TippingPoint Zero Day Initiative
 

Published Advisories

The following is a list of all publicly disclosed vulnerabilities discovered by TippingPoint Zero Day Initiative researchers. While the affected vendor is working on a patch for these vulnerabilities, TippingPoint customers are protected from exploitation by IPS filters delivered ahead of public disclosure. TippingPoint customers are additionally protected against 0day vulnerabilities discovered by our own DVLabs researchers. A list of published advisories discovered by TippingPoint's DVLabs research group is available from:

ZDI Advisories: 2014   |   2013   |   2012   |   2011   |   2010   |   2009   |   2008   |   2007   |   2006   |   2005

ZDI-07-080 CVE: Published: 2010-01-27
Multiple Vendor Web Console Privilege Escalation Vulnerability
ZDI-07-079 CVE: CVE-2007-6195 Published: 2007-12-17
Hewlett-Packard HP-UX swagentd Buffer Overflow Vulnerability
ZDI-07-078 CVE: CVE-2007-6281 Published: 2007-12-17
St. Bernard Open File Manager Heap Overflow Vulnerability
ZDI-07-077 CVE: CVE-2007-6507 Published: 2007-12-17
Trend Micro ServerProtect StRpcSrv.dll Insecure Method Exposure Vulnerability
ZDI-07-076 CVE: CVE-2007-3039 Published: 2007-12-11
Microsoft Windows Message Queuing Service Stack Overflow Vulnerability
ZDI-07-075 CVE: CVE-2007-5344 Published: 2007-12-11
Microsoft Internet Explorer Element Tags Vulnerability
ZDI-07-074 CVE: CVE-2007-3903 Published: 2007-12-11
Microsoft Internet Explorer Node Manipulation Memory Corruption Vulnerability
ZDI-07-073 CVE: CVE-2007-3902 Published: 2007-12-11
Microsoft Internet Explorer setExpression Code Execution Vulnerability
ZDI-07-072 CVE: CVE-2007-6302 Published: 2007-12-10
Novell NetMail AntiVirus Agent Multiple Heap Overflow Vulnerabilities
ZDI-07-071 CVE: CVE-2007-6204 Published: 2007-12-06
Hewlett-Packard OpenView Network Node Manager Multiple CGI Buffer Overflow Vulnerabilities
ZDI-07-070 CVE: CVE-2007-5989 Published: 2007-12-06
Skype URI Handler Remote Heap Corruption Vulnerability
ZDI-07-069 CVE: CVE-2007-5328 Published: 2007-11-26
CA BrightStor ARCserve Backup Message Engine Insecure Method Exposure Vulnerability
ZDI-07-068 CVE: CVE-2007-4672 Published: 2007-11-05
Apple QuickTime Uncompressedfile Opcode Stack Overflow Vulnerability
ZDI-07-067 CVE: CVE-2007-4676 Published: 2007-11-05
Apple QuickTime PICT File Poly Opcodes Heap Corruption Vulnerability
ZDI-07-066 CVE: CVE-2007-4676 Published: 2007-11-05
Apple Quicktime PICT File PackBitsRgn Parsing Heap Corruption Vulnerability
ZDI-07-065 CVE: CVE-2007-4677 Published: 2007-11-05
Apple QuickTime Color Table RGB Parsing Heap Corruption Vulnerability
ZDI-07-064 CVE: CVE-2007-5767 Published: 2007-10-31
Novell Client Trust Heap Overflow Vulnerability
ZDI-07-063 CVE: CVE-2007-2264 Published: 2007-10-31
RealPlayer RA Field Size File Processing Heap Overflow Vulnerability
ZDI-07-062 CVE: CVE-2007-4599 Published: 2007-10-31
RealNetworks RealPlayer PLS File Memory Corruption Vulnerability
ZDI-07-061 CVE: CVE-2007-2263 Published: 2007-11-02
RealNetworks RealPlayer SWF Processing Remote Code Execution Vulnerability
ZDI-07-060 CVE: CVE-2007-5413 Published: 2007-10-31
Hewlett-Packard OpenView Radia Integration Server File System Exposure Vulnerability
ZDI-07-059 CVE: CVE-2007-5909 Published: 2007-10-31
Verity KeyView SDK Multiple File Format Parsing Vulnerabilities
ZDI-07-058 CVE: CVE-2007-5766 Published: 2007-10-31
Oracle E-Business Suite SQL Injection Vulnerability
