VERISIGN IDEFENSE® VENDOR-COORDINATED PUBLIC VULNERABILITY REPORTS

VERISIGN IDEFENSE<sup>&reg;</sup> VENDOR-COORDINATED PUBLIC VULNERABILITY REPORTS

The Verisign iDefense Vulnerability Team conducts around-the-clock research and notification of vulnerabilities and exploits that target any of the more than 20,000 closely monitored applications, hardware and operating systems.

E-mail an Expert

Explore our list of vendor-coordinated publicly disclosed vulnerabilities:

2013  2012  2011  2010  2009  2008  2007  2006  2005  2004  2003  2002 
VULNERABILITY REPORTS
12.09.08 Microsoft Excel Malformed Object Memory Corruption Vulnerability
12.09.08 Microsoft Internet Explorer HTML Tag Long File Name Extension Stack Buffer Overflow Vulnerability
12.09.08 Microsoft Windows Graphics Device Interface Integer Overflow Vulnerability
12.04.08 Sun Java JRE Pack200 Decompression Integer Overflow Vulnerability
12.04.08 Sun Java JRE TrueType Font Parsing Heap Overflow Vulnerability
12.04.08 Sun Java JRE TrueType Font Parsing Integer Overflow Vulnerability
12.04.08 Sun Java Web Start GIF Decoding Memory Corruption Vulnerability
11.04.08 Adobe Acrobat Professional And Reader AcroJS Heap Corruption Vulnerability
11.04.08 Adobe Reader Embedded Font Handling Out of Bounds Array Indexing Vulnerability
11.04.08 Multiple Vendor NOS Microsystems getPlus Downloader Stack Buffer Overflow Vulnerability
10.31.08 OpenOffice EMF Record Parsing Multiple Integer Overflow Vulnerabilities
10.30.08 Adobe PageMaker Key Strings Stack Buffer Overflow Vulnerability
10.29.08 Oracle WebLogic Apache Connector
10.14.08 Microsoft Host Integration Server 2006 Command Execution Vulnerability
10.14.08 Microsoft Visual Basic for Applications - Multiple Vulnerabilities
10.09.08 Multiple Vendor CUPS SGI imagetops Heap Overflow Vulnerability
10.09.08 Multiple Vendor CUPS texttops Integer Overflow Vulnerability
10.09.08 Sun Java Web Proxy Server FTP Resource Handling Heap-Based Buffer Overflow
10.03.08 Novell eDirectory NCP Get Extension Information Request Memory Corruption Vulnerability
09.09.08 Apple QuickTime PICT Integer Overflow Vulnerability
09.09.08 Microsoft Windows GDI+ Gradient Fill Heap Overflow Vulnerability
08.14.08 Cisco WebEx Meeting Manager ActiveX Stack Buffer Overflow Vulnerability
08.12.08 Microsoft Excel Chart AxesSet Invalid Array Index Vulnerability
08.12.08 Microsoft Excel FORMAT Record Invalid Array Index Vulnerability
08.12.08 Microsoft Office BMP Input Filter Heap Overflow Vulnerability
08.12.08 Microsoft Office WPG Image File Heap Buffer Overflow Vulnerability
08.12.08 Microsoft PowerPoint Viewer 2003 Cstring Integer Overflow Vulnerability
08.12.08 Microsoft PowerPoint Viewer 2003 Out of Bounds Array Index Vulnerability
08.12.08 Microsoft Windows Color Management Module Heap Buffer Overflow Vulnerability
08.12.08 Microsoft Word Memory Corruption Vulnerability
08.04.08 Solaris snoop SMB Decoding Multiple Format String Vulnerabilities
08.04.08 Solaris snoop SMB Decoding Multiple Stack Buffer Overflow Vulnerabilities
08.01.08 Ingres Database for Linux ingvalidpw Untrusted Library Path Vulnerability
08.01.08 Ingres Database for Linux libbecompat Stack Based Buffer Overflow Vulnerability
08.01.08 Ingres Database for Linux verifydb Insecure File Permissions Modification Vulnerability
07.31.08 Apple Mac OS X CoreGraphics PDF Type1 Font Integer Overflow Vulnerability
07.30.08 SAP MaxDB dbmsrv Untrusted Execution Path Vulnerability
07.28.08 Hewlett-Packard OVIS Probe Builder Arbitrary Process Termination Vulnerability
07.15.08 Oracle Database DBMS_AQELM Package Buffer Overflow Vulnerability
07.15.08 Oracle Database Local Untrusted Library Path Vulnerability
07.15.08 Oracle Internet Directory Pre-Authentication LDAP DoS Vulnerability
07.14.08 Motorola Netopia netOctopus SDCS Multiple Stack Buffer Overflow Vulnerabilities
07.14.08 Motorola Netopia netOctopus SDCS Stack Buffer Overflow Vulnerability
