ZDI-11-195: Microsoft Internet Explorer selection.empty Remote Code Execution
Vulnerability
http://www.zerodayinitiative.com/advisories/ZDI-11-195
June 14, 2011
-- CVE ID:
CVE-2011-1261
-- CVSS:
7.5, (AV:N/AC:L/Au:N/C:P/I:P/A:P)
-- Affected Vendors:
Microsoft
-- Affected Products:
ZDI-11-196: Microsoft Internet Explorer HTTP 302 Redirect Remote Code Execution
Vulnerability
http://www.zerodayinitiative.com/advisories/ZDI-11-196
June 14, 2011
-- CVE ID:
CVE-2011-1262
-- CVSS:
7.5, (AV:N/AC:L/Au:N/C:P/I:P/A:P)
-- Affected Vendors:
Microsoft
-- Affected Products:
ZDI-11-197: Microsoft Internet Explorer vgx.dll imagedata Remote Code Execution
Vulnerability
http://www.zerodayinitiative.com/advisories/ZDI-11-197
June 14, 2011
-- CVE ID:
CVE-2011-1266
-- CVSS:
9, (AV:N/AC:L/Au:N/C:P/I:P/A:C)
-- Affected Vendors:
Microsoft
-- Affected Products:
Microsoft
ZDI-11-198: (Pwn2Own) Microsoft Internet Explorer Uninitialized Variable
Information Leak Vulnerability
http://www.zerodayinitiative.com/advisories/ZDI-11-198
June 14, 2011
-- CVSS:
7.5, (AV:N/AC:L/Au:N/C:P/I:P/A:P)
-- Affected Vendors:
Microsoft
-- Affected Products:
Microsoft Internet
ZDI-11-199: Oracle Java Soundbank Decompression Remote Code Execution
Vulnerability
http://www.zerodayinitiative.com/advisories/ZDI-11-199
June 14, 2011
-- CVE ID:
CVE-2011-0802
-- CVSS:
7.5, (AV:N/AC:L/Au:N/C:P/I:P/A:P)
-- Affected Vendors:
Oracle
-- Affected Products:
Oracle Java Runtime
ZDI-11-200: Adobe Shockwave AudioMixer Structure Parsing Remote Code Execution
Vulnerability
http://www.zerodayinitiative.com/advisories/ZDI-11-200
June 14, 2011
-- CVE ID:
CVE-2011-2121
-- CVSS:
7.5, (AV:N/AC:L/Au:N/C:P/I:P/A:P)
-- Affected Vendors:
Adobe
-- Affected Products:
Adobe
ZDI-11-201: Adobe Shockwave Cursor Structure Parsing Remote Code Execution
Vulnerability
http://www.zerodayinitiative.com/advisories/ZDI-11-201
June 14, 2011
-- CVE ID:
CVE-2011-2120
-- CVSS:
7.5, (AV:N/AC:L/Au:N/C:P/I:P/A:P)
-- Affected Vendors:
Adobe
-- Affected Products:
Adobe Shockwave
ZDI-11-202: Adobe Shockwave rcsL String Parsing Remote Code Execution
Vulnerability
http://www.zerodayinitiative.com/advisories/ZDI-11-202
June 14, 2011
-- CVE ID:
CVE-2011-2119
-- CVSS:
7.5, (AV:N/AC:L/Au:N/C:P/I:P/A:P)
-- Affected Vendors:
Adobe
-- Affected Products:
Adobe Shockwave
ZDI-11-203: Adobe Shockwave xtcL Chunk Parsing Integer Overflow Remote Code
Execution Vulnerability
http://www.zerodayinitiative.com/advisories/ZDI-11-203
June 14, 2011
-- CVE ID:
CVE-2011-2112
-- CVSS:
7.5, (AV:N/AC:L/Au:N/C:P/I:P/A:P)
-- Affected Vendors:
Adobe
-- Affected Products:
Adobe
ZDI-11-204: Adobe Shockwave TextXtra Text Element Parsing Remote Code Execution
Vulnerability
http://www.zerodayinitiative.com/advisories/ZDI-11-204
June 14, 2011
-- CVE ID:
CVE-2011-2112
-- CVSS:
9, (AV:N/AC:L/Au:N/C:P/I:P/A:C)
-- Affected Vendors:
Adobe
-- Affected Products:
Adobe
ZDI-11-205: Adobe Shockwave Missing Lctx Chunk Remote Code Execution
Vulnerability
http://www.zerodayinitiative.com/advisories/ZDI-11-205
-- CVE ID:
CVE-2011-0335
-- CVSS:
7.5, (AV:N/AC:L/Au:N/C:P/I:P/A:P)
-- Affected Vendors:
Adobe
-- Affected Products:
Adobe Shockwave Player
--
ZDI-11-206: Adobe Shockwave GIF Decompression Remote Code Execution
Vulnerability
http://www.zerodayinitiative.com/advisories/ZDI-11-206
June 14, 2011
-- CVE ID:
CVE-2011-2111
-- CVSS:
7.5, (AV:N/AC:L/Au:N/C:P/I:P/A:P)
-- Affected Vendors:
Adobe
-- Affected Products:
Adobe Shockwave Player
ZDI-11-207: Adobe Shockwave tSAC Chunk String Termination Remote Code Execution
Vulnerability
http://www.zerodayinitiative.com/advisories/ZDI-11-207
June 14, 2011
