TippingPoint Zero Day Initiative
 

Published Advisories

The following is a list of all publicly disclosed vulnerabilities discovered by TippingPoint Zero Day Initiative researchers. While the affected vendor is working on a patch for these vulnerabilities, TippingPoint customers are protected from exploitation by IPS filters delivered ahead of public disclosure. TippingPoint customers are additionally protected against 0day vulnerabilities discovered by our own DVLabs researchers. A list of published advisories discovered by TippingPoint's DVLabs research group is available from:

http://dvlabs.tippingpoint.com/advisories/published/

ZDI Advisories: 2013   |   2012   |   2011   |   2010   |   2009   |   2008   |   2007   |   2006   |   2005

ZDI-13-131 CVE: CVE-2013-2334 Published: 2013-06-11
Hewlett-Packard Data Protector Cell Manager crs.exe Opcode 1091 Remote Code Execution Vulnerability
ZDI-13-130 CVE: CVE-2013-2333 Published: 2013-06-11
Hewlett-Packard Data Protector Cell Manager crs.exe Opcode 211 Remote Code Execution Vulnerability
ZDI-13-129 CVE: CVE-2013-2332 Published: 2013-06-11
Hewlett-Packard Data Protector Cell Manager crs.exe Opcode 260 Remote Code Execution Vulnerability
ZDI-13-128 CVE: CVE-2013-2331 Published: 2013-06-11
Hewlett-Packard Data Protector Cell Manager crs.exe Opcode 1092 Remote Code Execution Vulnerability
ZDI-13-127 CVE: CVE-2013-2330 Published: 2013-06-11
Hewlett-Packard Data Protector Cell Manager crs.exe Opcode 305 Remote Code Execution Vulnerability
ZDI-13-126 CVE: CVE-2013-2329 Published: 2013-06-11
Hewlett-Packard Data Protector Cell Manager crs.exe Opcode 259 Remote Code Execution Vulnerability
ZDI-13-125 CVE: CVE-2013-2328 Published: 2013-06-11
Hewlett-Packard Data Protector Cell Manager crs.exe Multiple Opcodes Remote Code Execution Vulnerability
ZDI-13-124 CVE: CVE-2013-2327 Published: 2013-06-11
Hewlett-Packard Data Protector Cell Manager crs.exe Opcode 264 Remote Code Execution Vulnerability
ZDI-13-123 CVE: CVE-2013-2326 Published: 2013-06-11
Hewlett-Packard Data Protector Cell Manager crs.exe Opcode 234 Remote Code Execution Vulnerability
ZDI-13-122 CVE: CVE-2013-2325 Published: 2013-06-11
Hewlett-Packard Data Protector Cell Manager crs.exe Opcode 235 Remote Code Execution Vulnerability
ZDI-13-121 CVE: CVE-2013-2324 Published: 2013-06-11
Hewlett-Packard Data Protector Cell Manager crs.exe Multiple Opcodes Remote Code Execution Vulnerability
ZDI-13-120 CVE: Published: 2013-06-11
ABB DataManager National Instruments Multiple ActiveX Controls cwui.ocx ExportStyle() Method Remote Code Execution Vulnerability
ZDI-13-119 CVE: CVE-2013-0988 Published: 2013-06-11
Apple QuickTime FlashPix Parsing Remote Code Execution Vulnerability
ZDI-13-118 CVE: CVE-2013-1019 Published: 2013-06-11
Apple QuickTime Sorenson Video mdat Remote Code Execution Vulnerability
ZDI-13-117 CVE: CVE-2013-1016 Published: 2013-06-11
Apple QuickTime H.263 Parsing Remote Code Execution Vulnerability
ZDI-13-116 CVE: CVE-2013-1021 Published: 2013-06-11
Apple QuickTime stsd Atom Parsing Remote Code Execution Vulnerability
