TippingPoint Zero Day Initiative
 

Published Advisories

The following is a list of all publicly disclosed vulnerabilities discovered by TippingPoint Zero Day Initiative researchers. While the affected vendor is working on a patch for these vulnerabilities, TippingPoint customers are protected from exploitation by IPS filters delivered ahead of public disclosure. TippingPoint customers are additionally protected against 0day vulnerabilities discovered by our own DVLabs researchers. A list of published advisories discovered by TippingPoint's DVLabs research group is available from:

ZDI Advisories: 2014   |   2013   |   2012   |   2011   |   2010   |   2009   |   2008   |   2007   |   2006   |   2005

ZDI-08-099 CVE: CVE-2008-4019 Published: 2008-10-14
Microsoft Office Excel REPT Formula Parsing Remote Code Execution Vulnerability
ZDI-08-098 CVE: Published: 2008-06-10
AOL AIM SIPFoundry sipXtapi RTP Processing Heap Overflow Vulnerability
ZDI-08-097 CVE: Published: 2008-06-10
AOL AIM SIPFoundry sipXtapi RTCP Processing Heap Overflow Vulnerability
ZDI-08-096 CVE: CVE-2008-3684 Published: 2008-08-14
EMC ApplicationXtender Workflow Server Admin Agent Heap Overflow Vulnerability
ZDI-08-095 CVE: CVE-2008-3685 Published: 2008-08-14
EMC ApplicationXtender Workflow Server Admin Agent Arbitrary File Upload Vulnerability
ZDI-08-094 CVE: CVE-2008-5013 Published: 2008-11-12
Mozilla Firefox Flash Player Dynamic Module Unloading Vulnerability
ZDI-08-093 CVE: CVE-2008-5021 Published: 2008-11-12
Mozilla Firefox Input Box Type Property Dangling Pointer Vulnerability
ZDI-08-092 CVE: CVE-2007-6637 Published: 2008-04-08
Adobe Flash Script Injection Cross Domain Scripting Vulnerability
ZDI-08-091 CVE: Published: 2008-12-16
RealNetworks Helix Server NTLM Authentication Malformed Base64 Heap Overflow Vulnerability
ZDI-08-090 CVE: Published: 2008-12-16
RealNetworks Helix Server DataConvertBuffer Heap Overflow Vulnerability
ZDI-08-089 CVE: Published: 2008-12-16
RealNetworks Helix DNA Server RTSP DESCRIBE Heap Overflow Vulnerability
ZDI-08-088 CVE: Published: 2008-12-16
Oracle E-Business Suite Business Intelligence SQL Injection Vulnerability
ZDI-08-087 CVE: CVE-2008-4259 Published: 2008-12-09
Microsoft Internet Explorer Webdav Request Parsing Heap Corruption Vulnerability
ZDI-08-086 CVE: CVE-2008-4837 Published: 2008-12-09
Microsoft Office Word Document Table Property Stack Overflow Vulnerability
ZDI-08-085 CVE: CVE-2008-4028 Published: 2008-12-09
Microsoft Office RTF Drawing Object Heap Overflow Vulnerability
ZDI-08-084 CVE: CVE-2008-4027 Published: 2008-12-09
Microsoft Office RTF Consecutive Drawing Object Parsing Heap Corruption Vulnerability
ZDI-08-083 CVE: CVE-2008-4255 Published: 2008-12-09
Microsoft Animation ActiveX Control Malformed AVI Parsing Code Execution Vulnerability
ZDI-08-082 CVE: CVE-2008-5982 Published: 2008-12-08
BMC PatrolAgent Version Logging Format String Vulnerability
ZDI-08-081 CVE: CVE-2008-5339 Published: 2008-12-04
Sun Java Web Start and Applet Multiple Sandbox Bypass Vulnerabilities
ZDI-08-080 CVE: CVE-2008-5359 Published: 2008-12-04
Sun Java AWT Library Sandbox Violation Vulnerability
ZDI-08-079 CVE: CVE-2008-5403 Published: 2008-12-04