ZDI-07-057 CVE: CVE-2007-4992 Published: 2007-10-10
Firebird process_packet() Remote Stack Overflow Vulnerability
ZDI-07-056 CVE: CVE-2007-2582 Published: 2007-10-10
IBM DB2 DB2JDS Multiple Vulnerabilities
ZDI-07-055 CVE: CVE-2007-2228 Published: 2007-10-10
Microsoft Windows DCERPC Authentication Denial of Service Vulnerability
ZDI-07-054 CVE: CVE-2007-4880 Published: 2007-09-24
IBM Tivoli Storage Manager Express CAD Service Buffer Overflow Vulnerability
ZDI-07-053 CVE: CVE-2007-4991 Published: 2007-09-20
Microsoft ISA Server SOCKS4 Proxy Connection Leakage Vulnerability
ZDI-07-052 CVE: CVE-2007-3999 Published: 2007-09-12
Multiple Kerberos Implementations Authentication Context Stack Overflow Vulnerability
ZDI-07-051 CVE: CVE-2007-4731 Published: 2007-09-07
Trend Micro ServerProtect TMregChange() Stack Overflow Vulnerability
ZDI-07-050 CVE: CVE-2007-4218 Published: 2007-09-07
Trend Micro ServerProtect RPCFN_SetComputerName() Stack Overflow Vulnerability
ZDI-07-049 CVE: CVE-2007-3618 Published: 2007-08-20
EMC Legato Networker Remote Exec Service Stack Overflow Vulnerabilities
ZDI-07-048 CVE: CVE-2007-2223 Published: 2007-08-14
Microsoft Internet Explorer substringData Heap Overflow Vulnerability
ZDI-07-047 CVE: CVE-2007-3035 Published: 2007-08-14
Microsoft Windows Media Player Malformed Skin Header Code Execution Vulnerability
ZDI-07-046 CVE: CVE-2007-3037 Published: 2007-08-14
Microsoft Windows Media Player Skin Parsing Size Mismatch Heap Overflow Vulnerability
ZDI-07-045 CVE: CVE-2007-2954 Published: 2007-08-06
Novell Client NWSPOOL.DLL Stack Overflow Vulnerability
ZDI-07-044 CVE: CVE-2007-3911 Published: 2007-07-25
BakBone NetVault Reporter Scheduler Heap Overflow Vulnerability
ZDI-07-043 CVE: CVE-2007-2795 Published: 2007-07-19
Ipswitch IMail IMAP Daemon SUBSCRIBE Stack Overflow Vulnerability
ZDI-07-042 CVE: CVE-2007-2795 Published: 2007-07-19
Ipswitch IMail Server GetIMailHostEntry Memory Corruption Vulnerability
ZDI-07-041 CVE: CVE-2007-3026 Published: 2007-07-20
Panda Software AdminSecure Agent Heap Overflow Vulnerability
ZDI-07-040 CVE: CVE-2007-0447 Published: 2007-07-12
Symantec AntiVirus Engine CAB Parsing Heap Overflow Vulnerability
ZDI-07-039 CVE: CVE-2007-3699 Published: 2007-07-12
Symantec AntiVirus Engine RAR File Parsing DoS Vulnerability
ZDI-07-038 CVE: CVE-2007-1751 Published: 2007-06-12
Microsoft Internet Explorer Prototype Dereference Code Execution Vulnerability
ZDI-07-037 CVE: CVE-2007-3027 Published: 2007-06-12
Microsoft Internet Explorer Language Pack Installation Remote Code Execution Vulnerability
ZDI-07-036 CVE: CVE-2007-2796 Published: 2007-06-11
Arris Cadant C3 CMTS Remote DoS Vulnerability
ZDI-07-035 CVE: CVE-2007-2864 Published: 2007-06-05
CA Multiple Product AV Engine CAB Header Parsing Stack Overflow Vulnerability
ZDI-07-034 CVE: CVE-2007-2863 Published: 2007-06-05
CA Multiple Product AV Engine CAB Filename Parsing Stack Overflow Vulnerability
ZDI-07-033 CVE: CVE-2007-2446 Published: 2007-07-11
Samba lsa_io_trans_names Heap Overflow Vulnerability
ZDI-07-032 CVE: CVE-2007-2446 Published: 2007-07-11
Samba sec_io_acl Heap Overflow Vulnerability
ZDI-07-031 CVE: CVE-2007-2446 Published: 2007-07-11
Samba smb_io_notify_option_type_data Heap Overflow Vulnerability
ZDI-07-030 CVE: CVE-2007-2446 Published: 2007-07-11
Samba netdfs_io_dfs_EnumInfo_d Heap Overflow Vulnerability
ZDI-07-029 CVE: CVE-2007-2446 Published: 2007-07-11
Samba lsa_io_privilege_set Heap Overflow Vulnerability
