TippingPoint Zero Day Initiative
 

Published Advisories

The following is a list of all publicly disclosed vulnerabilities discovered by TippingPoint Zero Day Initiative researchers. While the affected vendor is working on a patch for these vulnerabilities, TippingPoint customers are protected from exploitation by IPS filters delivered ahead of public disclosure. TippingPoint customers are additionally protected against 0day vulnerabilities discovered by our own DVLabs researchers. A list of published advisories discovered by TippingPoint's DVLabs research group is available from:

ZDI Advisories: 2014   |   2013   |   2012   |   2011   |   2010   |   2009   |   2008   |   2007   |   2006   |   2005

ZDI-09-101 CVE: Published: 2009-11-30
Novell ZENworks Desktop Management Installation Service Remote Information Disclosure Vulnerability
ZDI-09-100 CVE: Published: 2009-12-15
IBM DB2 Universal Database Multiple SQL Functions Remote Code Execution Vulnerabilities
ZDI-09-099 CVE: CVE-2007-2280 Published: 2009-12-17
Hewlett-Packard OpenView Data Protector Backup Client Service Buffer Overflow Vulnerability
ZDI-09-098 CVE: CVE-2009-3027 Published: 2009-12-09
Symantec Multiple Products VRTSweb.exe Remote Code Execution Vulnerability
ZDI-09-097 CVE: CVE-2009-3849 Published: 2009-12-09
Hewlett-Packard OpenView NNM nnmRptConfig.exe Template Variable strcat Overflow Vulnerability
ZDI-09-096 CVE: CVE-2009-3848 Published: 2009-12-09
Hewlett-Packard OpenView NNM nnmRptConfig.exe Template Variable vsprintf Overflow Vulnerability
ZDI-09-095 CVE: CVE-2009-3849 Published: 2009-12-09
Hewlett-Packard OpenView NNM Snmp.exe Oid Variable Buffer Overflow Vulnerability
ZDI-09-094 CVE: CVE-2009-3845 Published: 2009-12-09
Hewlett-Packard OpenView NNM Multiple Command Injection Vulnerabilities
ZDI-09-093 CVE: CVE-2009-3799 Published: 2009-12-09
Adobe Flash Player ActionScript Exception Handler Integer Overflow Vulnerability
ZDI-09-092 CVE: CVE-2009-3794 Published: 2009-12-09
Adobe Flash Player JPEG Parsing Heap Overflow Vulnerability
ZDI-09-091 CVE: CVE-2009-3844 Published: 2009-12-08
Hewlett-Packard Application Recovery Manager MSG_PROTOCOL Stack Overflow Vulnerability
ZDI-09-090 CVE: CVE-2009-4310 Published: 2009-12-08
Microsoft Windows Intel Indeo Codec Parsing Stack Overflow Vulnerability
ZDI-09-089 CVE: CVE-2009-4309 Published: 2009-12-08
Microsoft Windows Intel Indeo Codec Parsing Heap Overflow Vulnerability
ZDI-09-088 CVE: CVE-2009-3674 Published: 2009-12-08
Microsoft Internet Explorer IFrame Attributes Circular Reference Dangling Pointer Vulnerability
ZDI-09-087 CVE: CVE-2009-3673 Published: 2009-12-08
Microsoft Internet Explorer CSS Race Condition Code Execution Vulnerability
ZDI-09-086 CVE: CVE-2009-3671 Published: 2009-12-08
Microsoft Internet Explorer XHTML DOM Manipulation Memory Corruption Vulnerability
ZDI-09-085 CVE: CVE-2009-3843 Published: 2009-11-20
Hewlett-Packard Operations Manager Server Backdoor Account Code Execution Vulnerability
ZDI-09-084 CVE: CVE-2009-0954 Published: 2009-06-02
Apple Quicktime FIRE Codec Heap Buffer Overflow Vulnerability
ZDI-09-083 CVE: CVE-2009-3129 Published: 2009-11-10
Microsoft Excel Shared Feature Header Pointer Offset Memory Corruption Vulnerability
ZDI-09-082 CVE: CVE-2009-3127 Published: 2009-11-10
Microsoft Office Excel PivotTable Cache Record Parsing Memory Corruption Vulnerability
