TippingPoint Zero Day Initiative
 

Published Advisories

The following is a list of all publicly disclosed vulnerabilities discovered by TippingPoint Zero Day Initiative researchers. While the affected vendor is working on a patch for these vulnerabilities, TippingPoint customers are protected from exploitation by IPS filters delivered ahead of public disclosure. TippingPoint customers are additionally protected against 0day vulnerabilities discovered by our own DVLabs researchers. A list of published advisories discovered by TippingPoint's DVLabs research group is available from:

http://dvlabs.tippingpoint.com/advisories/published/

View advisories from: 2009   |   2008   |   2007   |   2006   |   2005

ZDI-09-044 CVE: CVE-2009-1860 Published: 2009-06-24
Adobe Shockwave Player Director File Parsing Pointer Overwrite Vulnerability
ZDI-09-043 CVE: CVE-2009-1719 Published: 2009-06-16
Apple Java CColourUIResource Pointer Dereference Code Execution Vulnerability
ZDI-09-042 CVE: CVE-2009-1855 Published: 2009-06-10
Adobe Reader U3D RHAdobeMeta Stack Overflow Vulnerability
ZDI-09-041 CVE: CVE-2009-1532 Published: 2009-06-10
Microsoft Internet Explorer 8 Rows Property Dangling Pointer Code Execution Vulnerability
ZDI-09-040 CVE: CVE-2009-1134 Published: 2009-06-10
Microsoft Office Excel QSIR Record Pointer Corruption Vulnerability
ZDI-09-039 CVE: CVE-2009-1531 Published: 2009-06-10
Microsoft Internet Explorer onreadystatechange Memory Corruption Vulnerability
ZDI-09-038 CVE: CVE-2009-1530 Published: 2009-06-10
Microsoft Internet Explorer Event Handler Memory Corruption Vulnerability
ZDI-09-037 CVE: CVE-2009-1528 Published: 2009-06-10
Microsoft Internet Explorer Concurrent Ajax Request Memory Corruption Vulnerability
ZDI-09-036 CVE: CVE-2009-1529 Published: 2009-06-10
Microsoft Internet Explorer setCapture Memory Corruption Vulnerability
ZDI-09-035 CVE: CVE-2009-0563 Published: 2009-06-10
Microsoft Word Document Stack Based Buffer Overflow Vulnerability
ZDI-09-034 CVE: CVE-2009-1709 Published: 2009-06-08
Apple Safari SVG Set.targetElement() Memory Corruption Vulnerability
ZDI-09-033 CVE: CVE-2009-1701 Published: 2009-06-08
Apple WebKit dir Attribute Freeing Dangling Object Pointer Vulnerability
ZDI-09-032 CVE: CVE-2009-1698 Published: 2009-06-08
Apple WebKit attr() Invalid Attribute Memory Corruption Vulnerability
ZDI-09-031 CVE: CVE-2009-1376 Published: 2009-06-08
Multiple Vendor libpurple MSN Protocol SLP Message Heap Overflow Vulnerability
ZDI-09-030 CVE: CVE-2009-0010 Published: 2009-06-02
Apple Quicktime PICT Opcode 0x71 Heap Overflow Vulnerability
ZDI-09-029 CVE: CVE-2009-0957 Published: 2009-06-02
Apple QuickTime Jpeg2000 Marker Size Heap Overflow Vulnerability
ZDI-09-028 CVE: CVE-2009-0954 Published: 2009-06-02
Apple QuickTime CRGN Atom Parsing Heap Buffer Overflow Vulnerability
ZDI-09-027 CVE: CVE-2009-0953 Published: 2009-06-02
Apple Quicktime PICT Opcode 0x8201 Heap Overflow Vulnerability
ZDI-09-026 CVE: CVE-2009-0952 Published: 2009-06-02
Apple QuickTime Packed-bit Decoding Heap Overflow Vulnerability