-- CVE ID:
CVE-2011-2118
-- CVSS:
7.5, (AV:N/AC:L/Au:N/C:P/I:P/A:P)
-- Affected Vendors:
Adobe
-- Affected Products:
Adobe
ZDI-11-208: Adobe Shockwave rcsL Parsing Remote Code Execution Vulnerability
http://www.zerodayinitiative.com/advisories/ZDI-11-208
June 14, 2011
-- CVE ID:
CVE-2011-2109
-- CVSS:
7.5, (AV:N/AC:L/Au:N/C:P/I:P/A:P)
-- Affected Vendors:
Adobe
-- Affected Products:
Adobe Shockwave Player
--
ZDI-11-209: Adobe Shockwave rcsL Substructure Parsing Remote Code Execution
Vulnerability
http://www.zerodayinitiative.com/advisories/ZDI-11-209
June 14, 2011
-- CVE ID:
CVE-2011-0335
-- CVSS:
7.5, (AV:N/AC:L/Au:N/C:P/I:P/A:P)
-- Affected Vendors:
Adobe
-- Affected Products:
Adobe Shockwave
ZDI-11-210: Adobe Shockwave rcsL Chunk Parsing Misallocation Remote Code
Execution Vulnerability
http://www.zerodayinitiative.com/advisories/ZDI-11-210
June 14, 2011
-- CVE ID:
CVE-2011-2112
-- CVSS:
7.5, (AV:N/AC:L/Au:N/C:P/I:P/A:P)
-- Affected Vendors:
Adobe
-- Affected Products:
Adobe
ZDI-11-211: Adobe Shockwave Shockwave 3d Asset.x32 DEMX Chunk 0xFF49 Field
Remote Code Execution Vulnerability
http://www.zerodayinitiative.com/advisories/ZDI-11-211
June 14, 2011
-- CVE ID:
CVE-2011-2113
-- CVSS:
7.5, (AV:N/AC:L/Au:N/C:P/I:P/A:P)
-- Affected Vendors:
Adobe
-- Affected
ZDI-11-212: Adobe Shockwave KEY* Chunk Invalid Size Remote Code Execution
Vulnerability
http://www.zerodayinitiative.com/advisories/ZDI-11-212
June 14, 2011
-- CVE ID:
CVE-2011-2111
-- CVSS:
7.5, (AV:N/AC:L/Au:N/C:P/I:P/A:P)
-- Affected Vendors:
Adobe
-- Affected Products:
Adobe Shockwave
ZDI-11-213: Adobe Shockwave rcsL Trusted Offset Chunk Processing Remote Code
Execution Vulnerability
http://www.zerodayinitiative.com/advisories/ZDI-11-213
June 14, 2011
-- CVE ID:
CVE-2011-2114
-- CVSS:
7.5, (AV:N/AC:L/Au:N/C:P/I:P/A:P)
-- Affected Vendors:
Adobe
-- Affected Products:
ZDI-11-214: Adobe Shockwave CASt Chunk Parsing Remote Code Execution
Vulnerability
http://www.zerodayinitiative.com/advisories/ZDI-11-214
June 14, 2011
-- CVE ID:
CVE-2011-2112
-- CVSS:
7.5, (AV:N/AC:L/Au:N/C:P/I:P/A:P)
-- Affected Vendors:
Adobe
-- Affected Products:
Adobe Shockwave Player
ZDI-11-215: Adobe Shockwave DEMX Chunk Multiple Field Parsing Remote Code
Execution Vulnerability
http://www.zerodayinitiative.com/advisories/ZDI-11-215
June 14, 2011
-- CVE ID:
CVE-2011-2112
-- CVSS:
7.5, (AV:N/AC:L/Au:N/C:P/I:P/A:P)
-- Affected Vendors:
Adobe
-- Affected Products:
Adobe
ZDI-11-216: Adobe Shockwave rcsL Chunk 16-bit Field Parsing Remote Code
Execution Vulnerability
http://www.zerodayinitiative.com/advisories/ZDI-11-216
June 14, 2011
-- CVE ID:
CVE-2011-0335
-- CVSS:
7.5, (AV:N/AC:L/Au:N/C:P/I:P/A:P)
-- Affected Vendors:
Adobe
-- Affected Products:
Adobe
ZDI-11-217: Adobe Shockwave Font Structure Parsing Remote Code Execution
Vulnerability
http://www.zerodayinitiative.com/advisories/ZDI-11-217
June 14, 2011
-- CVE ID:
CVE-2011-2109
-- CVSS:
7.5, (AV:N/AC:L/Au:N/C:P/I:P/A:P)
-- Affected Vendors:
Adobe
-- Affected Products:
Adobe Shockwave
ZDI-11-218: Adobe Acrobat Reader tesselate.x3d Multimedia Playing Remote Code
Execution Vulnerability
http://www.zerodayinitiative.com/advisories/ZDI-11-218
June 14, 2011
-- CVE ID:
CVE-2011-2095
-- CVSS:
9, (AV:N/AC:L/Au:N/C:P/I:P/A:C)
-- Affected Vendors:
Adobe
-- Affected Products:
Adobe
ZDI-11-219: Adobe Acrobat Reader 3difr.x3d Multimedia Playing Remote Code
Execution Vulnerability
http://www.zerodayinitiative.com/advisories/ZDI-11-219
June 14, 2011
-- CVE ID:
CVE-2011-2094
-- CVSS:
9, (AV:N/AC:L/Au:N/C:P/I:P/A:C)
-- Affected Vendors:
Adobe
-- Affected Products:
Adobe
