ZDI-11-019: Oracle GoldenGate Veridata Server XML SOAP Request Parsing Remote
Code Execution Vulnerability
http://www.zerodayinitiative.com/advisories/ZDI-11-019
January 18, 2011
-- CVE ID:
CVE-2010-4416
-- CVSS:
10, (AV:N/AC:L/Au:N/C:C/I:C/A:C)
-- Affected Vendors:
Oracle
-- Affected
ZDI-11-020: Oracle Beehive voice-servlet Remote Code Execution Vulnerability
http://www.zerodayinitiative.com/advisories/ZDI-11-020
January 18, 2011
-- CVE ID:
CVE-2010-4417
-- CVSS:
10, (AV:N/AC:L/Au:N/C:C/I:C/A:C)
-- Affected Vendors:
Oracle
-- Affected Products:
Oracle Beehive
--
ZDI-11-013: Symantec Web Gateway Management Interface USERNAME Blind SQL
Injection Remote Code Execution Vulnerability
http://www.zerodayinitiative.com/advisories/ZDI-11-013
January 12, 2011
-- CVE ID:
CVE-2010-0115
-- CVSS:
10, (AV:N/AC:L/Au:N/C:C/I:C/A:C)
-- Affected Vendors:
Symantec
--
ZDI-11-001: Microsoft Data Access Components DSN Overflow Code Execution
Vulnerability
http://www.zerodayinitiative.com/advisories/ZDI-11-001
January 11, 2011
-- CVE ID:
CVE-2011-0026
-- CVSS:
10, (AV:N/AC:L/Au:N/C:C/I:C/A:C)
-- Affected Vendors:
Microsoft
-- Affected Products:
Microsoft
ZDI-11-002: Microsoft Internet Explorer MSADO CacheSize Remote Code Execution
Vulnerability
http://www.zerodayinitiative.com/advisories/ZDI-11-002
January 11, 2011
-- CVE ID:
CVE-2011-0027
-- CVSS:
9, (AV:N/AC:L/Au:N/C:P/I:P/A:C)
-- Affected Vendors:
Microsoft
-- Affected Products:
ZDI-11-003: HP OpenView Network Node Manager jovgraph.exe displayWidth Remote
Code Execution Vulnerability
http://www.zerodayinitiative.com/advisories/ZDI-11-003
January 10, 2011
-- CVE ID:
CVE-2011-261
-- CVSS:
10, (AV:N/AC:L/Au:N/C:C/I:C/A:C)
-- Affected Vendors:
Hewlett-Packard
--
ZDI-11-004: HP OpenView Network Node Manager ovutil.dll stringToSeconds Remote
Code Execution Vulnerability
http://www.zerodayinitiative.com/advisories/ZDI-11-004
January 11, 2011
-- CVE ID:
CVE-2011-262
-- CVSS:
10, (AV:N/AC:L/Au:N/C:C/I:C/A:C)
-- Affected Vendors:
Hewlett-Packard
--
ZDI-11-005: HP OpenView Network Node Manager ovas.exe Remote Code Execution
Vulnerability
http://www.zerodayinitiative.com/advisories/ZDI-11-005
January 10, 2011
-- CVE ID:
CVE-2011-263
-- CVSS:
10, (AV:N/AC:L/Au:N/C:C/I:C/A:C)
-- Affected Vendors:
Hewlett-Packard
-- Affected Products:
ZDI-11-006: Hewlett-Packard Network Node Manager OVutil.dll Remote Code
Execution Vulnerability
http://www.zerodayinitiative.com/advisories/ZDI-11-006
January 10, 2011
-- CVE ID:
CVE-2011-264
-- CVSS:
10, (AV:N/AC:L/Au:N/C:C/I:C/A:C)
-- Affected Vendors:
Hewlett-Packard
-- Affected
ZDI-11-007: Hewlett-Packard OpenView Network Node Manager nnmRptConfig.exe
data_select1 Remote Code Execution Vulnerability
http://www.zerodayinitiative.com/advisories/ZDI-11-007
January 10, 2011
-- CVE ID:
CVE-2011-265
-- CVSS:
10, (AV:N/AC:L/Au:N/C:C/I:C/A:C)
-- Affected Vendors:
ZDI-11-008: Hewlett-Packard OpenView Network Node Manager nnmRptConfig.exe
nameParams Remote Code Execution Vulnerability
http://www.zerodayinitiative.com/advisories/ZDI-11-008
January 10, 2011
-- CVE ID:
CVE-2011-266
-- CVSS:
10, (AV:N/AC:L/Au:N/C:C/I:C/A:C)
-- Affected Vendors:
ZDI-11-009: Hewlett-Packard OpenView Network Node Manager nnmRptConfig.exe
schdParams/nameParams Remote Code Execution Vulnerability
http://www.zerodayinitiative.com/advisories/ZDI-11-009
January 10, 2011
-- CVE ID:
CVE-2011-267
-- CVSS:
10, (AV:N/AC:L/Au:N/C:C/I:C/A:C)
-- Affected Vendors:
ZDI-11-010: Hewlett-Packard OpenView Network Node Manager nnmRptConfig.exe
nameParams/text1 Remote Code Execution Vulnerability
http://www.zerodayinitiative.com/advisories/ZDI-11-010