ZDI-09-025 CVE: CVE-2009-0951 Published: 2009-06-02
Apple Quicktime Picture Viewer FLC Delta-Encoded Frame Decompression Vulnerability
ZDI-09-024 CVE: Published: 2009-06-01
Safenet SoftRemote IKE Service Remote Stack Overflow Vulnerability
ZDI-09-023 CVE: CVE-2009-0154 Published: 2009-05-13
Apple OS X ATSServer Compact Font Format Parsing Memory Corruption Vulnerability
ZDI-09-022 CVE: CVE-2009-0945 Published: 2009-05-13
Apple Safari Malformed SVGList Parsing Code Execution Vulnerability
ZDI-09-021 CVE: CVE-2009-0010 Published: 2009-05-13
Apple QuickTime PICT Unspecified Tag Heap Overflow Vulnerability
ZDI-09-020 CVE: CVE-2009-1130 Published: 2009-05-12
Microsoft Office PowerPoint Notes Container Heap Overflow Vulnerability
ZDI-09-019 CVE: CVE-2009-0556 Published: 2009-05-12
Microsoft Office PowerPoint OutlineTextRefAtom Parsing Memory Corruption Vulnerability
ZDI-09-018 CVE: CVE-2009-1430 Published: 2009-04-28
Symantec Client Security Alert Originator Service Stack Overflow Vulnerability
ZDI-09-017 CVE: Published: 2009-04-14
Oracle Applications Server 10g Format String Vulnerability
ZDI-09-016 CVE: Published: 2009-04-06
Novell Client/NetIdentity Agent Remote Arbitrary Pointer Dereference Code Execution Vulnerability
ZDI-09-015 CVE: CVE-2009-1044 Published: 2009-03-30
Mozilla Firefox XUL _moveToEdgeShift() Memory Corruption Vulnerability
ZDI-09-014 CVE: CVE-2009-0927 Published: 2009-03-24
Adobe Acrobat getIcon() Stack Overflow Vulnerability
ZDI-09-013 CVE: CVE-2009-0775 Published: 2009-03-05
Mozilla Firefox XUL Linked Clones Double Free Vulnerability
ZDI-09-012 CVE: CVE-2009-0076 Published: 2009-02-10
Microsoft Internet Explorer Malformed CSS Memory Corruption Vulnerability
ZDI-09-011 CVE: CVE-2009-0075 Published: 2009-02-10
Microsoft Internet Explorer CFunctionPointer Memory Corruption Vulnerability
ZDI-09-010 CVE: Published: 2009-02-02
Novell Netware Groupwise GWIA RCPT Command Buffer Overflow Vulnerability
ZDI-09-009 CVE: Published: 2009-01-23
EMC AutoStart Backbone Engine Trusted Pointer Code Execution Vulnerability
ZDI-09-008 CVE: CVE-2009-0007 Published: 2009-01-21
Apple QuickTime STSD JPEG Atom Heap Corruption Vulnerability
ZDI-09-007 CVE: CVE-2009-0006 Published: 2009-01-21
Apple QuickTime Cinepak Codec MDAT Heap Corruption Vulnerability
ZDI-09-006 CVE: CVE-2009-0003 Published: 2009-01-21
Apple QuickTime AVI Header nBlockAlign Heap Corruption Vulnerability
ZDI-09-005 CVE: CVE-2009-0002 Published: 2009-01-21
Apple QuickTime VR Track Header Atom Heap Corruption Vulnerability
ZDI-09-004 CVE: CVE-2008-5440 Published: 2009-01-14
Oracle TimesTen evtdump Remote Format String Vulnerability
ZDI-09-003 CVE: CVE-2008-5448 Published: 2009-01-14
Oracle Secure Backup exec_qr() Command Injection Vulnerability
ZDI-09-002 CVE: CVE-2008-4835 Published: 2009-01-13
Microsoft SMB NT Trans2 Request Parsing Remote Code Execution Vulnerability
ZDI-09-001 CVE: CVE-2008-4834 Published: 2009-01-13
Microsoft SMB NT Trans Request Parsing Remote Code Execution Vulnerability