ZDI-11-182: Oracle Java IE Browser Plugin Corrupted Window Procedure Hook
Remote Code Execution Vulnerability
http://www.zerodayinitiative.com/advisories/ZDI-11-182
June 8, 2011
-- CVE ID:
CVE-2011-0817
-- CVSS:
9, (AV:N/AC:L/Au:N/C:P/I:P/A:C)
-- Affected Vendors:
Oracle
-- Affected
ZDI-11-183: Oracle Java ICC Profile MultiLanguage 'mluc' Tag Parsing Remote
Code Execution Vulnerability
http://www.zerodayinitiative.com/advisories/ZDI-11-183
June 8, 2011
-- CVE ID:
CVE-2011-0862
-- CVSS:
9, (AV:N/AC:L/Au:N/C:P/I:P/A:C)
-- Affected Vendors:
Oracle
-- Affected Products:
ZDI-11-184: Oracle Java ICC Profile Sequence Description 'pseq' Tag Parsing
Remote Code Execution Vulnerability
http://www.zerodayinitiative.com/advisories/ZDI-11-184
June 8, 2011
-- CVE ID:
CVE-2011-0862
-- CVSS:
9, (AV:N/AC:L/Au:N/C:P/I:P/A:C)
-- Affected Vendors:
Oracle
-- Affected
ZDI-11-185: Oracle Java ICC Profile 'bfd ' Tag Parsing Remote Code Execution
Vulnerability
http://www.zerodayinitiative.com/advisories/ZDI-11-185
June 8, 2011
-- CVE ID:
CVE-2011-0862
-- CVSS:
9, (AV:N/AC:L/Au:N/C:P/I:P/A:C)
-- Affected Vendors:
Oracle
-- Affected Products:
Oracle Java
ZDI-11-186: Oracle Java ICC Profile Multi-Language 'curv' Tag Parsing Remote
Code Execution Vulnerability
http://www.zerodayinitiative.com/advisories/ZDI-11-186
June 8, 2011
-- CVE ID:
CVE-2011-0862
-- CVSS:
9, (AV:N/AC:L/Au:N/C:P/I:P/A:C)
-- Affected Vendors:
Oracle
-- Affected Products:
ZDI-11-187: Oracle Java ICC Profile clrt Tag Parsing Remote Code Execution
Vulnerability
http://www.zerodayinitiative.com/advisories/ZDI-11-187
June 8, 2011
-- CVE ID:
CVE-2011-0862
-- CVSS:
9, (AV:N/AC:L/Au:N/C:P/I:P/A:C)
-- Affected Vendors:
Oracle
-- Affected Products:
Oracle Java
ZDI-11-188: Oracle Java ICC Profile ncl2 Count Tag Parsing Remote Code
Execution Vulnerability
http://www.zerodayinitiative.com/advisories/ZDI-11-188
June 8, 2011
-- CVE ID:
CVE-2011-0862
-- CVSS:
9, (AV:N/AC:L/Au:N/C:P/I:P/A:C)
-- Affected Vendors:
Oracle
-- Affected Products:
Oracle Java
ZDI-11-189: Oracle Java ICC Profile ncl2 DevCoords Tag Parsing Remote Code
Execution Vulnerability
http://www.zerodayinitiative.com/advisories/ZDI-11-189
June 8, 2011
-- CVE ID:
CVE-2011-0862
-- CVSS:
9, (AV:N/AC:L/Au:N/C:P/I:P/A:C)
-- Affected Vendors:
Oracle
-- Affected Products:
Oracle
ZDI-11-190: Oracle Java ICC Profile 'crdi' Tag Parsing Remote Code Execution
Vulnerability
http://www.zerodayinitiative.com/advisories/ZDI-11-190
June 8, 2011
-- CVE ID:
CVE-2011-0862
-- CVSS:
9, (AV:N/AC:L/Au:N/C:P/I:P/A:C)
-- Affected Vendors:
Oracle
-- Affected Products:
Oracle Java
ZDI-11-191: Oracle Java ICC Screening Tag Parsing Remote Code Execution
Vulnerability
http://www.zerodayinitiative.com/advisories/ZDI-11-191
June 8, 2011
-- CVE ID:
CVE-2011-0862
-- CVSS:
9, (AV:N/AC:L/Au:N/C:P/I:P/A:C)
-- Affected Vendors:
Oracle
-- Affected Products:
Oracle Java Runtime
ZDI-11-192: Oracle Java Web Start Command Argument Injection Remote Code
Execution Vulnerability
http://www.zerodayinitiative.com/advisories/ZDI-11-192
June 8, 2011
-- CVE ID:
CVE-2011-0863
-- CVSS:
9, (AV:N/AC:L/Au:N/C:P/I:P/A:C)
-- Affected Vendors:
Oracle
-- Affected Products:
Oracle
ZDI-11-172: Novell iPrint nipplib.dll uri Remote Code Execution Vulnerability
http://www.zerodayinitiative.com/advisories/ZDI-11-172
June 6, 2011
-- CVE ID:
CVE-2011-1699
-- CVSS:
9, (AV:N/AC:L/Au:N/C:P/I:P/A:C)
-- Affected Vendors:
Novell
-- Affected Products:
Novell iPrint
--
ZDI-11-173: Novell iPrint nipplib.dll profile-time Remote Code Execution
Vulnerability
http://www.zerodayinitiative.com/advisories/ZDI-11-173
June 6, 2011