ZDI-13-115 CVE: CVE-2013-1022 Published: 2013-06-11
Apple QuickTime mvhd Atom Parsing Remote Code Execution Vulnerability
ZDI-13-114 CVE: CVE-2013-1020 Published: 2013-06-11
Apple QuickTime MJPEG Frame stsd Atom Heap Overflow Remote Code Execution Vulnerability
ZDI-13-113 CVE: CVE-2103-1018 Published: 2013-06-11
Apple QuickTime 3GP Parsing Remote Code Execution Vunerability
ZDI-13-112 CVE: CVE-2013-1015 Published: 2013-06-11
Apple QuickTime TeXML textBox Element Parsing Remote Code Execution Vulnerability
ZDI-13-111 CVE: CVE-2013-0986 Published: 2013-06-11
Apple QuickTime enof Parsing Remote Code Execution Vulnerability
ZDI-13-110 CVE: CVE-2013-1017 Published: 2013-05-30
Apple QuickTime dref Volume Name Parsing Remote Code Execution Vulnerability
ZDI-13-109 CVE: CVE-2013-0999 Published: 2013-05-30
Webkit.org Webkit string.replace Remote Code Execution Vulnerability
ZDI-13-108 CVE: CVE-2013-0998 Published: 2013-05-30
Webkit.org Webkit string.concat() Remote Code Execution Vulnerability
ZDI-13-107 CVE: CVE-2013-0997 Published: 2013-05-30
Apple Safari Array Indexing Remote Code Execution Vulnerability
ZDI-13-106 CVE: CVE-2013-2549; CVE-2013-2550 Published: 2013-05-30
(Pwn2Own) Adobe Reader Sandbox Bypass Remote Code Execution Vulnerability
ZDI-13-105 CVE: CVE-2013-2727 Published: 2013-05-30
Adobe Reader U3D Processing Remote Code Execution Vulnerability
ZDI-13-103 CVE: CVE-2013-1312 Published: 2013-05-30
Microsoft Internet Explorer CDOMTextNode Use-After-Free Remote Code Execution Vulnerability
ZDI-13-102 CVE: CVE-2013-1298 Published: 2013-05-29
(Pwn2Own) Microsoft Internet Explorer VML Parsing Remote Code Execution Vulnerabillity
ZDI-13-101 CVE: CVE-2012-5947 Published: 2013-05-29
IBM SPSS SamplePower Vsflex7l.ocx ActiveX ComboList Remote Code Execution Vulnerability
ZDI-13-100 CVE: CVE-2012-5946 Published: 2013-05-29
IBM SPSS SamplePower C1sizer.ocx ActiveX TabCaption Remote Code Execution Vulnerability
ZDI-13-099 CVE: CVE-2012-5945 Published: 2013-05-29
IBM SPSS SamplePower Vsflex8l.ocx ActiveX ComboList/ColComboList Remote Code Execution Vulnerability
ZDI-13-098 CVE: CVE-2013-1338 Published: 2013-05-29
Microsoft Internet Explorer VML TextBox Use-After-Free Remote Code Execution Vulnerability
ZDI-13-097 CVE: CVE-2013-0090 Published: 2013-05-29
Microsoft Internet Explorer CMarkup Use-After-Free Remote Code Execution Vulnerability
ZDI-13-096 CVE: CVE-2013-1091 Published: 2013-05-29
Novell iPrint Client IPP Response Remote Code Execution Vulnerability
ZDI-13-095 CVE: Published: 2013-05-29
F-Secure E-mail and Server Security FSDBCom ActiveX Control GetCommand Remote Code Execution Vulnerability
ZDI-13-094 CVE: CVE-2013-1559 Published: 2013-05-29
Oracle WebCenter Content CheckOutAndOpen.dll ActiveX coao/openWebdav Remote Code Execution Vulnerability
ZDI-13-093 CVE: CVE-2012-5219 Published: 2013-05-29
HP Managed Printing Administrator mdbBuildValueBasedSQL() Remote Code Execution Vulnerability
ZDI-13-092 CVE: CVE-2013-0593 Published: 2013-05-29
IBM SPSS Chart2D olch2x32.ocx ActiveX Remote Code Execution Vulnerability
