jetlib.sec » Tags » zdi

Feeds

257192 items (0 unread) in 27 feeds

• 0day.today (was: 1337day, Inj3ct0r, 1337db)
• OSVDB Vulnerabilities
• Exploit-DB
• SecurityFocus Vulnerabilities
• Bugtraq
• Full Disclosure
• XSSed
• Packet Storm Security Headlines
• Packet Storm Security Advisories
• Packet Storm Security Exploits
• Packet Storm Security Recent Files
• Packet Storm Security Tools
• Packet Storm Security Misc. Files
• Sophos security news
• Sophos product advisories
• Penetration Testing
• SecuriTeam
• BackTrack Linux Forums
• Threatpost
• SecDocs
• carnal0wnage.attackresearch.com
• Carnal0wnage
• Kernel Fun
• Darknet
• The Exploitant
• Hack a Day
• Wirevolution

263 items tagged "zdi"

Related tags: management [+], day [+], txt [+], openview [+], ibm [+], atom [+], suite [+], autostart [+], adobe reader [+], parsing [+], oracle [+], office [+], memory corruption [+], integer overflow [+], emc [+], data protector [+], client [+], apple webkit [+], bugtraq [+], webkit [+], target [+], player [+], novell netware [+], nnm [+], ftagent [+], element [+], apple safari [+], sun java runtime [+], soap [+], sitescope [+], protector [+], multiple [+], manager [+], internet explorer [+], internet [+], informix dynamic server [+], indusoft [+], icc [+], hp openview [+], heap memory [+], excel [+], data [+], arbitrary code [+], adobe flash player [+], adobe acrobat reader [+], administration [+], acrobat [+], windows [+], total [+], sun [+], style [+], sql [+], shockwave [+], sample [+], rhapsody [+], realnetworks realplayer [+], rational [+], pwn [+], printing [+], oracle java [+], novell zenworks [+], novell iprint [+], novell groupwise [+], netware [+], mozilla firefox [+], mail messages [+], lotus [+], java runtime environment [+], invalid [+], intelligent management [+], intelligent [+], heap corruption [+], gwia [+], flash [+], explorer [+], easy [+], dll [+], defense [+], control [+], remote [+], code [+], vulnerability [+], apple quicktime [+], zero [+], zenworks [+], word [+], webstudio [+], website [+], vulnerabilities [+], visio [+], vendor [+], thin client [+], thin [+], symantec [+], sybase [+], svg [+], size [+], showmodaldialog javascript [+], service [+], sap [+], reporter [+], rendering [+], port 443 [+], pict [+], packard [+], office excel [+], microsoft office word [+], mercury loadrunner [+], mcafee [+], management web [+], m business [+], librpc [+], lack of sanity [+], java [+], iprint [+], invalid values [+], hp mercury [+], h 263 [+], glyphs [+], font [+], firefox [+], file [+], execution [+], domain policy [+], configuration [+], cognos [+], coda [+], child index [+], cgi parameters [+], buffer overflows [+], bmp [+], based buffer overflow [+], audio streams [+], arbitrary code execution [+], application [+], apple preview [+], anywhere [+], activex [+], access [+], zone [+], xsrvd [+], xnfs [+], x. user [+], wmitracemessageva [+], witness systems [+], witness [+], width [+], webware [+], webaccess [+], web gateway [+], web [+], wbr [+], veritas [+], validate [+], valid credentials [+], username field [+], uri buffer [+], uri [+], uninitialized pointer [+], uninitialized [+], type mismatch [+], tsm [+], trun [+], trendmicro [+], trend [+], tree [+], track [+], tomcat servlets [+], tftpd [+], text element [+], text [+], tag removal [+], table [+], systems [+], swf [+], swapinnode [+], svgtextelement [+], svgpointlist [+], svgpathseglist [+], substitution [+], style element [+], stts [+], stsz [+], stss [+], stsc [+], storage [+], static web [+], static [+], ssl [+], sshd [+], sql injection [+], spss [+], sourcefire [+], sort [+], snmpviewer [+], smartfilter [+], setlanguage [+], service vulnerability [+], service database [+], server [+], series [+], sequenceparametersetnalunit [+], sentinel [+], selector [+], secure [+], sean [+], sap netweaver [+], sampledata [+], samplecount [+], safari [+], rvrender [+], runtime [+], runin [+], run in [+], rtl [+], robnetscanhost [+], rle [+], request [+], reporter generalutilities [+], replaceitem [+], removal [+], relationship [+], referenced data [+], realnetwork [+], radialgradiant [+], quickr [+], qtplugin [+], qdmc [+], qdm [+], punk [+], proper credentials [+], program variables [+], processinstruction [+], pnpixpat [+], pictureheader [+], picture [+], performance manager [+], performance [+], pattype [+], overflow [+], orchestration [+], operations [+], openaccess [+], ooxml [+], officeartblip [+], office customer [+], obunmarshal [+], object [+], nshtmlselectelement [+], novell zenworks asset management [+], novell groupwise webaccess [+], notes [+], nortel [+], nodeiterator [+], nnmrptconfig [+], nlm [+], nipplib [+], netweaver [+], netstorage [+], net [+], name [+], mpg [+], mpeg [+], mpauploader [+], movie [+], mobile data [+], mjpeg [+], microsoft windows [+], microsoft visio 2007 [+], microsoft visio [+], microsoft net framework [+], micro control [+], micro [+], mergecells [+], mediavideo [+], media application [+], media [+], marshaled [+], marker [+], manager. authentication [+], manager caslogdirectinserthandler [+], manager atlcom [+], management center [+], malicious applets [+], malicious applet [+], lzw [+], lpd [+], lotus domino server [+], log [+], linebox [+], letter style [+], letter [+], length [+], layer 3 [+], launcher [+], jpeg [+], jobdelivery [+], ivr [+], isvalidclient [+], interbase [+], inode [+], information disclosure vulnerability [+], img [+], ibm informix [+], hierarachy [+], groupwise [+], giop [+], getnnmdata [+], getcharnumatposition [+], get [+], genr [+], genl [+], gateway [+], framework [+], flv [+], firewall [+], file upload [+], fastback [+], exporthtml [+], exploit [+], exe [+], error [+], encoding [+], embarcadero [+], edgesight [+], e remote [+], dwgdp [+], download [+], domino server [+], domain [+], dom attribute [+], document [+], dnupdater [+], dmp [+], directory traversal vulnerability [+], descriptor [+], depth [+], denial of service [+], datadirect [+], d pict [+], customer [+], crystal reports [+], counter [+], console [+], compressor [+], com [+], codec [+], cmm [+], cloud [+], cloning [+], citrix [+], cisco webex [+], cinepak [+], ceserver [+], call [+], calendar manager [+], calendar [+], c remote [+], button [+], body [+], bkpixpat [+], bit depth [+], bit [+], avaya [+], authentication [+], attributechildremoved [+], atlcom [+], atas [+], asset [+], argument [+], arender [+], applet [+], apple mac os x [+], apple mac os [+], apple imageio [+], appenditem [+], aol [+], advisory [+], advanced audio coding [+], advanced [+], adobe shockwave player [+], adobe download manager [+], admsd [+], administration server [+], acrobat reader user [+], abb [+], abap [+], Public [+], code execution [+], adobe [+], microsoft [+], novell [+], realplayer [+], realnetworks [+], zero day [+], user [+], reader [+], mozilla [+], url, table layout, system compromise, system, smil, sipr, shellexecute, reuse, performance monitor, microsoft windows system, internet explorer user, gif, dom objects, dom, ciscoworks, cisco ciscoworks

• August 29, 2012
• 12:00

  Bugtraq: ZDI-12-177 : (0Day) HP SiteScope SOAP Call loadFileContent Remote Code Execution Vulnerability

   » ‎ SecurityFocus Vulnerabilities
  ZDI-12-177 : (0Day) HP SiteScope SOAP Call loadFileContent Remote Code Execution Vulnerability

  Tags:  sitescope soap call code-execution zdi bugtraq  

• 12:00

  Bugtraq: ZDI-12-178 : (0Day) HP SiteScope SOAP Call update Remote Code Execution Vulnerability

   » ‎ SecurityFocus Vulnerabilities
  ZDI-12-178 : (0Day) HP SiteScope SOAP Call update Remote Code Execution Vulnerability

  Tags:  sitescope day soap code-execution zdi bugtraq  

• 11:00

  Bugtraq: ZDI-12-172 : (0Day) HP Operations Orchestration RSScheduler Service JDBC Connector Remote Code Execution Vulnerability

   » ‎ SecurityFocus Vulnerabilities
  ZDI-12-172 : (0Day) HP Operations Orchestration RSScheduler Service JDBC Connector Remote Code Execution Vulnerability

  Tags:  day orchestration operations code-execution zdi  

• 11:00

  Bugtraq: ZDI-12-176 : (0Day) HP SiteScope SOAP Call getFileInternal Remote Code Execution Vulnerability

   » ‎ SecurityFocus Vulnerabilities
  ZDI-12-176 : (0Day) HP SiteScope SOAP Call getFileInternal Remote Code Execution Vulnerability

  Tags:  sitescope day soap code-execution zdi bugtraq  

• 10:00

  Bugtraq: ZDI-12-168 : InduSoft Thin Client ISSymbol InternationalSeparator Remote Code Execution Vulnerability

   » ‎ SecurityFocus Vulnerabilities
  ZDI-12-168 : InduSoft Thin Client ISSymbol InternationalSeparator Remote Code Execution Vulnerability

  Tags:  client thin indusoft code-execution zdi thin-client  

• 10:00

  Bugtraq: ZDI-12-171 : (0Day) Hewlett-Packard Intelligent Management Center UAM sprintf Remote Code Execution Vulnerability

   » ‎ SecurityFocus Vulnerabilities
  ZDI-12-171 : (0Day) Hewlett-Packard Intelligent Management Center UAM sprintf Remote Code Execution Vulnerability

  Tags:  day packard intelligent code-execution intelligent-management zdi  

• 10:00

  Bugtraq: ZDI-12-173 : (0Day) HP SiteScope SOAP Call getSiteScopeConfiguration Remote Code Execution Vulnerability

   » ‎ SecurityFocus Vulnerabilities
  ZDI-12-173 : (0Day) HP SiteScope SOAP Call getSiteScopeConfiguration Remote Code Execution Vulnerability

  Tags:  sitescope day soap code-execution zdi bugtraq  

• August 23, 2012
• 14:00

  Bugtraq: ZDI-12-163 : (0Day) HP iNode Management Center iNodeMngChecker.exe Remote Code Execution Vulnerability

   » ‎ SecurityFocus Vulnerabilities
  ZDI-12-163 : (0Day) HP iNode Management Center iNodeMngChecker.exe Remote Code Execution Vulnerability

  Tags:  day management inode code-execution zdi management-center  

• 14:00

  Bugtraq: ZDI-12-164 : (0Day) HP Intelligent Management Center img.exe Integer Wrap Remote Code Execution Vulnerability

   » ‎ SecurityFocus Vulnerabilities
  ZDI-12-164 : (0Day) HP Intelligent Management Center img.exe Integer Wrap Remote Code Execution Vulnerability

  Tags:  day management intelligent code-execution intelligent-management zdi  

• 13:00

  Bugtraq: ZDI-12-157 : Microsoft Excel Series Record Parsing Type Mismatch Remote Code Execution Vulnerability

   » ‎ SecurityFocus Vulnerabilities
  ZDI-12-157 : Microsoft Excel Series Record Parsing Type Mismatch Remote Code Execution Vulnerability

  Tags:  excel microsoft series type-mismatch code-execution zdi  

• 13:00

  Bugtraq: ZDI-12-158 : Microsoft Internet Explorer MSADO CacheSize Remote Code Execution Vulnerability

   » ‎ SecurityFocus Vulnerabilities
  ZDI-12-158 : Microsoft Internet Explorer MSADO CacheSize Remote Code Execution Vulnerability

  Tags:  internet microsoft explorer code-execution zdi internet-explorer  

• 13:00

  Bugtraq: ZDI-12-159 : EMC AutoStart ftAgent Opcode 0x14 Subcode 0x7e7 Parsing Remote Code Execution Vulnerability

   » ‎ SecurityFocus Vulnerabilities
  ZDI-12-159 : EMC AutoStart ftAgent Opcode 0x14 Subcode 0x7e7 Parsing Remote Code Execution Vulnerability

  Tags:  ftagent emc autostart code-execution zdi  

• 13:00

  Bugtraq: ZDI-12-160 : EMC AutoStart ftAgent Opcode 0x14 Subcode 0x7F8 Parsing Remote Code Execution Vulnerability

   » ‎ SecurityFocus Vulnerabilities
  ZDI-12-160 : EMC AutoStart ftAgent Opcode 0x14 Subcode 0x7F8 Parsing Remote Code Execution Vulnerability

  Tags:  ftagent emc autostart code-execution zdi  

• 12:00

  Bugtraq: ZDI-12-153 : Apple QuickTime sean Atom Size Parsing Remote Code Execution Vulnerability

   » ‎ SecurityFocus Vulnerabilities
  ZDI-12-153 : Apple QuickTime sean Atom Size Parsing Remote Code Execution Vulnerability

  Tags:  size sean atom apple-quicktime code-execution zdi  

• 12:00

  Bugtraq: ZDI-12-154 : IBM Lotus Notes URL Command Injection Remote Code Execution Vulnerability

   » ‎ SecurityFocus Vulnerabilities
  ZDI-12-154 : IBM Lotus Notes URL Command Injection Remote Code Execution Vulnerability

  Tags:  lotus ibm notes code-execution zdi bugtraq  

• 11:00

  Bugtraq: ZDI-12-147 : WebKit ContentEditable swapInNode Use-After-Free Remote Code Execution Vulnerability

   » ‎ SecurityFocus Vulnerabilities
  ZDI-12-147 : WebKit ContentEditable swapInNode Use-After-Free Remote Code Execution Vulnerability

  Tags:  code remote swapinnode code-execution zdi bugtraq  

• 11:00

  Bugtraq: ZDI-12-152 : Oracle Outside In Excel MergeCells Record Parsing Remote Code Execution Vulnerability