ZDI-07-028 CVE: CVE-2007-2522 Published: 2007-05-10
CA eTrust AntiVirus Server inoweb Buffer Overflow Vulnerability
ZDI-07-027 CVE: CVE-2007-0944 Published: 2007-05-08
Microsoft Internet Explorer Table Column Deletion Memory Corruption Vulnerability
ZDI-07-026 CVE: CVE-2007-0215 Published: 2007-05-08
Microsoft Excel BIFF File Format Named Graph Record Parsing Stack Overflow Vulnerability
ZDI-07-025 CVE: CVE-2007-2508 Published: 2007-05-07
Trend Micro ServerProtect AgRpcCln.dll Stack Overflow Vulnerability
ZDI-07-024 CVE: CVE-2007-2508 Published: 2007-05-07
Trend Micro ServerProtect EarthAgent Stack Overflow Vulnerability
ZDI-07-023 CVE: CVE-2007-2175 Published: 2007-05-01
Apple QTJava toQTPointer() Pointer Arithmetic Memory Overwrite Vulnerability
ZDI-07-022 CVE: CVE-2007-2139 Published: 2007-04-24
CA BrightStor ArcServe Media Server Multiple Buffer Overflow Vulnerabilities
ZDI-07-021 CVE: CVE-2007-0443 Published: 2007-04-19
GraceNote CDDBControl ActiveX Buffer Overflow Vulnerability
ZDI-07-020 CVE: CVE-2007-1972 Published: 2007-04-18
BMC Performance Manager SNMP Command Execution Vulnerability
ZDI-07-019 CVE: CVE-2007-2136 Published: 2007-04-18
BMC Patrol PerformAgent bgs_sdservice Memory Corruption Vulnerability
ZDI-07-018 CVE: CVE-2007-2137 Published: 2007-04-17
IBM Tivoli Monitoring Express Universal Agent Heap Overflow Vunlerability
ZDI-07-017 CVE: CVE-2007-2135 Published: 2007-04-18
Oracle E-Business Suite Arbitrary Document Download Vulnerability
ZDI-07-016 CVE: CVE-2007-2170 Published: 2007-04-17
Oracle E-Business Suite Arbitrary Node Deletion Vulnerability
ZDI-07-015 CVE: CVE-2007-2171 Published: 2007-04-18
Novell Groupwise WebAccess Base64 Decoding Stack Overflow Vulnerability
ZDI-07-014 CVE: CVE-2007-1112 Published: 2007-04-05
Kaspersky Antivirus ActiveX Unsafe Methods Vulnerability
ZDI-07-013 CVE: CVE-2007-0445 Published: 2007-04-05
Kaspersky AntiVirus Engine ARJ Archive Parsing Heap Overflow Vulnerability
ZDI-07-012 CVE: CVE-2007-1680 Published: 2007-04-03
Yahoo! Messenger AudioConf ActiveX Control Buffer Overflow Vulnerability
ZDI-07-011 CVE: CVE-2007-1675 Published: 2007-03-28
IBM Lotus Domino IMAP Server CRAM-MD5 Authentication Buffer Overflow Vulnerability
ZDI-07-010 CVE: CVE-2007-0714 Published: 2007-03-07
Apple Quicktime UDTA Parsing Heap Overflow Vulnerability
ZDI-07-009 CVE: CVE-2007-1350 Published: 2007-03-07
Novell Netmail WebAdmin Buffer Overflow Vulnerability
ZDI-07-008 CVE: CVE-2007-0774 Published: 2007-03-02
Apache Tomcat JK Web Server Connector Long URL Stack Overflow Vulnerability
ZDI-07-007 CVE: CVE-2007-0446 Published: 2007-02-08
Hewlett-Packard Mercury LoadRunner Agent Stack Overflow Vulnerability
ZDI-07-006 CVE: CVE-2007-0444 Published: 2007-01-24
Citrix Metaframe Presentation Server Print Provider Buffer Overflow Vulnerability
ZDI-07-005 CVE: CVE-2007-0243 Published: 2007-01-16
Sun Microsystems Java GIF File Parsing Memory Corruption Vulnerability
ZDI-07-004 CVE: CVE-2007-0169 Published: 2007-01-11
CA BrightStor ARCserve Backup Tape Engine Buffer Overflow Vulnerability
ZDI-07-003 CVE: CVE-2007-0169 Published: 2007-01-11
CA BrightStor ARCserve Backup Message Engine Buffer Overflow Vulnerability
ZDI-07-002 CVE: CVE-2007-0168 Published: 2007-01-11
CA BrightStor ARCserve Backup Tape Engine Code Execution Vulnerability
ZDI-07-001 CVE: CVE-2006-6336 Published: 2007-01-05
QUALCOMM Eudora WorldMail Remote Management Heap Overflow Vulnerability