ZDI-09-081 CVE: CVE-2009-2685 Published: 2009-11-05
Hewlett-Packard Power Manager Administration Web Server Stack Overflow Vulnerability
ZDI-09-080 CVE: CVE-2009-3874 Published: 2009-11-04
Sun Java Runtime Environment JPEGImageReader Heap Overflow Vulnerability
ZDI-09-079 CVE: CVE-2009-3871 Published: 2009-11-04
Sun Java Runtime AWT setBytePixels Heap Overflow Vulnerability
ZDI-09-078 CVE: CVE-2009-3869 Published: 2009-11-04
Sun Java Runtime AWT setDifflCM Stack Overflow Vulnerability
ZDI-09-077 CVE: CVE-2009-3866 Published: 2009-11-04
Sun Java Web Start Arbitrary Command Execution Vulnerability
ZDI-09-076 CVE: CVE-2009-3867 Published: 2009-11-04
Sun Java HsbParser.getSoundBank Stack Buffer Overflow Vulnerability
ZDI-09-075 CVE: CVE-2009-3862 Published: 2009-11-02
Novell eDirectory LDAP Null Base DN Denial of Service Vulnerability
ZDI-09-074 CVE: Published: 2009-10-28
Multiple Vendor Hummingbird STR Service Stack Overflow Vulnerability
ZDI-09-073 CVE: CVE-2009-2985 Published: 2009-10-13
Adobe Reader Compact Font Format Malformed Index Memory Corruption Vulnerability
ZDI-09-072 CVE: CVE-2009-2503 Published: 2009-10-13
Microsoft Windows GDI+ TIFF Parsing Code Execution Vulnerability
ZDI-09-071 CVE: CVE-2009-2531 Published: 2009-10-13
Microsoft Internet Explorer writing-mode Memory Corruption Vulnerability
ZDI-09-070 CVE: CVE-2009-2530 Published: 2009-10-13
Microsoft Internet Explorer Event Object Type Double-Free Vulnerability
ZDI-09-069 CVE: CVE-2009-0555 Published: 2009-10-13
Microsoft Windows Media Player Audio Voice Sample Rate Memory Corruption Vulnerability
ZDI-09-068 CVE: CVE-2009-1120 Published: 2009-04-07
EMC RepliStor Server Service DoASOCommand Remote Code Execution Vulnerability
ZDI-09-067 CVE: Published: 2009-09-30
Novell NetWare NFS Portmapper and RPC Module Stack Overflow Vulnerability
ZDI-09-066 CVE: CVE-2009-3068 Published: 2009-09-23
Adobe RoboHelp Server Arbitrary File Upload and Execute Vulnerability
ZDI-09-065 CVE: CVE-2009-3077 Published: 2009-09-10
Mozilla Firefox TreeColumns Dangling Pointer Vulnerability
ZDI-09-064 CVE: CVE-2009-2798 Published: 2009-09-10
Apple QuickTime FlashPix Sector Size Overflow Vulnerability
ZDI-09-063 CVE: CVE-2009-2799 Published: 2009-09-10
Apple QuickTime H.264 Nal Unit Length Heap Overflow Vulnerability
ZDI-09-062 CVE: CVE-2009-1920 Published: 2009-09-08
Microsoft Internet Explorer JScript arguments Invocation Memory Corruption Vulnerability
ZDI-09-061 CVE: CVE-2009-1430 Published: 2009-04-28
Symantec Multiple Product Intel Alert Originator Service Invalid Length Check Overflow Vulnerability
ZDI-09-060 CVE: CVE-2009-1429 Published: 2009-04-28
Symantec Multiple Product Intel Alert Originator Service Command Execution Vulnerabilty
ZDI-09-059 CVE: CVE-2009-1978 Published: 2009-08-18
Oracle Secure Backup Administration Server Multiple Command Injection Vulnerabilities
ZDI-09-058 CVE: CVE-2009-1977 Published: 2009-08-18
Oracle Secure Backup Administration Server Authentication Bypass Vulnerability
ZDI-09-057 CVE: CVE-2009-1133 Published: 2009-08-11
Microsoft Remote Desktop Client Arbitrary Code Execution Vulnerability
ZDI-09-056 CVE: CVE-2009-2496 Published: 2009-08-11
Microsoft Office OWC10.Spreadsheet ActiveX BorderAround() Heap Corruption Vulnerability
ZDI-09-055 CVE: CVE-2009-0562 Published: 2009-08-11
