TippingPoint Zero Day Initiative
 

Published Advisories

The following is a list of all publicly disclosed vulnerabilities discovered by TippingPoint Zero Day Initiative researchers. While the affected vendor is working on a patch for these vulnerabilities, TippingPoint customers are protected from exploitation by security filters delivered ahead of public disclosure. TippingPoint customers are additionally protected against 0day vulnerabilities discovered by our own DVLabs researchers. A list of published advisories discovered by TippingPoint's DVLabs research group is available from:

ZDI Advisories: 2017   |   2016   |   2015   |   2014   |   2013   |   2012   |   2011   |   2010   |   2009   |   2008   |   2007   |   2006   |   2005

ZDI-17-053 CVE: CVE-2016-2123 Published: 2017-01-20
Samba NDR Parsing ndr_pull_dnsp_name Heap-based Buffer Overflow Remote Code Execution Vulnerability
ZDI-17-052 CVE: CVE-2016-8207 Published: 2017-01-20
Brocade Network Advisor CliMonitorReportServlet Directory Traversal Information Disclosure Vulnerability
ZDI-17-051 CVE: CVE-2016-8206 Published: 2017-01-20
Brocade Network Advisor SoftwareImageUpload Directory Traversal Arbitrary File Deletion Vulnerability
ZDI-17-050 CVE: CVE-2016-8205 Published: 2017-01-20
Brocade Network Advisor DashboardFileReceiveServlet Directory Traversal Remote Code Execution Vulnerability
ZDI-17-049 CVE: CVE-2016-8204 Published: 2017-01-20
Brocade Network Advisor FileReceiveServlet Directory Traversal Remote Code Execution Vulnerability
ZDI-17-048 CVE: Published: 2017-01-20
Bitdefender Internet Security NSIS Entries Integer Overflow Remote Code Execution Vulnerability
ZDI-17-047 CVE: Published: 2017-01-20
Bitdefender Internet Security NSIS Pages Integer Overflow Remote Code Execution Vulnerability
ZDI-17-046 CVE: Published: 2017-01-20
Bitdefender Internet Security SIS Parsing Integer Overflow Remote Code Execution Vulnerability
ZDI-17-045 CVE: CVE-2017-2970 Published: 2017-01-20
Adobe Reader DC XSLT apply-templates Heap-based Buffer Overflow Remote Code Execution Vulnerability
ZDI-17-044 CVE: CVE-2016-6814 Published: 2017-01-20
Apache Groovy MethodClosure Deserialization of Untrusted Data Remote Code Execution Vulnerability
ZDI-17-043 CVE: CVE-2017-5154, CVE-2017-5152 Published: 2017-01-12
Advantech WebAccess updateTemplate SQL Injection Information Disclosure Vulnerability
ZDI-17-042 CVE: Published: 2017-01-11
Foxit PhantomPDF ConvertToPDF TIFF Parsing Memory Corruption Remote Code Execution Vulnerability
ZDI-17-041 CVE: Published: 2017-01-11
Foxit Reader JPEG2000 Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability
ZDI-17-040 CVE: Published: 2017-01-11
Foxit Reader JPEG2000 Parsing Out-Of-Bounds Read Information Disclosure Vulnerability
ZDI-17-039 CVE: Published: 2017-01-11
Foxit PhantomPDF ConvertToPDF JPEG Parsing Out-Of-Bounds Read Information Disclosure Vulnerability
ZDI-17-038 CVE: Published: 2017-01-11
Foxit Reader setInterval Use-After-Free Remote Code Execution Vulnerability
ZDI-17-037 CVE: Published: 2017-01-11
Foxit Reader Font Parsing Out-Of-Bounds Read Information Disclosure Vulnerability
ZDI-17-036 CVE: Published: 2017-01-11
Foxit Reader JPEG2000 Parsing Out-Of-Bounds Read Information Disclosure Vulnerability
ZDI-17-035 CVE: Published: 2017-01-11
Foxit Reader JPEG2000 Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability
ZDI-17-034 CVE: Published: 2017-01-11
Foxit Reader alert Use-After-Free Remote Code Execution Vulnerability
ZDI-17-033 CVE: Published: 2017-01-11
Foxit Reader JPEG2000 Parsing Out-Of-Bounds Read Information Disclosure Vulnerability
ZDI-17-032 CVE: Published: 2017-01-11
Foxit Reader JPEG2000 Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability
ZDI-17-031 CVE: CVE-2017-2967 Published: 2017-01-10
Adobe Reader DC XFA template Out-Of-Bounds Read Remote Code Execution Vulnerability
ZDI-17-030 CVE: CVE-2017-2966 Published: 2017-01-10
Adobe Acrobat Pro DC ImageConversion TIFF Parsing Heap-based Buffer Overflow Remote Code Execution Vulnerability
ZDI-17-029 CVE: CVE-2017-2949 Published: 2017-01-10
Adobe Reader DC XSLT call-template Heap-based Buffer Overflow Remote Code Execution Vulnerability