   » ‎ SecurityFocus Vulnerabilities
  ZDI-12-152 : Oracle Outside In Excel MergeCells Record Parsing Remote Code Execution Vulnerability

  Tags:  excel mergecells oracle code-execution zdi bugtraq  

• 11:00

  Bugtraq: ZDI-12-155 : InduSoft Thin Client ISSymbol InternationalOrder Remote Code Execution Vulnerability

   » ‎ SecurityFocus Vulnerabilities
  ZDI-12-155 : InduSoft Thin Client ISSymbol InternationalOrder Remote Code Execution Vulnerability

  Tags:  client thin indusoft code-execution zdi thin-client  

• August 17, 2012
• 12:00

  Bugtraq: ZDI-12-144 : EMC AutoStart ftAgent Opcode 0x4B Subcode 0x1D4C Parsing Remote Code Execution Vulnerability

   » ‎ SecurityFocus Vulnerabilities
  ZDI-12-144 : EMC AutoStart ftAgent Opcode 0x4B Subcode 0x1D4C Parsing Remote Code Execution Vulnerability

  Tags:  code-execution autostart zdi  

• 11:00

  Bugtraq: ZDI-12-140 : McAfee SmartFilter Administration Server SFAdminSrv.exe JBoss RMI Remote Code Execution Vulnerabilty

   » ‎ SecurityFocus Vulnerabilities
  ZDI-12-140 : McAfee SmartFilter Administration Server SFAdminSrv.exe JBoss RMI Remote Code Execution Vulnerabilty

  Tags:  smartfilter mcafee administration code-execution administration-server zdi  

• 11:00

  Bugtraq: ZDI-12-143 : Microsoft Visio DWGDP MTEXT Remote Code Execution Vulnerability

   » ‎ SecurityFocus Vulnerabilities
  ZDI-12-143 : Microsoft Visio DWGDP MTEXT Remote Code Execution Vulnerability

  Tags:  dwgdp microsoft visio microsoft-visio code-execution zdi  

• 10:00

  Bugtraq: ZDI-12-136 : Apple QuickTime Invalid Public Movie Atom Remote Code Execution Vulnerability

   » ‎ SecurityFocus Vulnerabilities
  ZDI-12-136 : Apple QuickTime Invalid Public Movie Atom Remote Code Execution Vulnerability

  Tags:  Public invalid movie apple-quicktime code-execution zdi  

• 10:00

  Bugtraq: ZDI-12-139 : SAP Crystal Reports crystalras.exe OBUnmarshal Remote Code Execution Vulnerability

   » ‎ SecurityFocus Vulnerabilities
  ZDI-12-139 : SAP Crystal Reports crystalras.exe OBUnmarshal Remote Code Execution Vulnerability

  Tags:  obunmarshal exe sap crystal-reports code-execution zdi bugtraq  

• August 06, 2012
• 10:00

  Bugtraq: ZDI-12-134 : IBM Lotus Quickr QP2 ActiveX _Times Remote Code Execution Vulnerability

   » ‎ SecurityFocus Vulnerabilities
  ZDI-12-134 : IBM Lotus Quickr QP2 ActiveX _Times Remote Code Execution Vulnerability

  Tags:  quickr lotus ibm code-execution zdi bugtraq  

• 10:00

  Bugtraq: ZDI-12-135 : Apple QuickTime JPEG2k Sample Size Atom Remote Code Execution Vulnerability

   » ‎ SecurityFocus Vulnerabilities
  ZDI-12-135 : Apple QuickTime JPEG2k Sample Size Atom Remote Code Execution Vulnerability

  Tags:  size sample jpeg apple-quicktime code-execution zdi  

• 9:00

  Bugtraq: ZDI-12-128 : Mozilla Firefox nsHTMLSelectElement Remote Code Execution Vulnerability

   » ‎ SecurityFocus Vulnerabilities
  ZDI-12-128 : Mozilla Firefox nsHTMLSelectElement Remote Code Execution Vulnerability

  Tags:  nshtmlselectelement mozilla remote code-execution mozilla-firefox zdi  

• 9:00

  Bugtraq: ZDI-12-129 : Microsoft Windows TrueType Font Parsing Remote Code Execution Vulnerability (Remote Kernel)

   » ‎ SecurityFocus Vulnerabilities
  ZDI-12-129 : Microsoft Windows TrueType Font Parsing Remote Code Execution Vulnerability (Remote Kernel)

  Tags:  microsoft remote windows code-execution zdi bugtraq  

• 9:00

  Bugtraq: ZDI-12-131 : Microsoft .NET Framework Undersized Glyph Buffer Remote Code Execution Vulnerability

   » ‎ SecurityFocus Vulnerabilities
  ZDI-12-131 : Microsoft .NET Framework Undersized Glyph Buffer Remote Code Execution Vulnerability

  Tags:  framework microsoft net code-execution microsoft-net-framework zdi  

• July 12, 2012
• 15:00

  Bugtraq: ZDI-12-125: Apple Quicktime QTPlugin SetLanguage Remote Code Execution Vulnerability

   » ‎ SecurityFocus Vulnerabilities
  ZDI-12-125: Apple Quicktime QTPlugin SetLanguage Remote Code Execution Vulnerability

  Tags:  qtplugin remote setlanguage apple-quicktime code-execution zdi  

• 14:00

  Bugtraq: ZDI-12-123: EMC AutoStart ftAgent Opcode 50 Subcode 60 Parsing Remote Code Execution Vulnerability

   » ‎ SecurityFocus Vulnerabilities
  ZDI-12-123: EMC AutoStart ftAgent Opcode 50 Subcode 60 Parsing Remote Code Execution Vulnerability

  Tags:  ftagent emc autostart code-execution zdi  

• 14:00

  Bugtraq: ZDI-12-124: EMC AutoStart ftAgent Opcode 50 Subcode 42 Parsing Remote Code Execution Vulnerability

   » ‎ SecurityFocus Vulnerabilities
  ZDI-12-124: EMC AutoStart ftAgent Opcode 50 Subcode 42 Parsing Remote Code Execution Vulnerability

  Tags:  ftagent emc autostart code-execution zdi  

• 13:00

  Bugtraq: ZDI-12-115 : HP OpenView Performance Agent coda.exe Opcode 0x8C Remote Code Execution Vulnerability

   » ‎ SecurityFocus Vulnerabilities
  ZDI-12-115 : HP OpenView Performance Agent coda.exe Opcode 0x8C Remote Code Execution Vulnerability

  Tags:  coda openview code c-remote code-execution zdi  

• 13:00

  Bugtraq: ZDI-12-116 : EMC AutoStart ftAgent Opcode 50 Subcode 04 Parsing Remote Code Execution Vulnerability

   » ‎ SecurityFocus Vulnerabilities
  ZDI-12-116 : EMC AutoStart ftAgent Opcode 50 Subcode 04 Parsing Remote Code Execution Vulnerability

  Tags:  ftagent emc autostart code-execution zdi  

• 12:00

  Bugtraq: ZDI-12-114 : HP OpenView Performance Agent coda.exe Opcode 0x34 Remote Code Execution Vulnerability

   » ‎ SecurityFocus Vulnerabilities
  ZDI-12-114 : HP OpenView Performance Agent coda.exe Opcode 0x34 Remote Code Execution Vulnerability

  Tags:  coda openview remote code-execution zdi  

• June 28, 2012
• 14:00

  Bugtraq: ZDI-12-110 : Mozilla Firefox AttributeChildRemoved Use-After-Free Remote Code Execution Vulnerability

   » ‎ SecurityFocus Vulnerabilities
  ZDI-12-110 : Mozilla Firefox AttributeChildRemoved Use-After-Free Remote Code Execution Vulnerability

  Tags:  attributechildremoved mozilla firefox code-execution zdi bugtraq  

• 14:00

  Bugtraq: ZDI-12-111 : SAP Netweaver ABAP msg_server.exe Opcode 0x43 Remote Code Execution Vulnerability

   » ‎ SecurityFocus Vulnerabilities
  ZDI-12-111 : SAP Netweaver ABAP msg_server.exe Opcode 0x43 Remote Code Execution Vulnerability

  Tags:  abap netweaver sap sap-netweaver code-execution zdi  

• 13:00

  Bugtraq: ZDI-12-107 : Apple Quicktime TeXML Style Element Parsing Remote Code Execution Vulnerability

   » ‎ SecurityFocus Vulnerabilities
  ZDI-12-107 : Apple Quicktime TeXML Style Element Parsing Remote Code Execution Vulnerability

  Tags:  style-element code-execution zdi  

• 13:00

  Bugtraq: ZDI-12-109 : Apple Quicktime TeXML Karaoke Element Parsing Remote Code Execution Vulnerability

   » ‎ SecurityFocus Vulnerabilities
  ZDI-12-109 : Apple Quicktime TeXML Karaoke Element Parsing Remote Code Execution Vulnerability

  Tags:  element code remote apple-quicktime code-execution zdi  

• 13:00

  Bugtraq: ZDI-12-108 : Apple Quicktime TeXML sampleData Element Parsing Remote Code Execution Vulnerability

   » ‎ SecurityFocus Vulnerabilities
  ZDI-12-108 : Apple Quicktime TeXML sampleData Element Parsing Remote Code Execution Vulnerability

  Tags:  element remote sampledata apple-quicktime code-execution zdi  

• 10:00

  Bugtraq: ZDI-12-106 : Avaya IP Office Customer Call Reporter ImageUpload Remote Code Execution Vulnerability

   » ‎ SecurityFocus Vulnerabilities
  ZDI-12-106 : Avaya IP Office Customer Call Reporter ImageUpload Remote Code Execution Vulnerability

  Tags:  avaya office customer code-execution office-customer zdi  

• June 27, 2012
• 14:00

  Bugtraq: ZDI-12-103 : Apple Quicktime Dataref URI Buffer Remote Code Execution

   » ‎ SecurityFocus Vulnerabilities
  ZDI-12-103 : Apple Quicktime Dataref URI Buffer Remote Code Execution

  Tags:  code remote execution apple-quicktime uri-buffer code-execution zdi  

• 14:00

  Bugtraq: ZDI-12-105 : Apple Quicktime Text Track Descriptor Parsing Remote Code Execution

   » ‎ SecurityFocus Vulnerabilities
  ZDI-12-105 : Apple Quicktime Text Track Descriptor Parsing Remote Code Execution

  Tags:  track descriptor text apple-quicktime code-execution bugtraq zdi  

• 13:00

  Bugtraq: ZDI-12-101 : IBM Cognos tm1admsd.exe Multiple Operations Remote Code Execution Vulnerabilities

   » ‎ SecurityFocus Vulnerabilities
  ZDI-12-101 : IBM Cognos tm1admsd.exe Multiple Operations Remote Code Execution Vulnerabilities

  Tags:  admsd multiple cognos code-execution zdi  

• June 22, 2012
• 11:05

  Bugtraq: ZDI-12-098 : AOL Products dnUpdater ActiveX Uninitialized Pointer Remote Code Execution Vulnerability

   » ‎ SecurityFocus Vulnerabilities
  ZDI-12-098 : AOL Products dnUpdater ActiveX Uninitialized Pointer Remote Code Execution Vulnerability

  Tags:  activex aol dnupdater uninitialized-pointer code-execution zdi  

• 11:05

  Bugtraq: ZDI-12-100 : HP OpenView Performance Manager PMParamHandler Remote Code Execution Vulnerability

   » ‎ SecurityFocus Vulnerabilities
  ZDI-12-100 : HP OpenView Performance Manager PMParamHandler Remote Code Execution Vulnerability

  Tags:  openview performance manager code-execution performance-manager zdi  

• June 12, 2012
• 7:00

  Bugtraq: ZDI-12-091 : Symantec Web Gateway upload_file Remote Code Execution Vulnerability

   » ‎ SecurityFocus Vulnerabilities
  ZDI-12-091 : Symantec Web Gateway upload_file Remote Code Execution Vulnerability

  Tags:  gateway symantec web code-execution web-gateway zdi  

• June 07, 2012
• 13:00

  Bugtraq: ZDI-12-085 : RealNetworks RealPlayer dmp4 esds Width Remote Code Execution Vulnerability

   » ‎ SecurityFocus Vulnerabilities
  ZDI-12-085 : RealNetworks RealPlayer dmp4 esds Width Remote Code Execution Vulnerability

  Tags:  realplayer realnetworks dmp code-execution zdi  

• 13:00

  Bugtraq: ZDI-12-086 : RealNetworks RealPlayer rvrender RMFF Flags Remote Code Execution Vulnerability

   » ‎ SecurityFocus Vulnerabilities
  ZDI-12-086 : RealNetworks RealPlayer rvrender RMFF Flags Remote Code Execution Vulnerability

  Tags:  realplayer rvrender realnetworks realnetworks-realplayer code-execution zdi  

• 13:00

  Bugtraq: ZDI-12-088 : HP DataDirect OpenAccess GIOP Opcode 0x0E Remote Code Execution Vulnerability

   » ‎ SecurityFocus Vulnerabilities
  ZDI-12-088 : HP DataDirect OpenAccess GIOP Opcode 0x0E Remote Code Execution Vulnerability

  Tags:  openaccess giop datadirect e-remote code-execution zdi  

• 12:00

  Bugtraq: ZDI-12-079 : Apple QuickTime H264 Picture Width Parsing Remote Code Execution Vulnerability

   » ‎ SecurityFocus Vulnerabilities
  ZDI-12-079 : Apple QuickTime H264 Picture Width Parsing Remote Code Execution Vulnerability

  Tags:  width parsing picture apple-quicktime code-execution zdi  

• 12:00

  Bugtraq: ZDI-12-080 : Adobe Flash Player MP4 Stream Decoding Remote Code Execution Vulnerability

   » ‎ SecurityFocus Vulnerabilities
  ZDI-12-080 : Adobe Flash Player MP4 Stream Decoding Remote Code Execution Vulnerability

  Tags:  player adobe flash code-execution adobe-flash-player zdi  

• 11:00

  Bugtraq: ZDI-12-075 : Apple Quicktime RLE Sample Decoding Remote Code Execution Vulnerability

