Published Advisories

PUBLISHED ADVISORIES

The following is a list of all publicly disclosed vulnerabilities discovered by Zero Day Initiative researchers. While the affected vendor is working on a patch for these vulnerabilities, Trend Micro customers are protected from exploitation by security filters delivered ahead of public disclosure.

All security vulnerabilities that are acquired by the Zero Day Initiative are handled according to the ZDI Disclosure Policy. Once the affected vendor patches the vulnerability, we publish an accompanying security advisory which describes the issue, including links to the vendor's fixes.

Available in RSS Format
ZDI ID ZDI CAN AFFECTED VENDOR(S) CVE CVSS v3.0 PUBLISHED UPDATED TITLE
ZDI-06-054 ZDI-CAN-086 Novell CVE-2006-6425   2006-12-22 Novell NetMail IMAP APPEND Buffer Overflow Vulnerability
ZDI-06-053 ZDI-CAN-085 Novell CVE-2006-6424   2006-12-22 Novell NetMail IMAP Verb Literal Heap Overflow Vulnerability
ZDI-06-052 ZDI-CAN-082 Novell CVE-2006-6424   2006-12-22 Novell NetMail NMAP STOR Buffer Overflow Vulnerability
ZDI-06-051 ZDI-CAN-126 Mozilla Firefox, Mozilla Firefox CVE-2006-6504   2006-12-19 Mozilla Firefox SVG Processing Remote Code Execution Vulnerability
ZDI-06-050 ZDI-CAN-071 Symantec CVE-2006-5822   2006-12-13 Symantec Veritas NetBackup CONNECT_OPTIONS Buffer Overflow Vulnerability
ZDI-06-049 ZDI-CAN-070 Symantec CVE-2006-6222   2006-12-13 Symantec Veritas NetBackup Long Request Buffer Overflow Vulnerability
ZDI-06-048 ZDI-CAN-072 Microsoft CVE-2006-5581   2006-12-12 Microsoft Internet Explorer normalize() Function Memory Corruption Vulnerability
ZDI-06-047 ZDI-CAN-068 Microsoft CVE-2006-4704   2006-12-12 Microsoft Visual Studio WmiScriptUtils.dll Cross-Zone Scripting Vulnerability
ZDI-06-046 ZDI-CAN-091 Sophos CVE-2006-6335   2006-12-12 Sophos Anti-Virus SIT Archive Parsing Buffer Overflow Vulnerability
ZDI-06-045 ZDI-CAN-090 Sophos CVE-2006-6335   2006-12-12 Sophos Anti-Virus CPIO Archive Parsing Buffer Overflow Vulnerability
ZDI-06-044 ZDI-CAN-042 Adobe CVE-2006-5856   2006-12-06 Adobe Download Manager AOM Parsing Buffer Overflow Vulnerability
ZDI-06-043 ZDI-CAN-100 Novell CVE-2006-5854   2006-11-29 Novell Netware Client Print Provider Buffer Overflow Vulnerability
ZDI-06-042 ZDI-CAN-039 Verity CVE-2006-5819   2006-11-15 Verity Ultraseek Request Proxying Vulnerability
ZDI-06-041 ZDI-CAN-080 Microsoft CVE-2006-4687   2006-11-14 Microsoft Internet Explorer CSS Float Property Memory Corruption Vulnerability
ZDI-06-040 ZDI-CAN-077 WinZip Computing CVE-2006-5198   2006-11-14 WinZip FileView ActiveX Control Unsafe Method Exposure Vulnerability
ZDI-06-039 ZDI-CAN-003 NetIQ CVE-2006-5487   2006-11-10 Marshal MailMarshal ARJ Extraction Directory Traversal Vulnerability
ZDI-06-038 ZDI-CAN-062 Citrix CVE-2006-5821   2006-11-09 Citrix MetaFrame IMA Management Module Remote Heap Overflow Vulnerability
ZDI-06-037 ZDI-CAN-102 America Online CVE-2006-5650   2006-11-06 America Online ICQ ActiveX Control Code Execution Vulnerability
ZDI-06-036 ZDI-CAN-076 Novell CVE-2006-5478   2006-10-31 Novell Netmail User Authentication Buffer Overflow Vulnerability
ZDI-06-035 ZDI-CAN-081 Novell CVE-2006-5478   2006-10-26 Novell eDirectory NDS Server Host Header Buffer Overflow Vulnerability
ZDI-06-034 ZDI-CAN-061 Microsoft CVE-2006-3650   2006-10-10 Microsoft Word Malformed Chart Code Execution Vulnerability
ZDI-06-033 ZDI-CAN-059 Microsoft CVE-2006-2387   2006-10-10 Microsoft Office Excel File Format DATETIME Record Parsing Vulnerability
ZDI-06-032 ZDI-CAN-065 Microsoft CVE-2006-3435   2006-10-10 Microsoft PowerPoint Malformed Slide Notes Rebuilding Vulnerability
ZDI-06-031 ZDI-CAN-046 Computer Associates CVE-2006-5143   2006-10-05 CA Multiple Product Message Engine RPC Server Code Execution Vulnerability