ZDI-13-091 CVE: CVE-2013-1516 Published: 2013-05-29
Oracle Document Capture BlackIceDevMode.ocx ActiveX Remote Code Execution Vulnerability
ZDI-13-090 CVE: CVE-2013-0787 Published: 2013-05-29
(Pwn2Own) Mozilla Firefox nsHTMLEditRules Use-After-Free Remote Code Execution Vulnerability
ZDI-13-089 CVE: CVE-2013-0401 Published: 2013-05-29
(Pwn2Own) Oracle Java DragAndDrop Sandbox Bypass Remote Code Execution Vulnerability
ZDI-13-088 CVE: CVE-2013-1082 Published: 2013-05-29
Novell ZENworks Mobile Management DUSAP.php Remote Code Execution Vulnerability
ZDI-13-087 CVE: CVE-2013-1081 Published: 2013-05-29
Novell ZENworks Mobile Management MDM.php Remote Code Execution Vulnerability
ZDI-13-086 CVE: CVE-2013-1305 Published: 2013-05-29
Microsoft HTTP.SYS Remote Denial of Service Vulnerability
ZDI-13-085 CVE: CVE-2013-1308 Published: 2013-05-29
Microsoft Internet Explorer TransNavContext Use-After-Free Remote Code Execution Vulnerability
ZDI-13-084 CVE: CVE-2013-3140 Published: 2013-05-29
Microsoft Internet Explorer CMarkup Use-After-Free Remote Code Execution Vulnerability
ZDI-13-083 CVE: CVE-2013-1309 Published: 2013-05-29
Microsoft Internet Explorer CDispNode Use-After-Free Remote Code Execution Vulnerability
ZDI-13-082 CVE: CVE-2013-1306 Published: 2013-05-29
Microsoft Internet Explorer CAnchorElement Use-After-Free Remote Code Execution Vulnerability
ZDI-13-081 CVE: Published: 2013-05-29
(Pwn2Own) Microsoft Internet Explorer Protected Mode Bypass Vulnerability
ZDI-13-080 CVE: CVE-2103-0989 Published: 2013-05-29
Apple QuickTime MP3 Memory Corruption Remote Code Execution Vulnerability
ZDI-13-079 CVE: CVE-2013-2436 Published: 2013-05-10
Oracle Java MethodHandle Sandbox Bypass Remote Code Execution Vulnerability
ZDI-13-078 CVE: CVE-2013-1491 Published: 2013-05-10
(Pwn2Own) Oracle Java Font Handling Remote Code Execution Vulnerability
ZDI-13-077 CVE: CVE-2013-0402 Published: 2013-05-10
(Pwn2Own) Oracle Java FLV Parsing Remote Code Execution Vulnerability
ZDI-13-076 CVE: CVE-2013-1488 Published: 2013-05-10
(Pwn2Own) Oracle Java DriverManager Privilege Block Remote Code Execution Vulnerability
ZDI-13-075 CVE: CVE-2013-2426 Published: 2013-05-10
Oracle Java java.util.concurrent.ConcurrentHashMap Remote Code Execution Vulnerability
ZDI-13-074 CVE: CVE-2013-2428 Published: 2013-05-10
Oracle Java JavaFX WebPage Remote Code Execution Vulnerability
ZDI-13-073 CVE: CVE-2013-2420 Published: 2013-05-10
Oracle Java setICMpixels Remote Code Execution Vulnerability
ZDI-13-072 CVE: CVE-2013-2394 Published: 2013-05-10
Oracle Java t2k Type1 Subroutine Indexing Remote Code Execution Vulnerability
ZDI-13-071 CVE: CVE-2013-2434 Published: 2013-05-10
Oracle Java t2k.dll glyph_AddPoint() Remote Code Execution Vulnerability
ZDI-13-070 CVE: CVE-2013-2383 Published: 2013-05-10
Oracle Java "mort" TTF Table Ligature Substitution Remote Code Execution Vulnerability
ZDI-13-069 CVE: CVE-2013-1569 Published: 2013-05-10
Oracle Java "mort" TTF Table Remote Code Execution Vulnerability
ZDI-13-068 CVE: CVE-2013-2384 Published: 2013-05-10
Oracle Java GSUB TTF Table LookupCount Remote Code Execution Vulnerability