-- CVE ID:
CVE-2011-1700
-- CVSS:
9, (AV:N/AC:L/Au:N/C:P/I:P/A:C)
-- Affected Vendors:
Novell
-- Affected Products:
Novell iPrint
--
ZDI-11-175: Novell iPrint nipplib.dll file-date-time Remote Code Execution
Vulnerability
http://www.zerodayinitiative.com/advisories/ZDI-11-175
June 6, 2011
-- CVE ID:
CVE-2011-1702
-- CVSS:
9, (AV:N/AC:L/Au:N/C:P/I:P/A:C)
-- Affected Vendors:
Novell
-- Affected Products:
Novell iPrint
--
ZDI-11-176: Novell iPrint nipplib.dll driver-version Remote Code Vulnerability
http://www.zerodayinitiative.com/advisories/ZDI-11-176
June 6, 2011
-- CVE ID:
CVE-2011-1703
-- CVSS:
9, (AV:N/AC:L/Au:N/C:P/I:P/A:C)
-- Affected Vendors:
Novell
-- Affected Products:
Novell iPrint
--
ZDI-11-178: Novell iPrint nipplib.dll client-file-name Remote Code Execution
Vulnerability
http://www.zerodayinitiative.com/advisories/ZDI-11-178
June 6, 2011
-- CVE ID:
CVE-2011-1705
-- CVSS:
9, (AV:N/AC:L/Au:N/C:P/I:P/A:C)
-- Affected Vendors:
Novell
-- Affected Products:
Novell iPrint
ZDI-11-180: Novell iPrint op-printer-list-all-jobs cookie Remote Code Execution
Vulnerability
http://www.zerodayinitiative.com/advisories/ZDI-11-180
June 6, 2011
-- CVE ID:
CVE-2011-1708
-- CVSS:
9, (AV:N/AC:L/Au:N/C:P/I:P/A:C)
-- Affected Vendors:
Novell
-- Affected Products:
Novell iPrint
ZDI-11-181: Novell iPrint op-printer-list-all-jobs url Remote Code Execution
Vulnerability
http://www.zerodayinitiative.com/advisories/ZDI-11-181
June 6, 2011
-- CVE ID:
CVE-2011-1707
-- CVSS:
9, (AV:N/AC:L/Au:N/C:P/I:P/A:C)
-- Affected Vendors:
Novell
-- Affected Products:
Novell iPrint
ZDI-11-174: Novell iPrint nipplib.dll profile-name Remote Code Execution
Vulnerability
http://www.zerodayinitiative.com/advisories/ZDI-11-174
June 6, 2011
-- CVE ID:
CVE-2011-1701
-- CVSS:
9, (AV:N/AC:L/Au:N/C:P/I:P/A:C)
-- Affected Vendors:
Novell
-- Affected Products:
Novell iPrint
--
ZDI-11-177: Novell iPrint nipplib.dll core-package Remote Code Execution
Vulnerability
http://www.zerodayinitiative.com/advisories/ZDI-11-177
June 6, 2011
-- CVE ID:
CVE-2011-1704
-- CVSS:
9, (AV:N/AC:L/Au:N/C:P/I:P/A:C)
-- Affected Vendors:
Novell
-- Affected Products:
Novell iPrint
--
ZDI-11-171: Sybase OneBridge Mobile Data Suite Format String Remore Code
Execution Vulnerability
http://www.zerodayinitiative.com/advisories/ZDI-11-171
June 3, 2011
-- CVSS:
10, (AV:N/AC:L/Au:N/C:C/I:C/A:C)
-- Affected Vendors:
Sybase
-- Affected Products:
Sybase OneBridge
--
ZDI-11-169: IBM Tivoli Endpoint lcfd.exe opts Argument Remote Code Execution
Vulnerability
http://www.zerodayinitiative.com/advisories/ZDI-11-169
May 31, 2011
-- CVE ID:
CVE-2011-1220
-- CVSS:
10, (AV:N/AC:L/Au:N/C:C/I:C/A:C)
-- Affected Vendors:
IBM
-- Affected Products:
IBM Tivoli
ZDI-11-170: (0day) HP 3COM/H3C Intelligent Management Center img recv Remote
Code Execution Vulnerability
http://www.zerodayinitiative.com/advisories/ZDI-11-170
May 31, 2011
-- CVSS:
10, (AV:N/AC:L/Au:N/C:C/I:C/A:C)
-- Affected Vendors:
Hewlett-Packard
-- Affected Products:
Hewlett-Packard
ZDI-11-168: Multiple Vendor librpc.dll Remote Information Disclosure
Vulnerability
http://www.zerodayinitiative.com/advisories/ZDI-11-168
May 16, 2011
-- CVE ID:
CVE-2011-0321 CVE-2011-1210
-- CVSS:
9, (AV:N/AC:L/Au:N/C:P/I:P/A:C)
-- Affected Vendors:
IBM
EMC
-- Affected Products:
IBM
ZDI-11-159: Mozilla Firefox OBJECT mObserverList Remote Code Execution
Vulnerability
http://www.zerodayinitiative.com/advisories/ZDI-11-159
May 10, 2011
-- CVE ID:
CVE-2011-0066
-- CVSS:
9, (AV:N/AC:L/Au:N/C:P/I:P/A:C)
-- Affected Vendors:
Mozilla
-- Affected Products:
Mozilla Firefox
--
