TippingPoint Digital Vaccine Laboratories
DID YOU KNOW... Frost and Sullivan announced in their Feb. 2007 report, "Analysis of Vulnerability Discovery and Disclosure", that TippingPoint was the fastest growing discoverer of new vulnerabilities and the leader in the discovery of both high-severity and Microsoft vulnerabilities.

Published Advisories

The following is a list of all publicly disclosed vulnerabilities discovered by TippingPoint DVLabs researchers. While the affected vendor is working on a patch for these vulnerabilities, TippingPoint customers benefit from the creation of IPS filters. TippingPoint customers are additionally protected against 0day vulnerabilities discovered by ZDI researchers. A list of published advisories discovered through the Zero Day Initiative extended research network is available from:

2012

Hewlett-Packard Data Protector DtbClsAddObject Parsing Remote Code Execution Vulnerability
Severity: High
TPTI-12-06
Published On: 2012-06-29
Oracle AutoVue ActiveX SetMarkupMode Remote Code Execution Vulnerability
Severity: High
TPTI-12-05
Published On: 2012-06-29
Samba NDR PULL EVENTLOG ReportEventAndSourceW Heap Overflow Remote Code Execution Vulnerability
Severity: High
TPTI-12-04
Published On: 2012-06-29
Adobe Reader X True Type Font MINDEX Remote Code Execution Vulnerability
Severity: High
TPTI-12-03
Published On: 2012-04-18
Novell iPrint Client ActiveX GetPrinterURLList2 Remote Code Execution Vulnerability
Severity: High
TPTI-12-02
Published On: 2012-03-22
Oracle Java True Type Font IDEF Opcode Parsing Remote Code Execution Vulnerability
Severity: High
TPTI-12-01
Published On: 2012-02-22

2011

Novell ZENWorks Software Packaging ISGrid.Grid2.1 bstrSearchText Parameter Remote Code Execution Vulnerability
Severity: High
TPTI-11-15
Published On: 2011-12-07
Adobe Shockwave DEMX Remote Code Execution Vulnerability
Severity: High
TPTI-11-14
Published On: 2011-12-01
McAfee SaaS myCIOScn.dll Scan Method Script Injection Remote Code Execution Vulnerability
Severity: Medium
TPTI-11-13
Published On: 2011-08-08
McAfee SaaS MyAsUtil5.2.0.603.dll SecureObjectFactory Instantiation Design Flaw Remote Code Execution Vulnerability
Severity: High
TPTI-11-12
Published On: 2011-08-08
Adobe Shockwave Lnam Chunk Parsing Remote Code Execution Vulnerability
Severity: High
TPTI-11-11
Published On: 2011-06-15
Adobe Shockwave dirapi.dll rcsL Chunk Parsing Remote Code Execution Vulnerability
Severity: High
TPTI-11-10
Published On: 2011-06-15
Adobe Shockwave iml32.dll CSWV Chunk Byte Array Parsing Remote Code Execution Vulnerability
Severity: High
TPTI-11-09
Published On: 2011-06-15
Adobe Shockwave iml32.dll DEMX Chunk GIF Parsing Remote Code Execution Vulnerability
Severity: High
TPTI-11-08
Published On: 2011-06-15
Adobe Shockwave iml32.dll CSWV Chunk Parsing Remote Code Execution Vulnerability
Severity: High
TPTI-11-07
Published On: 2011-06-15
Oracle Java ICC Profile rcs2 Tag Parsing Remote Code Execution Vulnerability
Severity: High
TPTI-11-06
Published On: 2011-06-15
Adobe Shockwave PFR1 Font Chunk Parsing Remote Code Execution Vulnerability
Severity: High
TPTI-11-05
Published On: 2011-02-09
Adobe Shockwave GIF Logical Screen Descriptor Parsing Remote Code Execution Vulnerability
Severity: High
TPTI-11-04
Published On: 2011-02-09
Adobe Shockwave dirapi.dll IFWV Trusted Offset Remote Code Execution Vulnerability
Severity: High
TPTI-11-01
Published On: 2011-02-09
Adobe Shockwave Font Xtra String Decoding Remote Code Execution Vulnerability
Severity: High
TPTI-11-03
Published On: 2011-02-08
Adobe Shockwave TextXtra Invalid Seek Remote Code Execution Vulnerability
Severity: High
TPTI-11-02
Published On: 2011-02-08

