TippingPoint Zero Day Initiative
 

Published Advisories

The following is a list of all publicly disclosed vulnerabilities discovered by TippingPoint Zero Day Initiative researchers. While the affected vendor is working on a patch for these vulnerabilities, TippingPoint customers are protected from exploitation by IPS filters delivered ahead of public disclosure. TippingPoint customers are additionally protected against 0day vulnerabilities discovered by our own DVLabs researchers. A list of published advisories discovered by TippingPoint's DVLabs research group is available from:

ZDI Advisories: 2015   |   2014   |   2013   |   2012   |   2011   |   2010   |   2009   |   2008   |   2007   |   2006   |   2005

ZDI-15-074 CVE: CVE-2015-2094 Published: 2015-02-27
(0Day) WebGate WinRDS WESPPlayback.WESPPlaybackCtrl.1 SaveSiteImage Stack Buffer Overflow Remote Code Execution Vulnerability
ZDI-15-073 CVE: CVE-2015-2094 Published: 2015-02-27
(0Day) WebGate WinRDS WESPPlayback.WESPPlaybackCtrl.1 StopSiteAllChannel Stack Buffer Overflow Remote Code Execution Vulnerability
ZDI-15-072 CVE: CVE-2015-2094 Published: 2015-02-27
(0Day) WebGate WinRDS WESPPlayback.WESPPlaybackCtrl.1 PlaySiteAllChannel Stack Buffer Overflow Remote Code Execution Vulnerability
ZDI-15-071 CVE: CVE-2015-2094 Published: 2015-02-27
(0Day) WebGate WinRDS WESPPlayback.WESPPlaybackCtrl.1 PrintSiteImage Stack Buffer Overflow Remote Code Execution Vulnerability
ZDI-15-070 CVE: CVE-2015-2095 Published: 2015-02-27
(0Day) WebGate eDVR Manager WESPPTZ.WESPPTZCtrl.1 SetConnectInfo Heap Buffer Overflow Remote Code Execution Vulnerability
ZDI-15-069 CVE: CVE-2015-2096 Published: 2015-02-27
(0Day) WebGate eDVR Manager WESPMonitor.WESPMonitorCtrl.1 Connect Method Use-After-Free Remote Code Execution Vulnerability
ZDI-15-068 CVE: CVE-2015-2097 Published: 2015-02-27
(0Day) WebGate eDVR Manager WESPMonitor.WESPMonitorCtrl.1 LoadImageEx Stack Buffer Overflow Remote Code Execution Vulnerability
ZDI-15-067 CVE: CVE-2015-2100 Published: 2015-02-27
(0Day) WebGate Control Center WESPDiscovery.WESPDiscoveryCtrl.1 TCPDiscovery Stack Buffer Overflow Remote Code Execution Vulnerability
ZDI-15-066 CVE: CVE-2015-2098 Published: 2015-02-27
(0Day) WebGate eDVR Manager WESPPTZ.WESPPTZCtrl.1 OpenDVrSSite Stack Buffer Overflow Remote Code Execution Vulnerability
ZDI-15-065 CVE: CVE-2015-2098 Published: 2015-02-27
(0Day) WebGate eDVR Manager WESPPlayback.WESPPlaybackCtrl.1 SiteName Property Stack Buffer Overflow Remote Code Execution Vulnerability
ZDI-15-064 CVE: CVE-2015-2098 Published: 2015-02-27
(0Day) WebGate eDVR Manager WESPPlayback.WESPPlaybackCtrl.1 SiteChannel Property Stack Buffer Overflow Remote Code Execution Vulnerability
ZDI-15-063 CVE: CVE-2015-2099 Published: 2015-02-27
(0Day) WebGate Control Center WESPPlayback.WESPPlaybackCtrl.1 GetThumbnail Stack Buffer Overflow Remote Code Execution Vulnerability
ZDI-15-062 CVE: CVE-2015-2097 Published: 2015-02-27
(0Day) WebGate eDVR Manager WESPSerialPort.WESPSerialPortCtrl.1 Connect Method Stack Buffer Overflow Remote Code Execution Vulnerability