   » ‎ SecurityFocus Vulnerabilities
  ZDI-12-075 : Apple Quicktime RLE Sample Decoding Remote Code Execution Vulnerability

  Tags:  code-execution zdi apple-quicktime  

• February 24, 2012
• 10:00

  Bugtraq: ZDI-12-038 : Oracle Java JavaFX Arbitrary Argument Remote Code Execution Vulnerability

   » ‎ SecurityFocus Vulnerabilities
  ZDI-12-038 : Oracle Java JavaFX Arbitrary Argument Remote Code Execution Vulnerability

  Tags:  oracle code remote oracle-java code-execution zdi  

• 9:00

  Bugtraq: ZDI-12-033 : ABB WebWare RobNetScanHost.exe Remote Code Execution Vulnerability

   » ‎ SecurityFocus Vulnerabilities
  ZDI-12-033 : ABB WebWare RobNetScanHost.exe Remote Code Execution Vulnerability

  Tags:  robnetscanhost abb webware code-execution zdi  

• February 08, 2012
• 12:01

  Bugtraq: ZDI-12-028 : IBM Rational Rhapsody BBFlashBack.FBRecorder.1 Control Multiple Remote Code Execution Vulnerabilities

   » ‎ SecurityFocus Vulnerabilities
  ZDI-12-028 : IBM Rational Rhapsody BBFlashBack.FBRecorder.1 Control Multiple Remote Code Execution Vulnerabilities

  Tags:  control rhapsody rational code-execution zdi bugtraq  

• 12:00

  Bugtraq: ZDI-12-029 : IBM Rational Rhapsody BBFlashBack.Recorder.1 InsertMarker Remote Code Execution Vulnerability

   » ‎ SecurityFocus Vulnerabilities
  ZDI-12-029 : IBM Rational Rhapsody BBFlashBack.Recorder.1 InsertMarker Remote Code Execution Vulnerability

  Tags:  rhapsody ibm rational code-execution zdi bugtraq  

• 12:00

  Bugtraq: ZDI-12-030 : IBM Rational Rhapsody BBFlashBack.Recorder.1 TestCompatibilityRecordMode Remote Code Execution Vulnerability

   » ‎ SecurityFocus Vulnerabilities
  ZDI-12-030 : IBM Rational Rhapsody BBFlashBack.Recorder.1 TestCompatibilityRecordMode Remote Code Execution Vulnerability

  Tags:  rhapsody ibm rational code-execution zdi bugtraq  

• 11:00

  Bugtraq: ZDI-12-024 : Total Defense Suite UNC Management Web Service uncsp_ViewReportsHomepage SQL Injection Vulnerability

   » ‎ SecurityFocus Vulnerabilities
  ZDI-12-024 : Total Defense Suite UNC Management Web Service uncsp_ViewReportsHomepage SQL Injection Vulnerability

  Tags:  total suite defense sql-injection zdi management-web  

• 11:00

  Bugtraq: ZDI-12-026 : IBM SPSS ExportHTML.dll ActiveX Control Render Method Remote Code Execution Vulnerability

   » ‎ SecurityFocus Vulnerabilities
  ZDI-12-026 : IBM SPSS ExportHTML.dll ActiveX Control Render Method Remote Code Execution Vulnerability

  Tags:  spss ibm exporthtml code-execution zdi  

• 11:00

  Bugtraq: ZDI-12-031 : Novell iPrint Server attributes-natural-language Remote Code Execution Vulnerability

   » ‎ SecurityFocus Vulnerabilities
  ZDI-12-031 : Novell iPrint Server attributes-natural-language Remote Code Execution Vulnerability

  Tags:  novell-iprint code-execution zdi  

• 10:00

  Bugtraq: ZDI-12-021 : Adobe Reader BMP Resource Signedness Remote Code Execution Vulnerability

   » ‎ SecurityFocus Vulnerabilities
  ZDI-12-021 : Adobe Reader BMP Resource Signedness Remote Code Execution Vulnerability

  Tags:  reader adobe bmp code-execution adobe-reader zdi  

• 10:00

  Bugtraq: ZDI-12-023 : Total Defense Suite UNC Management Web Service Database Credentials Disclosure Vulnerability

   » ‎ SecurityFocus Vulnerabilities
  ZDI-12-023 : Total Defense Suite UNC Management Web Service Database Credentials Disclosure Vulnerability

  Tags:  total suite defense service-database zdi management-web  

• January 23, 2012
• 8:00

  Bugtraq: ZDI-12-017 : Oracle Outside In OOXML Relationship Tag Parsing Remote Code Execution Vulnerability

   » ‎ SecurityFocus Vulnerabilities
  ZDI-12-017 : Oracle Outside In OOXML Relationship Tag Parsing Remote Code Execution Vulnerability

  Tags:  ooxml relationship oracle code-execution zdi bugtraq  

• January 12, 2012
• 14:01

  Bugtraq: ZDI-12-014 : HP Easy Printer Care XMLSimpleAccessor Class ActiveX Control Remote Code Execution Vulnerability

   » ‎ SecurityFocus Vulnerabilities
  ZDI-12-014 : HP Easy Printer Care XMLSimpleAccessor Class ActiveX Control Remote Code Execution Vulnerability

  Tags:  code easy remote code-execution zdi vulnerability  

• 14:00

  Bugtraq: ZDI-12-016 : (0Day) HP Diagnostics Server magentservice.exe Remote Code Execution Vulnerability

   » ‎ SecurityFocus Vulnerabilities
  ZDI-12-016 : (0Day) HP Diagnostics Server magentservice.exe Remote Code Execution Vulnerability

  Tags:  code-execution zdi vulnerability  

• 13:00

  Bugtraq: ZDI-12-013 : HP Easy Printer Care XMLCacheMgr Class ActiveX Control Remote Code Execution Vulnerability

   » ‎ SecurityFocus Vulnerabilities
  ZDI-12-013 : HP Easy Printer Care XMLCacheMgr Class ActiveX Control Remote Code Execution Vulnerability

  Tags:  code easy remote code-execution zdi vulnerability  

• January 06, 2012
• 10:01

  Bugtraq: ZDI-12-006 : Novell Netware XNFS.NLM NFS Rename Remote Code Execution Vulnerability

   » ‎ SecurityFocus Vulnerabilities
  ZDI-12-006 : Novell Netware XNFS.NLM NFS Rename Remote Code Execution Vulnerability

  Tags:  novell netware nlm novell-netware code-execution zdi  

• 10:01

  Bugtraq: ZDI-12-007 : Novell Netware XNFS.NLM STAT Notify Remote Code Execution Vulnerability

   » ‎ SecurityFocus Vulnerabilities
  ZDI-12-007 : Novell Netware XNFS.NLM STAT Notify Remote Code Execution Vulnerability

  Tags:  novell netware xnfs novell-netware code-execution zdi  

• 9:00

  Bugtraq: ZDI-12-001 : HP Managed Printing Administration img_id Multiple Vulnerabilities

   » ‎ SecurityFocus Vulnerabilities
  ZDI-12-001 : HP Managed Printing Administration img_id Multiple Vulnerabilities

  Tags:  img administration printing zdi vulnerabilities  

• 9:00

  Bugtraq: ZDI-12-002 : HP OpenView NNM ov.dll _OVBuildPath Remote Code Execution Vulnerability

   » ‎ SecurityFocus Vulnerabilities
  ZDI-12-002 : HP OpenView NNM ov.dll _OVBuildPath Remote Code Execution Vulnerability

  Tags:  openview nnm dll code-execution hp-openview zdi  

• December 23, 2011
• 8:00

  Bugtraq: ZDI-11-353 : HP Managed Printing Administration MPAUploader.dll Remote Code Execution Vulnerability

   » ‎ SecurityFocus Vulnerabilities
  ZDI-11-353 : HP Managed Printing Administration MPAUploader.dll Remote Code Execution Vulnerability

  Tags:  mpauploader administration printing code-execution zdi bugtraq  

• 8:00

  Bugtraq: ZDI-11-354 : HP Managed Printing Administration jobDelivery Multiple Vulnerabilities

   » ‎ SecurityFocus Vulnerabilities
  ZDI-11-354 : HP Managed Printing Administration jobDelivery Multiple Vulnerabilities

  Tags:  jobdelivery administration printing zdi bugtraq vulnerabilities  

• December 13, 2011
• 15:00

  Bugtraq: ZDI-11-348 : HP OpenView NNM nnmRptConfig.exe nameParams Remote Code Execution Vulnerability

   » ‎ SecurityFocus Vulnerabilities
  ZDI-11-348 : HP OpenView NNM nnmRptConfig.exe nameParams Remote Code Execution Vulnerability

  Tags:  openview nnm nnmrptconfig code-execution hp-openview zdi  

• 14:00

  Bugtraq: ZDI-11-347 : Microsoft Office Word Hidden Border Remote Code Execution Vulnerability

   » ‎ SecurityFocus Vulnerabilities
  ZDI-11-347 : Microsoft Office Word Hidden Border Remote Code Execution Vulnerability

  Tags:  office microsoft word microsoft-office-word code-execution zdi  

• December 08, 2011
• 8:00

  Bugtraq: ZDI-11-340 : Apple Quicktime Font Table Signed Length Remote Code Execution Vulnerability

   » ‎ SecurityFocus Vulnerabilities
  ZDI-11-340 : Apple Quicktime Font Table Signed Length Remote Code Execution Vulnerability

  Tags:  table length font apple-quicktime code-execution zdi  

• 8:00

  Bugtraq: ZDI-11-343 : RealNetworks RealPlayer mp4arender esds channel count Remote Code Execution Vulnerability

   » ‎ SecurityFocus Vulnerabilities
  ZDI-11-343 : RealNetworks RealPlayer mp4arender esds channel count Remote Code Execution Vulnerability

  Tags:  realplayer realnetworks arender code-execution bugtraq zdi  

• November 28, 2011
• 13:00

  Bugtraq: ZDI-11-335 : RealNetworks RealPlayer RV10 Sample Height Parsing Remote Code Execution Vulnerability

   » ‎ SecurityFocus Vulnerabilities
  ZDI-11-335 : RealNetworks RealPlayer RV10 Sample Height Parsing Remote Code Execution Vulnerability

  Tags:  realplayer realnetworks sample code-execution zdi bugtraq  

• 13:00

  Bugtraq: ZDI-11-336 : RealNetworks RealPlayer Invalid Codec Name Remote Code Execution Vulnerability

   » ‎ SecurityFocus Vulnerabilities
  ZDI-11-336 : RealNetworks RealPlayer Invalid Codec Name Remote Code Execution Vulnerability

  Tags:  invalid realplayer realnetworks code-execution zdi bugtraq  

• 13:00

  Bugtraq: ZDI-11-337 : RealNetworks RealPlayer RV30 Uninitialized Index Value Remote Code Execution Vulnerability

   » ‎ SecurityFocus Vulnerabilities
  ZDI-11-337 : RealNetworks RealPlayer RV30 Uninitialized Index Value Remote Code Execution Vulnerability

  Tags:  realplayer realnetworks uninitialized realnetworks-realplayer code-execution zdi  

• 13:00

  Bugtraq: ZDI-11-338 : RealNetworks RealPlayer IVR MLTI Chunk Length Parsing Remote Code Execution Vulnerability

   » ‎ SecurityFocus Vulnerabilities
  ZDI-11-338 : RealNetworks RealPlayer IVR MLTI Chunk Length Parsing Remote Code Execution Vulnerability

  Tags:  realplayer realnetworks ivr realnetworks-realplayer code-execution zdi  

• 12:00

  Bugtraq: ZDI-11-331 : RealNetwork RealPlayer MPG Width Integer Underflow Remote Code Execution Vulnerability

   » ‎ SecurityFocus Vulnerabilities
  ZDI-11-331 : RealNetwork RealPlayer MPG Width Integer Underflow Remote Code Execution Vulnerability

  Tags:  realplayer realnetwork mpg code-execution zdi bugtraq  

• 12:00

  Bugtraq: ZDI-11-333 : RealNetworks RealPlayer ATRC Code Data Parsing Remote Code Execution Vulnerability

   » ‎ SecurityFocus Vulnerabilities
  ZDI-11-333 : RealNetworks RealPlayer ATRC Code Data Parsing Remote Code Execution Vulnerability

  Tags:  code realplayer realnetworks code-execution zdi bugtraq  

• 12:00

  Bugtraq: ZDI-11-334 : RealNetworks RealPlayer genr Sample Size Parsing Remote Code Execution Vulnerability

   » ‎ SecurityFocus Vulnerabilities
  ZDI-11-334 : RealNetworks RealPlayer genr Sample Size Parsing Remote Code Execution Vulnerability

  Tags:  realplayer realnetworks genr code-execution zdi bugtraq  

• November 17, 2011
• 11:00

  Bugtraq: ZDI-11-329 : InduSoft WebStudio CEServer Operation 0x15 Remote Code Execution Vulnerability

   » ‎ SecurityFocus Vulnerabilities
  ZDI-11-329 : InduSoft WebStudio CEServer Operation 0x15 Remote Code Execution Vulnerability

  Tags:  webstudio indusoft ceserver code-execution zdi bugtraq  

• 11:00

  Bugtraq: ZDI-11-330 : InduSoft WebStudio Unauthenticated Remote Operations Remote Code Execution Vulnerability

   » ‎ SecurityFocus Vulnerabilities
  ZDI-11-330 : InduSoft WebStudio Unauthenticated Remote Operations Remote Code Execution Vulnerability

  Tags:  webstudio indusoft remote code-execution zdi bugtraq  

• October 28, 2011
• 13:00

  Bugtraq: ZDI-11-312 : Apple QuickTime Atom Hierarachy Argument Size Mismatch Remote Code Execution Vulnerability

   » ‎ SecurityFocus Vulnerabilities
  ZDI-11-312 : Apple QuickTime Atom Hierarachy Argument Size Mismatch Remote Code Execution Vulnerability

  Tags:  hierarachy atom argument apple-quicktime code-execution zdi  

• 13:00

  Bugtraq: ZDI-11-314 : Apple Quicktime PnPixPat PatType 3 Parsing Remote Code Execution Vulnerability