January 10, 2011
-- CVE ID:
CVE-2011-268
-- CVSS:
10, (AV:N/AC:L/Au:N/C:C/I:C/A:C)
-- Affected Vendors:
ZDI-11-011: Hewlett-Packard OpenView Network Node Manager nnmRptConfig.exe
schd_select1 Remote Code Execution Vulnerability
http://www.zerodayinitiative.com/advisories/ZDI-11-011
January 10, 2011
-- CVE ID:
CVE-2011-269
-- CVSS:
10, (AV:N/AC:L/Au:N/C:C/I:C/A:C)
-- Affected Vendors:
ZDI-11-012: Hewlett-Packard OpenView Network Node Manager nnmRptConfig.exe
Remote Code Execution Vulnerability
http://www.zerodayinitiative.com/advisories/ZDI-11-012
January 10, 2011
-- CVE ID:
CVE-2011-270
-- CVSS:
10, (AV:N/AC:L/Au:N/C:C/I:C/A:C)
-- Affected Vendors:
Hewlett-Packard
--
ZDI-10-295: Novell iPrint Client Netscape/ActiveX printer-state-reasons Remote
Code Execution Vulnerability
http://www.zerodayinitiative.com/advisories/ZDI-10-295
December 26, 2010
-- CVSS:
9, (AV:N/AC:L/Au:N/C:P/I:P/A:C)
-- Affected Vendors:
Novell
-- Affected Products:
Novell iPrint
--
ZDI-10-296: Novell iPrint Client Netscape/ActiveX IPP Parameter Remote Code
Execution Vulnerability
http://www.zerodayinitiative.com/advisories/ZDI-10-296
December 26, 2010
-- CVSS:
9, (AV:N/AC:L/Au:N/C:P/I:P/A:C)
-- Affected Vendors:
Novell
-- Affected Products:
Novell iPrint
--
ZDI-10-297: Novell iPrint Client Netscape/ActiveX Location Header Remote Code
Execution Vulnerability
http://www.zerodayinitiative.com/advisories/ZDI-10-297
December 26, 2010
-- CVSS:
9, (AV:N/AC:L/Au:N/C:P/I:P/A:C)
-- Affected Vendors:
Novell
-- Affected Products:
Novell iPrint
--
ZDI-10-298: Novell iPrint Client Netscape Plugin call-back-url Parameter Remote
Code Execution Vulnerability
http://www.zerodayinitiative.com/advisories/ZDI-10-298
December 26, 2010
-- CVSS:
9, (AV:N/AC:L/Au:N/C:P/I:P/A:C)
-- Affected Vendors:
Novell
-- Affected Products:
Novell iPrint
--
ZDI-10-299: Novell iPrint Client Netscape/ActiveX Plugin Wide Character IPP
Remote Code Execution Vulnerability
http://www.zerodayinitiative.com/advisories/ZDI-10-299
December 26, 2010
-- CVSS:
9, (AV:N/AC:L/Au:N/C:P/I:P/A:C)
-- Affected Vendors:
Novell
-- Affected Products:
Novell iPrint
ZDI-10-300: Novell iPrint Client Netscape/ActiveX Plugin HTTP_CONNECTION Remote
Code Execution Vulnerability
http://www.zerodayinitiative.com/advisories/ZDI-10-300
December 26, 2010
-- CVSS:
9, (AV:N/AC:L/Au:N/C:P/I:P/A:C)
-- Affected Vendors:
Novell
-- Affected Products:
Novell iPrint
--
ZDI-10-293: HP StorageWorks Storage Mirroring DoubleTake.exe Remote Code
Execution Vulnerability
http://www.zerodayinitiative.com/advisories/ZDI-10-293
December 23, 2010
-- CVSS:
10, (AV:N/AC:L/Au:N/C:C/I:C/A:C)
-- Affected Vendors:
Hewlett-Packard
-- Affected Products:
Hewlett-Packard
ZDI-10-294: Rocket U2 Uni RPC Service Remote Code Execution Vulnerability
http://www.zerodayinitiative.com/advisories/ZDI-10-294
December 23, 2010
-- CVSS:
10, (AV:N/AC:L/Au:N/C:C/I:C/A:C)
-- Affected Vendors:
Rocket
-- Affected Products:
Rocket U2
-- TippingPoint(TM) IPS Customer
ZDI-10-292: Hewlett-Packard Power Manager Administration Web Server Remote Code
Execution Vulnerability
http://www.zerodayinitiative.com/advisories/ZDI-10-292
December 16, 2010
-- CVE ID:
CVE-2010-4113
-- CVSS:
10, (AV:N/AC:L/Au:N/C:C/I:C/A:C)
-- Affected Vendors:
Hewlett-Packard
--
ZDI-10-291: Symantec Endpoint Protection Manager Reporting Server fw_charts.php
Remote Code Execution Vulnerability
http://www.zerodayinitiative.com/advisories/ZDI-10-291
December 15, 2010
-- CVE ID:
CVE-2010-0114
-- CVSS:
10, (AV:N/AC:L/Au:N/C:C/I:C/A:C)
-- Affected Vendors:
Symantec
--
ZDI-10-286: Microsoft Exchange 2007 Infinite Loop Denial of Service
