VERISIGN IDEFENSE® VENDOR-COORDINATED PUBLIC VULNERABILITY REPORTS

VERISIGN IDEFENSE<sup>&reg;</sup> VENDOR-COORDINATED PUBLIC VULNERABILITY REPORTS

The Verisign iDefense Vulnerability Team conducts around-the-clock research and notification of vulnerabilities and exploits that target any of the more than 20,000 closely monitored applications, hardware and operating systems.

E-mail an Expert

Explore our list of vendor-coordinated publicly disclosed vulnerabilities:

2013  2012  2011  2010  2009  2008 
VULNERABILITY REPORTS
09.12.08 Microsoft Excel Malformed Object Memory Corruption Vulnerability
09.12.08 Microsoft Internet Explorer HTML Tag Long File Name Extension Stack Buffer Overflow Vulnerability
09.12.08 Microsoft Windows Graphics Device Interface Integer Overflow Vulnerability
04.12.08 Sun Java JRE Pack200 Decompression Integer Overflow Vulnerability
04.12.08 Sun Java JRE TrueType Font Parsing Heap Overflow Vulnerability
04.12.08 Sun Java JRE TrueType Font Parsing Integer Overflow Vulnerability
04.12.08 Sun Java Web Start GIF Decoding Memory Corruption Vulnerability
04.11.08 Adobe Acrobat Professional And Reader AcroJS Heap Corruption Vulnerability
04.11.08 Adobe Reader Embedded Font Handling Out of Bounds Array Indexing Vulnerability
04.11.08 Multiple Vendor NOS Microsystems getPlus Downloader Stack Buffer Overflow Vulnerability
31.10.08 OpenOffice EMF Record Parsing Multiple Integer Overflow Vulnerabilities
30.10.08 Adobe PageMaker Key Strings Stack Buffer Overflow Vulnerability
29.10.08 Oracle WebLogic Apache Connector
14.10.08 Microsoft Host Integration Server 2006 Command Execution Vulnerability
14.10.08 Microsoft Visual Basic for Applications - Multiple Vulnerabilities
09.10.08 Multiple Vendor CUPS SGI imagetops Heap Overflow Vulnerability
09.10.08 Multiple Vendor CUPS texttops Integer Overflow Vulnerability
09.10.08 Sun Java Web Proxy Server FTP Resource Handling Heap-Based Buffer Overflow
03.10.08 Novell eDirectory NCP Get Extension Information Request Memory Corruption Vulnerability
09.09.08 Apple QuickTime PICT Integer Overflow Vulnerability
09.09.08 Microsoft Windows GDI+ Gradient Fill Heap Overflow Vulnerability
14.08.08 Cisco WebEx Meeting Manager ActiveX Stack Buffer Overflow Vulnerability
12.08.08 Microsoft Excel Chart AxesSet Invalid Array Index Vulnerability
12.08.08 Microsoft Excel FORMAT Record Invalid Array Index Vulnerability
12.08.08 Microsoft Office BMP Input Filter Heap Overflow Vulnerability
12.08.08 Microsoft Office WPG Image File Heap Buffer Overflow Vulnerability
12.08.08 Microsoft PowerPoint Viewer 2003 Cstring Integer Overflow Vulnerability
12.08.08 Microsoft PowerPoint Viewer 2003 Out of Bounds Array Index Vulnerability
12.08.08 Microsoft Windows Color Management Module Heap Buffer Overflow Vulnerability
12.08.08 Microsoft Word Memory Corruption Vulnerability
04.08.08 Solaris snoop SMB Decoding Multiple Format String Vulnerabilities
04.08.08 Solaris snoop SMB Decoding Multiple Stack Buffer Overflow Vulnerabilities
01.08.08 Ingres Database for Linux ingvalidpw Untrusted Library Path Vulnerability
01.08.08 Ingres Database for Linux libbecompat Stack Based Buffer Overflow Vulnerability
01.08.08 Ingres Database for Linux verifydb Insecure File Permissions Modification Vulnerability
31.07.08 Apple Mac OS X CoreGraphics PDF Type1 Font Integer Overflow Vulnerability
30.07.08 SAP MaxDB dbmsrv Untrusted Execution Path Vulnerability
28.07.08 Hewlett-Packard OVIS Probe Builder Arbitrary Process Termination Vulnerability
15.07.08 Oracle Database DBMS_AQELM Package Buffer Overflow Vulnerability
15.07.08 Oracle Database Local Untrusted Library Path Vulnerability
15.07.08 Oracle Internet Directory Pre-Authentication LDAP DoS Vulnerability
14.07.08 Motorola Netopia netOctopus SDCS Multiple Stack Buffer Overflow Vulnerabilities
14.07.08 Motorola Netopia netOctopus SDCS Stack Buffer Overflow Vulnerability