Trillian AIM Plugin Malformed XML Tag Heap Overflow Vulnerability
ZDI-08-078 CVE: CVE-2008-5402 Published: 2008-12-04
Trillian IMG SRC ID Memory Corruption Vulnerability
ZDI-08-077 CVE: CVE-2008-5401 Published: 2008-12-04
Trillian AIM IMG Tag Parsing Stack Overflow Vulnerability
ZDI-08-076 CVE: CVE-2008-5420 Published: 2008-11-20
EMC Control Center SST_SENDFILE Remote File Retrieval Vulnerability
ZDI-08-075 CVE: CVE-2008-5419 Published: 2008-11-20
EMC Control Center SST_CTGTRANS Overflow Vulnerability
ZDI-08-074 CVE: CVE-2008-4813 Published: 2008-11-04
Adobe Acrobat PDF Javascript getCosObj Memory Corruption Vulnerability
ZDI-08-073 CVE: CVE-2008-4813 Published: 2008-11-04
Adobe Acrobat Reader Malformed PDF Code Execution Vulnerability
ZDI-08-072 CVE: CVE-2008-2992 Published: 2008-11-04
Adobe Acrobat PDF Javascript printf Stack Overflow Vulnerability
ZDI-08-071 CVE: CVE-2008-4801 Published: 2008-10-30
IBM Tivoli Storage Manager Express for Microsoft SQL Heap Overflow Vulnerability
ZDI-08-070 CVE: CVE-2008-4918 Published: 2008-10-30
SonicWALL Content-Filtering Universal Script Injection Vulnerability
ZDI-08-069 CVE: CVE-2008-3475 Published: 2008-10-14
Microsoft Internet Explorer componentFromPoint Memory Corruption Vulnerability
ZDI-08-068 CVE: CVE-2008-3471 Published: 2008-10-14
Microsoft Office Excel BIFF File Format Parsing Stack Overflow Vulnerability
ZDI-08-067 CVE: CVE-2008-3641 Published: 2008-10-09
Apple CUPS HP-GL/2 Filter Remote Code Execution Vulnerability
ZDI-08-066 CVE: CVE-2008-4480 Published: 2008-10-08
Novell eDirectory Core Protocol Opcode 0x24 Heap Overflow Vulnerability
ZDI-08-065 CVE: CVE-2008-4478 Published: 2008-10-08
Novell eDirectory Core Protocol Opcode 0x0F Heap Overflow Vulnerability
ZDI-08-064 CVE: CVE-2008-4479 Published: 2008-10-08
Novell eDirectory dhost.exe Accept Language Header Heap Overflow Vulnerability
ZDI-08-063 CVE: CVE-2008-4478 Published: 2008-10-08
Novell eDirectory dhost.exe Content-Length Header Heap Overflow Vulnerability
ZDI-08-062 CVE: CVE-2008-3627 Published: 2008-09-09
Apple QuickTime MDAT Frame Parsing Memory Corruption Vulnerability
ZDI-08-061 CVE: CVE-2008-3627 Published: 2008-09-09
Apple QuickTime Player H.264 Parsing Heap Corruption Vulnerability
ZDI-08-060 CVE: CVE-2008-3627 Published: 2008-09-09
Apple QuickTime AVC1 Atom Parsing Heap Overflow Vulnerability
ZDI-08-059 CVE: CVE-2008-3626 Published: 2008-09-09
Apple QuickTime STSZ Atom Parsing Heap Corruption Vulnerability
ZDI-08-058 CVE: CVE-2008-3625 Published: 2008-09-09
Apple QuickTime Panorama PDAT Atom Parsing Buffer Overflow Vulnerability
ZDI-08-057 CVE: CVE-2008-3635 Published: 2008-09-09
Apple QuickTime IV32 Codec Parsing Stack Overflow Vulnerability
ZDI-08-056 CVE: CVE-2008-3013 Published: 2008-09-09
Microsoft Windows GDI+ GIF Parsing Code Execution Vulnerability
ZDI-08-055 CVE: CVE-2008-3015 Published: 2008-09-09
Microsoft Windows GDI+ BMP Parsing Code Execution Vulnerability
ZDI-08-054 CVE: CVE-2008-2927 Published: 2008-08-28
Multiple Vendor libpurple MSN Protocol SLP Message Heap Overflow Vulnerability
ZDI-08-053 CVE: CVE-2008-3703 Published: 2008-08-14
Symantec Veritas Storage Foundation Scheduler Service NULL Session Authentication Bypass Vulnerability
