VERISIGN IDEFENSE® VENDOR-COORDINATED PUBLIC VULNERABILITY REPORTS

VERISIGN IDEFENSE<sup>&reg;</sup> VENDOR-COORDINATED PUBLIC VULNERABILITY REPORTS

The Verisign iDefense Vulnerability Team conducts around-the-clock research and notification of vulnerabilities and exploits that target any of the more than 20,000 closely monitored applications, hardware and operating systems.

E-mail an Expert

Explore our list of vendor-coordinated publicly disclosed vulnerabilities:

2013  2012  2011  2010  2009  2008  2007  2006  2005  2004  2003  2002 
VULNERABILITY REPORTS
12.24.07 Novell ZENworks Endpoint Security Management Local Privilege Escalation Vulnerability
12.18.07 ClamAV libclamav MEW PE File Integer Overflow Vulnerability
12.17.07 Apple Mac OS X mount_smbfs Stack Based Buffer Overflow Vulnerability
12.11.07 Microsoft DirectX 7 and 8 DirectShow Stack Buffer Overflow Vulnerability
12.11.07 Microsoft Internet Explorer JavaScript setExpression Heap Corruption Vulnerability
11.14.07 Apple Mac OS X AppleTalk ASP Message Kernel Heap Overflow Vulnerability
11.14.07 Apple Mac OS X AppleTalk mbuf Kernel Heap Overflow Vulnerability
11.14.07 Apple Mac OS X AppleTalk Socket IOCTL Kernel Stack Buffer Overflow Vulnerability
11.14.07 Apple Mac OS X Mach Port Inheritance Privilege Escalation Vulnerability
11.12.07 Novell NetWare Client NWFILTER.SYS Local Privilege Escalation Vulnerability
11.12.07 WinPcap NPF.SYS bpf_filter_init Arbitrary Array Indexing Vulnerability
11.09.07 AOL AmpX ActiveX Control Multiple Buffer Overflow Vulnerabilities
11.09.07 IBM Informix Dynamic Server DBLANG Directory Traversal Vulnerability
11.07.07 Oracle 10g R2 PITRIG_DROPMETADATA Buffer Overflow Vulnerability
11.06.07 Microsoft DebugView Privilege Escalation Vulnerability
11.05.07 Apple QuickTime Panorama Sample Atom Heap Buffer Overflow Vulnerability
11.02.07 Sun Microsystems Solaris srsexec Format String Vulnerability
10.31.07 Macrovision InstallShield Update Service ActiveX Unsafe Method Vulnerability
10.31.07 Symantec Altiris Deployment Solution TFTP/MTFTP Service Directory Traversal Vulnerability
10.30.07 IBM AIX 5.2 crontab BSS Buffer Overflow Vulnerability
10.30.07 IBM AIX bellmail Stack Buffer Overflow Vulnerability
10.30.07 IBM AIX dig dns_name_fromtext Integer Underflow Vulnerability
10.30.07 IBM AIX ftp domacro Parameter Buffer Overflow Vulnerability
10.30.07 IBM AIX lquerypv Stack Buffer Overflow Vulnerability
10.30.07 IBM AIX lqueryvg Stack Buffer Overflow Vulnerability
10.30.07 IBM AIX swcons Local Arbitrary File Access Vulnerability
10.25.07 Trend Micro Tmxpflt.sys IOCTL 0xa0284403 Buffer Overflow Vulnerability
10.23.07 IBM Lotus Domino IMAP Buffer Overflow Vulnerability
10.23.07 IBM Lotus Notes Client TagAttributeListCopy Buffer Overflow Vulnerability
10.11.07 Multiple Vendor FLAC Library Multiple Integer Overflow Vulnerabilities
10.10.07 Kaspersky Web Scanner ActiveX Format String Vulnerability
10.09.07 Microsoft Windows Mail and Outlook Express NNTP Protocol Heap Overflow
10.02.07 Multiple Vendor X Font Server Multiple Vulnerabilities
10.02.07 Sun Microsystems Solaris FIFO FS Information Disclosure Vulnerability