ZDI-13-067 CVE: CVE-2013-1177 Published: 2013-05-10
Cisco Clean Access Manager filter SQL Injection Remote Code Execution Vulnerability
ZDI-13-066 CVE: CVE-2013-1177 Published: 2013-05-10
Cisco Clean Access Manager sortColumn SQL Injection Remote Code Execution Vulnerability
ZDI-13-065 CVE: CVE-2013-1296 Published: 2013-05-10
Microsoft Internet Explorer RDP ActiveX Control Remote Code Execution Vulnerability
ZDI-13-064 CVE: CVE-2013-0912 Published: 2013-05-10
(Pwn2Own) Google Chrome Type Confusion Remote Code Execution Vulnerability
ZDI-13-063 CVE: CVE-2012-5212 Published: 2013-04-09
HP Intelligent Management Center JavaService Information Disclosure Vulnerability
ZDI-13-062 CVE: CVE-2012-5207 Published: 2013-04-09
HP Intelligent Management Center RssServlet Information Disclosure Vulnerability
ZDI-13-061 CVE: CVE-2012-5206 Published: 2013-04-09
HP Intelligent Management Center SyslogDownloadServlet Information Disclosure Vulnerability
ZDI-13-060 CVE: CVE-2012-5209 Published: 2013-04-09
HP Intelligent Management Center flexFileUpload Servlet Remote Code Execution Vulnerability
ZDI-13-059 CVE: CVE-2012-5210 Published: 2013-04-09
HP Intelligent Management Center TAM tamServletDownload Servlet Information Disclosure Vulnerability
ZDI-13-058 CVE: CVE-2012-5211 Published: 2013-04-09
HP Intelligent Management Center UAM acmServletDownload Servlet Information Disclosure Vulnerability
ZDI-13-057 CVE: CVE-2012-5208 Published: 2013-04-09
HP Intelligent Management Center DownloadServlet Information Disclosure Vulnerability
ZDI-13-056 CVE: CVE-2013-1146 Published: 2013-04-09
Cisco IOS Smart Install Configuration File Upload Remote Code Execution Vulnerability
ZDI-13-055 CVE: CVE-2013-0971 Published: 2013-04-09
Apple Mac OS X PDF Ink Annotations Processing Remote Code Execution Vulnerability
ZDI-13-054 CVE: CVE-2012-5205 Published: 2013-03-22
HP Intelligent Management Center DownloadReportSourceServlet Information Disclosure Vulnerability
ZDI-13-053 CVE: CVE-2012-5204 Published: 2013-03-22
HP Intelligent Management Center IctDownloadServlet Information Disclosure Vulnerability
ZDI-13-052 CVE: CVE-2012-5203 Published: 2013-03-22
HP Intelligent Management Center ReportImgServlet Information Disclosure Vulnerability
ZDI-13-051 CVE: CVE-2012-5202 Published: 2013-03-22
HP Intelligent Management Center FaultDownloadServlet Information Disclosure Vulnerability
ZDI-13-050 CVE: CVE-2012-5201 Published: 2013-03-22
HP Intelligent Management Center mibFileUpload Servlet Remote Code Execution Vulnerability
ZDI-13-049 CVE: CVE-2013-1080 Published: 2013-03-22
Novell ZENworks Control Center File Upload Remote Code Execution Vulnerability
ZDI-13-048 CVE: CVE-2013-1079 Published: 2013-03-22
Novell ZENWorks AdminStudio ISProxy ActiveX Remote Code Execution Vulnerability
ZDI-13-047 CVE: CVE-2013-0094 Published: 2013-03-22
Microsoft Internet Explorer removeChild Use-After-Free Remote Code Execution Vulnerability
ZDI-13-046 CVE: CVE-2013-0093 Published: 2013-03-22
Microsoft Internet Explorer onBeforeCopy Use-After-Free Remote Code Execution Vulnerability