ZDI-11-160: HP 3COM/H3C Intelligent Management Center img Remote Code
Execution Vulnerability
http://www.zerodayinitiative.com/advisories/ZDI-11-160
May 10, 2011
-- CVE ID:
CVE-2011-1848
-- CVSS:
10, (AV:N/AC:L/Au:N/C:C/I:C/A:C)
-- Affected Vendors:
Hewlett-Packard
-- Affected Products:
ZDI-11-161: HP 3COM/H3C Intelligent Management Center tftpserver WRQ Remote
Code Execution Vulnerability
http://www.zerodayinitiative.com/advisories/ZDI-11-161
May 10, 2011
-- CVE ID:
CVE-2011-1849
-- CVSS:
10, (AV:N/AC:L/Au:N/C:C/I:C/A:C)
-- Affected Vendors:
Hewlett-Packard
-- Affected
ZDI-11-163: HP 3COM/H3C Intelligent Management Center tftpserver mode Remote
Code Execution Vulnerability
http://www.zerodayinitiative.com/advisories/ZDI-11-163
May 10, 2011
-- CVE ID:
CVE-2011-1851
-- CVSS:
10, (AV:N/AC:L/Au:N/C:C/I:C/A:C)
-- Affected Vendors:
Hewlett-Packard
-- Affected
ZDI-11-164: HP 3COM/H3C Intelligent Management Center tftpserver DATA/ERROR
Remote Code Execution Vulnerability
http://www.zerodayinitiative.com/advisories/ZDI-11-164
May 10, 2011
-- CVE ID:
CVE-2011-1852
-- CVSS:
10, (AV:N/AC:L/Au:N/C:C/I:C/A:C)
-- Affected Vendors:
Hewlett-Packard
--
ZDI-11-165: HP 3COM/H3C Intelligent Management Center tftpserver opcode_table
Remote Code Execution Vulnerability
http://www.zerodayinitiative.com/advisories/ZDI-11-165
May 10, 2011
-- CVE ID:
CVE-2011-1853
-- CVSS:
10, (AV:N/AC:L/Au:N/C:C/I:C/A:C)
-- Affected Vendors:
Hewlett-Packard
--
ZDI-11-154: Sybase M-Business Anywhere agSoap.exe password Tag Remote Code
Execution Vulnerability
http://www.zerodayinitiative.com/advisories/ZDI-11-154
May 9, 2011
-- CVSS:
10, (AV:N/AC:L/Au:N/C:C/I:C/A:C)
-- Affected Vendors:
Sybase
-- Affected Products:
Sybase MBusiness Anywhere
--
ZDI-11-156: Sybase M-Business Anywhere agd.exe username Parameter Remote Code
Execution Vulnerability
http://www.zerodayinitiative.com/advisories/ZDI-11-156
May 9, 2011
-- CVSS:
10, (AV:N/AC:L/Au:N/C:C/I:C/A:C)
-- Affected Vendors:
Sybase
-- Affected Products:
Sybase MBusiness Anywhere
--
ZDI-11-157: Mozilla Firefox nsTreeRange Dangling Pointer Remote Code Execution
Vulnerability
http://www.zerodayinitiative.com/advisories/ZDI-11-157
May 9, 2011
-- CVSS:
9, (AV:N/AC:L/Au:N/C:P/I:P/A:C)
-- Affected Vendors:
Mozilla
-- Affected Products:
Mozilla Firefox
-- TippingPoint(TM) IPS
ZDI-11-144: HP Data Protector Backup Client Service EXEC_BAR Remote Code
Execution Vulnerability
http://www.zerodayinitiative.com/advisories/ZDI-11-144
April 29, 2011
-- CVE ID:
CVE-2011-1728
-- CVSS:
10, (AV:N/AC:L/Au:N/C:C/I:C/A:C)
-- Affected Vendors:
Hewlett-Packard
-- Affected
ZDI-11-145: HP Data Protector Backup Client Service GET_FILE Remote Code
Execution Vulnerability
http://www.zerodayinitiative.com/advisories/ZDI-11-145
April 29, 2011
-- CVE ID:
CVE-2011-1729
-- CVSS:
10, (AV:N/AC:L/Au:N/C:C/I:C/A:C)
-- Affected Vendors:
Hewlett-Packard
-- Affected
ZDI-11-147: HP Data Protector Backup Client Service EXEC_INTEGUTIL Remote Code
Execution Vulnerability
http://www.zerodayinitiative.com/advisories/ZDI-11-147
April 29, 2011
-- CVE ID:
CVE-2011-1731
-- CVSS:
10, (AV:N/AC:L/Au:N/C:C/I:C/A:C)
-- Affected Vendors:
Hewlett-Packard
-- Affected
ZDI-11-146: HP Data Protector Backup Client Service EXEC_SCRIPT Remote Code
Execution Vulnerability
http://www.zerodayinitiative.com/advisories/ZDI-11-146
April 29, 2011
-- CVE ID:
CVE-2011-1730
-- CVSS:
10, (AV:N/AC:L/Au:N/C:C/I:C/A:C)
-- Affected Vendors:
Hewlett-Packard
-- Affected
ZDI-11-148: HP Data Protector Backup Client Service stutil Message Processing
Remote Code Execution Vulnerability
http://www.zerodayinitiative.com/advisories/ZDI-11-148
April 29, 2011
