<![CDATA[ZDI: Published Advisories]]> http://www.zerodayinitiative.com/advisories/published/ Thu Dec 25 10:39:31 2014 +0000 zdi@tippingpoint.com (Author) Tippingpoint, all rights reserved ZDI Bird Feeder en http://blogs.law.harvard.edu/tech/rss <![CDATA[ZDI-14-425: Trihedral VTScada Integer Overflow Denial of Service Vulnerability]]> http://feedproxy.google.com/~r/ZDI-Published-Advisories/~3/h4HRX1dr3nA/ This vulnerability allows remote attackers to cause a denial of service to vulnerable installations of Trihedral VTScada. Authentication is not required to exploit this vulnerability.<img src="//feeds.feedburner.com/~r/ZDI-Published-Advisories/~4/h4HRX1dr3nA" height="1" width="1" alt=""/> Fri, 12 Dec 2014 12:00:00 +0000 http://www.zerodayinitiative.com/advisories/ZDI-14-425/ <![CDATA[ZDI-14-424: Honeywell OPOS Suite HWOPOSScale.ocx Open Method Stack Buffer Overflow Remote Code Execution Vulnerability]]> http://feedproxy.google.com/~r/ZDI-Published-Advisories/~3/8tlo_ZfI4BE/ This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Honeywell OPOS Suite. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.<img src="//feeds.feedburner.com/~r/ZDI-Published-Advisories/~4/8tlo_ZfI4BE" height="1" width="1" alt=""/> Thu, 11 Dec 2014 12:00:00 +0000 http://www.zerodayinitiative.com/advisories/ZDI-14-424/ <![CDATA[ZDI-14-423: Honeywell OPOS Suite HWOPOSSCANNER.ocx Open Method Stack Buffer Overflow Remote Code Execution Vulnerability]]> http://feedproxy.google.com/~r/ZDI-Published-Advisories/~3/ZDVuupIJS6Q/ This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Honeywell OPOS Suite. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.<img src="//feeds.feedburner.com/~r/ZDI-Published-Advisories/~4/ZDVuupIJS6Q" height="1" width="1" alt=""/> Thu, 11 Dec 2014 12:00:00 +0000 http://www.zerodayinitiative.com/advisories/ZDI-14-423/ <![CDATA[ZDI-14-422: ManageEngine NetFlow Analyzer CollectorConfInfoServlet COLLECTOR_ID Directory Traversal Remote Code Execution Vulnerability]]> http://feedproxy.google.com/~r/ZDI-Published-Advisories/~3/sBfZBCsAKl4/ This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of ManageEngine NetFlow Analyzer. Authentication is not required to exploit this vulnerability.<img src="//feeds.feedburner.com/~r/ZDI-Published-Advisories/~4/sBfZBCsAKl4" height="1" width="1" alt=""/> Thu, 11 Dec 2014 12:00:00 +0000 http://www.zerodayinitiative.com/advisories/ZDI-14-422/ <![CDATA[ZDI-14-421: ManageEngine Password Manager Pro UploadAccountActivities filename Directory Traversal Denial of Service Vulnerability]]> http://feedproxy.google.com/~r/ZDI-Published-Advisories/~3/agLsqjzz9u4/ This vulnerability allows remote attackers to create a denial of service condition on vulnerable installations of ManageEngine Password Manager Pro. Authentication is not required to exploit this vulnerability.<img src="//feeds.feedburner.com/~r/ZDI-Published-Advisories/~4/agLsqjzz9u4" height="1" width="1" alt=""/> Thu, 11 Dec 2014 12:00:00 +0000 http://www.zerodayinitiative.com/advisories/ZDI-14-421/ <![CDATA[ZDI-14-420: ManageEngine Desktop Central MSP NativeAppServlet UDID JSON Object Code Injection Remote Code Execution Vulnerability]]> http://feedproxy.google.com/~r/ZDI-Published-Advisories/~3/YGf1aa88_QM/ This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of ManageEngine Desktop Central MSP. Authentication is not required to exploit this vulnerability.<img src="//feeds.feedburner.com/~r/ZDI-Published-Advisories/~4/YGf1aa88_QM" height="1" width="1" alt=""/> Thu, 11 Dec 2014 12:00:00 +0000 http://www.zerodayinitiative.com/advisories/ZDI-14-420/ <![CDATA[ZDI-14-419: BMC Track-It! Web Account Credential Information Disclosure Vulnerability]]> http://feedproxy.google.com/~r/ZDI-Published-Advisories/~3/xxAI_WCg4Tk/ This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of BMC Track-It!. Authentication is not required to exploit this vulnerability.<img src="//feeds.feedburner.com/~r/ZDI-Published-Advisories/~4/xxAI_WCg4Tk" height="1" width="1" alt=""/> Tue, 09 Dec 2014 12:00:00 +0000 http://www.zerodayinitiative.com/advisories/ZDI-14-419/ <![CDATA[ZDI-14-418: BitTorrent Web Interface Remote Code Execution Vulnerability]]> http://feedproxy.google.com/~r/ZDI-Published-Advisories/~3/1a1h-kNTYzU/ This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of BitTorent. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.<img src="//feeds.feedburner.com/~r/ZDI-Published-Advisories/~4/1a1h-kNTYzU" height="1" width="1" alt=""/> Tue, 09 Dec 2014 12:00:00 +0000 http://www.zerodayinitiative.com/advisories/ZDI-14-418/ <![CDATA[ZDI-14-417: Adobe Flash Player parseFloat Stack Buffer Overflow Remote Code Execution Vulnerability]]> http://feedproxy.google.com/~r/ZDI-Published-Advisories/~3/GJQCThzlUU8/ This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Adobe Flash Player. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.<img src="//feeds.feedburner.com/~r/ZDI-Published-Advisories/~4/GJQCThzlUU8" height="1" width="1" alt=""/> Tue, 09 Dec 2014 12:00:00 +0000 http://www.zerodayinitiative.com/advisories/ZDI-14-417/ <![CDATA[ZDI-14-416: Adobe Flash Player Regular Expression Object Out-Of-Bound Read Information Disclosure Vulnerability]]> http://feedproxy.google.com/~r/ZDI-Published-Advisories/~3/SNXWROBw13E/ This vulnerability allows remote attackers to disclose arbitrary memory on vulnerable installations of Adobe Flash. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.<img src="//feeds.feedburner.com/~r/ZDI-Published-Advisories/~4/SNXWROBw13E" height="1" width="1" alt=""/> Tue, 09 Dec 2014 12:00:00 +0000 http://www.zerodayinitiative.com/advisories/ZDI-14-416/