Vulnerability
http://www.zerodayinitiative.com/advisories/ZDI-10-286
December 14, 2010
-- CVE ID:
CVE-2010-3937
-- CVSS:
6.8, (AV:N/AC:L/Au:S/C:N/I:N/A:C)
-- Affected Vendors:
Microsoft
-- Affected Products:
Microsoft
ZDI-10-287: Microsoft SharePoint Server Arbitrary File Upload Remote Code
Execution Vulnerability
http://www.zerodayinitiative.com/advisories/ZDI-10-287
December 14, 2010
-- CVE ID:
CVE-2010-3964
-- CVSS:
10, (AV:N/AC:L/Au:N/C:C/I:C/A:C)
-- Affected Vendors:
Microsoft
-- Affected Products:
ZDI-10-288: Microsoft Internet Explorer Recursive Select Element Remote Code
Execution Vulnerability
http://www.zerodayinitiative.com/advisories/ZDI-10-288
December 14, 2010
-- CVE ID:
CVE-2010-3345
-- CVSS:
10, (AV:N/AC:L/Au:N/C:C/I:C/A:C)
-- Affected Vendors:
Microsoft
-- Affected
ZDI-10-289: Microsoft Internet Explorer HTML+Time Element outerText Remote Code
Execution Vulnerability
http://www.zerodayinitiative.com/advisories/ZDI-10-289
December 14, 2010
-- CVE ID:
CVE-2010-3346
-- CVSS:
10, (AV:N/AC:L/Au:N/C:C/I:C/A:C)
-- Affected Vendors:
Microsoft
-- Affected
ZDI-10-290: SAP NetWeaver Business Client SapThemeRepository ActiveX Control
Remote Code Execution Vulnerability
http://www.zerodayinitiative.com/advisories/ZDI-10-290
December 14, 2010
-- CVSS:
9, (AV:N/AC:L/Au:N/C:P/I:P/A:C)
-- Affected Vendors:
SAP
-- Affected Products:
SAP NetWeaver
--
ZDI-10-283: Novell ZENWorks Remote Management Agent Uninitialized Pointer
Remote Code Execution Vulnerability
http://www.zerodayinitiative.com/advisories/ZDI-10-283
December 13, 2010
-- CVSS:
10, (AV:N/AC:L/Au:N/C:C/I:C/A:C)
-- Affected Vendors:
Novell
-- Affected Products:
Novell Zenworks
ZDI-10-284: Novell ZENWorks Remote Management Agent DN Name Remote Code
Execution Vulnerability
http://www.zerodayinitiative.com/advisories/ZDI-10-284
December 13, 2010
-- CVSS:
10, (AV:N/AC:L/Au:N/C:C/I:C/A:C)
-- Affected Vendors:
Novell
-- Affected Products:
Novell Zenworks
--
ZDI-10-285: Novell ZENworks Desktop Management Linux TFTPD Remote Code
Execution Vulnerability
http://www.zerodayinitiative.com/advisories/ZDI-10-285
December 13, 2010
-- CVSS:
9, (AV:N/AC:L/Au:N/C:P/I:P/A:C)
-- Affected Vendors:
Novell
-- Affected Products:
Novell Zenworks
--
ZDI-10-266: RealNetworks RealPlayer Multi-Rate Audio Remote Code Execution
Vulnerability
http://www.zerodayinitiative.com/advisories/ZDI-10-266
December 10, 2010
-- CVE ID:
CVE-2010-4375
-- CVSS:
9, (AV:N/AC:L/Au:N/C:P/I:P/A:C)
-- Affected Vendors:
RealNetworks
-- Affected Products:
ZDI-10-267: RealNetworks RealPlayer Advanced Audio Coding Remote Code Execution
Vulnerability
http://www.zerodayinitiative.com/advisories/ZDI-10-267
December 10, 2010
-- CVE ID:
CVE-2010-4395
-- CVSS:
9, (AV:N/AC:L/Au:N/C:P/I:P/A:C)
-- Affected Vendors:
RealNetworks
-- Affected Products:
ZDI-10-268: RealNetworks RealPlayer Media Properties Header Parsing Remote Code
Execution Vulnerability
http://www.zerodayinitiative.com/advisories/ZDI-10-268
December 10, 2010
-- CVE ID:
CVE-2010-4384
-- CVSS:
9, (AV:N/AC:L/Au:N/C:P/I:P/A:C)
-- Affected Vendors:
RealNetworks
-- Affected
ZDI-10-269: RealNetworks RealPlayer AAC TIT2 Atom Integer Overflow Remote Code
Execution Vulnerability
http://www.zerodayinitiative.com/advisories/ZDI-10-269
December 10, 2010
-- CVE ID:
CVE-2010-4397
-- CVSS:
9, (AV:N/AC:L/Au:N/C:P/I:P/A:C)
-- Affected Vendors:
RealNetworks
-- Affected
ZDI-10-270: RealNetworks RealPlayer ICY Protocol StreamTitle Remote Code
Execution Vulnerability
http://www.zerodayinitiative.com/advisories/ZDI-10-270
December 10, 2010
-- CVE ID:
CVE-2010-2997
-- CVSS:
9, (AV:N/AC:L/Au:N/C:P/I:P/A:C)