07.09.08 Novell eDirectory LDAP Search Request Heap Corruption Vulnerability
07.08.08 Microsoft SQL Server Restore Integer Underflow Vulnerability
06.11.08 Multiple Vendor X Server MIT-SHM Extension Information Disclosure Vulnerability
06.11.08 Multiple Vendor X Server Record and Security Extensions Multiple Memory Corruption Vulnerabilities
06.11.08 Multiple Vendor X Server Render Extension AllocateGlyph() Integer Overflow Vulnerability
06.11.08 Multiple Vendor X Server Render Extension Gradient Creation Integer Overflow Vulnerability
06.11.08 Multiple Vendor X Server Render Extension ProcRenderCreateCursor() Integer Overflow Vulnerability
06.10.08 Multiple Vendor FreeType2 Multiple Heap Overflow Vulnerabilities
06.10.08 Multiple Vendor FreeType2 PFB Integer Overflow Vulnerability
06.10.08 Multiple Vendor FreeType2 PFB Memory Corruption Vulnerability
06.10.08 Multiple Vendor OpenOffice rtl_allocateMemory() Integer Overflow Vulnerability
06.04.08 Kaspersky Internet Security IOCTL Stack Based Buffer Overflow Vulnerability
06.04.08 Skype File URI Security Bypass Code Execution Vulnerability
06.04.08 VMware Multiple Products vmware-authd Untrusted Library Loading Vulnerability
06.04.08 VMware Tools HGFS Local Privilege Escalation Vulnerability
06.03.08 Sun Java System Active Server Pages Authorization Bypass Vulnerability
06.03.08 Sun Java System Active Server Pages Buffer Overflow Vulnerability
06.03.08 Sun Java System Active Server Pages File Creation Vulnerability
06.03.08 Sun Java System Active Server Pages Information Disclosure Vulnerability
06.03.08 Sun Java System Active Server Pages Multiple Command Injection Vulnerabilities
06.03.08 Sun Java System Active Server Pages Multiple Directory Traversal Vulnerabilities
05.27.08 EMC AlphaStor Library Manager Arbitrary Command Execution Vulnerability
05.27.08 EMC AlphaStor Server Agent Multiple Stack Buffer Overflow Vulnerabilities
05.21.08 Multiple Vendor Snort IP Fragment TTL Evasion Vulnerability
05.13.08 Microsoft Word CSS Processing Memory Corruption Vulnerability
05.12.08 Microsoft Windows I2O Filter Utility Driver (i2omgmt.sys) Local Privilege Escalation Vulnerability
05.07.08 Multiple Vendor rdesktop channel_process() Integer Signedness Vulnerability
05.07.08 Multiple Vendor rdesktop iso_recv_msg() Integer Underflow Vulnerability
05.07.08 Multiple Vendor rdesktop process_redirect_pdu() BSS Overflow Vulnerability
04.30.08 Akamai Download Manager Arbitrary Program Execution Vulnerability
04.17.08 Multiple Vendor OpenOffice EMF EMR_BITBLT Record Integer Overflow Vulnerability
04.17.08 Multiple Vendor OpenOffice OLE DocumentSummaryInformation Heap Overflow Vulnerability
04.17.08 Multiple Vendor OpenOffice QPRO File Parsing Integer Underflow Vulnerability
04.17.08 Multiple Vendor OpenOffice QPRO Multiple Heap Overflow Vulnerabilities
04.15.08 IBM DB2 Universal Database Administration Server File Creation Vulnerability
04.15.08 IBM DB2 Universal Database db2dasStartStopFMDaemon Buffer Overflow Vulnerability
04.15.08 Oracle Application Express Privilege Escalation Vulnerability
04.14.08 ClamAV libclamav PE WWPack Heap Overflow Vulnerability
04.14.08 ClamAV libclamav PeSpin Heap Overflow Vulnerability
04.10.08 EMC DiskXtender Authentication Bypass Vulnerability
04.10.08 EMC DiskXtender File System Manager Stack Buffer Overflow Vulnerability
04.10.08 EMC DiskXtender MediaStor Format String Vulnerability
04.08.08 Microsoft HxTocCtrl ActiveX Control Invalid Param Heap Corruption Vulnerability
04.08.08 Microsoft Windows Graphics Rendering Engine Heap Buffer Overflow Vulnerability
04.08.08 Microsoft Windows Graphics Rendering Engine Integer Overflow Vulnerability
04.03.08 Computer Associates Alert Notification Service Multiple RPC Buffer Overflow Vulnerabilities
04.03.08 SCO UnixWare pkgadd Directory Traversal Vulnerability
04.02.08 Borland CaliberRM StarTeam Multicast Service Buffer Overflow Vulnerability