09.27.07 Computer Associates BrightStor HSM r11.5 Multiple Vulnerabilities
09.25.07 Linux Kernel ALSA snd_mem_proc_read Information Disclosure Vulnerability
09.20.07 CA ARCserve Backup for Laptops and Desktops Authentication Bypass Vulnerability
09.20.07 CA ARCServe Backup for Laptops and Desktops Multiple Buffer Overflow Vulnerabilities
09.19.07 Multiple Vendor ImageMagick Multiple Denial of Service Vulnerabilities
09.19.07 Multiple Vendor ImageMagick Multiple Integer Overflow Vulnerabilities
09.19.07 Multiple Vendor ImageMagick Off-By-One Vulnerability
09.19.07 Multiple Vendor ImageMagick Sign Extension Vulnerability
09.17.07 Multiple Vendor OpenOffice TIFF File Parsing Multiple Integer Overflow Vulnerabilities
09.11.07 Microsoft Windows 2000 Agent URL Canonicalizing Stack Based Buffer Overflow Vulnerability
08.30.07 Yahoo Messenger YVerInfo.dll ActiveX Multiple Remote Buffer Overflow Vulnerabilities
08.27.07 Motorola Timbuktu Multiple Buffer Overflow Vulnerabilities
08.27.07 Motorola Timbuktu Pro Directory Traversal Vulnerability
08.21.07 Trend Micro ServerProtect Multiple Buffer Overflow Vulnerabilities
08.21.07 Trend Micro ServerProtect RPCFN_SYNC_TASK Integer Overflow Vulnerability
08.20.07 Check Point Zone Labs Multiple Products Privilege Escalation Vulnerability
08.20.07 Check Point Zone Labs VSDATANT Multiple IOCTL Privilege Escalation Vulnerabilities
08.20.07 Trend Micro SSAPI Long Path Buffer Overflow Vulnerability
08.16.07 IBM DB2 Universal Database buildDasPaths Buffer Overflow Vulnerability
08.16.07 IBM DB2 Universal Database Directory Creation Vulnerability
08.16.07 IBM DB2 Universal Database Directory Traversal Vulnerability
08.16.07 IBM DB2 Universal Database Multiple File Creation Vulnerabilities
08.16.07 IBM DB2 Universal Database Multiple Race Condition Vulnerabilities
08.16.07 IBM DB2 Universal Database Multiple Untrusted Search Path Vulnerabilities
08.15.07 ESRI ArcSDE Numeric Literal Buffer Overflow Vulnerability
08.14.07 Microsoft Windows Vista Sidebar RSS Feeds Gadget Cross Site Scripting Vulnerability
08.14.07 Microsoft XML Core Services XMLDOM Memory Corruption Vulnerability
08.09.07 Hewlett-Packard OpenView Operations OVTrace Buffer Overflow Vulnerabilities
08.07.07 Apple Mac OS X mDNSResponder HTTP Request Heap Overflow Vulnerability
08.07.07 Hewlett-Packard HP-UX Remote ldcconn Buffer Overflow Vulnerability
07.26.07 IBM AIX capture Terminal Control Sequence Buffer Overflow Vulnerability
07.26.07 IBM AIX ftp gets() Multiple Buffer Overflow Vulnerabilities
07.26.07 IBM AIX pioout Arbitrary Library Loading Vulnerability
07.24.07 Computer Associates AntiVirus CHM File Handling DoS Vulnerability
07.24.07 Computer Associates eTrust Intrusion Detection CallCode ActiveX Control Code Execution Vulnerability
07.23.07 Ipswitch Instant Messaging Server Denial of Service Vulnerability
07.19.07 Multiple Vendor Multiple Product URI Handler Input Validation Vulnerability
07.19.07 Opera Software Opera Web Browser BitTorrent Dangling Pointer Vulnerability
07.18.07 Ipswitch IMail Server 2006 Multiple IMAP Buffer Overflow Vulnerabilities