-- Affected Vendors:
RealNetworks
-- Affected Products:
ZDI-10-271: RealNetworks RealPlayer RTSP GIF Parsing Remote Code Execution
Vulnerability
http://www.zerodayinitiative.com/advisories/ZDI-10-271
December 10, 2010
-- CVE ID:
CVE-2010-4376
-- CVSS:
9, (AV:N/AC:L/Au:N/C:P/I:P/A:C)
-- Affected Vendors:
RealNetworks
-- Affected Products:
ZDI-10-272: RealNetworks RealPlayer Cook Audio Codec Parsing Remote Code
Execution Vulnerability
http://www.zerodayinitiative.com/advisories/ZDI-10-272
December 10, 2010
-- CVE ID:
CVE-2010-4377
-- CVSS:
9, (AV:N/AC:L/Au:N/C:P/I:P/A:C)
-- Affected Vendors:
RealNetworks
-- Affected Products:
ZDI-10-273: RealNetworks RealPlayer AAC MLLT Atom Parsing Remote Code Execution
Vulnerability
http://www.zerodayinitiative.com/advisories/ZDI-10-273
December 10, 2010
-- CVE ID:
CVE-2010-2999
-- CVSS:
9, (AV:N/AC:L/Au:N/C:P/I:P/A:C)
-- Affected Vendors:
RealNetworks
-- Affected Products:
ZDI-10-274: RealNetworks Realplayer RV20 Stream Parsing Remote Code Execution
Vulnerability
http://www.zerodayinitiative.com/advisories/ZDI-10-274
December 10, 2010
-- CVE ID:
CVE-2010-4378
-- CVSS:
9, (AV:N/AC:L/Au:N/C:P/I:P/A:C)
-- Affected Vendors:
RealNetworks
-- Affected Products:
ZDI-10-277: RealNetworks RealPlayer Main.html Remote Code Execution
Vulnerability
http://www.zerodayinitiative.com/advisories/ZDI-10-277
December 10, 2010
-- CVE ID:
CVE-2010-4388
-- CVSS:
9, (AV:N/AC:L/Au:N/C:P/I:P/A:C)
-- Affected Vendors:
RealNetworks
-- Affected Products:
RealNetworks
ZDI-10-278: RealNetworks RealPlayer Custsupport.html Remote Code Execution
Vulnerability
http://www.zerodayinitiative.com/advisories/ZDI-10-278
December 10, 2010
-- CVE ID:
CVE-2010-4388
-- CVSS:
9, (AV:N/AC:L/Au:N/C:P/I:P/A:C)
-- Affected Vendors:
RealNetworks
-- Affected Products:
ZDI-10-276: RealNetworks RealPlayer Upsell.htm getqsval Remote Code Execution
Vulnerability
http://www.zerodayinitiative.com/advisories/ZDI-10-276
December 10, 2010
-- CVE ID:
CVE-2010-4388
-- CVSS:
9, (AV:N/AC:L/Au:N/C:P/I:P/A:C)
-- Affected Vendors:
RealNetworks
-- Affected Products:
ZDI-10-281: RealNetworks RealPlayer RMX Header Remote Code Execution
Vulnerability
http://www.zerodayinitiative.com/advisories/ZDI-10-281
December 10, 2010
-- CVE ID:
CVE-2010-4391
-- CVSS:
9, (AV:N/AC:L/Au:N/C:P/I:P/A:C)
-- Affected Vendors:
RealNetworks
-- Affected Products:
RealNetworks
ZDI-10-281: RealNetworks RealPlayer RMX Header Remote Code Execution
Vulnerability
http://www.zerodayinitiative.com/advisories/ZDI-10-281
December 10, 2010
-- CVE ID:
CVE-2010-4391
-- CVSS:
9, (AV:N/AC:L/Au:N/C:P/I:P/A:C)
-- Affected Vendors:
RealNetworks
-- Affected Products:
RealNetworks
ZDI-10-282: RealNetworks RealPlayer RealPix Server Header Parsing Remote Code
Execution Vulnerability
http://www.zerodayinitiative.com/advisories/ZDI-10-282
December 10, 2010
-- CVE ID:
CVE-2010-4394
-- CVSS:
9, (AV:N/AC:L/Au:N/C:P/I:P/A:C)
-- Affected Vendors:
RealNetworks
-- Affected
ZDI-10-275: RealNetworks RealPlayer Cross-Zone Scripting Remote Code Execution
Vulnerability
http://www.zerodayinitiative.com/advisories/ZDI-10-275
December 10, 2010
-- CVE ID:
CVE-2010-4396
-- CVSS:
9, (AV:N/AC:L/Au:N/C:P/I:P/A:C)
-- Affected Vendors:
RealNetworks
-- Affected Products:
ZDI-10-279: RealNetworks RealPlayer Cook Codec Initialization Remote Code
Execution Vulnerability
http://www.zerodayinitiative.com/advisories/ZDI-10-279
December 10, 2010
-- CVE ID:
CVE-2010-4389
-- CVSS:
9, (AV:N/AC:L/Au:N/C:P/I:P/A:C)
-- Affected Vendors:
RealNetworks
-- Affected
ZDI-10-280: RealNetworks RealPlayer ImageMap Remote Code Execution Vulnerability