   » ‎ SecurityFocus Vulnerabilities
  ZDI-11-314 : Apple Quicktime PnPixPat PatType 3 Parsing Remote Code Execution Vulnerability

  Tags:  parsing pattype pnpixpat apple-quicktime code-execution zdi  

• 11:01

  Bugtraq: ZDI-11-308 : Cisco WebEx Player ATAS32.DLL linesProcessed Remote Code Execution Vulnerability

   » ‎ SecurityFocus Vulnerabilities
  ZDI-11-308 : Cisco WebEx Player ATAS32.DLL linesProcessed Remote Code Execution Vulnerability

  Tags:  dll player atas cisco-webex code-execution zdi bugtraq  

• October 26, 2011
• 15:09

  Bugtraq: ZDI-11-299 : Adobe Reader PICT Parsing Remote Code Execution Vulnerability

   » ‎ SecurityFocus Vulnerabilities
  ZDI-11-299 : Adobe Reader PICT Parsing Remote Code Execution Vulnerability

  Tags:  pict reader adobe code-execution adobe-reader zdi  

• 15:09

  Bugtraq: ZDI-11-300 : Adobe Reader U3D PICT 10h Encoding Remote Code Execution Vulnerability

   » ‎ SecurityFocus Vulnerabilities
  ZDI-11-300 : Adobe Reader U3D PICT 10h Encoding Remote Code Execution Vulnerability

  Tags:  reader adobe encoding d-pict code-execution adobe-reader zdi  

• 15:09

  Bugtraq: ZDI-11-301 : Adobe Reader U3D PICT 0Eh Encoding Remote Code Execution Vulnerability

   » ‎ SecurityFocus Vulnerabilities
  ZDI-11-301 : Adobe Reader U3D PICT 0Eh Encoding Remote Code Execution Vulnerability

  Tags:  code-execution adobe-reader zdi  

• October 20, 2011
• 10:02

  Bugtraq: ZDI-11-295 : Apple QuickTime FlashPix JPEG Tables Selector Remote Code Execution Vulnerability

   » ‎ SecurityFocus Vulnerabilities
  ZDI-11-295 : Apple QuickTime FlashPix JPEG Tables Selector Remote Code Execution Vulnerability

  Tags:  code selector remote code-execution zdi apple-quicktime  

• October 17, 2011
• 14:00

  Bugtraq: ZDI-11-290 : Microsoft Internet Explorer SetExpandedClipRect Remote,Code Execution Vulnerability

   » ‎ SecurityFocus Vulnerabilities
  ZDI-11-290 : Microsoft Internet Explorer SetExpandedClipRect Remote,Code Execution Vulnerability

  Tags:  internet microsoft explorer code-execution zdi internet-explorer  

• 13:04

  Bugtraq: ZDI-11-289 : Microsoft Internet Explorer swapNode Handling Remote Code,Execution Vulnerability

   » ‎ SecurityFocus Vulnerabilities
  ZDI-11-289 : Microsoft Internet Explorer swapNode Handling Remote Code,Execution Vulnerability

  Tags:  internet microsoft explorer code-execution zdi internet-explorer  

• September 13, 2011
• 8:00

  Bugtraq: Advisory for MS11-035 / ZDI-11-167

   » ‎ SecurityFocus Vulnerabilities
  Advisory for MS11-035 / ZDI-11-167

  Tags:  bugtraq advisory zdi  

• September 06, 2011
• 9:00

  Bugtraq: ZDI-11-278: Novell Cloud Manager Insufficient Framework User Validation Vulnerability

   » ‎ SecurityFocus Vulnerabilities
  ZDI-11-278: Novell Cloud Manager Insufficient Framework User Validation Vulnerability

  Tags:  novell manager cloud zdi bugtraq vulnerability  

• 9:00

  Bugtraq: ZDI-11-279: (0day) Witness Systems eQuality Unify Remote Code Execution Vulnerability

   » ‎ SecurityFocus Vulnerabilities
  ZDI-11-279: (0day) Witness Systems eQuality Unify Remote Code Execution Vulnerability

  Tags:  systems day witness witness-systems code-execution zdi  

• August 24, 2011
• 22:00

  Bugtraq: ZDI-11-276: Adobe Flash Player MP4 sequenceParameterSetNALUnit Remote Code Execution Vulnerability

   » ‎ SecurityFocus Vulnerabilities
  ZDI-11-276: Adobe Flash Player MP4 sequenceParameterSetNALUnit Remote Code Execution Vulnerability

  Tags:  adobe remote sequenceparametersetnalunit code-execution adobe-flash-player zdi  

• 2:00

  Bugtraq: ZDI-11-273: EMC Autostart Domain Name Logging Remote Code Execution Vulnerability

   » ‎ SecurityFocus Vulnerabilities
  ZDI-11-273: EMC Autostart Domain Name Logging Remote Code Execution Vulnerability

  Tags:  emc domain autostart code-execution zdi  

• August 17, 2011
• 13:00

  Bugtraq: ZDI-11-270: Mozilla Firefox SVGTextElement.getCharNumAtPosition Remote Code Execution Vulnerability

   » ‎ SecurityFocus Vulnerabilities
  ZDI-11-270: Mozilla Firefox SVGTextElement.getCharNumAtPosition Remote Code Execution Vulnerability

  Tags:  getcharnumatposition mozilla svgtextelement code-execution zdi bugtraq  

• 11:00

  Bugtraq: ZDI-11-267: RealNetworks Realplayer MP3 ID3 tags Remote Code Execution Vulnerability

   » ‎ SecurityFocus Vulnerabilities
  ZDI-11-267: RealNetworks Realplayer MP3 ID3 tags Remote Code Execution Vulnerability

  Tags:  realnetworks remote realplayer code-execution zdi bugtraq  

• 11:00

  Bugtraq: ZDI-11-268: RealNetworks RealPlayer SWF DefineFont Remote Code Execution Vulnerability

   » ‎ SecurityFocus Vulnerabilities
  ZDI-11-268: RealNetworks RealPlayer SWF DefineFont Remote Code Execution Vulnerability

  Tags:  realplayer realnetworks swf code-execution zdi bugtraq  

• 11:00

  Bugtraq: ZDI-11-269: RealNetworks RealPlayer Cross-Zone Scripting Remote Code Execution Vulnerability

   » ‎ SecurityFocus Vulnerabilities
  ZDI-11-269: RealNetworks RealPlayer Cross-Zone Scripting Remote Code Execution Vulnerability

  Tags:  zone realplayer realnetworks code-execution zdi bugtraq  

• 10:00

  Bugtraq: ZDI-11-264: Symantec Veritas Storage Foundation vxsvc.exe Value Unpacking Integer Overflow Remote Code Execution Vulnerability

   » ‎ SecurityFocus Vulnerabilities
  ZDI-11-264: Symantec Veritas Storage Foundation vxsvc.exe Value Unpacking Integer Overflow Remote Code Execution Vulnerability

  Tags:  symantec veritas storage integer-overflow code-execution zdi  

• 10:00

  Bugtraq: ZDI-11-265: RealNetworks Realplayer QCP Parsing Remote Code Execution Vulnerability

   » ‎ SecurityFocus Vulnerabilities
  ZDI-11-265: RealNetworks Realplayer QCP Parsing Remote Code Execution Vulnerability

  Tags:  code-execution zdi bugtraq  

• 10:00

  Bugtraq: ZDI-11-266: RealNetworks RealPlayer Advanced Audio Coding Element Remote Code Execution Vulnerability

   » ‎ SecurityFocus Vulnerabilities
  ZDI-11-266: RealNetworks RealPlayer Advanced Audio Coding Element Remote Code Execution Vulnerability

  Tags:  realplayer realnetworks advanced code-execution advanced-audio-coding zdi  

• 9:00

  Bugtraq: ZDI-11-258: Apple QuickTime STSC atom Parsing Remote Code Execution Vulnerability

   » ‎ SecurityFocus Vulnerabilities
  ZDI-11-258: Apple QuickTime STSC atom Parsing Remote Code Execution Vulnerability

  Tags:  parsing stsc atom apple-quicktime code-execution zdi  

• 9:00

  Bugtraq: ZDI-11-259: Apple QuickTime STSZ atom Parsing Remote Code Execution Vulnerability

   » ‎ SecurityFocus Vulnerabilities
  ZDI-11-259: Apple QuickTime STSZ atom Parsing Remote Code Execution Vulnerability

  Tags:  parsing atom stsz apple-quicktime code-execution zdi  

• 9:00

  Bugtraq: ZDI-11-260: Nortel Media Application Server cstore.exe cs_anams Remote Code Execution Vulnerability

   » ‎ SecurityFocus Vulnerabilities
  ZDI-11-260: Nortel Media Application Server cstore.exe cs_anams Remote Code Execution Vulnerability

  Tags:  application nortel media code-execution media-application zdi  

• 9:00

  Bugtraq: ZDI-11-261: HP Easy Printer Care XMLSimpleAccessor Class ActiveX Control Remote Code Execution Vulnerability

   » ‎ SecurityFocus Vulnerabilities
  ZDI-11-261: HP Easy Printer Care XMLSimpleAccessor Class ActiveX Control Remote Code Execution Vulnerability

  Tags:  code easy remote code-execution zdi bugtraq  

• 8:00

  Bugtraq: ZDI-11-254: Apple QuickTime 'trun' atom sampleCount Integer Overflow Remote Code Execution Vulnerability

   » ‎ SecurityFocus Vulnerabilities
  ZDI-11-254: Apple QuickTime 'trun' atom sampleCount Integer Overflow Remote Code Execution Vulnerability

  Tags:  samplecount atom trun apple-quicktime integer-overflow code-execution zdi  

• August 10, 2011
• 12:00

  Bugtraq: ZDI-11-249: (Pwn2Own) Microsoft Internet Explorer Protected Mode Bypass Vulnerability

   » ‎ SecurityFocus Vulnerabilities
  ZDI-11-249: (Pwn2Own) Microsoft Internet Explorer Protected Mode Bypass Vulnerability

  Tags:  internet microsoft pwn zdi internet-explorer vulnerability  

• 12:00

  Bugtraq: ZDI-11-250: Apple QuickTime STTS atom Remote Code Execution Vulnerability

   » ‎ SecurityFocus Vulnerabilities
  ZDI-11-250: Apple QuickTime STTS atom Remote Code Execution Vulnerability

  Tags:  stts remote atom apple-quicktime code-execution zdi  

• 12:00

  Bugtraq: ZDI-11-251: Apple QuickTime STSS atom Parsing Remote Code Execution Vulnerability

   » ‎ SecurityFocus Vulnerabilities
  ZDI-11-251: Apple QuickTime STSS atom Parsing Remote Code Execution Vulnerability

  Tags:  parsing stss atom apple-quicktime code-execution zdi  

• July 27, 2011
• 15:00

  Bugtraq: ZDI-11-243: WebKit ContentEditable Inline Style Remote Code Execution Vulnerability

   » ‎ SecurityFocus Vulnerabilities
  ZDI-11-243: WebKit ContentEditable Inline Style Remote Code Execution Vulnerability

  Tags:  code remote style code-execution webkit zdi  

• 14:00

  Bugtraq: ZDI-11-239: Apple Safari Webkit FrameOwner Element Remote Code Execution Vulnerability

   » ‎ SecurityFocus Vulnerabilities
  ZDI-11-239: Apple Safari Webkit FrameOwner Element Remote Code Execution Vulnerability

  Tags:  element safari remote apple-safari code-execution zdi  

• 14:00

  Bugtraq: ZDI-11-240: Apple Safari Webkit SVG Marker Remote Code Execution Vulnerability

   » ‎ SecurityFocus Vulnerabilities
  ZDI-11-240: Apple Safari Webkit SVG Marker Remote Code Execution Vulnerability

  Tags:  marker svg webkit apple-safari code-execution zdi  

• 14:00

  Bugtraq: ZDI-11-241: Webkit setAttributes attributeChanged Remote Code Execution Vulnerability

   » ‎ SecurityFocus Vulnerabilities
  ZDI-11-241: Webkit setAttributes attributeChanged Remote Code Execution Vulnerability

  Tags:  code remote webkit code-execution zdi  

• 14:00

  Bugtraq: ZDI-11-242: Apple Safari Rendering Object Body Detachment Remote Code Execution Vulnerability

   » ‎ SecurityFocus Vulnerabilities
  ZDI-11-242: Apple Safari Rendering Object Body Detachment Remote Code Execution Vulnerability

  Tags:  object rendering body apple-safari code-execution zdi  

• July 21, 2011
• 12:00

  Bugtraq: ZDI-11-238: Oracle Secure Backup validate_login Command Injection Remote Code Execution Vulnerability

   » ‎ SecurityFocus Vulnerabilities
  ZDI-11-238: Oracle Secure Backup validate_login Command Injection Remote Code Execution Vulnerability

  Tags:  validate secure oracle code-execution zdi bugtraq  

• July 12, 2011
• 14:01

  Bugtraq: ZDI-11-235: TrendMicro Control Manager CASProcessor.exe BLOB Remote Code Execution Vulnerability

   » ‎ SecurityFocus Vulnerabilities
  ZDI-11-235: TrendMicro Control Manager CASProcessor.exe BLOB Remote Code Execution Vulnerability

  Tags:  control trendmicro manager code-execution zdi bugtraq  

• July 11, 2011
• 14:00

  Bugtraq: ZDI-11-234: Trend Micro Control Manager CasLogDirectInsertHandler.cs Remote Code Execution Vulnerability

   » ‎ SecurityFocus Vulnerabilities
  ZDI-11-234: Trend Micro Control Manager CasLogDirectInsertHandler.cs Remote Code Execution Vulnerability

  Tags:  control trend micro manager-caslogdirectinserthandler code-execution micro-control zdi  

• June 28, 2011
• 9:00

  Bugtraq: ZDI-11-226: Citrix EdgeSight Launcher Service Remote Code Execution Vulnerability

   » ‎ SecurityFocus Vulnerabilities
  ZDI-11-226: Citrix EdgeSight Launcher Service Remote Code Execution Vulnerability