07.18.07 Microsoft DirectX RLE Compressed Targa Image File Heap Overflow Vulnerability
07.17.07 Computer Associates Alert Notification Server Multiple Buffer Overflow Vulnerabilities
07.17.07 IBM Tivoli Provisioning Manager for OS Deployment TFTP Blocksize DoS Vulnerability
07.16.07 Trend Micro OfficeScan Management Console Authorization Bypass Vulnerability
07.16.07 Trend Micro OfficeScan Session Cookie Buffer Overflow Vulnerability
07.12.07 Red Hat Enterprise Linux init.d XFS Script chown Race Condition Vulnerability
07.11.07 Apple QuickTime SMIL File Processing Integer Overflow Vulnerability
07.11.07 SquirrelMail G/PGP Plugin deleteKey() Command Injection Vulnerability
07.11.07 SquirrelMail G/PGP Plugin gpg_check_sign_pgp_mime() Command Injection Vulnerability
07.11.07 SquirrelMail G/PGP Plugin gpg_help.php Local File Inclusion Vulnerability
07.11.07 SquirrelMail G/PGP Plugin gpg_recv_key() Command Injection Vulnerability
07.11.07 Symantec AntiVirus symtdi.sys Local Privilege Escalation Vulnerability
07.11.07 Symantec Backup Exec RPC Remote Heap Overflow Vulnerability
07.09.07 IBM AIX libodm ODMPATH Stack Overflow Vulnerability
07.09.07 Multiple Vendor GIMP Multiple Integer Overflow Vulnerabilities
07.09.07 WinPcap NPF.SYS Local Privilege Escalation Vulnerability
06.26.07 Multiple Vendor Kerberos kadmind Rename Principal Buffer Overflow Vulnerability
06.26.07 RealNetworks RealPlayer/HelixPlayer SMIL wallclock Stack Overflow Vulnerability
06.21.07 Ingres Database Multiple Heap Corruption Vulnerabilities
06.18.07 Cerulean Studios Trillian UTF-8 Word Wrap Heap Overflow Vulnerability
06.14.07 Apache MyFaces Tomahawk JSF Framework Cross-Site Scripting (XSS) Vulnerability
06.13.07 Multiple Vendor libexif Integer Overflow Heap Corruption Vulnerability
06.12.07 Microsoft License Manager and urlmon.dll COM Object Interaction Invalid Memory Access Vulnerability
06.12.07 YaBB Forum member.vars CRLF Injection Privilege Escalation Vulnerability
06.07.07 Linux Kernel cpuset tasks Information Disclosure Vulnerability
06.05.07 Symantec Ghost Multiple Denial of Service Vulnerabilities
06.01.07 Symantec VERITAS Storage Foundation Administration Service DoS Vulnerability
05.25.07 Sun Java System Web Proxy Multiple Buffer Overflow Vulnerabilities
05.24.07 Apple Computer Mac OS X pppd Plugin Loading Privilege Escalation Vulnerability
05.23.07 Opera Software Opera Web Browser Transfer Item Pop-up Menu Stack Overflow Vulnerability
05.14.07 Samba SAMR Change Password Remote Command Injection Vulnerability
05.10.07 Apple Darwin Streaming Proxy Multiple Vulnerabilities
05.10.07 Novell NetMail NMDMC Buffer Overflow Vulnerability
05.10.07 Sun Microsystems Solaris SRS Proxy Core srsexec Arbitrary File Read Vulnerability
05.09.07 Computer Associates eTrust InoTask.exe Antivirus Buffer Overflow Vulnerability
05.09.07 Symantec Norton Internet Security 2006 COM Object Security ByPass Vulnerability
05.08.07 McAfee Security Center IsOldAppInstalled ActiveX Buffer Overflow Vulnerability
05.08.07 Microsoft Excel Filter Record Code Execution Vulnerability
05.08.07 Microsoft Exchange Server 2000 IMAP Literal Processing DoS Vulnerability