ZDI-15-061 CVE: CVE-2015-2098 Published: 2015-02-27
(0Day) WebGate eDVR Manager WESPPTZ.WESPPTZCtrl.1 Connect/ConnectEx Heap Buffer Overflow Remote Code Execution Vulnerability
ZDI-15-060 CVE: CVE-2015-2098 Published: 2015-02-27
(0Day) WebGate eDVR Manager WESPPlayback.WESPPlaybackCtrl.1 AudioOnlySiteChannel Property Stack Buffer Overflow Remote Code Execution Vulnerability
ZDI-15-059 CVE: CVE-2015-2097 Published: 2015-02-27
(0Day) WebGate eDVR Manager WESPMonitor.WESPMonitorCtrl.1 LoadImage Stack Buffer Overflow Remote Code Execution Vulnerability
ZDI-15-058 CVE: CVE-2015-2098 Published: 2015-02-27
(0Day) WebGate eDVR Manager WESPEvent.WESPEventCtrl.1 Connect/ConnectEx/ConnectEx2 Stack Buffer Overflow Remote Code Execution Vulnerability
ZDI-15-057 CVE: CVE-2015-2100 Published: 2015-02-27
(0Day) WebGate eDVR Manager WESPDiscovery.WESPDiscoveryCtrl.1 TCPDiscovery Stack Buffer Overflow Remote Code Execution Vulnerability
ZDI-15-056 CVE: CVE-2015-2099 Published: 2015-02-27
(0Day) WebGate Control Center LoginContoller.LoginControllerCtrl.1 Login Stack Buffer Overflow Remote Code Execution Vulnerability
ZDI-15-055 CVE: CVE-2015-2099 Published: 2015-02-27
(0Day) WebGate Control Center FileConverter.FileConverterCtrl.1 GetRecFileInfo Stack and Heap Buffer Overflow Remote Code Execution Vulnerabilities
ZDI-15-054 CVE: CVE-2015-2093 Published: 2015-02-27
(0Day) WebGate WebEyeAudio.OCX Stack Buffer Overflow Remote Code Execution Vulnerability
ZDI-15-053 CVE: CVE-2015-2092 Published: 2015-02-27
(0Day) Agilent Technologies Feature Extraction ActiveX Control Index Out-Of-Bounds Remote Code Execution Vulnerability
ZDI-15-052 CVE: Published: 2015-02-27
(0Day) Microsoft Word Line Formatting Denial of Service Vulnerability
ZDI-15-051 CVE: CVE-2015-2061 Published: 2015-02-27
PTC Creo View Heap Buffer Overflow Remote Code Execution Vulnerability
ZDI-15-050 CVE: CVE-2014-6369 Published: 2015-02-25
Microsoft Internet Explorer CTableSection Use-After-Free Remote Code Execution Vulnerability
ZDI-15-049 CVE: CVE-2015-1605 Published: 2015-02-20
Dell ScriptLogic Asset Manager GetProcessedPackage SQL Injection Remote Code Execution Vulnerability
ZDI-15-048 CVE: CVE-2015-1605 Published: 2015-02-20
Dell ScriptLogic Asset Manager GetClientPackage SQL Injection Remote Code Execution Vulnerability
ZDI-15-047 CVE: CVE-2015-0331 Published: 2015-02-19
Adobe Flash HLS Playlist Use-After-Free Remote Code Execution Vulnerability
ZDI-15-046 CVE: CVE-2014-9375 Published: 2015-02-13
Lexmark Markvision Enterprise LibraryFileUploadServlet Remote Code Execution Vulnerability
ZDI-15-045 CVE: CVE-2015-0314 Published: 2015-02-10
Adobe Flash Player BitmapFilter Invalid Object Corruption Remote Code Execution Vulnerability
ZDI-15-044 CVE: CVE-2015-1500 Published: 2015-02-10
SolarWinds Server and Application Monitor TSUnicodeGraphEditorControl graphManager.load Buffer Overflow Remote Code Execution Vulnerability
ZDI-15-043 CVE: CVE-2015-1501 Published: 2015-02-10