04.02.08 Symantec Internet Security 2008 ActiveDataInfo.LaunchProcess Design Error Vulnerability
04.02.08 Symantec Norton Internet Security 2008 ActiveX Control Buffer Overflow Vulnerability
03.31.08 Macrovision InstallShield InstallScript One-Click Install Untrusted Library Loading Vulnerability
03.18.08 Multiple Vendor CUPS CGI Heap Overflow Vulnerability
03.11.08 Microsoft Excel 2003 Malformed Formula Memory Corruption Vulnerability
03.11.08 Microsoft Excel DVAL Heap Corruption Vulnerability
03.11.08 Microsoft Outlook mailto Command Line Switch Injection
03.10.08 SAP MaxDB sdbstarter Privilege Escalation Vulnerability
03.10.08 SAP MaxDB Signedness Error Heap Corruption Vulnerability
02.26.08 Mozilla Thunderbird MIME External-Body Heap Overflow Vulnerability
02.26.08 Symantec Scan Engine 5.1.2 RAR File Buffer Overflow Vulnerability
02.26.08 Symantec Scan Engine 5.1.2 RAR File Denial of Service Vulnerability
02.20.08 Symantec Veritas Storage Foundation Scheduler Service DoS Vulnerability
02.19.08 EMC RepliStor Multiple Heap Overflow Vulnerabilities
02.12.08 Adobe Flash Media Server 2 Memory Corruption Vulnerability
02.12.08 Adobe Flash Media Server 2 Multiple Integer Overflow Vulnerabilities
02.12.08 ClamAV libclamav PE File Integer Overflow Vulnerability
02.12.08 Microsoft Internet Explorer Property Memory Corruption Vulnerability
02.12.08 Microsoft Office Works Converter Heap Overflow Vulnerability
02.12.08 Microsoft Office Works Converter Stack-based Buffer Overflow Vulnerability
02.08.08 Adobe Reader and Acrobat JavaScript Insecure Method Exposure Vulnerability
02.08.08 Adobe Reader and Acrobat Multiple Stack-based Buffer Overflow Vulnerabilities
02.08.08 Adobe Reader Security Provider Unsafe Libary Path Vulnerability
02.07.08 IBM DB2 Universal Database Administration Server Memory Corruption Vulnerability
02.07.08 IBM DB2 Universal Database db2pd Arbitrary Library Loading Vulnerability
02.04.08 Hewlett-Packard Network Node Manager Topology Manager Service DoS Vulnerability
01.31.08 IBM Informix Dynamic Server onedcu File Creation Vulnerability
01.31.08 IBM Informix Dynamic Server SQLIDEBUG File Creation Vulnerability
01.23.08 IBM AIX pioout BSS Buffer Overflow Vulnerability
01.22.08 IBM Tivoli PMfOSD HTTP Request Method Buffer Overflow Vulnerability
01.17.08 Multiple Vendor X Server EVI and MIT-SHM Extensions Integer Overflow Vulnerabilities
01.17.08 Multiple Vendor X Server TOG-CUP Extension Information Disclosure Vulnerability
01.17.08 Multiple Vendor X Server XFree86-Misc Extension Invalid Array Index Vulnerability
01.17.08 Multiple Vendor X Server XInput Extension Multiple Memory Corruption Vulnerabilities
01.15.08 Apple QuickTime Macintosh Resource Processing Heap Corruption Vulnerability
01.15.08 TIBCO SmartSockets RTserver Heap Overflow Vulnerability
01.15.08 TIBCO SmartSockets RTServer Multiple Untrusted Loop Bounds Vulnerabilities
01.15.08 TIBCO SmartSockets RTserver Multiple Untrusted Pointer Offset Vulnerabilities
01.15.08 TIBCO SmartSockets RTServer Multiple Untrusted Pointer Vulnerabilities
01.09.08 Novell NetWare Client nicm.sys Local Privilege Escalation Vulnerability
01.07.08 Motorola netOctopus Agent MSR Write Privilege Escalation Vulnerability

Defense Vulnerability Contributor Program
The iDefense Vulnerability Contributor Program (VCP) compensates individuals who provide iDefense with advance notification of unpublished vulnerabilities and exploit code. The VCP focuses on vulnerability research submissions, presented to iDefense by the general public, defining new vulnerabilities and exploits uncovered in prominent enterprise-level software and infrastructure components.

Verisign iDefense Awarded Frost &amp; Sullivan 2012 Vulnerability Research Product Differentiation Excellence

Contact Us

Learn more about Verisign’s iDefense Security Intelligence Services and how to improve your security strategy.

E-mail an Expert