Next Page >>
Zero Day Initiative
CVE-2011-271 (AV:N/AC:L/Au:N/C:C/I:C/A:C) 10
==========================================================
Information on CVSS is documented
in HP Customer Notice: HPSN-2008-002
The Hewlett-Packard Company thanks Aniway.Anyway@gmail.com along with TippingPoint's Zero Day Initiative for reporting ZDI-CAN-931, ZDI-CAN-932, ZDI-CAN-933, ZDI-CAN-934, ZDI-CAN-935, and ZDI-CAN-936 to security-alert@hp.com.
The Hewlett-Packard Company thanks SilentSignal along with TippingPoint's Zero Day Initiative for reporting ZDI-CAN-774 and ZDI-CAN-810 to security-alert@hp.com.
The Hewlett-Packard Company thanks an anonymous researcher along with TippingPoint's Zero Day Initiative for reporting ZDI-CAN-753 and ZDI-CAN-757 to security-alert@hp.com.
CVE-2011-0271 (AV:N/AC:L/Au:N/C:C/I:C/A:C) 10
===========================================================
Information on CVSS is documented
in HP Customer Notice: HPSN-2008-002
The Hewlett-Packard Company thanks Aniway.Anyway@gmail.com along with TippingPoint's Zero Day Initiative for reporting ZDI-CAN-931, ZDI-CAN-932, ZDI-CAN-933, ZDI-CAN-934, ZDI-CAN-935, and ZDI-CAN-936 to security-alert@hp.com.
The Hewlett-Packard Company thanks SilentSignal along with TippingPoint's Zero Day Initiative for reporting ZDI-CAN-774 and ZDI-CAN-810 to security-alert@hp.com.
The Hewlett-Packard Company thanks an anonymous researcher along with TippingPoint's Zero Day Initiative for reporting ZDI-CAN-753 and ZDI-CAN-757 to security-alert@hp.com.
Description
===========
Multiple vulnerabilities have been discovered in Adobe Flash:
* Secunia Research and Zero Day Initiative reported a boundary error
related to DeclareFunction2 Actionscript tags in SWF files
(CVE-2007-6019).
* The ISS X-Force and the Zero Day Initiative reported an unspecified
input validation error that might lead to a buffer overflow
ZDI-10-085: HP OpenView NNM getnnmdata.exe CGI Invalid ICount Remote Code Execution Vulnerability
http://www.zerodayinitiative.com/advisories/ZDI-10-085
May 11, 2010
-- CVE ID:
CVE-2010-1554
-- Affected Vendors:
Hewlett-Packard
Problem Description:
Security issues were identified and fixed in firefox:
Security researcher regenrecht reported (via TippingPoint's Zero Day
Initiative) a potential reuse of a deleted image frame in Firefox 3.6's
handling of multipart/x-mixed-replace images. Although no exploit was
shown, re-use of freed memory has led to exploitable vulnerabilities
in the past (CVE-2010-0164).
Mozilla developers identified and fixed several stability bugs in the
ZDI-10-042: Apple QuickTime MediaVideo Compressor Name Remote Code Execution Vulnerability
http://www.zerodayinitiative.com/advisories/ZDI-10-042
April 2, 2010
-- CVE ID:
CVE-2010-0528
-- Affected Vendors:
Apple
ZDI-10-055: Sun Java Runtime Environment Mutable InetAddress Socket Policy Violation Vulnerability
http://www.zerodayinitiative.com/advisories/ZDI-10-055
April 5, 2010
-- CVE ID:
CVE-2010-0095
-- Affected Vendors:
Sun Microsystems
ZDI-10-027: Skype Protocol Handler datapath Argument Injection Remote Code Execution Vulnerability
http://www.zerodayinitiative.com/advisories/ZDI-10-027
March 11, 2010
-- Affected Vendors:
Skype
-- Affected Products:
Skype
ZDI-10-028: Skype URI Processing Arbitrary XML File Deletion Vulnerability
http://www.zerodayinitiative.com/advisories/ZDI-10-028
March 11, 2010
-- Affected Vendors:
Skype
-- Affected Products:
Skype
ZDI-10-077: Adobe Download Manager Atlcom.get_atlcom ActiveX Control Remote Code Execution Vulnerability
http://www.zerodayinitiative.com/advisories/ZDI-10-077
April 21, 2010
-- CVE ID:
CVE-2010-1278
-- Affected Vendors:
Adobe
ZDI-10-011: Microsoft Internet Explorer Table Layout Col Tag Cache Update Remote Code Execution Vulnerability
http://www.zerodayinitiative.com/advisories/ZDI-10-011
January 21, 2010
-- CVE ID:
CVE-2010-0244
-- Affected Vendors:
Microsoft
ZDI-10-012: Microsoft Internet Explorer Baseline Tag Rendering Remote Code Execution Vulnerability
http://www.zerodayinitiative.com/advisories/ZDI-10-012
