<![CDATA[ZDI: Published Advisories]]> http://www.zerodayinitiative.com/advisories/published/ Sun Nov 8 06:51:23 2009 +0000 zdi@tippingpoint.com (Author) Tippingpoint, all rights reserved ZDI Bird Feeder en http://blogs.law.harvard.edu/tech/rss <![CDATA[ZDI-09-081: Hewlett-Packard Power Manager Administration Web Server Stack Overflow Vulnerability]]> http://feedproxy.google.com/~r/ZDI-Published-Advisories/~3/wirAXmnpwvg/ This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Hewlett-Packard Power Manager. Authentication is not required to exploit this vulnerability.<img src="http://feeds.feedburner.com/~r/ZDI-Published-Advisories/~4/wirAXmnpwvg" height="1" width="1"/> Thu, 05 Nov 2009 12:00:00 +0000 http://www.zerodayinitiative.com/advisories/ZDI-09-081/ <![CDATA[ZDI-09-080: Sun Java Runtime Environment JPEGImageReader Heap Overflow Vulnerability]]> http://feedproxy.google.com/~r/ZDI-Published-Advisories/~3/ROSVLvb68mA/ This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Sun&#39;s Java Runtime Environment. User interaction is required to exploit this vulnerability in that the target must visit a malicious page.<img src="http://feeds.feedburner.com/~r/ZDI-Published-Advisories/~4/ROSVLvb68mA" height="1" width="1"/> Wed, 04 Nov 2009 12:00:00 +0000 http://www.zerodayinitiative.com/advisories/ZDI-09-080/ <![CDATA[ZDI-09-079: Sun Java Runtime AWT setBytePixels Heap Overflow Vulnerability]]> http://feedproxy.google.com/~r/ZDI-Published-Advisories/~3/D1foMp4tLfE/ This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Sun Java Runtime Environment. User interaction is required to exploit this vulnerability in that the target must visit a malicious page.<img src="http://feeds.feedburner.com/~r/ZDI-Published-Advisories/~4/D1foMp4tLfE" height="1" width="1"/> Wed, 04 Nov 2009 12:00:00 +0000 http://www.zerodayinitiative.com/advisories/ZDI-09-079/ <![CDATA[ZDI-09-078: Sun Java Runtime AWT setDifflCM Stack Overflow Vulnerability]]> http://feedproxy.google.com/~r/ZDI-Published-Advisories/~3/ju0mmK0Jkzs/ This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Sun Java Runtime Environment. User interaction is required to exploit this vulnerability in that the target must visit a malicious page.<img src="http://feeds.feedburner.com/~r/ZDI-Published-Advisories/~4/ju0mmK0Jkzs" height="1" width="1"/> Wed, 04 Nov 2009 12:00:00 +0000 http://www.zerodayinitiative.com/advisories/ZDI-09-078/ <![CDATA[ZDI-09-077: Sun Java Web Start Arbitrary Command Execution Vulnerability]]> http://feedproxy.google.com/~r/ZDI-Published-Advisories/~3/L3uyRQQRrQU/ This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Sun Java WebStart. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.<img src="http://feeds.feedburner.com/~r/ZDI-Published-Advisories/~4/L3uyRQQRrQU" height="1" width="1"/> Wed, 04 Nov 2009 12:00:00 +0000 http://www.zerodayinitiative.com/advisories/ZDI-09-077/ <![CDATA[ZDI-09-076: Sun Java HsbParser.getSoundBank Stack Buffer Overflow Vulnerability]]> http://feedproxy.google.com/~r/ZDI-Published-Advisories/~3/iUKR519KSNc/ This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Sun Microsystems Java. User interaction is required in that a user must open a malicious file or visit a malicious web page.<img src="http://feeds.feedburner.com/~r/ZDI-Published-Advisories/~4/iUKR519KSNc" height="1" width="1"/> Wed, 04 Nov 2009 12:00:00 +0000 http://www.zerodayinitiative.com/advisories/ZDI-09-076/ <![CDATA[ZDI-09-075: Novell eDirectory LDAP Null Base DN Denial of Service Vulnerability]]> http://feedproxy.google.com/~r/ZDI-Published-Advisories/~3/XRvUMQRaPsU/ This vulnerability allows attackers to deny services on vulnerable installations of Novell eDirectory. Authentication is not required in order to exploit this vulnerability.<img src="http://feeds.feedburner.com/~r/ZDI-Published-Advisories/~4/XRvUMQRaPsU" height="1" width="1"/> Mon, 02 Nov 2009 12:00:00 +0000 http://www.zerodayinitiative.com/advisories/ZDI-09-075/ <![CDATA[ZDI-09-074: Multiple Vendor Hummingbird STR Service Stack Overflow Vulnerability]]> http://feedproxy.google.com/~r/ZDI-Published-Advisories/~3/Tvx_RBPa78A/ This vulnerability allows remote attackers to execute arbitrary code on systems with vulnerable installations of EMC Documentum eRoom, OpenText Hummingbird and OpenText Search Server. Authentication is not required to exploit this vulnerability.<img src="http://feeds.feedburner.com/~r/ZDI-Published-Advisories/~4/Tvx_RBPa78A" height="1" width="1"/> Wed, 28 Oct 2009 12:00:00 +0000 http://www.zerodayinitiative.com/advisories/ZDI-09-074/ <![CDATA[ZDI-09-073: Adobe Reader Compact Font Format Malformed Index Memory Corruption Vulnerability]]> http://feedproxy.google.com/~r/ZDI-Published-Advisories/~3/qIQDPyxKY3c/ This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Adobe Acrobat and Adobe Reader. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.<img src="http://feeds.feedburner.com/~r/ZDI-Published-Advisories/~4/qIQDPyxKY3c" height="1" width="1"/> Tue, 13 Oct 2009 12:00:00 +0000 http://www.zerodayinitiative.com/advisories/ZDI-09-073/ <![CDATA[ZDI-09-072: Microsoft Windows GDI+ TIFF Parsing Code Execution Vulnerability]]> http://feedproxy.google.com/~r/ZDI-Published-Advisories/~3/MoD22MmSt7Q/ This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Microsoft Windows. User interaction is required in that a user must open a malicious image file or browse to a malicious website.<img src="http://feeds.feedburner.com/~r/ZDI-Published-Advisories/~4/MoD22MmSt7Q" height="1" width="1"/> Tue, 13 Oct 2009 12:00:00 +0000 http://www.zerodayinitiative.com/advisories/ZDI-09-072/