Remote Code Execution Vulnerability

ZDI-10-006	CVE: CVE-2009-4242	Published: 2010-01-21
RealNetworks RealPlayer GIF Handling Remote Code Execution Vulnerability

ZDI-10-005	CVE: CVE-2009-4241	Published: 2010-01-21
RealNetworks RealPlayer ASMRulebook Remote Code Execution Vulnerability

ZDI-10-004	CVE: CVE-2010-0138	Published: 2010-01-21
Cisco CiscoWorks IPM GIOP getProcessName Remote Code Execution Vulnerability

ZDI-10-003	CVE:	Published: 2010-01-12
Novell ZENworks Asset Management docfiledownload Remote SQL Injection Vulnerability

ZDI-10-002	CVE: CVE-2010-0072	Published: 2010-01-12
Oracle Secure Backup observiced.exe Remote Code Execution Vulnerability

ZDI-10-001	CVE: CVE-2009-4486	Published: 2010-01-07
Novell iManager eDirectory Plugin Remote Code Execution Vulnerability

# Created Cases:	2,308
# Researchers:	1,214
Avg. Verification Time:	20 days

Published Advisories

Published Advisories

Upcoming Advisories

Recent Press