http://www.zerodayinitiative.com/advisories/ZDI-10-280
December 10, 2010
-- CVE ID:
CVE-2010-4392
-- CVSS:
9, (AV:N/AC:L/Au:N/C:P/I:P/A:C)
-- Affected Vendors:
RealNetworks
-- Affected Products:
RealNetworks
TPTI-10-19: RealNetworks RealPlayer MLTI Stream Number Remote Code Execution
Vulnerability
http://dvlabs.tippingpoint.com/advisory/TPTI-10-19
December 10, 2010
-- CVE ID:
CVE-2010-4390
-- Affected Vendors:
RealNetworks
-- Affected Products:
RealNetworks RealPlayer
-- TippingPoint(TM) IPS
TPTI-10-18: RealNetworks RealPlayer MDPR Chunk Size Remote Code Execution
Vulnerability
http://dvlabs.tippingpoint.com/advisory/TPTI-10-18
December 10, 2010
-- CVE ID:
CVE-2010-4390
-- CVSS:
9, (AV:N/AC:L/Au:N/C:P/I:P/A:C)
-- Affected Vendors:
RealNetworks
-- Affected Products:
RealNetworks
TPTI-10-17: RealNetworks RealPlayer SIPR Stream Frame Dimensions Remote Code
Execution Vulnerability
http://dvlabs.tippingpoint.com/advisory/TPTI-10-17
December 10, 2010
-- CVE ID:
CVE-2010-4385
-- CVSS:
9, (AV:N/AC:L/Au:N/C:P/I:P/A:C)
-- Affected Vendors:
RealNetworks
-- Affected Products:
ZDI-10-263: CA Multiple Products create_session_bab SOAP Request Remote Code
Execution Vulnerability
http://www.zerodayinitiative.com/advisories/ZDI-10-263
December 9, 2010
-- CVE ID:
CVE-2010-3984
-- CVSS:
10, (AV:N/AC:L/Au:N/C:C/I:C/A:C)
-- Affected Vendors:
CA
-- Affected Products:
CA
ZDI-10-265: Mozilla Firefox NewIdArray Integer Overflow Remote Code Execution
Vulnerability
http://www.zerodayinitiative.com/advisories/ZDI-10-265
December 9, 2010
-- CVE ID:
CVE-2010-3767
-- CVSS:
9, (AV:N/AC:L/Au:N/C:P/I:P/A:C)
-- Affected Vendors:
Mozilla Firefox
-- Affected Products:
ZDI-10-264: Mozilla Firefox nsDOMAttribute MutationObserver Remote Code
Execution Vulnerability
http://www.zerodayinitiative.com/advisories/ZDI-10-264
December 9, 2010
-- CVE ID:
CVE-2010-3766
-- CVSS:
9, (AV:N/AC:L/Au:N/C:P/I:P/A:C)
-- Affected Vendors:
Mozilla Firefox
-- Affected
ZDI-10-258: Apple QuickTime 3GP Parsing Remote Code Execution Vulnerability
http://www.zerodayinitiative.com/advisories/ZDI-10-258
December 7, 2010
-- CVE ID:
CVE-2010-1508
-- CVSS:
10, (AV:N/AC:L/Au:N/C:C/I:C/A:C)
-- Affected Vendors:
Apple
-- Affected Products:
Apple Quicktime
--
ZDI-10-259: Apple QuickTime FPX Subimage Count Out-of-bounds Counter Remote
Code Execution Vulnerability
http://www.zerodayinitiative.com/advisories/ZDI-10-259
December 7, 2010
-- CVE ID:
CVE-2010-3801
-- CVSS:
9, (AV:N/AC:L/Au:N/C:P/I:P/A:C)
-- Affected Vendors:
Apple
-- Affected Products:
ZDI-10-260: Apple QuickTime Panorama Atom Remote Code Execution Vulnerability
http://www.zerodayinitiative.com/advisories/ZDI-10-260
December 7, 2010
-- CVE ID:
CVE-2010-3802
-- CVSS:
9, (AV:N/AC:L/Au:N/C:P/I:P/A:C)
-- Affected Vendors:
Apple
-- Affected Products:
Apple Quicktime
--
ZDI-10-261: Apple QuickTime PICT File PackBits Remote Code Execution
Vulnerability
http://www.zerodayinitiative.com/advisories/ZDI-10-261
December 7, 2010
-- CVE ID:
CVE-2010-3800
-- CVSS:
9, (AV:N/AC:L/Au:N/C:P/I:P/A:C)
-- Affected Vendors:
Apple
-- Affected Products:
Apple Quicktime
--
ZDI-10-262: Apple QuickTime PICT directBitsRect Pack3 Remote Code Execution
Vulnerability
http://www.zerodayinitiative.com/advisories/ZDI-10-262
December 7, 2010
-- CVE ID:
CVE-2010-3800
-- CVSS:
9, (AV:N/AC:L/Au:N/C:P/I:P/A:C)
-- Affected Vendors:
Apple
-- Affected Products:
Apple
TPTI-10-16: VMWare VMnc Codec Frame Decompression Remote Code Execution
Vulnerability
http://dvlabs.tippingpoint.com/advisory/TPTI-10-16
December 3, 2010
-- CVE ID:
CVE-2010-4294
-- CVSS:
9, (AV:N/AC:L/Au:N/C:P/I:P/A:C)
-- Affected Vendors:
VMWare, Inc.