-- CVE ID:
CVE-2011-1732
-- CVSS:
10, (AV:N/AC:L/Au:N/C:C/I:C/A:C)
-- Affected Vendors:
Hewlett-Packard
--
ZDI-11-149: HP Data Protector Backup Client Service HPFGConfig Remote Code
Execution Vulnerability
http://www.zerodayinitiative.com/advisories/ZDI-11-149
April 29, 2011
-- CVE ID:
CVE-2011-1733
-- CVSS:
10, (AV:N/AC:L/Au:N/C:C/I:C/A:C)
-- Affected Vendors:
Hewlett-Packard
-- Affected
ZDI-11-150: HP Data Protector Backup Client Service omniiaputil Message
Processing Remote Code Execution Vulnerability
http://www.zerodayinitiative.com/advisories/ZDI-11-150
April 29, 2011
-- CVE ID:
CVE-2011-1734
-- CVSS:
10, (AV:N/AC:L/Au:N/C:C/I:C/A:C)
-- Affected Vendors:
Hewlett-Packard
ZDI-11-151: HP Data Protector Backup Client Service bm Message Processing
Remote Code Execution Vulnerability
http://www.zerodayinitiative.com/advisories/ZDI-11-151
April 29, 2011
-- CVE ID:
CVE-2011-1735
-- CVSS:
10, (AV:N/AC:L/Au:N/C:C/I:C/A:C)
-- Affected Vendors:
Hewlett-Packard
--
ZDI-11-152: HP Data Protector Backup Client Service GET_FILE Directory
Traversal Vulnerability
http://www.zerodayinitiative.com/advisories/ZDI-11-152
April 29, 2011
-- CVE ID:
CVE-2011-1736
-- CVSS:
7.8, (AV:N/AC:L/Au:N/C:C/I:N/A:N)
-- Affected Vendors:
Hewlett-Packard
-- Affected Products:
ZDI-11-153: Embarcadero Interbase connect Request Parsing Remote Code Execution
Vulnerability
http://www.zerodayinitiative.com/advisories/ZDI-11-153
April 29, 2011
-- CVSS:
10, (AV:N/AC:L/Au:N/C:C/I:C/A:C)
-- Affected Vendors:
Embarcadero
-- Affected Products:
Embarcadero Interbase
--
ZDI-11-143(formerly ZDI-CAN-965): Cisco Unified CallManager
xmldirectorylist.jsp SQL Injection Vulnerability
http://www.zerodayinitiative.com/advisories/ZDI-11-143
April 28, 2011
-- CVE ID:
CVE-2011-1610
-- CVSS:
7.5, (AV:N/AC:L/Au:N/C:P/I:P/A:P)
-- Affected Vendors:
Cisco
-- Affected
ZDI-11-137: Oracle Application Server Authentication Bypass Remote Code
Execution Vulnerability
http://www.zerodayinitiative.com/advisories/ZDI-11-137
April 19, 2011
-- CVE ID:
CVE-2011-0807
-- CVSS:
10, (AV:N/AC:L/Au:N/C:C/I:C/A:C)
-- Affected Vendors:
Oracle
-- Affected Products:
Oracle
ZDI-11-138: Webkit Undefined DOM Prototype Attach Remote Code Execution
Vulnerability
http://www.zerodayinitiative.com/advisories/ZDI-11-138
April 19, 2011
-- CVSS:
9, (AV:N/AC:L/Au:N/C:P/I:P/A:C)
-- Affected Vendors:
WebKit
-- Affected Products:
WebKit WebKit
-- TippingPoint(TM) IPS
ZDI-11-139 (formerly ZDI-CAN-1035): Webkit Anonymous Frame Remote Code
Execution Vulnerability
http://www.zerodayinitiative.com/advisories/ZDI-11-139
April 19, 2011
-- CVSS:
9, (AV:N/AC:L/Au:N/C:P/I:P/A:C)
-- Affected Vendors:
WebKit
-- Affected Products:
WebKit WebKit
-- TippingPoint(TM)
ZDI-11-140 (formerly ZDI-CAN-1026): Webkit Detached Body Element Remote Code
Execution Vulnerability
http://www.zerodayinitiative.com/advisories/ZDI-11-140
April 19, 2011
-- CVSS:
9, (AV:N/AC:L/Au:N/C:P/I:P/A:C)
-- Affected Vendors:
WebKit
-- Affected Products:
WebKit WebKit
--
ZDI-11-136 (formerly ZDI-CAN-1022): IBM Tivoli Directory Server ibmslapd.exe
SASL Bind Request Remote Code Execution Vulnerability
http://www.zerodayinitiative.com/advisories/ZDI-11-136
April 18, 2011
-- CVE ID:
CVE-2011-1206
-- CVSS:
10, (AV:N/AC:L/Au:N/C:C/I:C/A:C)
-- Affected Vendors:
IBM
ZDI-11-135: (Pwn2Own) WebKit WBR Tag Removal Remote Code Execution Vulnerability
http://www.zerodayinitiative.com/advisories/ZDI-11-135
April 14, 2011
-- CVE ID:
CVE-2011-1344
-- CVSS:
9, (AV:N/AC:L/Au:N/C:P/I:P/A:C)
-- Affected Vendors:
WebKit
-- Affected Products:
WebKit WebKit
--
ZDI-11-104: (Pwn2Own) Webkit CSS Text Element Count Remote Code Execution