09.07.08 Novell eDirectory LDAP Search Request Heap Corruption Vulnerability
08.07.08 Microsoft SQL Server Restore Integer Underflow Vulnerability
11.06.08 Multiple Vendor X Server MIT-SHM Extension Information Disclosure Vulnerability
11.06.08 Multiple Vendor X Server Record and Security Extensions Multiple Memory Corruption Vulnerabilities
11.06.08 Multiple Vendor X Server Render Extension AllocateGlyph() Integer Overflow Vulnerability
11.06.08 Multiple Vendor X Server Render Extension Gradient Creation Integer Overflow Vulnerability
11.06.08 Multiple Vendor X Server Render Extension ProcRenderCreateCursor() Integer Overflow Vulnerability
10.06.08 Multiple Vendor FreeType2 Multiple Heap Overflow Vulnerabilities
10.06.08 Multiple Vendor FreeType2 PFB Integer Overflow Vulnerability
10.06.08 Multiple Vendor FreeType2 PFB Memory Corruption Vulnerability
10.06.08 Multiple Vendor OpenOffice rtl_allocateMemory() Integer Overflow Vulnerability
04.06.08 Kaspersky Internet Security IOCTL Stack Based Buffer Overflow Vulnerability
04.06.08 Skype File URI Security Bypass Code Execution Vulnerability
04.06.08 VMware Multiple Products vmware-authd Untrusted Library Loading Vulnerability
04.06.08 VMware Tools HGFS Local Privilege Escalation Vulnerability
03.06.08 Sun Java System Active Server Pages Authorization Bypass Vulnerability
03.06.08 Sun Java System Active Server Pages Buffer Overflow Vulnerability
03.06.08 Sun Java System Active Server Pages File Creation Vulnerability
03.06.08 Sun Java System Active Server Pages Information Disclosure Vulnerability
03.06.08 Sun Java System Active Server Pages Multiple Command Injection Vulnerabilities
03.06.08 Sun Java System Active Server Pages Multiple Directory Traversal Vulnerabilities
27.05.08 EMC AlphaStor Library Manager Arbitrary Command Execution Vulnerability
27.05.08 EMC AlphaStor Server Agent Multiple Stack Buffer Overflow Vulnerabilities
21.05.08 Multiple Vendor Snort IP Fragment TTL Evasion Vulnerability
13.05.08 Microsoft Word CSS Processing Memory Corruption Vulnerability
12.05.08 Microsoft Windows I2O Filter Utility Driver (i2omgmt.sys) Local Privilege Escalation Vulnerability
07.05.08 Multiple Vendor rdesktop channel_process() Integer Signedness Vulnerability
07.05.08 Multiple Vendor rdesktop iso_recv_msg() Integer Underflow Vulnerability
07.05.08 Multiple Vendor rdesktop process_redirect_pdu() BSS Overflow Vulnerability
30.04.08 Akamai Download Manager Arbitrary Program Execution Vulnerability
17.04.08 Multiple Vendor OpenOffice EMF EMR_BITBLT Record Integer Overflow Vulnerability
17.04.08 Multiple Vendor OpenOffice OLE DocumentSummaryInformation Heap Overflow Vulnerability
17.04.08 Multiple Vendor OpenOffice QPRO File Parsing Integer Underflow Vulnerability
17.04.08 Multiple Vendor OpenOffice QPRO Multiple Heap Overflow Vulnerabilities
15.04.08 IBM DB2 Universal Database Administration Server File Creation Vulnerability
15.04.08 IBM DB2 Universal Database db2dasStartStopFMDaemon Buffer Overflow Vulnerability
15.04.08 Oracle Application Express Privilege Escalation Vulnerability
14.04.08 ClamAV libclamav PE WWPack Heap Overflow Vulnerability
14.04.08 ClamAV libclamav PeSpin Heap Overflow Vulnerability
10.04.08 EMC DiskXtender Authentication Bypass Vulnerability
10.04.08 EMC DiskXtender File System Manager Stack Buffer Overflow Vulnerability
10.04.08 EMC DiskXtender MediaStor Format String Vulnerability
08.04.08 Microsoft HxTocCtrl ActiveX Control Invalid Param Heap Corruption Vulnerability
08.04.08 Microsoft Windows Graphics Rendering Engine Heap Buffer Overflow Vulnerability
08.04.08 Microsoft Windows Graphics Rendering Engine Integer Overflow Vulnerability
03.04.08 Computer Associates Alert Notification Service Multiple RPC Buffer Overflow Vulnerabilities
03.04.08 SCO UnixWare pkgadd Directory Traversal Vulnerability
02.04.08 Borland CaliberRM StarTeam Multicast Service Buffer Overflow Vulnerability