-- Affected Products:
VMWare, Inc.
ZDI-10-257: Apple Webkit WholeText Integer Overflow Remote Code Execution
Vulnerability
http://www.zerodayinitiative.com/advisories/ZDI-10-257
November 23, 2010
-- CVE ID:
CVE-2010-3812
-- CVSS:
9, (AV:N/AC:L/Au:N/C:P/I:P/A:C)
-- Affected Vendors:
Apple
-- Affected Products:
Apple WebKit
ZDI-10-256: Novell iPrint Activex GetDriverSettings Remote Code Execution
Vulnerability
http://www.zerodayinitiative.com/advisories/ZDI-10-256
November 18, 2010
-- CVSS:
9, (AV:N/AC:L/Au:N/C:P/I:P/A:C)
-- Affected Vendors:
Novell
-- Affected Products:
Novell iPrint
-- TippingPoint(TM) IPS
ZDI-10-249: Apple Quicktime Sorenson Video Codec Decoding Remote Code Execution
Vulnerability
http://www.zerodayinitiative.com/advisories/ZDI-10-249
November 10, 2010
-- CVE ID:
CVE-2010-3793
-- CVSS:
10, (AV:N/AC:L/Au:N/C:C/I:C/A:C)
-- Affected Vendors:
Apple
-- Affected Products:
Apple
ZDI-10-250: Apple Quicktime rec Chunk Parsing Remote Code Execution
Vulnerability
http://www.zerodayinitiative.com/advisories/ZDI-10-250
November 10, 2010
-- CVE ID:
CVE-2010-3789
-- CVSS:
10, (AV:N/AC:L/Au:N/C:C/I:C/A:C)
-- Affected Vendors:
Apple
-- Affected Products:
Apple Quicktime
--
ZDI-10-251: Apple QuickTime FlashPix Max Uninitialized Jpeg Table Remote Code
Execution Vulnerability
http://www.zerodayinitiative.com/advisories/ZDI-10-251
November 10, 2010
-- CVE ID:
CVE-2010-3794
-- CVSS:
9, (AV:N/AC:L/Au:N/C:P/I:P/A:C)
-- Affected Vendors:
Apple
-- Affected Products:
ZDI-10-252: Apple QuickTime JP2 SIZ Chunk Uninitialized Object Remote Code
Execution Vulnerability
http://www.zerodayinitiative.com/advisories/ZDI-10-252
November 10, 2010
-- CVE ID:
CVE-2010-3788
-- CVSS:
9, (AV:N/AC:L/Au:N/C:P/I:P/A:C)
-- Affected Vendors:
Apple
-- Affected Products:
ZDI-10-253: Apple QuickTime GIF LZW Decompression Remote Code Execution
Vulnerability
http://www.zerodayinitiative.com/advisories/ZDI-10-253
November 10, 2010
-- CVE ID:
CVE-2010-3795
-- CVSS:
9, (AV:N/AC:L/Au:N/C:P/I:P/A:C)
-- Affected Vendors:
Apple
-- Affected Products:
Apple Quicktime
ZDI-10-254: Apple QuickTime ELST MediaRate Parsing Remote Code Execution
Vulnerability
http://www.zerodayinitiative.com/advisories/ZDI-10-254
November 10, 2010
-- CVE ID:
CVE-2010-3791
-- CVSS:
9, (AV:N/AC:L/Au:N/C:P/I:P/A:C)
-- Affected Vendors:
Apple
-- Affected Products:
Apple Quicktime
ZDI-10-255: Apple QuickTime m1s Parsing Remote Code Execution Vulnerability
http://www.zerodayinitiative.com/advisories/ZDI-10-255
November 10, 2010
-- CVE ID:
CVE-2010-3792
-- CVSS:
9, (AV:N/AC:L/Au:N/C:P/I:P/A:C)
-- Affected Vendors:
Apple
-- Affected Products:
Apple Quicktime
--
ZDI-10-244: Apple Quicktime Movie Malformed H.264 Sample Remote Code Execution
Vulnerability
http://www.zerodayinitiative.com/advisories/ZDI-10-244
November 9, 2010
-- CVE ID:
CVE-2010-0515
-- CVSS:
9, (AV:N/AC:L/Au:N/C:P/I:P/A:C)
-- Affected Vendors:
Apple
-- Affected Products:
Apple
ZDI-10-245: Microsoft Office PowerPoint Unknown Animation Node Remote Code
Execution Vulnerability
http://www.zerodayinitiative.com/advisories/ZDI-10-245
November 9, 2010
-- CVE ID:
CVE-2010-2573
-- CVSS:
9, (AV:N/AC:L/Au:N/C:P/I:P/A:C)
-- Affected Vendors:
Microsoft
-- Affected Products:
ZDI-10-246: Microsoft Excel MSODrawing Improper Exception Handling Remote Code
Execution Vulnerability
http://www.zerodayinitiative.com/advisories/ZDI-10-246
November 9, 2010
-- CVE ID:
CVE-2010-3335
-- CVSS:
9, (AV:N/AC:L/Au:N/C:P/I:P/A:C)
-- Affected Vendors:
Microsoft
-- Affected
ZDI-10-247: Novell Groupwise GWPOA HTTP Request Remote Code Execution