  Tags:  citrix service edgesight code-execution zdi launcher  

• 9:00

  Bugtraq: ZDI-11-227: Novell File Reporter Engine RECORD Tag Parsing Remote Code Execution Vulnerability

   » ‎ SecurityFocus Vulnerabilities
  ZDI-11-227: Novell File Reporter Engine RECORD Tag Parsing Remote Code Execution Vulnerability

  Tags:  novell reporter file code-execution zdi bugtraq  

• June 21, 2011
• 14:00

  Bugtraq: ZDI-11-225: Mozilla Firefox nsXULCommandDispatcher Remote Code Execution Vulnerability

   » ‎ SecurityFocus Vulnerabilities
  ZDI-11-225: Mozilla Firefox nsXULCommandDispatcher Remote Code Execution Vulnerability

  Tags:  code mozilla remote code-execution mozilla-firefox zdi  

• 10:00

  Bugtraq: ZDI-11-223: Mozilla Firefox SVGPathSegList.replaceItem Remote Code Execution Vulnerability

   » ‎ SecurityFocus Vulnerabilities
  ZDI-11-223: Mozilla Firefox SVGPathSegList.replaceItem Remote Code Execution Vulnerability

  Tags:  svgpathseglist replaceitem mozilla code-execution zdi bugtraq  

• 10:00

  Bugtraq: ZDI-11-224: Mozilla Firefox SVGPointList.appendItem Remote Code Execution Vulnerability

   » ‎ SecurityFocus Vulnerabilities
  ZDI-11-224: Mozilla Firefox SVGPointList.appendItem Remote Code Execution Vulnerability

  Tags:  appenditem svgpointlist mozilla code-execution zdi bugtraq  

• June 15, 2011
• 8:00

  Bugtraq: ZDI-11-217: Adobe Shockwave Font Structure Parsing Remote Code Execution Vulnerability

   » ‎ SecurityFocus Vulnerabilities
  ZDI-11-217: Adobe Shockwave Font Structure Parsing Remote Code Execution Vulnerability

  Tags:  shockwave font adobe code-execution zdi bugtraq  

• 8:00

  Bugtraq: ZDI-11-218: Adobe Acrobat Reader tesselate.x3d Multimedia Playing Remote Code Execution Vulnerability

   » ‎ SecurityFocus Vulnerabilities
  ZDI-11-218: Adobe Acrobat Reader tesselate.x3d Multimedia Playing Remote Code Execution Vulnerability

  Tags:  acrobat reader adobe adobe-acrobat-reader code-execution zdi  

• 8:00

  Bugtraq: ZDI-11-219: Adobe Acrobat Reader 3difr.x3d Multimedia Playing Remote Code Execution Vulnerability

   » ‎ SecurityFocus Vulnerabilities
  ZDI-11-219: Adobe Acrobat Reader 3difr.x3d Multimedia Playing Remote Code Execution Vulnerability

  Tags:  acrobat reader adobe adobe-acrobat-reader code-execution zdi  

• June 08, 2011
• 12:00

  Bugtraq: ZDI-11-190: Oracle Java ICC Profile 'crdi' Tag Parsing Remote Code Execution Vulnerability

   » ‎ SecurityFocus Vulnerabilities
  ZDI-11-190: Oracle Java ICC Profile 'crdi' Tag Parsing Remote Code Execution Vulnerability

  Tags:  java icc oracle oracle-java code-execution zdi  

• 12:00

  Bugtraq: ZDI-11-191: Oracle Java ICC Screening Tag Parsing Remote Code Execution Vulnerability

   » ‎ SecurityFocus Vulnerabilities
  ZDI-11-191: Oracle Java ICC Screening Tag Parsing Remote Code Execution Vulnerability

  Tags:  java icc oracle oracle-java code-execution zdi  

• June 07, 2011
• 9:00

  Bugtraq: ZDI-11-176: Novell iPrint nipplib.dll driver-version Remote Code Vulnerability

   » ‎ SecurityFocus Vulnerabilities
  ZDI-11-176: Novell iPrint nipplib.dll driver-version Remote Code Vulnerability

  Tags:  novell nipplib iprint novell-iprint bugtraq zdi  

• June 03, 2011
• 11:00

  Bugtraq: ZDI-11-171: Sybase OneBridge Mobile Data Suite Format String Remore Code Execution Vulnerability

   » ‎ SecurityFocus Vulnerabilities
  ZDI-11-171: Sybase OneBridge Mobile Data Suite Format String Remore Code Execution Vulnerability

  Tags:  code-execution zdi mobile-data  

• May 27, 2011
• 21:00

  [remote exploits] - HP Data Protector Client Code Execution Vulnerability PoC (ZDI-11-055)

   » ‎ 0day.today (was: 1337day, Inj3ct0r, 1337db)
  [remote exploits] - HP Data Protector Client Code Execution Vulnerability PoC (ZDI-11-055)

  Tags:  exploit remote execution code-execution data-protector zdi  

• May 16, 2011
• 14:00

  Bugtraq: ZDI-11-168: Multiple Vendor librpc.dll Remote Information Disclosure Vulnerability

   » ‎ SecurityFocus Vulnerabilities
  ZDI-11-168: Multiple Vendor librpc.dll Remote Information Disclosure Vulnerability

  Tags:  librpc multiple vendor information-disclosure-vulnerability zdi bugtraq  

• May 11, 2011
• 11:00

  Bugtraq: ZDI-11-165: HP 3COM/H3C Intelligent Management Center tftpserver opcode_table Remote Code Execution Vulnerability

   » ‎ SecurityFocus Vulnerabilities
  ZDI-11-165: HP 3COM/H3C Intelligent Management Center tftpserver opcode_table Remote Code Execution Vulnerability

  Tags:  com management intelligent code-execution intelligent-management zdi  

• May 09, 2011
• 14:00

  Bugtraq: ZDI-11-154: Sybase M-Business Anywhere agSoap.exe password Tag Remote Code Execution Vulnerability

   » ‎ SecurityFocus Vulnerabilities
  ZDI-11-154: Sybase M-Business Anywhere agSoap.exe password Tag Remote Code Execution Vulnerability

  Tags:  sybase anywhere m-business code-execution zdi bugtraq  

• 14:00

  Bugtraq: ZDI-11-155: Sybase M-Business Anywhere Server agd.exe encodeUsername Remote Code Execution Vulnerability

   » ‎ SecurityFocus Vulnerabilities
  ZDI-11-155: Sybase M-Business Anywhere Server agd.exe encodeUsername Remote Code Execution Vulnerability

  Tags:  sybase anywhere m-business code-execution zdi bugtraq  

• April 29, 2011
• 14:01

  Bugtraq: ZDI-11-151: HP Data Protector Backup Client Service bm Message Processing Remote Code Execution Vulnerability

   » ‎ SecurityFocus Vulnerabilities
  ZDI-11-151: HP Data Protector Backup Client Service bm Message Processing Remote Code Execution Vulnerability

  Tags:  client protector data code-execution data-protector zdi  

• 14:01

  Bugtraq: ZDI-11-152: HP Data Protector Backup Client Service GET_FILE Directory Traversal Vulnerability

   » ‎ SecurityFocus Vulnerabilities
  ZDI-11-152: HP Data Protector Backup Client Service GET_FILE Directory Traversal Vulnerability

  Tags:  client protector data directory-traversal-vulnerability data-protector zdi  

• 14:01

  Bugtraq: ZDI-11-153: Embarcadero Interbase connect Request Parsing Remote Code Execution Vulnerability

   » ‎ SecurityFocus Vulnerabilities
  ZDI-11-153: Embarcadero Interbase connect Request Parsing Remote Code Execution Vulnerability

  Tags:  embarcadero interbase request code-execution zdi  

• 13:00

  Bugtraq: ZDI-11-145: HP Data Protector Backup Client Service GET_FILE Remote Code Execution Vulnerability

   » ‎ SecurityFocus Vulnerabilities
  ZDI-11-145: HP Data Protector Backup Client Service GET_FILE Remote Code Execution Vulnerability

  Tags:  service remote get code-execution data-protector zdi  

• 13:00

  Bugtraq: ZDI-11-147: HP Data Protector Backup Client Service EXEC_INTEGUTIL Remote Code Execution Vulnerability

   » ‎ SecurityFocus Vulnerabilities
  ZDI-11-147: HP Data Protector Backup Client Service EXEC_INTEGUTIL Remote Code Execution Vulnerability

  Tags:  client protector data code-execution data-protector zdi  

• 13:00

  Bugtraq: ZDI-11-148: HP Data Protector Backup Client Service stutil Message Processing Remote Code Execution Vulnerability

   » ‎ SecurityFocus Vulnerabilities
  ZDI-11-148: HP Data Protector Backup Client Service stutil Message Processing Remote Code Execution Vulnerability

  Tags:  client protector data code-execution data-protector zdi  

• April 14, 2011
• 14:00

  Bugtraq: ZDI-11-135: (Pwn2Own) WebKit WBR Tag Removal Remote Code Execution Vulnerability

   » ‎ SecurityFocus Vulnerabilities
  ZDI-11-135: (Pwn2Own) WebKit WBR Tag Removal Remote Code Execution Vulnerability

  Tags:  webkit wbr pwn code-execution tag-removal zdi  

• 9:00

  Bugtraq: ZDI-11-132: CA Total Defense Suite UNC Management Console DeleteReportLayout SQL Injection Vulnerability

   » ‎ SecurityFocus Vulnerabilities
  ZDI-11-132: CA Total Defense Suite UNC Management Console DeleteReportLayout SQL Injection Vulnerability

  Tags:  management suite sql zdi bugtraq vulnerability  

• 9:00

  Bugtraq: ZDI-11-133: CA Total Defense Suite UNC Management Console DeleteReports SQL Injection Vulnerability

   » ‎ SecurityFocus Vulnerabilities
  ZDI-11-133: CA Total Defense Suite UNC Management Console DeleteReports SQL Injection Vulnerability

  Tags:  management suite sql zdi bugtraq vulnerability  

• 9:00

  Bugtraq: ZDI-11-134: CA Total Defense Suite UNC Management Console RegenerateReport SQL Injection Vulnerability

   » ‎ SecurityFocus Vulnerabilities
  ZDI-11-134: CA Total Defense Suite UNC Management Console RegenerateReport SQL Injection Vulnerability

  Tags:  management suite console zdi bugtraq vulnerability  

• 8:00

  Bugtraq: ZDI-11-126: CA Total Defense Suite Heartbeat Web Service Remote Code Execution Vulnerability

   » ‎ SecurityFocus Vulnerabilities
  ZDI-11-126: CA Total Defense Suite Heartbeat Web Service Remote Code Execution Vulnerability

  Tags:  total suite defense code-execution zdi bugtraq  

• 8:00

  Bugtraq: ZDI-11-130: CA Total Defense Suite UNC Management Console DeleteFilter SQL Injection Vulnerability

   » ‎ SecurityFocus Vulnerabilities
  ZDI-11-130: CA Total Defense Suite UNC Management Console DeleteFilter SQL Injection Vulnerability

  Tags:  management suite sql zdi bugtraq vulnerability  

• April 11, 2011
• 14:00

  Bugtraq: ZDI-11-118: Novell ZENworks Asset Management Path Traversal File Overwrite Remote Code Execution Vulnerability

   » ‎ SecurityFocus Vulnerabilities
  ZDI-11-118: Novell ZENworks Asset Management Path Traversal File Overwrite Remote Code Execution Vulnerability

  Tags:  novell asset zenworks novell-zenworks-asset-management code-execution zdi  

• 11:00

  Bugtraq: ZDI-11-117: McAfee Firewall Reporter GeneralUtilities.pm isValidClient Authentication Bypass Vulnerability

   » ‎ SecurityFocus Vulnerabilities
  ZDI-11-117: McAfee Firewall Reporter GeneralUtilities.pm isValidClient Authentication Bypass Vulnerability

  Tags:  mcafee isvalidclient firewall reporter-generalutilities zdi bugtraq vulnerability  

• April 04, 2011
• 12:00

  Bugtraq: ZDI-11-116: Novell File Reporter Agent XML Parsing Remote Code Execution Vulnerability

   » ‎ SecurityFocus Vulnerabilities
  ZDI-11-116: Novell File Reporter Agent XML Parsing Remote Code Execution Vulnerability

  Tags:  novell reporter file code-execution zdi bugtraq  

• March 23, 2011
• 8:00

  Bugtraq: ZDI-11-110: (0day) IBM Lotus Domino Server Controller Authentication Bypass Remote Code Execution Vulnerability

   » ‎ SecurityFocus Vulnerabilities
  ZDI-11-110: (0day) IBM Lotus Domino Server Controller Authentication Bypass Remote Code Execution Vulnerability

  Tags:  day lotus ibm domino-server lotus-domino-server code-execution zdi  

• March 22, 2011
• 13:00

  Bugtraq: ZDI-11-109: (Pwn2Own) Apple Safari OfficeArtBlip Parsing Remote Code Execution Vulnerability

   » ‎ SecurityFocus Vulnerabilities
  ZDI-11-109: (Pwn2Own) Apple Safari OfficeArtBlip Parsing Remote Code Execution Vulnerability

  Tags:  parsing officeartblip pwn apple-safari code-execution zdi  

• February 18, 2011
• 10:00

  Bugtraq: ZDI-11-089: Novell ZenWorks TFTPD Remote Code Execution Vulnerability

   » ‎ SecurityFocus Vulnerabilities
  ZDI-11-089: Novell ZenWorks TFTPD Remote Code Execution Vulnerability

  Tags:  novell tftpd zenworks novell-zenworks code-execution zdi  

• February 17, 2011
• 9:00

  Bugtraq: ZDI-11-087: Novell iPrint LPD Remote Code Execution Vulnerability

   » ‎ SecurityFocus Vulnerabilities
  ZDI-11-087: Novell iPrint LPD Remote Code Execution Vulnerability

  Tags:  novell iprint lpd novell-iprint code-execution zdi  

• February 09, 2011
• 10:00

  Bugtraq: ZDI-11-072: Adobe Reader BMP ColorData Remote Code Execution Vulnerability