05.08.07 Microsoft Word RTF File Parsing Heap Corruption Vulnerability
05.07.07 Sun Microsystems Solaris ACE_SETACL Integer Signedness DoS Vulnerability
05.02.07 LiveData Protocol Server Heap Overflow Vulnerability
04.30.07 Cerulean Studios Trillian Multiple IRC Vulnerabilities
04.27.07 VMware Workstation Shared Folders Directory Traversal Vulnerability
04.26.07 Novell eDirectory NCP Fragment Denial of Service Vulnerability
04.26.07 Symantec Norton Ghost 10 Recovery Points Insecure Password Storage Vulnerability
04.26.07 Symantec Norton Ghost 10 Service Manager Buffer Overflow Vulnerability
04.20.07 Check Point Zone Labs SRESCAN IOCTL Local Privilege Escalation Vulnerability
04.17.07 McAfee E-Business Admin Server Invalid Data Length DoS Vulnerability
04.17.07 McAfee VirusScan On-Access Scanner Long Unicode File Name Buffer Overflow
04.16.07 Akamai Download Manager ActiveX Stack Buffer Overflow Vulnerability
04.16.07 Clam AntiVirus ClamAV CAB File Unstore Buffer Overflow Vulnerability
04.12.07 Hewlett Packard HP-UX Remote pfs_mountd.rpc Buffer Overflow Vulnerability
04.11.07 Apache HTTPD suEXEC Multiple Vulnerabilities
04.10.07 Adobe Macromedia ColdFusion MX7 Insecure File Permissions Vulnerability
04.10.07 Microsoft Windows Universal Plug and Play Memory Corruption Vulnerability
04.09.07 AOL AIM and ICQ File Transfer Path-Traversal Vulnerability
04.04.07 Enterasys Networks Multiple NetSight Products Multiple Vulnerabilities
04.04.07 ESRI ArcSDE Buffer Overflow Vulnerability
04.04.07 Kaspersky AntiVirus SysInfo ActiveX Control Information Disclosure Vulnerability
04.04.07 Kaspersky Internet Security Suite klif.sys Heap Overflow Vulnerability
04.03.07 Microsoft Windows WMF Triggerable Kernel Design Error DoS Vulnerability
04.03.07 Multiple Vendor Kerberos kadmind Buffer Overflow Vulnerability
04.03.07 Multiple Vendor X Server BDF Font Parsing Integer Overflow Vulnerability
04.03.07 Multiple Vendor X Server fonts.dir File Parsing Integer Overflow Vulnerability
04.03.07 Multiple Vendor X Server XC-MISC Extension Memory Corruption Vulnerability
04.02.07 Hewlett-Packard Mercury Quality Center ActiveX Control ProgColor Buffer Overflow Vulnerability
03.31.07 IBM Tivoli Provisioning Manager for OS Deployment Multiple Vulnerabilities
03.31.07 Multiple Vendor ImageMagick DCM and XWD Buffer Overflow Vulnerabilities
03.29.07 IBM Lotus Sametime JNILoader Arbitrary DLL Load Vulnerability
03.28.07 IBM Lotus Domino Server LDAP Request Invalid DN Message Heap Overflow Vulnerability
03.28.07 IBM Lotus Domino Web Access Cross Site Scripting Vulnerability
03.23.07 DataRescue IDA Pro Remote Debugger Server Authentication Bypass Vulnerability
03.23.07 Sun Java System Directory Server 5.2 Uninitialized Pointer Cleanup Design Error Vulnerability
03.16.07 Multiple Vendor libwpd Multiple Buffer Overflow Vulnerabilities
03.15.07 Horde Project Cleanup Script Arbitrary File Deletion Vulnerability
03.14.07 Trend Micro Antivirus UPX Parsing Kernel Divide by Zero Vulnerability
03.07.07 Ipswitch IMail Server 2006 Multiple ActiveX Control Buffer Overflow Vulnerabilities
