<![CDATA[ZDI: Published Advisories]]> http://www.zerodayinitiative.com/advisories/published/ Sat Nov 21 20:02:32 2009 +0000 zdi@tippingpoint.com (Author) Tippingpoint, all rights reserved ZDI Bird Feeder en http://blogs.law.harvard.edu/tech/rss <![CDATA[ZDI-09-085: Hewlett-Packard Operations Manager Server Backdoor Account Code Execution Vulnerability]]> http://feedproxy.google.com/~r/ZDI-Published-Advisories/~3/QLXwpRHMCSo/ This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Hewlett-Packard Operations Manager. Authentication is not required to exploit this vulnerability.<img src="http://feeds.feedburner.com/~r/ZDI-Published-Advisories/~4/QLXwpRHMCSo" height="1" width="1"/> Fri, 20 Nov 2009 12:00:00 +0000 http://www.zerodayinitiative.com/advisories/ZDI-09-085/ <![CDATA[ZDI-09-084: Apple Quicktime FIRE Codec Heap Buffer Overflow Vulnerability]]> http://feedproxy.google.com/~r/ZDI-Published-Advisories/~3/aIP0jxkJc20/ This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Apple QuickTime. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.<img src="http://feeds.feedburner.com/~r/ZDI-Published-Advisories/~4/aIP0jxkJc20" height="1" width="1"/> Tue, 02 Jun 2009 12:00:00 +0000 http://www.zerodayinitiative.com/advisories/ZDI-09-084/ <![CDATA[ZDI-09-083: Microsoft Excel Shared Feature Header Pointer Offset Memory Corruption Vulnerability]]> http://feedproxy.google.com/~r/ZDI-Published-Advisories/~3/fHqEqPMCnQ8/ This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Microsoft Office Excel. User interaction is required to exploit this vulnerability in that the target must open a malicious spreadsheet.<img src="http://feeds.feedburner.com/~r/ZDI-Published-Advisories/~4/fHqEqPMCnQ8" height="1" width="1"/> Tue, 10 Nov 2009 12:00:00 +0000 http://www.zerodayinitiative.com/advisories/ZDI-09-083/ <![CDATA[ZDI-09-082: Microsoft Office Excel PivotTable Cache Record Parsing Memory Corruption Vulnerability]]> http://feedproxy.google.com/~r/ZDI-Published-Advisories/~3/rM9_ZRyMPoI/ This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Microsoft Office Excel. User interaction is required to exploit this vulnerability in that the target must open a malicious document.<img src="http://feeds.feedburner.com/~r/ZDI-Published-Advisories/~4/rM9_ZRyMPoI" height="1" width="1"/> Tue, 10 Nov 2009 12:00:00 +0000 http://www.zerodayinitiative.com/advisories/ZDI-09-082/ <![CDATA[ZDI-09-081: Hewlett-Packard Power Manager Administration Web Server Stack Overflow Vulnerability]]> http://feedproxy.google.com/~r/ZDI-Published-Advisories/~3/wirAXmnpwvg/ This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Hewlett-Packard Power Manager. Authentication is not required to exploit this vulnerability.<img src="http://feeds.feedburner.com/~r/ZDI-Published-Advisories/~4/wirAXmnpwvg" height="1" width="1"/> Thu, 05 Nov 2009 12:00:00 +0000 http://www.zerodayinitiative.com/advisories/ZDI-09-081/ <![CDATA[ZDI-09-080: Sun Java Runtime Environment JPEGImageReader Heap Overflow Vulnerability]]> http://feedproxy.google.com/~r/ZDI-Published-Advisories/~3/ROSVLvb68mA/ This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Sun&#39;s Java Runtime Environment. User interaction is required to exploit this vulnerability in that the target must visit a malicious page.<img src="http://feeds.feedburner.com/~r/ZDI-Published-Advisories/~4/ROSVLvb68mA" height="1" width="1"/> Wed, 04 Nov 2009 12:00:00 +0000 http://www.zerodayinitiative.com/advisories/ZDI-09-080/ <![CDATA[ZDI-09-079: Sun Java Runtime AWT setBytePixels Heap Overflow Vulnerability]]> http://feedproxy.google.com/~r/ZDI-Published-Advisories/~3/D1foMp4tLfE/ This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Sun Java Runtime Environment. User interaction is required to exploit this vulnerability in that the target must visit a malicious page.<img src="http://feeds.feedburner.com/~r/ZDI-Published-Advisories/~4/D1foMp4tLfE" height="1" width="1"/> Wed, 04 Nov 2009 12:00:00 +0000 http://www.zerodayinitiative.com/advisories/ZDI-09-079/ <![CDATA[ZDI-09-078: Sun Java Runtime AWT setDifflCM Stack Overflow Vulnerability]]> http://feedproxy.google.com/~r/ZDI-Published-Advisories/~3/ju0mmK0Jkzs/ This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Sun Java Runtime Environment. User interaction is required to exploit this vulnerability in that the target must visit a malicious page.<img src="http://feeds.feedburner.com/~r/ZDI-Published-Advisories/~4/ju0mmK0Jkzs" height="1" width="1"/> Wed, 04 Nov 2009 12:00:00 +0000 http://www.zerodayinitiative.com/advisories/ZDI-09-078/ <![CDATA[ZDI-09-077: Sun Java Web Start Arbitrary Command Execution Vulnerability]]> http://feedproxy.google.com/~r/ZDI-Published-Advisories/~3/L3uyRQQRrQU/ This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Sun Java WebStart. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.<img src="http://feeds.feedburner.com/~r/ZDI-Published-Advisories/~4/L3uyRQQRrQU" height="1" width="1"/> Wed, 04 Nov 2009 12:00:00 +0000 http://www.zerodayinitiative.com/advisories/ZDI-09-077/ <![CDATA[ZDI-09-076: Sun Java HsbParser.getSoundBank Stack Buffer Overflow Vulnerability]]> http://feedproxy.google.com/~r/ZDI-Published-Advisories/~3/iUKR519KSNc/ This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Sun Microsystems Java. User interaction is required in that a user must open a malicious file or visit a malicious web page.<img src="http://feeds.feedburner.com/~r/ZDI-Published-Advisories/~4/iUKR519KSNc" height="1" width="1"/> Wed, 04 Nov 2009 12:00:00 +0000 http://www.zerodayinitiative.com/advisories/ZDI-09-076/