02.04.08 Symantec Internet Security 2008 ActiveDataInfo.LaunchProcess Design Error Vulnerability
02.04.08 Symantec Norton Internet Security 2008 ActiveX Control Buffer Overflow Vulnerability
31.03.08 Macrovision InstallShield InstallScript One-Click Install Untrusted Library Loading Vulnerability
18.03.08 Multiple Vendor CUPS CGI Heap Overflow Vulnerability
11.03.08 Microsoft Excel 2003 Malformed Formula Memory Corruption Vulnerability
11.03.08 Microsoft Excel DVAL Heap Corruption Vulnerability
11.03.08 Microsoft Outlook mailto Command Line Switch Injection
10.03.08 SAP MaxDB sdbstarter Privilege Escalation Vulnerability
10.03.08 SAP MaxDB Signedness Error Heap Corruption Vulnerability
26.02.08 Mozilla Thunderbird MIME External-Body Heap Overflow Vulnerability
26.02.08 Symantec Scan Engine 5.1.2 RAR File Buffer Overflow Vulnerability
26.02.08 Symantec Scan Engine 5.1.2 RAR File Denial of Service Vulnerability
20.02.08 Symantec Veritas Storage Foundation Scheduler Service DoS Vulnerability
19.02.08 EMC RepliStor Multiple Heap Overflow Vulnerabilities
12.02.08 Adobe Flash Media Server 2 Memory Corruption Vulnerability
12.02.08 Adobe Flash Media Server 2 Multiple Integer Overflow Vulnerabilities
12.02.08 ClamAV libclamav PE File Integer Overflow Vulnerability
12.02.08 Microsoft Internet Explorer Property Memory Corruption Vulnerability
12.02.08 Microsoft Office Works Converter Heap Overflow Vulnerability
12.02.08 Microsoft Office Works Converter Stack-based Buffer Overflow Vulnerability
08.02.08 Adobe Reader and Acrobat JavaScript Insecure Method Exposure Vulnerability
08.02.08 Adobe Reader and Acrobat Multiple Stack-based Buffer Overflow Vulnerabilities
08.02.08 Adobe Reader Security Provider Unsafe Libary Path Vulnerability
07.02.08 IBM DB2 Universal Database Administration Server Memory Corruption Vulnerability
07.02.08 IBM DB2 Universal Database db2pd Arbitrary Library Loading Vulnerability
04.02.08 Hewlett-Packard Network Node Manager Topology Manager Service DoS Vulnerability
31.01.08 IBM Informix Dynamic Server onedcu File Creation Vulnerability
31.01.08 IBM Informix Dynamic Server SQLIDEBUG File Creation Vulnerability
23.01.08 IBM AIX pioout BSS Buffer Overflow Vulnerability
22.01.08 IBM Tivoli PMfOSD HTTP Request Method Buffer Overflow Vulnerability
17.01.08 Multiple Vendor X Server EVI and MIT-SHM Extensions Integer Overflow Vulnerabilities
17.01.08 Multiple Vendor X Server TOG-CUP Extension Information Disclosure Vulnerability
17.01.08 Multiple Vendor X Server XFree86-Misc Extension Invalid Array Index Vulnerability
17.01.08 Multiple Vendor X Server XInput Extension Multiple Memory Corruption Vulnerabilities
15.01.08 Apple QuickTime Macintosh Resource Processing Heap Corruption Vulnerability
15.01.08 TIBCO SmartSockets RTserver Heap Overflow Vulnerability
15.01.08 TIBCO SmartSockets RTServer Multiple Untrusted Loop Bounds Vulnerabilities
15.01.08 TIBCO SmartSockets RTserver Multiple Untrusted Pointer Offset Vulnerabilities
15.01.08 TIBCO SmartSockets RTServer Multiple Untrusted Pointer Vulnerabilities
09.01.08 Novell NetWare Client nicm.sys Local Privilege Escalation Vulnerability
07.01.08 Motorola netOctopus Agent MSR Write Privilege Escalation Vulnerability

Defense Vulnerability Contributor Program
The iDefense Vulnerability Contributor Program (VCP) compensates individuals who provide iDefense with advance notification of unpublished vulnerabilities and exploit code. The VCP focuses on vulnerability research submissions, presented to iDefense by the general public, defining new vulnerabilities and exploits uncovered in prominent enterprise-level software and infrastructure components.

Verisign iDefense Awarded Frost &amp; Sullivan 2012 Vulnerability Research Product Differentiation Excellence

Contact Us

Learn more about Verisign’s iDefense Security Intelligence Services and how to improve your security strategy.

E-mail an Expert