ZDI-17-028 CVE: CVE-2017-2949 Published: 2017-01-10
Adobe Reader DC XSLT element Heap-based Buffer Overflow Remote Code Execution Vulnerability
ZDI-17-027 CVE: CVE-2017-2963 Published: 2017-01-10
Adobe Acrobat Pro DC ImageConversion TIFF Parsing Out-Of-Bounds Read Information Disclosure Vulnerability
ZDI-17-026 CVE: CVE-2017-2962 Published: 2017-01-10
Adobe Reader DC XSLT lang Type Confusion Remote Code Execution Vulnerability
ZDI-17-025 CVE: CVE-2017-2961 Published: 2017-01-10
Acrobat Reader DC XFA Field Font Size Use-After-Free Remote Code Execution Vulnerability
ZDI-17-024 CVE: CVE-2017-2960 Published: 2017-01-10
Adobe Acrobat Pro DC ImageConversion JPEG Parsing Out-Of-Bounds Read Information Disclosure Vulnerability
ZDI-17-023 CVE: CVE-2017-2959 Published: 2017-01-10
Adobe Acrobat Pro DC ImageConversion JPEG Parsing Heap-based Buffer Overflow Remote Code Execution Vulnerability
ZDI-17-022 CVE: CVE-2017-2951 Published: 2017-01-10
Adobe Reader DC XFA hyphenation Use-After-Free Remote Code Execution Vulnerability
ZDI-17-021 CVE: CVE-2017-2950 Published: 2017-01-10
Adobe Reader DC XFA Layout Use-After-Free Remote Code Execution Vulnerability
ZDI-17-020 CVE: CVE-2017-2949 Published: 2017-01-10
Adobe Reader DC XSLT decimal-format Heap-based Buffer Overflow Remote Code Execution Vulnerability
ZDI-17-019 CVE: CVE-2017-2949 Published: 2017-01-10
Adobe Reader DC XSLT namespace-alias Heap-based Buffer Overflow Remote Code Execution Vulnerability
ZDI-17-018 CVE: CVE-2017-2949 Published: 2017-01-10
Adobe Reader DC XSLT processing-instruction Heap-based Buffer Overflow Remote Code Execution Vulnerability
ZDI-17-017 CVE: CVE-2017-2949 Published: 2017-01-10
Adobe Reader DC XSLT function-available Heap-based Buffer Overflow Remote Code Execution Vulnerability
ZDI-17-016 CVE: CVE-2017-2949 Published: 2017-01-10
Adobe Reader DC XSLT sort Heap-based Buffer Overflow Remote Code Execution Vulnerability
ZDI-17-015 CVE: CVE-2017-2949 Published: 2017-01-10
Adobe Reader DC XSLT key Heap-based Buffer Overflow Remote Code Execution Vulnerability
ZDI-17-014 CVE: CVE-2017-2964 Published: 2017-01-10
Adobe Acrobat Pro DC ImageConversion JPEG Parsing Out-Of-Bounds Read Information Disclosure Vulnerability
ZDI-17-013 CVE: CVE-2017-2949 Published: 2017-01-10
Adobe Reader DC XSLT key Heap-based Buffer Overflow Remote Code Execution Vulnerability
ZDI-17-012 CVE: CVE-2017-2949 Published: 2017-01-10
Adobe Reader DC XSLT attribute Heap-based Buffer Overflow Remote Code Execution Vulnerability
ZDI-17-011 CVE: CVE-2017-2949 Published: 2017-01-10
Adobe Reader DC XSLT attribute-set Heap-based Buffer Overflow Remote Code Execution Vulnerability
ZDI-17-010 CVE: CVE-2017-2965 Published: 2017-01-10
Adobe Acrobat Pro DC ImageConversion TIFF Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability
ZDI-17-009 CVE: CVE-2017-2949 Published: 2017-01-10
Adobe Reader DC XSLT format-number Heap-based Buffer Overflow Remote Code Execution Vulnerability
ZDI-17-008 CVE: CVE-2017-2949 Published: 2017-01-10
Adobe Reader DC XSLT output Heap-based Buffer Overflow Remote Code Execution Vulnerability
ZDI-17-007 CVE: CVE-2017-2949 Published: 2017-01-10
Adobe Reader DC XSLT variable Heap-based Buffer Overflow Remote Code Execution Vulnerability
ZDI-17-006 CVE: CVE-2017-2949 Published: 2017-01-10
Adobe Reader DC XSLT system-property Heap-based Buffer Overflow Remote Code Execution Vulnerability
ZDI-17-005 CVE: CVE-2017-2949 Published: 2017-01-10
Adobe Reader DC XSLT element-available Heap-based Buffer Overflow Remote Code Execution Vulnerability
ZDI-17-004 CVE: CVE-2017-2946 Published: 2017-01-10
Adobe Reader DC JPEG2000 Parsing Out-Of-Bounds Read Information Disclosure Vulnerability
ZDI-17-003 CVE: CVE-2017-2946 Published: 2017-01-10
Adobe Reader DC JPEG2000 Parsing Heap-based Buffer Overflow Remote Code Execution Vulnerability
ZDI-17-002 CVE: CVE-2017-2941 Published: 2017-01-10
Adobe Reader DC Font Parsing Out-Of-Bounds Read Information Disclosure Vulnerability
ZDI-17-001 CVE: CVE-2016-8519 Published: 2017-01-10
Hewlett Packard Enterprise Operations Orchestration Backwards Compatibility Deserialization of Untrusted Data Remote Code Execution Vulnerability