Vulnerability
http://www.zerodayinitiative.com/advisories/ZDI-10-247
November 9, 2010
-- CVSS:
10, (AV:N/AC:L/Au:N/C:C/I:C/A:C)
-- Affected Vendors:
Novell
-- Affected Products:
Novell Groupwise
-- TippingPoint(TM) IPS
ZDI-10-236: SAP NetWeaver Composition Environment sapstartsrv.exe Remote Code
Execution Vulnerability
http://www.zerodayinitiative.com/advisories/ZDI-10-236
November 8, 2010
-- CVSS:
10, (AV:N/AC:L/Au:N/C:C/I:C/A:C)
-- Affected Vendors:
SAP
-- Affected Products:
SAP NetWeaver
--
ZDI-10-237: Novell GroupWise Internet Agent Content-Type Multiple Value Parsing
Remote Code Execution Vulnerability
http://www.zerodayinitiative.com/advisories/ZDI-10-237
November 8, 2010
-- CVSS:
10, (AV:N/AC:L/Au:N/C:C/I:C/A:C)
-- Affected Vendors:
Novell
-- Affected Products:
Novell
ZDI-10-238: Novell GroupWise Internet Agent Content-Type String Parsing Remote
Code Execution Vulnerability
http://www.zerodayinitiative.com/advisories/ZDI-10-238
November 8, 2010
-- CVSS:
10, (AV:N/AC:L/Au:N/C:C/I:C/A:C)
-- Affected Vendors:
Novell
-- Affected Products:
Novell Groupwise
--
ZDI-10-239: Novell GroupWise Internet Agent RRULE Parsing Remote Code Execution
Vulnerability
http://www.zerodayinitiative.com/advisories/ZDI-10-239
November 8, 2010
-- CVSS:
10, (AV:N/AC:L/Au:N/C:C/I:C/A:C)
-- Affected Vendors:
Novell
-- Affected Products:
Novell Groupwise
--
ZDI-10-240: Novell GroupWise Internet Agent COMMENT Parsing Remote Code
Execution Vulnerability
http://www.zerodayinitiative.com/advisories/ZDI-10-240
November 8, 2010
-- CVSS:
10, (AV:N/AC:L/Au:N/C:C/I:C/A:C)
-- Affected Vendors:
Novell
-- Affected Products:
Novell Groupwise
--
ZDI-10-241: Novell GroupWise Internet Agent Content-Type Parsing Integer
Signedness Remote Code Execution Vulnerability
http://www.zerodayinitiative.com/advisories/ZDI-10-241
November 8, 2010
-- CVSS:
10, (AV:N/AC:L/Au:N/C:C/I:C/A:C)
-- Affected Vendors:
Novell
-- Affected Products:
Novell
ZDI-10-242: Novell Groupwise Internet Agent IMAP LIST Command Remote Code
Execution Vulnerability
http://www.zerodayinitiative.com/advisories/ZDI-10-242
November 8, 2010
-- CVSS:
9, (AV:N/AC:L/Au:N/C:P/I:P/A:C)
-- Affected Vendors:
Novell
-- Affected Products:
Novell Groupwise
--
ZDI-10-243: Novell GroupWise Internet Agent TZNAME Parsing Remote Code
Execution Vulnerability
http://www.zerodayinitiative.com/advisories/ZDI-10-243
November 8, 2010
-- CVSS:
10, (AV:N/AC:L/Au:N/C:C/I:C/A:C)
-- Affected Vendors:
Novell
-- Affected Products:
Novell Groupwise
--
ZDI-10-229: ProFTPD TELNET_IAC Remote Code Execution Vulnerability
http://www.zerodayinitiative.com/advisories/ZDI-10-229
November 2, 2010
-- CVSS:
10, (AV:N/AC:L/Au:N/C:C/I:C/A:C)
-- Affected Vendors:
ProFTPD
-- Affected Products:
ProFTPD FTP Server
-- TippingPoint(TM) IPS Customer
ZDI-10-230: Novell ZENworks Handheld Management ZfHIPCND.exe Remote Code
Execution Vulnerability
http://www.zerodayinitiative.com/advisories/ZDI-10-230
November 7, 2010
-- CVSS:
10, (AV:N/AC:L/Au:N/C:C/I:C/A:C)
-- Affected Vendors:
Novell
-- Affected Products:
Novell Zenworks
--
ZDI-10-231: Juniper Secure Access Series meeting_testjava.cgi XSS Vulnerability
http://www.zerodayinitiative.com/advisories/ZDI-10-231
November 7, 2010
-- CVSS:
6.4, (AV:N/AC:L/Au:N/C:P/I:P/A:N)
-- Affected Vendors:
Juniper
-- Affected Products:
Juniper Secure Access Series
--
ZDI-10-232: Cisco ICM Setup Manager Agent.exe HandleUpgradeAll Remote Code
Execution Vulnerability
http://www.zerodayinitiative.com/advisories/ZDI-10-232
November 7, 2010
-- CVE ID:
CVE-2010-3040
-- CVSS:
10, (AV:N/AC:L/Au:N/C:C/I:C/A:C)