ZDI-08-052 CVE: CVE-2008-2952 Published: 2008-08-14
OpenLDAP BER Decoding Remote DoS Vulnerability
ZDI-08-051 CVE: CVE-2008-2258 Published: 2008-08-12
Microsoft Internet Explorer Table Layout Memory Corruption Vulnerability
ZDI-08-050 CVE: CVE-2008-2257 Published: 2008-08-12
Microsoft Internet Explorer XHTML Rendering Memory Corruption Vulnerability
ZDI-08-049 CVE: CVE-2008-3021 Published: 2008-08-12
Microsoft Windows Graphics Rendering Engine PICT Heap Corruption Vulnerability
ZDI-08-048 CVE: CVE-2008-3006 Published: 2008-08-12
Microsoft Excel COUNTRY Record Memory Corruption Vulnerability
ZDI-08-047 CVE: CVE-2008-1309 Published: 2008-07-25
RealNetworks RealPlayer rmoc3260 ActiveX Control Memory Corruption Vulnerability
ZDI-08-046 CVE: CVE-2008-3066 Published: 2008-07-25
RealNetworks RealPlayer Library File Deletion Stack Overflow Vulnerability
ZDI-08-045 CVE: CVE-2008-2317 Published: 2008-07-25
Apple Safari StyleSheet ownerNode Heap Corruption Vulnerability
ZDI-08-044 CVE: CVE-2008-2785 Published: 2008-07-17
Mozilla Firefox CSSValue Array Memory Corruption Vulnerability
ZDI-08-043 CVE: CVE-2008-3111 Published: 2008-07-17
Sun Java Web Start vm args Stack-Based Buffer Overflow Vulnerability
ZDI-08-042 CVE: CVE-2008-3112 Published: 2008-07-17
Sun Java Web Start Sandbox Bypass Vulnerability
ZDI-08-041 CVE: CVE-2008-3159 Published: 2008-07-10
Novell eDirectory dhost Integer Overflow Code Execution Vulnerability
ZDI-08-040 CVE: CVE-2008-1444 Published: 2008-06-10
Microsoft DirectX SAMI File Format Name Parsing Stack Overflow Vulnerability
ZDI-08-039 CVE: CVE-2008-1442 Published: 2008-06-10
Microsoft Internet Explorer DOM Object substringData() Heap Overflow Vulnerability
ZDI-08-038 CVE: CVE-2008-1585 Published: 2008-06-10
Apple QuickTime SMIL qtnext Redirect File Execution Vulnerability
ZDI-08-037 CVE: CVE-2008-1584 Published: 2008-06-10
Apple QuickTime Indeo Video Buffer Overflow Vulnerability
ZDI-08-036 CVE: CVE-2008-2541 Published: 2008-06-04
CA ETrust Secure Content Manager Gateway FTP LIST Stack Overflow Vulnerability
ZDI-08-035 CVE: CVE-2008-2541 Published: 2008-06-04
CA ETrust Secure Content Manager Gateway FTP PASV Stack Overflow Vulnerability
ZDI-08-034 CVE: CVE-2008-1661 Published: 2008-06-04
Hewlett-Packard StorageWorks Storage Mirroring Authentication Processing Stack Overflow Vulnerability
ZDI-08-033 CVE: CVE-2008-2548 Published: 2008-05-27
Motorola RAZR JPG Processing Stack Overflow Vulnerability
ZDI-08-032 CVE: CVE-2007-0071 Published: 2008-05-22
Adobe Flash DefineSceneAndFrameLabelData Parsing Memory Corruption Vulnerability
ZDI-08-031 CVE: CVE-2008-2409 Published: 2008-05-21
Trillian MSN MIME Header Stack-Based Overflow Vulnerability
ZDI-08-030 CVE: CVE-2008-2408 Published: 2008-05-21
Trillian Multiple Protocol XML Parsing Memory Corruption Vulnerability
ZDI-08-029 CVE: CVE-2008-2407 Published: 2008-05-21
Trillian AIM.DLL Long HTML Font Parameter Stack Overflow Vulnerability
ZDI-08-028 CVE: CVE-2008-2499 Published: 2008-05-21
IBM Lotus Sametime Community Services Multiplexer Stack Overflow Vulnerability
ZDI-08-027 CVE: CVE-2008-2241 Published: 2008-05-19