   » ‎ SecurityFocus Vulnerabilities
  ZDI-11-072: Adobe Reader BMP ColorData Remote Code Execution Vulnerability

  Tags:  reader adobe bmp code-execution adobe-reader zdi  

• 10:00

  Bugtraq: ZDI-11-073: Adobe Reader ICC Parsing Remote Code Execution Vulnerability

   » ‎ SecurityFocus Vulnerabilities
  ZDI-11-073: Adobe Reader ICC Parsing Remote Code Execution Vulnerability

  Tags:  icc reader adobe code-execution adobe-reader zdi  

• February 08, 2011
• 14:00

  Bugtraq: ZDI-11-062: Multiple Vendor Calendar Manager RPC Service Remote Code Execution Vulnerability

   » ‎ SecurityFocus Vulnerabilities
  ZDI-11-062: Multiple Vendor Calendar Manager RPC Service Remote Code Execution Vulnerability

  Tags:  multiple calendar vendor code-execution calendar-manager zdi  

• 12:00

  Bugtraq: ZDI-11-063: Microsoft Visio 2007 LZW Stream Decompression Exception Vulnerability

   » ‎ SecurityFocus Vulnerabilities
  ZDI-11-063: Microsoft Visio 2007 LZW Stream Decompression Exception Vulnerability

  Tags:  microsoft lzw visio microsoft-visio-2007 zdi  

• 12:00

  Bugtraq: ZDI-11-064: Microsoft Windows WmiTraceMessageVa Local Kernel Vulnerability

   » ‎ SecurityFocus Vulnerabilities
  ZDI-11-064: Microsoft Windows WmiTraceMessageVa Local Kernel Vulnerability

  Tags:  wmitracemessageva microsoft windows zdi microsoft-windows vulnerability  

• November 08, 2010
• 19:02

  ZDI-10-241.txt

   » ‎ Packet Storm Security Recent Files
  Zero Day Initiative Advisory 10-241 - This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Novell GroupWise. Authentication is not required to exploit this vulnerability. The specific flaw exists within the gwia.exe module responsible for parsing e-mail messages received by the server. When the code encounters a Content-Type header it proceeds to parse out the numbers within its contents. The process does not properly check for signed integers and if it encounters one, it loops excessively while writing to the stack. This can be abused by a remote attacker to execute arbitrary code under the context of the SYSTEM user.

  Tags:  code zdi vulnerability novell-groupwise mail-messages gwia  

• 19:01

  ZDI-10-238.txt

   » ‎ Packet Storm Security Advisories
  Zero Day Initiative Advisory 10-238 - This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Novell GroupWise. Authentication is not required to exploit this vulnerability. The specific flaw exists within the gwia.exe module responsible for parsing e-mail messages received by the server. When the code encounters a Content-Type header it proceeds to parse out string data from within it. The process does not properly check the length of these values before copying them to a fixed-length buffer. This can be abused by a remote attacker to execute arbitrary code under the context of the SYSTEM user.

  Tags:  code zdi vulnerability novell-groupwise mail-messages gwia  

• 19:01

  ZDI-10-241.txt

   » ‎ Packet Storm Security Advisories
  Zero Day Initiative Advisory 10-241 - This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Novell GroupWise. Authentication is not required to exploit this vulnerability. The specific flaw exists within the gwia.exe module responsible for parsing e-mail messages received by the server. When the code encounters a Content-Type header it proceeds to parse out the numbers within its contents. The process does not properly check for signed integers and if it encounters one, it loops excessively while writing to the stack. This can be abused by a remote attacker to execute arbitrary code under the context of the SYSTEM user.

  Tags:  code zdi vulnerability novell-groupwise mail-messages gwia  

• October 18, 2010
• 22:01

  ZDI-10-215.txt

   » ‎ Packet Storm Security Recent Files
  Zero Day Initiative Advisory 10-215 - This vulnerability allows attackers to execute arbitrary code on vulnerable installations of IBM Informix Dynamic Server. Authentication is not required to exploit this vulnerability. The specific flaw exists within the RPC protocol parsing library, librpc.dll, utilized by the ISM Portmapper service (portmap.exe) bound by default to TCP port 36890. A lack of sanity checking on supplied parameter sizes can result in an integer overflow and subsequent heap buffer under allocation which can finally lead to an exploitable memory corruption.

  Tags:  txt zdi vulnerability informix-dynamic-server lack-of-sanity memory-corruption  

• 22:01

  ZDI-10-216.txt

   » ‎ Packet Storm Security Recent Files
  Zero Day Initiative Advisory 10-216 - This vulnerability allows attackers to execute arbitrary code on vulnerable installations of IBM Informix Dynamic Server. Authentication is required in that an attacker must have valid credentials to connect to the database. The specific flaw exists within the oninit.exe process bound by default to TCP port 9088 or 1526. A lack of sanity checking within a logging function can result in a stack based buffer overflow leading to arbitrary code execution under the context of the SYSTEM user.

  Tags:  txt code zdi informix-dynamic-server arbitrary-code-execution based-buffer-overflow  

• 22:00

  ZDI-10-215.txt

   » ‎ Packet Storm Security Advisories
  Zero Day Initiative Advisory 10-215 - This vulnerability allows attackers to execute arbitrary code on vulnerable installations of IBM Informix Dynamic Server. Authentication is not required to exploit this vulnerability. The specific flaw exists within the RPC protocol parsing library, librpc.dll, utilized by the ISM Portmapper service (portmap.exe) bound by default to TCP port 36890. A lack of sanity checking on supplied parameter sizes can result in an integer overflow and subsequent heap buffer under allocation which can finally lead to an exploitable memory corruption.

  Tags:  txt zdi vulnerability informix-dynamic-server lack-of-sanity memory-corruption  

• 22:00

  ZDI-10-216.txt

   » ‎ Packet Storm Security Advisories
  Zero Day Initiative Advisory 10-216 - This vulnerability allows attackers to execute arbitrary code on vulnerable installations of IBM Informix Dynamic Server. Authentication is required in that an attacker must have valid credentials to connect to the database. The specific flaw exists within the oninit.exe process bound by default to TCP port 9088 or 1526. A lack of sanity checking within a logging function can result in a stack based buffer overflow leading to arbitrary code execution under the context of the SYSTEM user.

  Tags:  txt code zdi informix-dynamic-server arbitrary-code-execution based-buffer-overflow  

• October 12, 2010
• 21:01

  ZDI-10-202.txt

   » ‎ Packet Storm Security Recent Files
  Zero Day Initiative Advisory 10-202 - This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of the Sun Java Runtime. User interaction is required in that a target must visit a malicious page. The specific flaw exists within the com.sun.jnlp.BasicServiceImpl class. By abusing how Web Start retrieves security policies, an attacker can forge their own and force the removal of sandbox restrictions. Successful exploitation leads to code execution under the context of the user running the browser.

  Tags:  zdi sun user sun-java-runtime zero-day arbitrary-code  

• 21:01

  ZDI-10-205.txt

   » ‎ Packet Storm Security Recent Files
  Zero Day Initiative Advisory 10-205 - This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Sun's Java Runtime Environment. User interaction is required to exploit this vulnerability in that the target must visit a malicious page. The specific flaw exists in the processing of JPEG image dimensions. When specifying large values to the dimensions of a subsample an integer overflow occurs leading to memory corruption. Successful exploitation of this vulnerability can lead to remote compromise under the credentials of the currently logged in user.

  Tags:  zdi vulnerability user java-runtime-environment memory-corruption integer-overflow  

• 21:01

  ZDI-10-202.txt

   » ‎ Packet Storm Security Advisories
  Zero Day Initiative Advisory 10-202 - This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of the Sun Java Runtime. User interaction is required in that a target must visit a malicious page. The specific flaw exists within the com.sun.jnlp.BasicServiceImpl class. By abusing how Web Start retrieves security policies, an attacker can forge their own and force the removal of sandbox restrictions. Successful exploitation leads to code execution under the context of the user running the browser.

  Tags:  zdi sun user sun-java-runtime zero-day arbitrary-code  

• 21:00

  ZDI-10-205.txt

   » ‎ Packet Storm Security Advisories
  Zero Day Initiative Advisory 10-205 - This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Sun's Java Runtime Environment. User interaction is required to exploit this vulnerability in that the target must visit a malicious page. The specific flaw exists in the processing of JPEG image dimensions. When specifying large values to the dimensions of a subsample an integer overflow occurs leading to memory corruption. Successful exploitation of this vulnerability can lead to remote compromise under the credentials of the currently logged in user.

  Tags:  zdi vulnerability user java-runtime-environment memory-corruption integer-overflow  

• October 06, 2010
• 12:00

  Bugtraq: ZDI-10-191: Adobe Reader ICC Parsing Remote Code Execution Vulnerability

   » ‎ SecurityFocus Vulnerabilities
  ZDI-10-191: Adobe Reader ICC Parsing Remote Code Execution Vulnerability

  Tags:  icc reader adobe code-execution adobe-reader zdi  

• 12:00

  Bugtraq: ZDI-10-193: Adobe Acrobat Reader Multimedia Playing Remote Code Execution Vulnerability

   » ‎ SecurityFocus Vulnerabilities
  ZDI-10-193: Adobe Acrobat Reader Multimedia Playing Remote Code Execution Vulnerability

  Tags:  acrobat reader adobe adobe-acrobat-reader code-execution zdi  

• 12:00

  Bugtraq: ZDI-10-192: Adobe Acrobat Reader ICC mluc Remote Code Execution Vulnerability

   » ‎ SecurityFocus Vulnerabilities
  ZDI-10-192: Adobe Acrobat Reader ICC mluc Remote Code Execution Vulnerability

  Tags:  acrobat reader adobe adobe-acrobat-reader code-execution zdi  

• September 30, 2010
• 9:00

  Bugtraq: ZDI-10-187: IBM TSM FastBack Server _DAS_ReadBlockReply Remote Denial of Service Vulnerability

   » ‎ SecurityFocus Vulnerabilities
  ZDI-10-187: IBM TSM FastBack Server _DAS_ReadBlockReply Remote Denial of Service Vulnerability

  Tags:  fastback tsm ibm service-vulnerability denial-of-service zdi  

• September 13, 2010
• 19:01

  ZDI-10-176.txt

   » ‎ Packet Storm Security Recent Files
  Zero Day Initiative Advisory 10-176 - This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Mozilla Firefox. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The flaw exists within the normalizeDocument function defined within nsDocument.cpp. When handling children nodes the code does not account for a varying number of children during normalization. An attacker can abuse this problem along with the fact that the code does not validate the child index is within bounds to access an invalid object and execute arbitrary code under the context of the browser.

  Tags:  code zdi vulnerability child-index zero-day target  

• 19:00

  ZDI-10-176.txt

   » ‎ Packet Storm Security Advisories
  Zero Day Initiative Advisory 10-176 - This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Mozilla Firefox. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The flaw exists within the normalizeDocument function defined within nsDocument.cpp. When handling children nodes the code does not account for a varying number of children during normalization. An attacker can abuse this problem along with the fact that the code does not validate the child index is within bounds to access an invalid object and execute arbitrary code under the context of the browser.

  Tags:  code zdi vulnerability child-index zero-day target  

• 13:01

  Bugtraq: ZDI-10-169: Novell Netware SSHD.NLM Remote Code Execution Vulnerability

   » ‎ SecurityFocus Vulnerabilities
  ZDI-10-169: Novell Netware SSHD.NLM Remote Code Execution Vulnerability

  Tags:  novell netware sshd novell-netware code-execution zdi  

• 13:01

  Bugtraq: ZDI-10-170: Apple Safari Webkit Runin Remote Code Execution Vulnerability

   » ‎ SecurityFocus Vulnerabilities
  ZDI-10-170: Apple Safari Webkit Runin Remote Code Execution Vulnerability

  Tags:  runin remote webkit apple-safari code-execution zdi  

• 13:00

  Bugtraq: ZDI-10-172: Mozilla Firefox tree Object Removal Remote Code Execution Vulnerability

   » ‎ SecurityFocus Vulnerabilities
  ZDI-10-172: Mozilla Firefox tree Object Removal Remote Code Execution Vulnerability

  Tags:  mozilla removal tree code-execution bugtraq zdi  

• August 31, 2010
• 14:00

  Bugtraq: ZDI-10-168: Apple QuickTime ActiveX _Marshaled_pUnk Remote Code Execution Vulnerability

   » ‎ SecurityFocus Vulnerabilities
  ZDI-10-168: Apple QuickTime ActiveX _Marshaled_pUnk Remote Code Execution Vulnerability

  Tags:  punk activex marshaled apple-quicktime code-execution zdi  

• August 26, 2010
• 12:00

  Bugtraq: ZDI-10-167: RealNetworks RealPlayer FLV Parsing Multiple Integer Overflow Vulnerabilities

   » ‎ SecurityFocus Vulnerabilities
  ZDI-10-167: RealNetworks RealPlayer FLV Parsing Multiple Integer Overflow Vulnerabilities

  Tags:  realplayer realnetworks flv integer-overflow zdi bugtraq  

• August 25, 2010
• 9:00

  Bugtraq: ZDI-10-160: Adobe Shockwave Player Director File FFFFFF45 Record Processing Remote Code Execution Vulnerability

   » ‎ SecurityFocus Vulnerabilities
  ZDI-10-160: Adobe Shockwave Player Director File FFFFFF45 Record Processing Remote Code Execution Vulnerability

  Tags:  shockwave player adobe adobe-shockwave-player code-execution zdi  

• August 12, 2010
• 8:00

  Bugtraq: ZDI-10-153: Apple Webkit SVG Floating Text Element Remote Code Execution Vulnerability

   » ‎ SecurityFocus Vulnerabilities
  ZDI-10-153: Apple Webkit SVG Floating Text Element Remote Code Execution Vulnerability

  Tags:  text-element code-execution zdi  

• 8:00

  Bugtraq: ZDI-10-154: Apple Webkit Button First-Letter Style Rendering Remote Code Execution Vulnerability

   » ‎ SecurityFocus Vulnerabilities
  ZDI-10-154: Apple Webkit Button First-Letter Style Rendering Remote Code Execution Vulnerability

  Tags:  letter style button apple-webkit code-execution letter-style zdi  

• 7:00

  Bugtraq: ZDI-10-151: Microsoft Office Word 2007 plcffldMom Parsing Remote Code Execution Vulnerability

   » ‎ SecurityFocus Vulnerabilities
  ZDI-10-151: Microsoft Office Word 2007 plcffldMom Parsing Remote Code Execution Vulnerability

  Tags:  office microsoft word microsoft-office-word code-execution zdi  

• 7:00

  Bugtraq: ZDI-10-152: Apple WebKit RTL LineBox Overflow Remote Code Execution Vulnerability

   » ‎ SecurityFocus Vulnerabilities
  ZDI-10-152: Apple WebKit RTL LineBox Overflow Remote Code Execution Vulnerability

  Tags:  linebox overflow rtl apple-webkit code-execution zdi  

• 1:01

  ZDI-10-147.txt

   » ‎ Packet Storm Security Recent Files
  Zero Day Initiative Advisory 10-147 - This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Microsoft Windows. User interaction is required in that a target must open a malicious media file or visit a malicious page. The specific flaw exists within the codec responsible for parsing layer 3 MPEG audio streams. By providing invalid values within the stream, heap memory can be easily corrupted. This could be leveraged by an attacker to execute remote code under the context of the user running the application.

