<![CDATA[ZDI: Published Advisories]]> http://www.zerodayinitiative.com/advisories/published/ Fri Mar 27 08:22:09 2015 +0000 zdi@tippingpoint.com (Author) Tippingpoint, all rights reserved ZDI Bird Feeder en http://blogs.law.harvard.edu/tech/rss <![CDATA[ZDI-15-107: SolarWinds Firewall Security Manager userlogin.jsp Remote Code Execution Vulnerability]]> http://feedproxy.google.com/~r/ZDI-Published-Advisories/~3/_AC4KL_k208/ This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of SolarWinds Firewall Security Manager. Authentication is not required to exploit this vulnerability.<img src="//feeds.feedburner.com/~r/ZDI-Published-Advisories/~4/_AC4KL_k208" height="1" width="1" alt=""/> Fri, 13 Mar 2015 12:00:00 +0000 http://www.zerodayinitiative.com/advisories/ZDI-15-107/ <![CDATA[ZDI-15-106: (0Day) Oracle Data Quality LoaderWizard Module Unloading Remote Code Execution Vulnerability]]> http://feedproxy.google.com/~r/ZDI-Published-Advisories/~3/SM6WrxPcSeU/ This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Oracle Data Quality. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.<img src="//feeds.feedburner.com/~r/ZDI-Published-Advisories/~4/SM6WrxPcSeU" height="1" width="1" alt=""/> Fri, 13 Mar 2015 12:00:00 +0000 http://www.zerodayinitiative.com/advisories/ZDI-15-106/ <![CDATA[ZDI-15-105: (0Day) Oracle Data Quality LoaderWizard SetEntities Type Confusion Remote Code Execution Vulnerability]]> http://feedproxy.google.com/~r/ZDI-Published-Advisories/~3/Lip1Hz_qNao/ This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Oracle Data Quality. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.<img src="//feeds.feedburner.com/~r/ZDI-Published-Advisories/~4/Lip1Hz_qNao" height="1" width="1" alt=""/> Fri, 13 Mar 2015 12:00:00 +0000 http://www.zerodayinitiative.com/advisories/ZDI-15-105/ <![CDATA[ZDI-15-104: (0Day) Oracle Data Quality DscXB onloadstatechange Use-After-Free Remote Code Execution Vulnerability]]> http://feedproxy.google.com/~r/ZDI-Published-Advisories/~3/rnpZiFLXB_c/ This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Oracle Data Quality. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.<img src="//feeds.feedburner.com/~r/ZDI-Published-Advisories/~4/rnpZiFLXB_c" height="1" width="1" alt=""/> Fri, 13 Mar 2015 12:00:00 +0000 http://www.zerodayinitiative.com/advisories/ZDI-15-104/ <![CDATA[ZDI-15-103: (0Day) Oracle Data Quality LoaderWizard DataPreview Type Confusion Remote Code Execution Vulnerability]]> http://feedproxy.google.com/~r/ZDI-Published-Advisories/~3/63L85fVWs2g/ This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Oracle Data Quality. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.<img src="//feeds.feedburner.com/~r/ZDI-Published-Advisories/~4/63L85fVWs2g" height="1" width="1" alt=""/> Fri, 13 Mar 2015 12:00:00 +0000 http://www.zerodayinitiative.com/advisories/ZDI-15-103/ <![CDATA[ZDI-15-102: Microsoft Internet Explorer SVG marker Use-After-Free Remote Code Execution Vulnerability]]> http://feedproxy.google.com/~r/ZDI-Published-Advisories/~3/CZrrR6Mf8RY/ This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Microsoft Internet Explorer. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.<img src="//feeds.feedburner.com/~r/ZDI-Published-Advisories/~4/CZrrR6Mf8RY" height="1" width="1" alt=""/> Thu, 12 Mar 2015 12:00:00 +0000 http://www.zerodayinitiative.com/advisories/ZDI-15-102/ <![CDATA[ZDI-15-101: Hewlett-Packard POS USB Line Display OPOS Drivers OPOSLineDisplay.ocx Open Method Remote Code Execution Vulnerability]]> http://feedproxy.google.com/~r/ZDI-Published-Advisories/~3/jSq7t-MBBnE/ This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Hewlett-Packard POS USB Line Display OPOS Drivers. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.<img src="//feeds.feedburner.com/~r/ZDI-Published-Advisories/~4/jSq7t-MBBnE" height="1" width="1" alt=""/> Thu, 12 Mar 2015 12:00:00 +0000 http://www.zerodayinitiative.com/advisories/ZDI-15-101/ <![CDATA[ZDI-15-100: Hewlett-Packard POS Printer Windows And OPOS Drivers OPOSCashDrawer.ocx Open Method Remote Code Execution Vulnerability]]> http://feedproxy.google.com/~r/ZDI-Published-Advisories/~3/fzsKdpKeKSw/ This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Hewlett-Packard POS Printer Windows and OPOS Drivers. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.<img src="//feeds.feedburner.com/~r/ZDI-Published-Advisories/~4/fzsKdpKeKSw" height="1" width="1" alt=""/> Thu, 12 Mar 2015 12:00:00 +0000 http://www.zerodayinitiative.com/advisories/ZDI-15-100/ <![CDATA[ZDI-15-099: Hewlett-Packard POS Printer Windows and OPOS Drivers OPOSCheckScanner.ocx Open Method Remote Code Execution Vulnerability]]> http://feedproxy.google.com/~r/ZDI-Published-Advisories/~3/ZRaZn4r9sMc/ This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Hewlett-Packard POS Printer Windows and OPOS Drivers. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.<img src="//feeds.feedburner.com/~r/ZDI-Published-Advisories/~4/ZRaZn4r9sMc" height="1" width="1" alt=""/> Thu, 12 Mar 2015 12:00:00 +0000 http://www.zerodayinitiative.com/advisories/ZDI-15-099/ <![CDATA[ZDI-15-098: Hewlett-Packard POS Keyboard OPOS Drivers OPOSMSR.ocx Open Method Remote Code Execution Vulnerability]]> http://feedproxy.google.com/~r/ZDI-Published-Advisories/~3/gaRlWxETnoc/ This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Hewlett-Packard POS Keyboard OPOS Drivers. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.<img src="//feeds.feedburner.com/~r/ZDI-Published-Advisories/~4/gaRlWxETnoc" height="1" width="1" alt=""/> Thu, 12 Mar 2015 12:00:00 +0000 http://www.zerodayinitiative.com/advisories/ZDI-15-098/