January 21, 2010
-- CVE ID:
CVE-2010-0246
-- Affected Vendors:
Microsoft
ZDI-09-099: Hewlett-Packard OpenView Data Protector Backup Client Service Buffer Overflow Vulnerability
http://www.zerodayinitiative.com/advisories/ZDI-09-099
December 17, 2009
-- CVE ID:
CVE-2007-2280
-- Affected Vendors:
Hewlett-Packard
ZDI-10-053: Sun Java Runtime Environment MIDI File metaEvent Remote Code Execution Vulnerability
http://www.zerodayinitiative.com/advisories/ZDI-10-053
April 5, 2010
-- CVE ID:
CVE-2010-0844
-- Affected Vendors:
Sun Microsystems
ZDI-09-030: Apple Quicktime PICT Opcode 0x71 Heap Overflow Vulnerability
http://www.zerodayinitiative.com/advisories/ZDI-09-030
June 2, 2009
-- CVE ID:
CVE-2009-0010
-- Affected Vendors:
Apple
ZDI-09-031: Multiple Vendor libpurple MSN Protocol SLP Message Heap Overflow
Vulnerability
http://www.zerodayinitiative.com/advisories/ZDI-09-031
June 8, 2009
-- CVE ID:
CVE-2009-1376
-- Affected Vendors:
Adium
ZDI-09-095: Hewlett-Packard OpenView NNM Snmp.exe Oid Variable Buffer Overflow Vulnerability
http://www.zerodayinitiative.com/advisories/ZDI-09-095
December 9, 2009
-- CVE ID:
CVE-2009-3849
-- Affected Vendors:
Hewlett-Packard
ZDI-10-074: Sun Microsystems Directory Server Enterprise ASN.1 Parsing Remote Code Execution Vulnerability
http://www.zerodayinitiative.com/advisories/ZDI-10-074
April 13, 2010
-- CVE ID:
CVE-2010-0897
-- Affected Vendors:
Sun Microsystems
ZDI-10-023: Multiple Vendor librpc.dll Signedness Error Remote Code Execution Vulnerability
http://www.zerodayinitiative.com/advisories/ZDI-10-023
March 1, 2010
-- CVE ID:
CVE-2009-2754
-- Affected Vendors:
IBM
EMC
ZDI-09-036: Microsoft Internet Explorer setCapture Memory Corruption
Vulnerability
http://www.zerodayinitiative.com/advisories/ZDI-09-036
June 10, 2009
-- CVE ID:
CVE-2009-1529
-- Affected Vendors:
Microsoft
ZDI-09-042: Adobe Reader U3D RHAdobeMeta Stack Overflow Vulnerability
http://www.zerodayinitiative.com/advisories/ZDI-09-042
June 10, 2009
-- CVE ID:
CVE-2009-1855
-- Affected Vendors:
Adobe
ZDI-09-043: Apple Java CColorUIResource Pointer Derference Code Execution Vulnerability
http://www.zerodayinitiative.com/advisories/ZDI-09-043
June 16, 2009
-- CVE ID:
CVE-2009-1719
-- Affected Vendors:
Apple
ZDI-09-019: Microsoft Office PowerPoint OutlineTextRefAtom Parsing Memory
Corruption Vulnerability
http://www.zerodayinitiative.com/advisories/ZDI-09-019
May 12, 2009
-- CVE ID:
CVE-2009-0556
-- Affected Vendors:
Microsoft
ZDI-09-020: Microsoft Office PowerPoint Notes Container Heap Overflow
Vulnerability
http://www.zerodayinitiative.com/advisories/ZDI-09-020
May 12, 2009
-- CVE ID:
CVE-2009-1130
-- Affected Vendors:
Microsoft
ZDI-08-045: Apple Safari StyleSheet ownerNode Heap Corruption
Vulnerability
http://www.zerodayinitiative.com/advisories/ZDI-08-045
July 25, 2008
-- CVE ID:
CVE-2008-2317
-- Affected Vendors:
Apple
ZDI-10-114: Adobe Flash Player AVM2 getouterscope Opcode Remote Code Execution Vulnerability
http://www.zerodayinitiative.com/advisories/ZDI-10-114
June 25, 2010
-- CVE ID:
CVE-2010-2160
-- Affected Vendors:
Adobe
ZDI-09-046: Novell Privileged User Manager Remote DLL Injection
Vulnerability
http://www.zerodayinitiative.com/advisories/ZDI-09-046
July 21, 2009
-- Affected Vendors:
Novell
-- Affected Products:
Novell Privileged User Manager
ZDI-09-024: Safenet SoftRemote IKE Service Remote Stack Overflow
Vulnerability
http://www.zerodayinitiative.com/advisories/ZDI-09-024
June 1, 2009
-- Affected Vendors:
Safenet
-- Affected Products:
Safenet SoftRemote
ZDI-09-025: Apple Quicktime Picture Viewer FLC Delta-Encoded Frame
Decompression Vulnerability
http://www.zerodayinitiative.com/advisories/ZDI-09-025
June 2, 2009
-- CVE ID:
CVE-2009-0951
-- Affected Vendors:
Apple
ZDI-10-014: Microsoft Internet Explorer item Object Memory Corruption Remote Code Execution Vulnerability
http://www.zerodayinitiative.com/advisories/ZDI-10-014
January 21, 2010
-- CVE ID:
CVE-2010-0248
-- Affected Vendors:
Microsoft
Next Page>>
|