ZDI-13-045 CVE: CVE-2013-0092 Published: 2013-03-22
Microsoft Internet Explorer GetMarkupPtr Use-After-Free Remote Code Execution Vulnerability
ZDI-13-044 CVE: CVE-2013-0089 Published: 2013-03-22
Microsoft Internet Explorer CMarkupBehaviorContext Use-After-Free Remote Code Execution Vulnerability
ZDI-13-043 CVE: CVE-2013-0088 Published: 2013-03-22
Microsoft Internet Explorer saveHistory Use-After-Free Remote Code Execution Vulnerability
ZDI-13-042 CVE: CVE-2013-1484 Published: 2013-03-22
Oracle Java setUncaughtExceptionHandler Security Manager Bypass Remote Code Execution Vulnerability
ZDI-13-041 CVE: CVE-2013-1485 Published: 2013-03-22
Oracle Java doPrivilegedWithCombiner Security Manager Bypass Remote Code Execution Vulnerability
ZDI-13-040 CVE: CVE-2013-1484 Published: 2013-03-22
Oracle Java Proxy.newProxyInstance Security Manager Bypass Remote Code Execution Vulnerability
ZDI-13-039 CVE: CVE-2013-0754 Published: 2013-03-22
Mozilla Firefox ListenerManager Use-After-Free Remote Code Execution Vulnerability
ZDI-13-038 CVE: CVE-2013-0755 Published: 2013-03-22
Mozilla Firefox mozVibrate Use-After-Free Remote Code Execution Vulnerability
ZDI-13-037 CVE: CVE-2013-0756 Published: 2013-03-22
Mozilla Firefox obj_toSource Use-After-Free Remote Code Execution Vulnerability
ZDI-13-036 CVE: CVE-2013-1085 Published: 2013-03-22
Novell GroupWise Messenger import Command Remote Code Execution Vulnerability
ZDI-13-035 CVE: CVE-2013-0930 Published: 2013-02-14
EMC AlphaStor Device Manager 0x41 Command Remote Code Execution Vulnerability
ZDI-13-034 CVE: CVE-2013-0929 Published: 2013-02-14
EMC AlphaStor Device Manager 0x75 Command Remote Code Execution Vulnerability
ZDI-13-033 CVE: CVE-2013-0928 Published: 2013-02-14
EMC AlphaStor Device Manager 0x75 Command Injection Remote Code Execution Vulnerability
ZDI-13-032 CVE: CVE-2013-0028 Published: 2013-02-14
Microsoft Internet Explorer CObjectElement Use-After-Free Remote Code Execution Vulnerability
ZDI-13-031 CVE: CVE-2013-0029 Published: 2013-02-14
Microsoft Internet Explorer CHTML Use-After-Free Remote Code Execution Vulnerability
ZDI-13-030 CVE: CVE-2013-0029 Published: 2013-02-14
Microsoft Internet Explorer CHTML Use-After-Free Remote Code Execution Vulnerability
ZDI-13-029 CVE: CVE-2013-0020 Published: 2013-02-14
Microsoft Internet Explorer CMarkup Use-After-Free Remote Code Execution Vulnerability
ZDI-13-028 CVE: CVE-2013-0018 Published: 2013-02-14
Microsoft Internet Explorer SetCapture Use-After-Free Remote Code Execution Vulnerability
ZDI-13-027 CVE: CVE-2013-0024 Published: 2013-02-14
Microsoft Internet Explorer pasteHTML Use-After-Free Remote Code Execution Vulnerability
ZDI-13-026 CVE: CVE-2013-0023 Published: 2013-02-14
Microsoft Internet Explorer CDispNode Use-After-Free Remote Code Execution Vulnerability
ZDI-13-025 CVE: CVE-2013-0019 Published: 2013-02-14
Microsoft Internet Explorer COmWindowProxy Use-After-Free Remote Code Execution Vulnerability
ZDI-13-024 CVE: CVE-2013-1313 Published: 2013-02-14
Microsoft Windows OLE Automation Remote Code Execution Vulnerability