  Tags:  code zdi user heap-memory audio-streams invalid-values  

• 1:00

  ZDI-10-147.txt

   » ‎ Packet Storm Security Advisories
  Zero Day Initiative Advisory 10-147 - This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Microsoft Windows. User interaction is required in that a target must open a malicious media file or visit a malicious page. The specific flaw exists within the codec responsible for parsing layer 3 MPEG audio streams. By providing invalid values within the stream, heap memory can be easily corrupted. This could be leveraged by an attacker to execute remote code under the context of the user running the application.

  Tags:  code zdi user heap-memory audio-streams invalid-values  

• 0:00

  ZDI-10-143.txt

   » ‎ Packet Storm Security Advisories
  Zero Day Initiative Advisory 10-143 - This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Novell Log Manager. Authentication is not required to exploit this vulnerability. The specific flaws exist within the fileDownload and reportPluginUpload Tomcat servlets which do not require authentication to make privileged requests to. Due to the nature of the functionality provided by these servlets, successful exploitation can lead to code execution under the context of the application.

  Tags:  txt zdi vulnerability manager.-authentication tomcat-servlets zero-day arbitrary-code  

• August 10, 2010
• 12:00

  Bugtraq: ZDI-10-148: Microsoft Cinepak Codec CVDecompress Remote Code Execution Vulnerability

   » ‎ SecurityFocus Vulnerabilities
  ZDI-10-148: Microsoft Cinepak Codec CVDecompress Remote Code Execution Vulnerability

  Tags:  cinepak microsoft codec code-execution zdi  

• 11:00

  Bugtraq: ZDI-10-147: Microsoft Windows MPEG Layer-3 Audio Decoder Remote Code Execution Vulnerability

   » ‎ SecurityFocus Vulnerabilities
  ZDI-10-147: Microsoft Windows MPEG Layer-3 Audio Decoder Remote Code Execution Vulnerability

  Tags:  microsoft mpeg windows code-execution layer-3 zdi  

• August 09, 2010
• 13:00

  Bugtraq: ZDI-10-143: Novell Sentinel Log Manager Multiple Servlet Remote Code Execution Vulnerabilities

   » ‎ SecurityFocus Vulnerabilities
  ZDI-10-143: Novell Sentinel Log Manager Multiple Servlet Remote Code Execution Vulnerabilities

  Tags:  novell sentinel log code-execution zdi bugtraq  

• 13:00

  Bugtraq: ZDI-10-144: Apple Webkit Rendering Counter Remote Code Execution Vulnerability

   » ‎ SecurityFocus Vulnerabilities
  ZDI-10-144: Apple Webkit Rendering Counter Remote Code Execution Vulnerability

  Tags:  counter remote rendering apple-webkit code-execution zdi bugtraq  

• July 21, 2010
• 9:01

  Bugtraq: ZDI-10-134: Mozilla Firefox DOM Attribute Cloning Remote Code Execution Vulnerability

   » ‎ SecurityFocus Vulnerabilities
  ZDI-10-134: Mozilla Firefox DOM Attribute Cloning Remote Code Execution Vulnerability

  Tags:  cloning mozilla firefox dom-attribute code-execution zdi bugtraq  

• 9:01

  Bugtraq: ZDI-10-135: Novell Groupwise WebAccess Multiple Cross-Site Scripting Vulnerabilities

   » ‎ SecurityFocus Vulnerabilities
  ZDI-10-135: Novell Groupwise WebAccess Multiple Cross-Site Scripting Vulnerabilities

  Tags:  novell webaccess groupwise novell-groupwise-webaccess bugtraq zdi  

• 8:00

  Bugtraq: ZDI-10-130: Mozilla Firefox NodeIterator Remote Code Execution Vulnerability

   » ‎ SecurityFocus Vulnerabilities
  ZDI-10-130: Mozilla Firefox NodeIterator Remote Code Execution Vulnerability

  Tags:  mozilla nodeiterator remote code-execution mozilla-firefox zdi  

• July 13, 2010
• 22:50

  ZDI-10-124.txt

   » ‎ Packet Storm Security Recent Files
  Zero Day Initiative Advisory 10-124 - This vulnerability allows remote attackers to execute arbitrary commands on vulnerable installations of Oracle Secure Backup. Authentication is required to exploit these vulnerabilities. The specific flaws exist due to how the application passes CGI parameters to the internal obtool binary running on port 443. Due to improper filtering of user data a specially crafted request could lead to arbitrary commands being executed under the credentials of the service.

  Tags:  txt zero zdi cgi-parameters zero-day port-443  

• 22:48

  ZDI-10-123.txt

   » ‎ Packet Storm Security Advisories
  Zero Day Initiative Advisory 10-123 - This vulnerability allows remote attackers to bypass authentication on vulnerable installations of Oracle Secure Backup. The specific flaw exists within the register globals emulation layer which allows attackers to specify values for arbitrary program variables. When specific parameters are specified via the URI it is possible for an attacker to bypass the authentication mechanism and reach functionality otherwise inaccessible without proper credentials. This can be leveraged by remote attackers to trigger what were post-auth vulnerabilities without valid credentials.

  Tags:  txt zdi authentication uri valid-credentials proper-credentials program-variables  

• 22:47

  ZDI-10-124.txt

   » ‎ Packet Storm Security Advisories
  Zero Day Initiative Advisory 10-124 - This vulnerability allows remote attackers to execute arbitrary commands on vulnerable installations of Oracle Secure Backup. Authentication is required to exploit these vulnerabilities. The specific flaws exist due to how the application passes CGI parameters to the internal obtool binary running on port 443. Due to improper filtering of user data a specially crafted request could lead to arbitrary commands being executed under the credentials of the service.

  Tags:  txt zero zdi cgi-parameters zero-day port-443  

• 22:47

  ZDI-10-125.txt

   » ‎ Packet Storm Security Advisories
  Zero Day Initiative Advisory 10-125 - This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of IBM solidDB. Authentication is not required to exploit this vulnerability. The specific flaw exists within the solid.exe process which listens by default on TCP port 1315. The code responsible for parsing the first handshake packet does not properly validate the length of the username field. By crafting an overly long value in the request an attacker can exploit this to execute arbitrary code under the context of the SYSTEM user.

  Tags:  code zdi vulnerability username-field zero-day arbitrary-code  

• 15:11

  Bugtraq: ZDI-10-117: Microsoft Office Access AccWizObjects ActiveX Control Uninitialized Imports Remote Code Execution Vulnerability

   » ‎ SecurityFocus Vulnerabilities
  ZDI-10-117: Microsoft Office Access AccWizObjects ActiveX Control Uninitialized Imports Remote Code Execution Vulnerability

  Tags:  office access microsoft code-execution zdi bugtraq  

• June 25, 2010
• 11:02

  Bugtraq: ZDI-10-114: Adobe Flash Player AVM2 getouterscope Opcode Remote Code Execution Vulnerability

   » ‎ SecurityFocus Vulnerabilities
  ZDI-10-114: Adobe Flash Player AVM2 getouterscope Opcode Remote Code Execution Vulnerability

  Tags:  player adobe flash code-execution adobe-flash-player zdi  

• 11:02

  Bugtraq: ZDI-10-115: Adobe Flash Player AVM newFrameState Integer Overfow Remote Code Execution Vulnerability

   » ‎ SecurityFocus Vulnerabilities
  ZDI-10-115: Adobe Flash Player AVM newFrameState Integer Overfow Remote Code Execution Vulnerability

  Tags:  player adobe flash code-execution adobe-flash-player zdi  

• June 23, 2010
• 15:01

  Bugtraq: ZDI-10-113: Mozilla Firefox XSLT Sort Remote Code Execution Vulnerability

   » ‎ SecurityFocus Vulnerabilities
  ZDI-10-113: Mozilla Firefox XSLT Sort Remote Code Execution Vulnerability

  Tags:  mozilla remote sort code-execution zdi bugtraq  

• June 21, 2010
• 13:00

  Bugtraq: ZDI-10-112: Novell Access Manager Arbitrary File Upload Remote Code Execution Vulnerability

   » ‎ SecurityFocus Vulnerabilities
  ZDI-10-112: Novell Access Manager Arbitrary File Upload Remote Code Execution Vulnerability

  Tags:  novell access manager code-execution zdi file-upload  

• June 11, 2010
• 7:00

  Bugtraq: ZDI-10-107: Multiple Sourcefire Products Static Web SSL Keys Vulnerability

   » ‎ SecurityFocus Vulnerabilities
  ZDI-10-107: Multiple Sourcefire Products Static Web SSL Keys Vulnerability

  Tags:  sourcefire static ssl static-web zdi bugtraq  

• June 08, 2010
• 13:00

  Bugtraq: ZDI-10-104: Microsoft Office Excel SxView Record Parsing Remote Code Execution Vulnerability

   » ‎ SecurityFocus Vulnerabilities
  ZDI-10-104: Microsoft Office Excel SxView Record Parsing Remote Code Execution Vulnerability

  Tags:  excel office microsoft code-execution office-excel zdi  

• 13:00

  Bugtraq: ZDI-10-106: Hewlett-Packard OpenView NNM ovutil.dll getProxiedStorageAddress Remote Code Execution Vulnerability

   » ‎ SecurityFocus Vulnerabilities
  ZDI-10-106: Hewlett-Packard OpenView NNM ovutil.dll getProxiedStorageAddress Remote Code Execution Vulnerability

  Tags:  openview nnm packard code-execution zdi bugtraq  

• 12:00

  Bugtraq: ZDI-10-101: Apple Webkit SVG RadialGradiant Run-in Remote Code Execution Vulnerability

   » ‎ SecurityFocus Vulnerabilities
  ZDI-10-101: Apple Webkit SVG RadialGradiant Run-in Remote Code Execution Vulnerability

  Tags:  radialgradiant run-in svg apple-webkit code-execution zdi bugtraq  

• 11:00

  Bugtraq: ZDI-10-098: Apple Webkit First-Letter Pseudo-Element Style Remote Code Execution Vulnerability

   » ‎ SecurityFocus Vulnerabilities
  ZDI-10-098: Apple Webkit First-Letter Pseudo-Element Style Remote Code Execution Vulnerability

  Tags:  element remote style apple-webkit code-execution zdi bugtraq  

• 11:00

  Bugtraq: ZDI-10-099: Apple Webkit ProcessInstruction Target Error Message Insertion Remote Code Execution Vulnerability

   » ‎ SecurityFocus Vulnerabilities
  ZDI-10-099: Apple Webkit ProcessInstruction Target Error Message Insertion Remote Code Execution Vulnerability

  Tags:  error processinstruction target apple-webkit code-execution zdi  

• 11:00

  Bugtraq: ZDI-10-100: Apple Webkit ConditionEventListener Remote Code Execution Vulnerability

   » ‎ SecurityFocus Vulnerabilities
  ZDI-10-100: Apple Webkit ConditionEventListener Remote Code Execution Vulnerability

  Tags:  code-execution zdi bugtraq  

• June 01, 2010
• 13:00

  Bugtraq: ZDI-10-090: Novell ZENworks Configuration Management Preboot Service Remote Code Execution Vulnerability

   » ‎ SecurityFocus Vulnerabilities
  ZDI-10-090: Novell ZENworks Configuration Management Preboot Service Remote Code Execution Vulnerability

  Tags:  novell management configuration novell-zenworks code-execution zdi  

• May 12, 2010
• 11:00

  Bugtraq: ZDI-10-087: Adobe Shockwave Invalid Offset Memory Corruption Remote Code Execution Vulnerability

   » ‎ SecurityFocus Vulnerabilities
  ZDI-10-087: Adobe Shockwave Invalid Offset Memory Corruption Remote Code Execution Vulnerability

  Tags:  shockwave invalid adobe memory-corruption code-execution zdi  

• 10:00

  Bugtraq: ZDI-10-083: HP OpenView NNM snmpviewer.exe CGI Multiple Variable Remote Code Execution Vulnerability

   » ‎ SecurityFocus Vulnerabilities
  ZDI-10-083: HP OpenView NNM snmpviewer.exe CGI Multiple Variable Remote Code Execution Vulnerability

  Tags:  openview nnm snmpviewer code-execution hp-openview zdi  

• 8:00

  Bugtraq: ZDI-10-084: HP OpenView NNM getnnmdata.exe CGI Invalid MaxAge Remote Code Execution Vulnerability

   » ‎ SecurityFocus Vulnerabilities
  ZDI-10-084: HP OpenView NNM getnnmdata.exe CGI Invalid MaxAge Remote Code Execution Vulnerability

  Tags:  openview nnm getnnmdata code-execution hp-openview zdi  

• May 06, 2010
• 19:41

  ZDI-10-080.txt

   » ‎ Packet Storm Security Recent Files
  Zero Day Initiative Advisory 10-080 - This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of HP Mercury LoadRunner. Authentication is not required to exploit this vulnerability. The specific flaw exists within the process magentproc.exe that binds to TCP port 54345. A specially crafted packet will allow unauthenticated users to execute local commands. When a state of 0 or 4 is passed after the parameters, mchan.dll will process the commands on the host. This allows for remote code execution under the context of the SYSTEM user.