Microsoft Office OWC10 ActiveX Control Loading and Unloading Heap Corruption Vulnerability
ZDI-09-054 CVE: CVE-2009-1136 Published: 2009-08-11
Microsoft Office OWC10.Spreadsheet ActiveX msDataSourceObject() Heap Corruption Vulnerability
ZDI-09-053 CVE: CVE-2009-1923 Published: 2009-08-11
Microsoft Windows WINS Service Heap Overflow Vulnerability
ZDI-09-052 CVE: CVE-2009-2026 Published: 2009-08-07
CA Unicenter Software Delivery dtscore.dll Stack Overflow Vulnerability
ZDI-09-051 CVE: Published: 2009-08-07
EMC Replication Manager Client Control Service Remove Code Execution Vulnerability
ZDI-09-050 CVE: Published: 2009-08-05
Sun Java Web Start JPEG Header Parsing Integer Overflow Vulnerability
ZDI-09-049 CVE: CVE-2009-2675 Published: 2009-08-05
Sun Java Pack200 Decoding Inner Class Count Integer Overflow Vulnerability
ZDI-09-048 CVE: CVE-2009-1919 Published: 2009-08-05
Microsoft Internet Explorer CSS Behavior Memory Corruption Vulnerability
ZDI-09-047 CVE: CVE-2009-1918 Published: 2009-08-05
Microsoft Internet Explorer getElementsByTagName Memory Corruption Vulnerability
ZDI-09-046 CVE: Published: 2009-07-21
Novell Privileged User Manager Remote DLL Injection Vulnerability
ZDI-09-045 CVE: CVE-2009-1539 Published: 2009-07-14
Microsoft DirectShow Quicktime Atom Parsing Memory Corruption Vulnerability
ZDI-09-044 CVE: CVE-2009-1860 Published: 2009-06-24
Adobe Shockwave Player Director File Parsing Pointer Overwrite Vulnerability
ZDI-09-043 CVE: CVE-2009-1719 Published: 2009-06-16
Apple Java CColourUIResource Pointer Dereference Code Execution Vulnerability
ZDI-09-042 CVE: CVE-2009-1855 Published: 2009-06-10
Adobe Reader U3D RHAdobeMeta Stack Overflow Vulnerability
ZDI-09-041 CVE: CVE-2009-1532 Published: 2009-06-10
Microsoft Internet Explorer 8 Rows Property Dangling Pointer Code Execution Vulnerability
ZDI-09-040 CVE: CVE-2009-1134 Published: 2009-06-10
Microsoft Office Excel QSIR Record Pointer Corruption Vulnerability
ZDI-09-039 CVE: CVE-2009-1531 Published: 2009-06-10
Microsoft Internet Explorer onreadystatechange Memory Corruption Vulnerability
ZDI-09-038 CVE: CVE-2009-1530 Published: 2009-06-10
Microsoft Internet Explorer Event Handler Memory Corruption Vulnerability
ZDI-09-037 CVE: CVE-2009-1528 Published: 2009-06-10
Microsoft Internet Explorer Concurrent Ajax Request Memory Corruption Vulnerability
ZDI-09-036 CVE: CVE-2009-1529 Published: 2009-06-10
Microsoft Internet Explorer setCapture Memory Corruption Vulnerability
ZDI-09-035 CVE: CVE-2009-0563 Published: 2009-06-10
Microsoft Word Document Stack Based Buffer Overflow Vulnerability
ZDI-09-034 CVE: CVE-2009-1709 Published: 2009-06-08
Apple Safari SVG Set.targetElement() Memory Corruption Vulnerability
ZDI-09-033 CVE: CVE-2009-1701 Published: 2009-06-08
Apple WebKit dir Attribute Freeing Dangling Object Pointer Vulnerability
ZDI-09-032 CVE: CVE-2009-1698 Published: 2009-06-08
Apple WebKit attr() Invalid Attribute Memory Corruption Vulnerability
ZDI-09-031 CVE: CVE-2009-1376 Published: 2009-06-08
Multiple Vendor libpurple MSN Protocol SLP Message Heap Overflow Vulnerability
ZDI-09-030 CVE: CVE-2009-0010 Published: 2009-06-02
Apple Quicktime PICT Opcode 0x71 Heap Overflow Vulnerability
ZDI-09-029 CVE: CVE-2009-0957 Published: 2009-06-02
Apple QuickTime Jpeg2000 Marker Size Heap Overflow Vulnerability
ZDI-09-028 CVE: CVE-2009-0954 Published: 2009-06-02