ZDI-13-023 CVE: CVE-2013-1479 Published: 2013-02-11
Oracle Java JavaFX D3DRendererDelegate Remote Code Execution Vulnerability
ZDI-13-022 CVE: CVE-2013-1480 Published: 2013-02-11
Oracle Java AWT Image Transform Remote Code Execution Vulnerability
ZDI-13-021 CVE: CVE-2012-5677 Published: 2013-02-11
Adobe Flash Player loadPCMFromByteArray Remote Code Execution Vulnerability
ZDI-13-020 CVE: CVE-2012-4607 Published: 2013-02-11
EMC NetWorker nsrck.exe Remote Code Execution Vulnerability
ZDI-13-019 CVE: CVE-2012-4607 Published: 2013-02-11
EMC NetWorker nsrindexd.exe Opcode 0x07 Parsing Remote Code Execution Vulnerability
ZDI-13-018 CVE: Published: 2013-02-11
Citrix Provisioning Services streamprocess.exe vDisk Name Parsing Remote Code Execution Vulnerability
ZDI-13-017 CVE: CVE-2012-3282 Published: 2013-02-11
HP LeftHand Virtual SAN Appliance Password Hash Disclosure Remote Code Execution Vulnerability
ZDI-13-016 CVE: CVE-2012-3283 Published: 2013-02-11
HP LeftHand Virtual SAN Appliance Hydra Set Disk Remote Code Execution Vulnerability
ZDI-13-015 CVE: CVE-2012-3284 Published: 2013-02-11
HP LeftHand Virtual SAN Appliance Hydra SNMP Remote Code Execution Vulnerability
ZDI-13-014 CVE: CVE-2012-3285 Published: 2013-02-11
HP LeftHand Virtual SAN Appliance Hydra Ping Hostname Remote Code Execution Vulnerability
ZDI-13-013 CVE: CVE-2012-1543 Published: 2013-02-11
Oracle Java JavaFX WCMediaPlayer Remote Code Execution Vulnerability
ZDI-13-012 CVE: CVE-2012-1543 Published: 2013-02-11
Oracle Java JavaFX WCGraphicsManager Remote Code Execution Vulnerability
ZDI-13-011 CVE: CVE-2012-3213 Published: 2013-02-11
Oracle Java NativeJavaConstructor Class Serialization Remote Code Execution Vulnerability
ZDI-13-010 CVE: CVE-2013-1481 Published: 2013-02-11
Oracle Java PV_ProcessSampleWithSMOD Remote Code Execution Vulnerability
ZDI-13-009 CVE: CVE-2012-3748 Published: 2013-02-01
(Mobile Pwn2Own) Apple Safari shiftCount/splice Remote Code Execution Vulnerability
ZDI-13-008 CVE: CVE-2012-0439 Published: 2013-02-01
Novell GroupWise gwcls1.dll ActiveX Control Remote Code Execution Vulnerability
ZDI-13-007 CVE: CVE-2012-2548 Published: 2013-02-01
Microsoft Internet Explorer Layout Remote Code Execution Vulnerability
ZDI-13-006 CVE: CVE-2013-0753 Published: 2013-02-01
Mozilla Firefox XMLSerializer Use-After-Free Remote Code Execution Vulnerability
ZDI-13-005 CVE: CVE-2013-0002 Published: 2013-02-01
Microsoft .NET Framework EncoderParameters.ConvertToMemory Remote Code Execution Vulnerability
ZDI-13-004 CVE: CVE-2013-0003 Published: 2013-02-01
Microsoft .NET Framework System.DirectoryServices.Protocols Remote Code Execution Vulnerability
ZDI-13-003 CVE: CVE-2013-0750 Published: 2013-02-01
Mozilla Firefox String Replacement Heap Corruption Remote Code Execution Vulnerability
ZDI-13-002 CVE: CVE-2012-3174 Published: 2013-02-01
Oracle Java Runtime Environment MethodHandle Security Manager Bypass Remote Code Execution Vulnerability
ZDI-13-001 CVE: CVE-2013-0418 Published: 2013-02-01
Oracle Outside In CorelDRAW File Parsing Remote Code Execution Vulnerability