03.05.07 Apple QuickTime Color Table ID Heap Corruption Vulnerability
03.02.07 Kaspersky AntiVirus UPX File Decompression DoS Vulnerability
02.27.07 Computer Associates eTrust Intrusion Detection Denial of Service Vulnerability
02.23.07 Mozilla Network Security Services SSLv2 Client Integer Underflow Vulnerability
02.23.07 Mozilla Network Security Services SSLv2 Server Stack Overflow Vulnerability
02.22.07 IBM DB2 Universal Database DB2INSTANCE File Creation Vulnerability
02.22.07 IBM DB2 Universal Database Multiple Privilege Escalation Vulnerabilities
02.22.07 Multiple Vendor SupportSoft SmartIssue ActiveX Control Buffer Overflow Vulnerability
02.22.07 VeriSign ConfigChk ActiveX Control Buffer Overflow Vulnerability
02.16.07 Trend Micro ServerProtect Web Interface Authorization Bypass Vulnerability
02.15.07 Multiple Vendor ClamAV CAB File Denial of Service Vulnerability
02.15.07 Multiple Vendor ClamAV MIME Parsing Directory Traversal Vulnerability
02.13.07 Hewlett-Packard HP-UX SLSd Arbitrary File Creation Vulnerability
02.13.07 Microsoft 'wininet.dll' FTP Reply Null Termination Heap Corruption Vulnerability
02.07.07 RARLabs Unrar Password Prompt Buffer Overflow Vulnerability
02.07.07 Trend Micro AntiVirus UPX Parsing Kernel Buffer Overflow Vulnerability
02.07.07 Trend Micro TmComm Local Privilege Escalation Vulnerability
02.02.07 Blue Coat Systems WinProxy CONNECT Method Heap Overflow Vulnerability
01.26.07 Multiple Vendor libchm Page Block Length Memory Corruption Vulnerability
01.11.07 Computer Associates BrightStor ARCserve Backup RPC Engine PFC Request Buffer Overflow Vulnerability
01.09.07 Adobe Macromedia ColdFusion Source Code Disclosure Vulnerability
01.09.07 Microsoft Excel Invalid Column Heap Corruption Vulnerability
01.09.07 Microsoft Excel Long Palette Heap Overflow Vulnerability
01.09.07 Microsoft Windows VML Element Integer Overflow Vulnerability
01.09.07 Multiple Vendor X Server DBE Extension ProcDbeGetVisualInfo Memory Corruption Vulnerability
01.09.07 Multiple Vendor X Server DBE Extension ProcDbeSwapBuffers Memory Corruption Vulnerability
01.09.07 Multiple Vendor X Server Render Extension ProcRenderAddGlyphs Memory Corruption Vulnerability
01.05.07 Kaspersky Antivirus Scan Engine PE File Denial of Service Vulnerability
01.05.07 Opera Software Opera Web Browser createSVGTransformFromMatrix Object Typecasting Vulnerability
01.05.07 Opera Software Opera Web Browser JPG Image DHT Marker Heap Corruption Vulnerability

Defense Vulnerability Contributor Program
The iDefense Vulnerability Contributor Program (VCP) compensates individuals who provide iDefense with advance notification of unpublished vulnerabilities and exploit code. The VCP focuses on vulnerability research submissions, presented to iDefense by the general public, defining new vulnerabilities and exploits uncovered in prominent enterprise-level software and infrastructure components.

Verisign iDefense Awarded Frost &amp; Sullivan 2012 Vulnerability Research Product Differentiation Excellence

Contact Us

Learn more about Verisign’s iDefense Security Intelligence Services and how to improve your security strategy.

E-mail an Expert