-- Affected Vendors:
Cisco
-- Affected Products:
ZDI-10-233: Cisco ICM Setup Manager Agent.exe AgentUpgrade Remote Code
Execution Vulnerability
http://www.zerodayinitiative.com/advisories/ZDI-10-233
November 7, 2010
-- CVE ID:
CVE-2010-3040
-- CVSS:
10, (AV:N/AC:L/Au:N/C:C/I:C/A:C)
-- Affected Vendors:
Cisco
-- Affected Products:
Cisco
ZDI-10-234: Cisco ICM Setup Manager Agent.exe HandleQueryNodeInfoReq Remote
Code Execution Vulnerability
http://www.zerodayinitiative.com/advisories/ZDI-10-234
November 7, 2010
-- CVE ID:
CVE-2010-3040
-- CVSS:
10, (AV:N/AC:L/Au:N/C:C/I:C/A:C)
-- Affected Vendors:
Cisco
-- Affected
ZDI-10-235: Cisco ICM Setup Manager Agent.exe HandleUpgradeTrace Remote Code
Execution Vulnerability
http://www.zerodayinitiative.com/advisories/ZDI-10-235
November 7, 2010
-- CVE ID:
CVE-2010-3040
-- CVSS:
10, (AV:N/AC:L/Au:N/C:C/I:C/A:C)
-- Affected Vendors:
Cisco
-- Affected Products:
ZDI-10-228: Adobe Shockwave Player Director File SetVertexArray Remote Code
Execution Vulnerability
http://www.zerodayinitiative.com/advisories/ZDI-10-228
October 29, 2010
-- CVE ID:
CVE-2010-4090
-- CVSS:
7.5, (AV:N/AC:L/Au:N/C:P/I:P/A:P)
-- Affected Vendors:
Adobe
-- Affected Products:
ZDI-10-227: Adobe Shockwave Player Lnam Chunk String Processing Remote Code
Execution Vulnerability
http://www.zerodayinitiative.com/advisories/ZDI-10-227
October 29, 2010
-- CVE ID:
CVE-2010-3655
-- CVSS:
9, (AV:N/AC:L/Au:N/C:P/I:P/A:C)
-- Affected Vendors:
Adobe
-- Affected Products:
ZDI-10-223: Symantec IM Manager Administrative Interface LoggedInUsers.lgx
Definition File SQL Injection Vulnerabilities
http://www.zerodayinitiative.com/advisories/ZDI-10-223
October 27, 2010
-- CVE ID:
CVE 2010-0112
-- CVSS:
10, (AV:N/AC:L/Au:N/C:C/I:C/A:C)
-- Affected Vendors:
Symantec
ZDI-10-224: Symantec IM Manager Administrative Interface SummaryReportGroup.lgx
Definition File SQL Injection Vulnerabilities
http://www.zerodayinitiative.com/advisories/ZDI-10-224
October 27, 2010
-- CVE ID:
CVE 2010-0112
-- CVSS:
10, (AV:N/AC:L/Au:N/C:C/I:C/A:C)
-- Affected Vendors:
ZDI-10-222: Symantec IM Manager Administrative Interface rdpageimlogic.aspx SQL
Injection Vulnerabilities
http://www.zerodayinitiative.com/advisories/ZDI-10-222
October 27, 2010
-- CVE ID:
CVE 2010-0112
-- CVSS:
10, (AV:N/AC:L/Au:N/C:C/I:C/A:C)
-- Affected Vendors:
Symantec
-- Affected
ZDI-10-225: Symantec IM Manager Administrative Interface DetailReportGroup.lgx
Definition File SQL Injection Vulnerabilities
http://www.zerodayinitiative.com/advisories/ZDI-10-225
October 27, 2010
-- CVE ID:
CVE 2010-0112
-- CVSS:
10, (AV:N/AC:L/Au:N/C:C/I:C/A:C)
-- Affected Vendors:
ZDI-10-226: Symantec IM Manager rdServer.dll sGetDefinition SQL Injection
Vulnerability
http://www.zerodayinitiative.com/advisories/ZDI-10-226
October 27, 2010
-- CVE ID:
CVE 2010-0112
-- CVSS:
10, (AV:N/AC:L/Au:N/C:C/I:C/A:C)
-- Affected Vendors:
Symantec
-- Affected Products:
Symantec IM
ZDI-10-220: Symantec IM Manager Administrative Interface
IMAdminScheduleReport.asp SQL Injection Vulnerability
http://www.zerodayinitiative.com/advisories/ZDI-10-220
October 27, 2010
-- CVE ID:
CVE 2010-0112
-- CVSS:
10, (AV:N/AC:L/Au:N/C:C/I:C/A:C)
-- Affected Vendors:
Symantec
-- Affected
ZDI-10-221: Symantec IM Manager Administrative Interface
IMAdminReportTrendFormRun.asp SQL Injection Vulnerability
http://www.zerodayinitiative.com/advisories/ZDI-10-221
October 27, 2010
-- CVE ID:
CVE 2010-0112
-- CVSS:
10, (AV:N/AC:L/Au:N/C:C/I:C/A:C)
-- Affected Vendors:
Symantec
--
501 - 600 of 1113 matches
Mail list logo