Apple QuickTime CRGN Atom Parsing Heap Buffer Overflow Vulnerability
ZDI-09-027 CVE: CVE-2009-0953 Published: 2009-06-02
Apple Quicktime PICT Opcode 0x8201 Heap Overflow Vulnerability
ZDI-09-026 CVE: CVE-2009-0952 Published: 2009-06-02
Apple QuickTime Packed-bit Decoding Heap Overflow Vulnerability
ZDI-09-025 CVE: CVE-2009-0951 Published: 2009-06-02
Apple Quicktime Picture Viewer FLC Delta-Encoded Frame Decompression Vulnerability
ZDI-09-024 CVE: CVE-2009-1943 Published: 2009-06-01
Safenet SoftRemote IKE Service Remote Stack Overflow Vulnerability
ZDI-09-023 CVE: CVE-2009-0154 Published: 2009-05-13
Apple OS X ATSServer Compact Font Format Parsing Memory Corruption Vulnerability
ZDI-09-022 CVE: CVE-2009-0945 Published: 2009-05-13
Apple Safari Malformed SVGList Parsing Code Execution Vulnerability
ZDI-09-021 CVE: CVE-2009-0010 Published: 2009-05-13
Apple QuickTime PICT Unspecified Tag Heap Overflow Vulnerability
ZDI-09-020 CVE: CVE-2009-1130 Published: 2009-05-12
Microsoft Office PowerPoint Notes Container Heap Overflow Vulnerability
ZDI-09-019 CVE: CVE-2009-0556 Published: 2009-05-12
Microsoft Office PowerPoint OutlineTextRefAtom Parsing Memory Corruption Vulnerability
ZDI-09-018 CVE: CVE-2009-1430 Published: 2009-04-28
Symantec Multiple Product Intel Alert Originator Service Stack Overflow Vulnerability
ZDI-09-017 CVE: CVE-2009-0993 Published: 2009-04-14
Oracle Applications Server 10g Format String Vulnerability
ZDI-09-016 CVE: CVE-2009-1350 Published: 2009-04-06
Novell Client/NetIdentity Agent Remote Arbitrary Pointer Dereference Code Execution Vulnerability
ZDI-09-015 CVE: CVE-2009-1044 Published: 2009-03-30
Mozilla Firefox XUL _moveToEdgeShift() Memory Corruption Vulnerability
ZDI-09-014 CVE: CVE-2009-0927 Published: 2009-03-24
Adobe Acrobat getIcon() Stack Overflow Vulnerability
ZDI-09-013 CVE: CVE-2009-0775 Published: 2009-03-05
Mozilla Firefox XUL Linked Clones Double Free Vulnerability
ZDI-09-012 CVE: CVE-2009-0076 Published: 2009-02-10
Microsoft Internet Explorer Malformed CSS Memory Corruption Vulnerability
ZDI-09-011 CVE: CVE-2009-0075 Published: 2009-02-10
Microsoft Internet Explorer CFunctionPointer Memory Corruption Vulnerability
ZDI-09-010 CVE: CVE-2009-0410 Published: 2009-02-02
Novell Netware Groupwise GWIA RCPT Command Buffer Overflow Vulnerability
ZDI-09-009 CVE: CVE-2009-0311 Published: 2009-01-23
EMC AutoStart Backbone Engine Trusted Pointer Code Execution Vulnerability
ZDI-09-008 CVE: CVE-2009-0007 Published: 2009-01-21
Apple QuickTime STSD JPEG Atom Heap Corruption Vulnerability
ZDI-09-007 CVE: CVE-2009-0006 Published: 2009-01-21
Apple QuickTime Cinepak Codec MDAT Heap Corruption Vulnerability
ZDI-09-006 CVE: CVE-2009-0003 Published: 2009-01-21
Apple QuickTime AVI Header nBlockAlign Heap Corruption Vulnerability
ZDI-09-005 CVE: CVE-2009-0002 Published: 2009-01-21
Apple QuickTime VR Track Header Atom Heap Corruption Vulnerability
ZDI-09-004 CVE: CVE-2008-5440 Published: 2009-01-14
Oracle TimesTen evtdump Remote Format String Vulnerability
ZDI-09-003 CVE: CVE-2008-5448 Published: 2009-01-14
Oracle Secure Backup exec_qr() Command Injection Vulnerability
ZDI-09-002 CVE: CVE-2008-4835 Published: 2009-01-13
Microsoft SMB NT Trans2 Request Parsing Remote Code Execution Vulnerability
ZDI-09-001 CVE: CVE-2008-4834 Published: 2009-01-13
Microsoft SMB NT Trans Request Parsing Remote Code Execution Vulnerability