Vulnerability
http://www.zerodayinitiative.com/advisories/ZDI-11-104
April 14, 2011
-- CVE ID:
CVE-2011-1290
-- CVSS:
9, (AV:N/AC:L/Au:N/C:P/I:P/A:C)
-- Affected Vendors:
WebKit
-- Affected Products:
WebKit WebKit
--
ZDI-11-126: CA Total Defense Suite Heartbeat Web Service Remote Code Execution
Vulnerability
http://www.zerodayinitiative.com/advisories/ZDI-11-126
April 13, 2011
-- CVE ID:
CVE-2011-1654
-- CVSS:
10, (AV:N/AC:L/Au:N/C:C/I:C/A:C)
-- Affected Vendors:
CA
-- Affected Products:
CA Total
ZDI-11-128: CA Total Defense Suite UnassignFunctionalUsers Stored Procedure SQL
Injection Vulnerability
http://www.zerodayinitiative.com/advisories/ZDI-11-128
April 13, 2011
-- CVE ID:
CVE-2011-1653
-- CVSS:
10, (AV:N/AC:L/Au:N/C:C/I:C/A:C)
-- Affected Vendors:
CA
-- Affected Products:
CA
ZDI-11-127: CA Total Defense Suite UNCWS Web Service getDBConfigSettings
Credential Disclosure Vulnerability
http://www.zerodayinitiative.com/advisories/ZDI-11-127
April 13, 2011
-- CVE ID:
CVE-2011-1655
-- CVSS:
10, (AV:N/AC:L/Au:N/C:C/I:C/A:C)
-- Affected Vendors:
CA
-- Affected Products:
ZDI-11-129: CA Total Defense Suite UnassignAdminRoles Stored Procedure SQL
Injection Vulnerability
http://www.zerodayinitiative.com/advisories/ZDI-11-129
April 13, 2011
-- CVE ID:
CVE-2011-1653
-- CVSS:
10, (AV:N/AC:L/Au:N/C:C/I:C/A:C)
-- Affected Vendors:
CA
-- Affected Products:
CA Total
ZDI-11-130: CA Total Defense Suite UNC Management Console DeleteFilter SQL
Injection Vulnerability
http://www.zerodayinitiative.com/advisories/ZDI-11-130
April 13, 2011
-- CVE ID:
CVE-2011-1653
-- CVSS:
10, (AV:N/AC:L/Au:N/C:C/I:C/A:C)
-- Affected Vendors:
CA
-- Affected Products:
CA Total
ZDI-11-131: CA Total Defense Suite NonAssignedUserList Stored Procedure SQL
Injection Vulnerability
http://www.zerodayinitiative.com/advisories/ZDI-11-131
April 13, 2011
-- CVE ID:
CVE-2011-1653
-- CVSS:
10, (AV:N/AC:L/Au:N/C:C/I:C/A:C)
-- Affected Vendors:
CA
-- Affected Products:
CA Total
ZDI-11-132: CA Total Defense Suite UNC Management Console DeleteReportLayout
SQL Injection Vulnerability
http://www.zerodayinitiative.com/advisories/ZDI-11-132
April 13, 2011
-- CVE ID:
CVE-2011-1653
-- CVSS:
10, (AV:N/AC:L/Au:N/C:C/I:C/A:C)
-- Affected Vendors:
CA
-- Affected Products:
CA
ZDI-11-134: CA Total Defense Suite UNC Management Console RegenerateReport SQL
Injection Vulnerability
http://www.zerodayinitiative.com/advisories/ZDI-11-134
April 13, 2011
-- CVE ID:
CVE-2011-1653
-- CVSS:
10, (AV:N/AC:L/Au:N/C:C/I:C/A:C)
-- Affected Vendors:
CA
-- Affected Products:
CA
ZDI-11-119: (Pwn2Own) Microsoft Internet Explorer onPropertyChange Remote Code
Execution Vulnerability
http://www.zerodayinitiative.com/advisories/ZDI-11-119
April 12, 2011
-- CVE ID:
CVE-2011-1345
-- CVSS:
9, (AV:N/AC:L/Au:N/C:P/I:P/A:C)
-- Affected Vendors:
Microsoft
-- Affected
ZDI-11-120: Microsoft Office Excel RealTimeData Record Parsing Remote Code
Execution Vulnerability
http://www.zerodayinitiative.com/advisories/ZDI-11-120
April 12, 2011
-- CVE ID:
CVE-2011-0101
-- CVSS:
9, (AV:N/AC:L/Au:N/C:P/I:P/A:C)
-- Affected Vendors:
Microsoft
-- Affected Products:
ZDI-11-121: Microsoft Office XP Data Validation Record Parsing Remote Code
Execution Vulnerability
http://www.zerodayinitiative.com/advisories/ZDI-11-121
April 12, 2011
-- CVE ID:
CVE-2011-0105
-- CVSS:
10, (AV:N/AC:L/Au:N/C:C/I:C/A:C)
-- Affected Vendors:
Microsoft
-- Affected Products:
ZDI-11-122: RealNetworks RealPlayer OpenURLInDefaultBrowser Remote Code
Execution Vulnerability
http://www.zerodayinitiative.com/advisories/ZDI-11-122
April 12, 2011
-- CVE ID:
CVE-2011-1426
-- CVSS:
9.7, (AV:N/AC:L/Au:N/C:C/I:P/A:C)
-- Affected Vendors:
RealNetworks
-- Affected Products:
ZDI-11-123: Microsoft PowerPoint TimeCommandBehaviorContainer Remote Code
Execution Vulnerability
http://www.zerodayinitiative.com/advisories/ZDI-11-123
April 12, 2011
-- CVE ID:
CVE-2011-0655
-- CVSS:
9, (AV:N/AC:L/Au:N/C:P/I:P/A:C)
-- Affected Vendors:
Microsoft
-- Affected Products:
ZDI-11-124: Microsoft PowerPoint TimeColorBehaviorContainer Floating Point
Record Remote Code Execution Vulnerability
http://www.zerodayinitiative.com/advisories/ZDI-11-124
April 12, 2011
-- CVE ID:
CVE-2011-0655
-- CVSS:
9, (AV:N/AC:L/Au:N/C:P/I:P/A:C)
-- Affected Vendors:
Microsoft
--
ZDI-11-125: Microsoft Office PowerPoint PersistDirectoryEntry Remote Code
Execution Vulnerability
http://www.zerodayinitiative.com/advisories/ZDI-11-125
April 12, 2011
-- CVE ID:
CVE-2011-0656
-- CVSS:
9, (AV:N/AC:L/Au:N/C:P/I:P/A:C)
-- Affected Vendors:
Microsoft
-- Affected Products:
ZDI-11-117: McAfee Firewall Reporter GeneralUtilities.pm isValidClient
Authentication Bypass Vulnerability
http://www.zerodayinitiative.com/advisories/ZDI-11-117
April 11, 2011
-- CVSS:
10, (AV:N/AC:L/Au:N/C:C/I:C/A:C)
-- Affected Vendors:
McAfee
-- Affected Products:
McAfee Firewall
ZDI-11-118: Novell ZENworks Asset Management Path Traversal File Overwrite
Remote Code Execution Vulnerability
http://www.zerodayinitiative.com/advisories/ZDI-11-118
April 11, 2011
-- CVE ID:
CVE-2010-4229
-- CVSS:
10, (AV:N/AC:L/Au:N/C:C/I:C/A:C)
-- Affected Vendors:
Novell
-- Affected
ZDI-11-116: Novell File Reporter Agent XML Parsing Remote Code Execution
Vulnerability
http://www.zerodayinitiative.com/advisories/ZDI-11-116
April 4, 2011
-- CVE ID:
CVE-2011-0994
-- CVSS:
10, (AV:N/AC:L/Au:N/C:C/I:C/A:C)
-- Affected Vendors:
Novell
-- Affected Products:
Novell File
ZDI-11-041: (0day) Multiple Browser Node Processing Stack Overflow Vulnerability
http://www.zerodayinitiative.com/advisories/ZDI-11-911
April 1, 2011
-- CVE ID:
CVE-C000-00FD
-- CVSS:
9, (AV:N/AC:L/Au:N/C:P/I:P/A:C)
-- Affected Vendors:
Microsoft
Google
Mikul
Apple
ISC
-- Affected Products:
ZDI-11-115: IBM solidDB solid.exe Authentication Bypass Remote Code Execution
Vulnerability
http://www.zerodayinitiative.com/advisories/ZDI-11-115
April 1, 2011
-- CVSS:
9.3, (AV:N/AC:M/Au:N/C:C/I:C/A:C)
-- Affected Vendors:
IBM
-- Affected Products:
IBM solidDB
-- TippingPoint(TM) IPS
ZDI-11-113: Zend Server Java Bridge Design Flaw Remote Code Execution
Vulnerability
http://www.zerodayinitiative.com/advisories/ZDI-11-113
March 28, 2011
-- CVSS:
10, (AV:N/AC:L/Au:N/C:C/I:C/A:C)
-- Affected Vendors:
Zend
-- Affected Products:
Zend Zend Server
-- TippingPoint(TM) IPS
ZDI-11-111: (0Day) Hewlett-Packard Virtual SAN Appliance hydra.exe Login
Request Remote Code Execution Vulnerability
http://www.zerodayinitiative.com/advisories/ZDI-11-111
March 23, 2011
-- CVSS:
10, (AV:N/AC:L/Au:N/C:C/I:C/A:C)
-- Affected Vendors:
Hewlett-Packard
-- Affected Products:
ZDI-11-112: (0 day) Hewlett-Packard Data Protector Media Operations
DBServer.exe Remote Code Execution Vulnerability
http://www.zerodayinitiative.com/advisories/ZDI-11-112
March 23, 2011
-- CVSS:
10, (AV:N/AC:L/Au:N/C:C/I:C/A:C)
-- Affected Vendors:
Hewlett-Packard
-- Affected Products:
ZDI-11-108: Mac OS X Compact Font Format Decoder Remote Code Execution
Vulnerability
http://www.zerodayinitiative.com/advisories/ZDI-11-108
March 22, 2011
-- CVE ID:
CVE-2011-0176
-- CVSS:
10, (AV:N/AC:L/Au:N/C:C/I:C/A:C)
-- Affected Vendors:
Apple
-- Affected Products:
Apple Preview
--
301 - 400 of 1113 matches
Mail list logo