SolarWinds Server and Application Monitor TSUnicodeGraphEditorControl factory.loadExtensionFactory Remote Code Execution Vulnerability
ZDI-15-042 CVE: CVE-2015-1500 Published: 2015-02-10
SolarWinds Server and Application Monitor TSUnicodeGraphEditorControl factory.loadExtensionFactory Buffer Overflow Remote Code Execution Vulnerability
ZDI-15-041 CVE: CVE-2015-1499 Published: 2015-02-10
Samsung Security Manager ActiveMQ Broker Service DELETE Method Denial of Service Vulnerability
ZDI-15-040 CVE: CVE-2014-9200 Published: 2015-02-10
Schneider Electric SoMove Lite IsObjectModel RemoveParameter Remote Code Execution Vulnerability
ZDI-15-039 CVE: CVE-2015-1498 Published: 2015-02-10
Persistent Systems Client Automation Remote Elevation of Privilege Vulnerability
ZDI-15-038 CVE: CVE-2015-1497 Published: 2015-02-10
Persistent Systems Client Automation Command Injection Remote Code Execution Vulnerability
ZDI-15-037 CVE: CVE-2015-1496 Published: 2015-02-10
Motorola Scanner SDK ScannerService.exe Privilege Escalation Vulnerability
ZDI-15-036 CVE: CVE-2015-1496 Published: 2015-02-10
Motorola Scanner SDK rsmdriverproviderservice.exe Privilege Escalation Vulnerability
ZDI-15-035 CVE: CVE-2015-1496 Published: 2015-02-10
Motorola Scanner SDK CoreScanner.exe Privilege Escalation Vulnerability
ZDI-15-034 CVE: CVE-2015-1495 Published: 2015-02-10
Motorola Scanner SDK OPOSScale.ocx Open Method Remote Code Execution Vulnerability
ZDI-15-033 CVE: CVE-2015-1495 Published: 2015-02-10
Motorola Scanner SDK OPOSSCANNER.ocx Open Method Remote Code Execution Vulnerability
ZDI-15-032 CVE: CVE-2014-6354 Published: 2015-02-10
Microsoft Internet Explorer CSVGSVGElement Use-After-Free Remote Code Execution Vulnerability
ZDI-15-031 CVE: CVE-2015-1044 Published: 2015-02-10
VMware Workstation Authorization Service Denial-of-Service Vulnerability
ZDI-15-030 CVE: CVE-2015-0058 Published: 2015-02-10
Microsoft Windows win32k.sys Dangling Pointer Privilege Escalation Vulnerability
ZDI-15-029 CVE: CVE-2015-0053 Published: 2015-02-10
Microsoft Internet Explorer UnitValueProperty Uninitialized Pointer Remote Code Execution Vulnerability
ZDI-15-028 CVE: CVE-2015-0046 Published: 2015-02-10
Microsoft Internet Explorer Type Confusion Information Disclosure Vulnerability
ZDI-15-027 CVE: CVE-2015-0045 Published: 2015-02-10
Microsoft Internet Explorer CLineFull Use-After-Free Remote Code Execution Vulnerability
ZDI-15-026 CVE: CVE-2015-0044 Published: 2015-02-10
Microsoft Internet Explorer CTableLayout Out-of-Bounds Memory Access Remote Code Execution Vulnerability
ZDI-15-025 CVE: CVE-2015-0043 Published: 2015-02-10
Microsoft Internet Explorer SVG Marker Use-After-Free Remote Code Execution Vulnerability
ZDI-15-024 CVE: CVE-2015-0042 Published: 2015-02-10
Microsoft Internet Explorer SVG Marker Use-After-Free Remote Code Execution Vulnerability
ZDI-15-023 CVE: CVE-2015-0041 Published: 2015-02-10
Microsoft Internet Explorer CTreePos Double Free Remote Code Execution Vulnerability
ZDI-15-022 CVE: CVE-2015-0040 Published: 2015-02-10
Microsoft Internet Explorer CMapElement Use-After-Free Remote Code Execution Vulnerability