  Tags:  code zdi vulnerability mercury-loadrunner hp-mercury code-execution  

• 19:40

  ZDI-10-080.txt

   » ‎ Packet Storm Security Advisories
  Zero Day Initiative Advisory 10-080 - This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of HP Mercury LoadRunner. Authentication is not required to exploit this vulnerability. The specific flaw exists within the process magentproc.exe that binds to TCP port 54345. A specially crafted packet will allow unauthenticated users to execute local commands. When a state of 0 or 4 is passed after the parameters, mchan.dll will process the commands on the host. This allows for remote code execution under the context of the SYSTEM user.

  Tags:  code zdi vulnerability mercury-loadrunner hp-mercury code-execution  

• April 23, 2010
• 14:00

  Bugtraq: ZDI-10-078: Novell ZENworks Configuration Management UploadServlet Remote Code Execution Vulnerability

   » ‎ SecurityFocus Vulnerabilities
  ZDI-10-078: Novell ZENworks Configuration Management UploadServlet Remote Code Execution Vulnerability

  Tags:  novell management configuration novell-zenworks code-execution zdi  

• April 21, 2010
• 12:00

  Bugtraq: ZDI-10-077: Adobe Download Manager Atlcom.get_atlcom ActiveX Control Remote Code Execution Vulnerability

   » ‎ SecurityFocus Vulnerabilities
  ZDI-10-077: Adobe Download Manager Atlcom.get_atlcom ActiveX Control Remote Code Execution Vulnerability

  Tags:  download adobe atlcom manager-atlcom adobe-download-manager code-execution zdi  

• April 15, 2010
• 20:00

  ZDI-10-076.txt

   » ‎ Packet Storm Security Recent Files
  Zero Day Initiative Advisory 10-076 - This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Apple Preview. User interaction is required in that a target must open a malicious file or visit a malicious page. The specific flaw exists within the routine TType1ParsingContext::SpecialEncoding() defined in libFontParser.dylib. While parsing glyphs from a PDF document, a malformed offset greater than 0x400 can result in a heap corruption which can be leveraged by an attacker to execute arbitrary code under the context of the current user.

  Tags:  code zdi user apple-preview heap-corruption zero-day glyphs  

• 20:00

  ZDI-10-076.txt

   » ‎ Packet Storm Security Advisories
  Zero Day Initiative Advisory 10-076 - This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Apple Preview. User interaction is required in that a target must open a malicious file or visit a malicious page. The specific flaw exists within the routine TType1ParsingContext::SpecialEncoding() defined in libFontParser.dylib. While parsing glyphs from a PDF document, a malformed offset greater than 0x400 can result in a heap corruption which can be leveraged by an attacker to execute arbitrary code under the context of the current user.

  Tags:  code zdi user apple-preview heap-corruption zero-day glyphs  

• April 14, 2010
• 1:00

  ZDI-10-071.txt

   » ‎ Packet Storm Security Advisories
  Zero Day Initiative Advisory 10-071 - This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Adobe's Acrobat Reader. User interaction is required in that the victim must be coerced into opening a malicious document or visiting a malicious URL. The specific flaw exists within the parsing of embedded fonts inside a PDF document. Upon parsing particular tables out of a font file the application will miscalculate an index used for seeking into a buffer. Later the application will begin to copy data into the calculated pointer corrupting the referenced data structure. Successful exploitation will lead to code execution under the context of the application.

  Tags:  zdi document application acrobat-reader-user referenced-data zero-day  

• April 09, 2010
• 15:06

  ZDI-10-068.txt

   » ‎ Packet Storm Security Recent Files
  Zero Day Initiative Advisory 10-068 - This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Apple QuickTime. User interaction is required in that a target must open a malicious media file or visit a malicious page. The specific flaw exists within the parsing of H.263 media files. The code within QuickTime trusts various values from MDAT structures and uses them during operations on heap memory. By crafting specific values the corruption can be leveraged to execute remote code under the context of the user running the application.

  Tags:  code zdi user apple-quicktime heap-memory h-263  

• 15:06

  ZDI-10-068.txt

   » ‎ Packet Storm Security Advisories
  Zero Day Initiative Advisory 10-068 - This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Apple QuickTime. User interaction is required in that a target must open a malicious media file or visit a malicious page. The specific flaw exists within the parsing of H.263 media files. The code within QuickTime trusts various values from MDAT structures and uses them during operations on heap memory. By crafting specific values the corruption can be leveraged to execute remote code under the context of the user running the application.

  Tags:  code zdi user apple-quicktime heap-memory h-263  

• April 06, 2010
• 15:53

  Bugtraq: ZDI-10-067: Apple QuickTime Pict BkPixPat Remote Code Execution Vulnerability

   » ‎ SecurityFocus Vulnerabilities
  ZDI-10-067: Apple QuickTime Pict BkPixPat Remote Code Execution Vulnerability

  Tags:  bkpixpat pict remote apple-quicktime code-execution zdi  

• April 05, 2010
• 19:52

  ZDI-10-062.txt

   » ‎ Packet Storm Security Recent Files
  Zero Day Initiative Advisory 10-062 - This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Novell Netware NWFTPD daemon. Authentication or default anonymous access is required to exploit this vulnerability. The specific flaw exists when parsing malformed arguments to the verbs RMD, RNFR, and DELE. Overly long parameters will result in stack based buffer overflows which can be leveraged to execute arbitrary code.

  Tags:  code zdi vulnerability novell-netware buffer-overflows zero-day  

• 19:52

  ZDI-10-054.txt

   » ‎ Packet Storm Security Advisories
  Zero Day Initiative Advisory 10-054 - This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Sun's Java Runtime Environment. User interaction is required to exploit this vulnerability in that the target must visit a malicious page. The specific flaw exists in the processing of JPEG image dimensions. When specifying large values to the dimensions of a subsample an integer overflow occurs leading to memory corruption. Successful exploitation of this vulnerability can lead to a compromise under the credentials of the currently logged in user.

  Tags:  zdi vulnerability user java-runtime-environment memory-corruption integer-overflow  

• 19:52

  ZDI-10-055.txt

   » ‎ Packet Storm Security Advisories
  Zero Day Initiative Advisory 10-055 - This vulnerability allows remote attackers to violate security policies on vulnerable installations of Sun Java Runtime. User interaction is required to exploit this vulnerability in that the target must run a malicious applet. The specific flaw allows malicious applets to connect to network addresses other than the originating applet and client IPs. A handcrafted applet can override compile time checks to prevent compilation of a mutable InetAddress subclass. This results in the ability to circumvent the Applet SecurityManager restrictions.

  Tags:  zdi vulnerability applet sun-java-runtime malicious-applet malicious-applets  

• 19:52

  ZDI-10-058.txt

   » ‎ Packet Storm Security Advisories
  Zero Day Initiative Advisory 10-058 - This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Apple Mac OS X. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the Apple ImageIO framework during the parsing of malformed JPEG2000 files. The function CGImageReadGetBytesAtOffset can utilize miscalculated values during a memmove operation that will result in an exploitable heap corruption allowing attackers to execute arbitrary code under the context of the current user.

  Tags:  code zdi vulnerability apple-imageio apple-mac-os x.-user heap-corruption apple-mac-os-x  

• 19:52

  ZDI-10-062.txt

   » ‎ Packet Storm Security Advisories
  Zero Day Initiative Advisory 10-062 - This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Novell Netware NWFTPD daemon. Authentication or default anonymous access is required to exploit this vulnerability. The specific flaw exists when parsing malformed arguments to the verbs RMD, RNFR, and DELE. Overly long parameters will result in stack based buffer overflows which can be leveraged to execute arbitrary code.

  Tags:  code zdi vulnerability novell-netware buffer-overflows zero-day  

• 13:00

  Bugtraq: ZDI-10-061: Sun Java Runtime CMM readMabCurveData Remote Code Execution Vulnerability

   » ‎ SecurityFocus Vulnerabilities
  ZDI-10-061: Sun Java Runtime CMM readMabCurveData Remote Code Execution Vulnerability

  Tags:  cmm runtime sun sun-java-runtime code-execution zdi  

• 11:00

  Bugtraq: ZDI-10-040: Apple QuickTime RLE Bit Depth Remote Code Execution Vulnerability

   » ‎ SecurityFocus Vulnerabilities
  ZDI-10-040: Apple QuickTime RLE Bit Depth Remote Code Execution Vulnerability

  Tags:  depth bit rle apple-quicktime code-execution bit-depth zdi  

• 11:00

  Bugtraq: ZDI-10-041: Apple QuickTime QDM2/QDCA Atom Remote Code Execution Vulnerability

   » ‎ SecurityFocus Vulnerabilities
  ZDI-10-041: Apple QuickTime QDM2/QDCA Atom Remote Code Execution Vulnerability

  Tags:  code-execution zdi apple-quicktime  

• 11:00

  Bugtraq: ZDI-10-042: Apple QuickTime MediaVideo Compressor Name Remote Code Execution Vulnerability

   » ‎ SecurityFocus Vulnerabilities
  ZDI-10-042: Apple QuickTime MediaVideo Compressor Name Remote Code Execution Vulnerability

  Tags:  compressor mediavideo name apple-quicktime code-execution zdi  

• 10:03

  Bugtraq: ZDI-10-035: Apple QuickTime genl Atom Remote Code Execution Vulnerability

   » ‎ SecurityFocus Vulnerabilities
  ZDI-10-035: Apple QuickTime genl Atom Remote Code Execution Vulnerability

  Tags:  genl remote atom apple-quicktime code-execution zdi  

• 10:03

  Bugtraq: ZDI-10-036: Apple QuickTime H.263 PictureHeader Remote Code Execution Vulnerability

   » ‎ SecurityFocus Vulnerabilities
  ZDI-10-036: Apple QuickTime H.263 PictureHeader Remote Code Execution Vulnerability

  Tags:  code pictureheader remote apple-quicktime code-execution zdi  

• 10:01

  Bugtraq: ZDI-10-037: Apple QuickTime MJPEG Sample Dimensions Remote Code Execution Vulnerability

   » ‎ SecurityFocus Vulnerabilities
  ZDI-10-037: Apple QuickTime MJPEG Sample Dimensions Remote Code Execution Vulnerability

  Tags:  sample mjpeg remote code-execution apple-quicktime zdi  

• 10:01

  Bugtraq: ZDI-10-038: Apple QuickTime QDMC/QDM2 Remote Code Execution Vulnerability

   » ‎ SecurityFocus Vulnerabilities
  ZDI-10-038: Apple QuickTime QDMC/QDM2 Remote Code Execution Vulnerability

  Tags:  qdmc remote qdm apple-quicktime code-execution zdi  

• March 15, 2010
• 15:01

  Bugtraq: ZDI-10-029: Apple WebKit innerHTML element Substitution Remote Code Execution Vulnerability

   » ‎ SecurityFocus Vulnerabilities
  ZDI-10-029: Apple WebKit innerHTML element Substitution Remote Code Execution Vulnerability

  Tags:  substitution remote element code-execution zdi vulnerability  

• March 09, 2010
• 12:00

  Bugtraq: ZDI-10-025: Microsoft Office Excel XLSX File Parsing Remote Code Execution Vulnerability

   » ‎ SecurityFocus Vulnerabilities
  ZDI-10-025: Microsoft Office Excel XLSX File Parsing Remote Code Execution Vulnerability

  Tags:  excel office microsoft code-execution office-excel zdi  

• March 02, 2010
• 8:00

  Bugtraq: ZDI-10-022: IBM Informix librpc.dll Multiple Remote Code Execution Vulnerabilities

   » ‎ SecurityFocus Vulnerabilities
  ZDI-10-022: IBM Informix librpc.dll Multiple Remote Code Execution Vulnerabilities

  Tags:  librpc multiple dll code-execution zdi ibm-informix  

• February 23, 2010
• 20:00

  Bugtraq: ZDI-10-021: Novell NetStorage xsrvd Long Pathname Remote Code Execution Vulnerability

   » ‎ SecurityFocus Vulnerabilities
  ZDI-10-021: Novell NetStorage xsrvd Long Pathname Remote Code Execution Vulnerability

  Tags:  novell netstorage xsrvd code-execution zdi  

• February 20, 2010
• 12:00

  ZDI-10-019.txt

   » ‎ Packet Storm Security Recent Files
  Zero Day Initiative Advisory 10-019 - This vulnerability allows remote attackers to bypass specific script execution enforcements on vulnerable installations of Mozilla Firefox. User interaction is required to exploit this vulnerability in that the target must visit a malicious page. The specific flaw exists in the lack of cross domain policy enforcement. Through usage of the showModalDialog() JavaScript method an attacker can gather sensitive information from another website. This vulnerability can be exploited to obtain website credentials not originating from the attacking site.

  Tags:  zdi vulnerability website showmodaldialog-javascript target domain-policy  

• 12:00

  ZDI-10-019.txt

   » ‎ Packet Storm Security Advisories
  Zero Day Initiative Advisory 10-019 - This vulnerability allows remote attackers to bypass specific script execution enforcements on vulnerable installations of Mozilla Firefox. User interaction is required to exploit this vulnerability in that the target must visit a malicious page. The specific flaw exists in the lack of cross domain policy enforcement. Through usage of the showModalDialog() JavaScript method an attacker can gather sensitive information from another website. This vulnerability can be exploited to obtain website credentials not originating from the attacking site.

  Tags:  zdi vulnerability website showmodaldialog-javascript target domain-policy  

• February 18, 2010
• 14:00

  Bugtraq: ZDI-10-018: IBM Cognos Server Backdoor Account Remote Code Execution Vulnerability

   » ‎ SecurityFocus Vulnerabilities
  ZDI-10-018: IBM Cognos Server Backdoor Account Remote Code Execution Vulnerability

  Tags:  server cognos ibm code-execution zdi