ZDI-06-030 ZDI-CAN-041 Computer Associates CVE-2006-5143   2006-10-05 CA BrightStor ARCserve Discovery Service Remote Buffer Overflow Vulnerability
ZDI-06-029 ZDI-CAN-078 Ipswitch CVE-2006-5000   2006-09-26 Ipswitch WS_FTP Server Checksum Command Parsing Buffer Overflow Vulnerabilities
ZDI-06-028 ZDI-CAN-067 Ipswitch CVE-2006-4379   2006-09-08 Ipswitch Collaboration Suite SMTP Server Stack Overflow Vulnerability
ZDI-06-027 ZDI-CAN-066 Microsoft CVE-2006-3450   2006-08-08 Microsoft Internet Explorer CSS Class Ordering Memory Corruption Vulnerability
ZDI-06-026 ZDI-CAN-058 Microsoft CVE-2006-3451   2006-08-08 Microsoft Internet Explorer Multiple CSS Imports Memory Corruption Vulnerability
ZDI-06-025 ZDI-CAN-055 Mozilla Firefox CVE-2006-3677   2006-07-26 Mozilla Firefox Javascript navigator Object Vulnerability
ZDI-06-024 ZDI-CAN-052 eIQnetworks CVE-2006-3838   2006-07-25 eIQnetworks Enterprise Security Analyzer License Manager Buffer Overflow
ZDI-06-023 ZDI-CAN-053 eIQnetworks CVE-2006-3838   2006-07-25 eIQnetworks Enterprise Security Analyzer Syslog TCP Server Buffer Overflow Vulnerability
ZDI-06-022 ZDI-CAN-045 Microsoft CVE-2006-2388   2006-07-11 Microsoft Office Excel File Rebuilding Code Execution Vulnerability
ZDI-06-021 ZDI-CAN-034 WebEx Communications Inc. CVE-2006-3423   2006-07-06 WebEx Downloader Plug-in Code Execution Vulnerability
ZDI-06-020 ZDI-CAN-043 Apple CVE-2006-1467   2006-06-29 Apple iTunes AAC File Parsing Integer Overflow Vulnerability
ZDI-06-019 ZDI-CAN-040 GraceNote CVE-2006-3134   2006-06-27 GraceNote CDDBControl ActiveX Buffer Overflow Vulnerability
ZDI-06-018 ZDI-CAN-044 Microsoft CVE-2006-2383   2006-06-13 Microsoft Internet Explorer DXImageTransform ActiveX Memory Corruption Vulnerability
ZDI-06-017 ZDI-CAN-012 Microsoft CVE-2006-2382   2006-06-13 Microsoft Internet Explorer UTF-8 Decoding Heap Overflow Vulnerability
ZDI-06-016 ZDI-CAN-027 Novell CVE-2006-2496   2006-06-13 Novell eDirectory 8.8 NDS Server Buffer Overflow Vulnerability
ZDI-06-015 ZDI-CAN-033 Apple CVE-2006-1463   2006-05-11 Apple QuickTime H.264 Parsing Buffer Overflow Vulnerability
ZDI-06-014 ZDI-CAN-030 Verisign CVE-2006-2273   2006-05-10 Verisign I-Nav ActiveX Control Code Execution Vulnerability
ZDI-06-013 ZDI-CAN-017 3Com TippingPoint CVE-2006-0993   2006-05-09 TippingPoint SMS Server Authentication Bypass Vulnerability
ZDI-06-012 ZDI-CAN-032 Sophos CVE-2006-0994   2006-05-08 Sophos Anti-Virus CAB Unpacking Code Execution Vulnerability
ZDI-06-011 ZDI-CAN-026 Mozilla Firefox CVE-2006-0748   2006-04-25 Mozilla Firefox Table Rebuilding Code Execution Vulnerability
ZDI-06-010 ZDI-CAN-015 Mozilla Firefox CVE-2006-1730   2006-04-17 Mozilla Firefox CSS Letter-Spacing Heap Overflow Vulnerability
ZDI-06-009 ZDI-CAN-008 Mozilla Firefox CVE-2006-0749   2006-04-17 Mozilla Firefox Tag Parsing Code Execution Vulnerability
ZDI-06-008 ZDI-CAN-028 Novell CVE-2006-0992   2006-04-13 Novell GroupWise Messenger Accept-Language Buffer Overflow Vulnerability
ZDI-06-007 ZDI-CAN-002 Microsoft CVE-2006-0014   2006-04-11 Microsoft Windows Address Book (WAB) File Format Parsing Vulnerability
ZDI-06-006 ZDI-CAN-016 Symantec CVE-2006-0990   2006-03-27 Symantec VERITAS NetBackup Database Manager Buffer Overflow Vulnerability
ZDI-06-005 ZDI-CAN-010 Symantec CVE-2006-0989   2006-03-27 Symantec VERITAS NetBackup Volume Manager Buffer Overflow Vulnerability
ZDI-06-004 ZDI-CAN-024 Microsoft CVE-2006-0028   2006-03-14 Microsoft Excel File Format Parsing Vulnerability
ZDI-06-003 ZDI-CAN-009 Ipswitch CVE-2005-3526   2006-03-13 2020-04-17 Ipswitch Collaboration Suite Code Execution Vulnerability
ZDI-06-002 ZDI-CAN-007 Adobe CVE-2005-3525   2006-02-23 Adobe Macromedia ShockWave Code Execution Vulnerability
ZDI-06-001 ZDI-CAN-011 Clam AntiVirus CVE-2006-0162   2006-01-12 Clam AntiVirus UPX Unpacking Code Execution Vulnerability