CA BrightStor ARCserve Backup caloggerd Arbitrary File Writing Vulnerability
ZDI-08-026 CVE: CVE-2008-2242 Published: 2008-05-19
CA BrightStor ARCserve Backup XDR Parsing Buffer Overflow Vulnerability
ZDI-08-025 CVE: CVE-2008-2291 Published: 2008-05-15
Symantec Altiris Deployment Solution Domain Credential Disclosure Vulnerability
ZDI-08-024 CVE: CVE-2008-2286 Published: 2008-05-15
Symantec Altiris Deployment Solution SQL Injection Vulnerability
ZDI-08-023 CVE: CVE-2008-1091 Published: 2008-05-13
Microsoft Office RTF Parsing Engine Memory Corruption Vulnerability
ZDI-08-022 CVE: CVE-2008-1026 Published: 2008-04-16
Apple Safari WebKit PCRE Handling Integer Overflow Vulnerability
ZDI-08-021 CVE: CVE-2007-6019 Published: 2008-04-08
Adobe Flash Player DeclareFunction2 Invalid Object Use Vulnerability
ZDI-08-020 CVE: CVE-2008-1083 Published: 2008-04-08
Microsoft GDI WMF Parsing Heap Overflow Vulnerability
ZDI-08-019 CVE: CVE-2008-1022 Published: 2008-04-03
Apple QuickTime Malformed VR obji Atom Parsing Memory Corruption Vulnerability
ZDI-08-018 CVE: CVE-2008-1021 Published: 2008-04-03
Apple QuickTime Run Length Encoding Heap Overflow Vulnerability
ZDI-08-017 CVE: CVE-2008-1020 Published: 2008-04-03
Apple QuickTime Kodak Encoding Heap Overflow Vulnerability
ZDI-08-016 CVE: CVE-2008-1018 Published: 2008-04-03
Apple QuickTime MP4A Atom Parsing Heap Corruption Vulnerability
ZDI-08-015 CVE: CVE-2008-1017 Published: 2008-04-03
Apple QuickTime Clipping Region Heap Overflow Vulnerability
ZDI-08-014 CVE: CVE-2008-1019 Published: 2008-04-03
Apple Quicktime Multiple Opcode Memory Corruption Vulnerabilities
ZDI-08-013 CVE: CVE-2008-0924 Published: 2008-03-26
Novell eDirectory for Linux LDAP delRequest Stack Overflow Vulnerability
ZDI-08-012 CVE: CVE-2008-0727 Published: 2008-03-13
IBM Informix Dynamic Server Authentication Password Stack Overflow Vulnerability
ZDI-08-011 CVE: CVE-2008-0727 Published: 2008-03-13
IBM Informix Dynamic Server DBPATH Buffer Overflow Vulnerability
ZDI-08-010 CVE: CVE-2008-1188 Published: 2008-03-12
Java Web Start encoding Stack Buffer Overflow Vulnerability
ZDI-08-009 CVE: CVE-2008-1188 Published: 2008-03-12
Java Web Start tempbuff Stack Buffer Overflow Vulnerability
ZDI-08-008 CVE: CVE-2008-0113 Published: 2008-03-11
Microsoft Excel BIFF File Format Cell Record Parsing Memory Corruption Vulnerability
ZDI-08-007 CVE: CVE-2008-0638 Published: 2008-02-20
Symantec VERITAS Storage Foundation Administrator Service Heap Overflow Vulnerability
ZDI-08-006 CVE: CVE-2008-0077 Published: 2008-02-12
Microsoft Internet Explorer SVG animateMotion.by Code Execution Vulnerability
ZDI-08-005 CVE: CVE-2008-0639 Published: 2008-02-11
Novell Client NWSPOOL.DLL EnumPrinters Stack Overflow Vulnerability
ZDI-08-004 CVE: CVE-2008-0726 Published: 2008-02-11
Adobe Acrobat Javascript for PDF Integer Overflow Vulnerability
ZDI-08-003 CVE: CVE-2008-0457 Published: 2008-02-06
Symantec Backup Exec Remote File Upload Vulnerability
ZDI-08-002 CVE: CVE-2008-0356 Published: 2008-01-17
Citrix Metaframe Presentation Server IMA Service Heap Overflow Vulnerability
ZDI-08-001 CVE: CVE-2008-0247 Published: 2008-01-14
IBM Tivoli Storage Manager Express Backup Server Heap Overflow Vulnerability