ZDI-15-021 CVE: CVE-2015-0038 Published: 2015-02-10
Microsoft Internet Explorer CUListElement Use-After-Free Remote Code Execution Vulnerability
ZDI-15-020 CVE: CVE-2015-0037 Published: 2015-02-10
Microsoft Internet Explorer Ptls6::LsFmtText Out-Of-Bounds Read Remote Code Execution Vulnerability
ZDI-15-019 CVE: CVE-2015-0036 Published: 2015-02-10
Microsoft Internet Explorer CShadow Direction Integer Overflow Remote Code Execution Vulnerability
ZDI-15-018 CVE: CVE-2015-0035 Published: 2015-02-10
Microsoft Internet Explorer CIFrameElement Use-After-Free Remote Code Execution Vulnerability
ZDI-15-017 CVE: CVE-2015-0035 Published: 2015-02-10
Microsoft Internet Explorer CIFrameElement Use-After-Free Remote Code Execution Vulnerability
ZDI-15-016 CVE: CVE-2015-0031 Published: 2015-02-10
Microsoft Internet Explorer TransNavContext Information Disclosure Vulnerability
ZDI-15-015 CVE: CVE-2015-0027 Published: 2015-02-10
Microsoft Internet Explorer CSS Regions Use-After-Free Remote Code Execution Vulnerability
ZDI-15-014 CVE: CVE-2015-0025 Published: 2015-02-10
Microsoft Internet Explorer CGeneratedTreeNode Use-After-Free Remote Code Execution Vulnerability
ZDI-15-013 CVE: CVE-2015-0017 Published: 2015-02-10
Microsoft Internet Explorer CAutoRange::ScrollIntoView Use-After-Free Remote Code Execution Vulnerability
ZDI-15-012 CVE: CVE-2015-0003 Published: 2015-02-10
Microsoft Windows WM_SYSTIMER Kernel Elevation of Privilege Vulnerability
ZDI-15-011 CVE: CVE-2014-4484 Published: 2015-01-27
Apple Mac OS X DFont Memory Corruption Remote Code Execution Vulnerability
ZDI-15-010 CVE: CVE-2014-8840 Published: 2015-01-27
(Mobile Pwn2Own) Apple iOS SSL Sandbox Bypass Vulnerability
ZDI-15-009 CVE: CVE-2014-4477 Published: 2015-01-27
(Mobile Pwn2Own) Apple Safari Set Use-After-Free Remote Code Execution Vulnerability
ZDI-15-008 CVE: CVE-2014-5211 Published: 2015-01-21
Attachmate Reflection FTP Client Stack Buffer Overflow Remote Code Execution Vulnerability
ZDI-15-007 CVE: CVE-2015-0307 Published: 2015-01-21
Adobe Flash Player AVSegmentedSource::getABRProfileInfoAtIndex Out-Of-Bounds Read Information Disclosure Vulnerability
ZDI-15-006 CVE: CVE-2014-5005 Published: 2015-01-07
ManageEngine Desktop Central MSP StatusUpdateServlet fileName File Upload Remote Code Execution Vulnerability
ZDI-15-005 CVE: CVE-2014-9188 Published: 2015-01-07
Schneider Electric ProClima MetaDraw ArrangeObjects Remote Code Execution Vulnerability
ZDI-15-004 CVE: CVE-2014-8512 Published: 2015-01-07
Schneider Electric ProClima ATX45 SetBodyAttribute Remote Code Execution Vulnerability
ZDI-15-003 CVE: CVE-2014-8511 Published: 2015-01-07
Schneider Electric ProClima ATX45 SetHtmlFileName Remote Code Execution Vulnerability
ZDI-15-002 CVE: CVE-2014-8514 Published: 2015-01-07
Schneider Electric ProClima MetaDraw ObjLinks Property Remote Code Execution Vulnerability
ZDI-15-001 CVE: CVE-2014-8513 Published: 2015-01-07
Schneider Electric ProClima MetaDraw ObjectOverlappedBy Remote Code Execution Vulnerability