2010

RealNetworks RealPlayer MLTI Stream Number Remote Code Execution Vulnerability
Severity: High
TPTI-10-19
Published On: 2010-12-10
RealNetworks RealPlayer MDPR Chunk Size Remote Code Execution Vulnerability
Severity: High
TPTI-10-18
Published On: 2010-12-10
RealNetworks RealPlayer SIPR Stream Frame Dimensions Remote Code Execution Vulnerability
Severity: High
TPTI-10-17
Published On: 2010-12-10
VMWare VMnc Codec Frame Decompression Remote Code Execution Vulnerability
Severity: High
TPTI-10-16
Published On: 2010-12-03
Adobe Shockwave Director mmap Trusted Chunk Size Remote Code Execution Vulnerability
Severity: High
TPTI-10-15
Published On: 2010-08-24
Adobe Shockwave Director rcsL Chunk Pointer Offset Remote Code Execution Vulnerability
Severity: High
TPTI-10-14
Published On: 2010-08-24
Adobe Shockwave Director tSAC Chunk Remote Code Execution Vulnerability
Severity: High
TPTI-10-13
Published On: 2010-08-24
Adobe Shockwave TextXtra Allocator Integer Overflow Remote Code Execution Vulnerability
Severity: High
TPTI-10-12
Published On: 2010-08-24
Adobe Shockwave tSAC Chunk Pointer Offset Memory Corruption Remote Code Execution Vulnerability
Severity: High
TPTI-10-11
Published On: 2010-08-24
Adobe Shockwave tSAC Chunk Invalid Seek Memory Corruption Remote Code Execution Vulnerability
Severity: High
TPTI-10-10
Published On: 2010-08-24
Adobe Shockwave CSWV Chunk Memory Corruption Remote Code Execution Vulnerability
Severity: High
TPTI-10-09
Published On: 2010-08-24
Novell iPrint Client Browser PluginGetDriverFile Uninitialized Pointer Remote Code Execution Vulnerability
Severity: High
TPTI-10-08
Published On: 2010-08-23
SAP Crystal Reports 2008 GIOP Message Size Integer Overflow Remote Code Execution Vulnerability
Severity: Medium
TPTI-10-07
Published On: 2010-08-11
Novell iPrint Client Browser Plugin ExecuteRequest debug Parameter Remote Code Execution Vulnerability
Severity: High
TPTI-10-06
Published On: 2010-08-04
Novell iPrint Client Browser Plugin Remote File Deletion Vulnerability
Severity: High
TPTI-10-05
Published On: 2010-08-04
Oracle Secure Backup Scheduler Service Remote Code Execution Vulnerability
Severity: High
TPTI-10-04
Published On: 2010-07-13
Sophos Anti-Virus SAVOnAccessFilter Local Privilege Escalation Vulnerability
Severity: Medium
TPTI-10-03
Published On: 2010-06-09
Microsoft Office PowerPoint Viewer TextCharsAtom Record Code Execution Vulnerability
Severity: High
TPTI-10-02
Published On: 2010-02-09
HP Data Protector Server Cell Manager Remote Code Execution Vulnerability
Severity: High
TPTI-10-01
Published On: 2010-01-21

2009

HP OpenView Data Protector Cell Manager Heap Overflow Vulnerability
Severity: High
TPTI-09-15
Published On: 2009-12-17
HP OpenView NNM ovwebsnmpsrv.exe OVwSelection Stack Overflow Vulnerability
Severity: High
TPTI-09-14
Published On: 2009-12-09
HP OpenView NNM snmpviewer.exe CGI Host Header Stack Overflow Vulnerability
Severity: High
TPTI-09-13
Published On: 2009-12-09
HP OpenView NNM ovalarm.exe CGI Accept-Language Stack Overflow Vulnerability
Severity: High
TPTI-09-12
Published On: 2009-12-09
HP OpenView NNM OvWebHelp.exe CGI Topic Heap Overflow Vulnerability
Severity: High
TPTI-09-11
Published On: 2009-12-09
HP OpenView NNM webappmon.exe CGI Host Header Buffer Overflow Vulnerability
Severity: High
TPTI-09-10
Published On: 2009-12-09
HP OpenView NNM ovsessionmgr.exe userid/passwd Heap Overflow Vulnerability
Severity: High
TPTI-09-09
Published On: 2009-12-09
HP OpenView NNM ovlogin.exe CGI userid/passwd Heap Overflow Vulnerability
Severity: High
TPTI-09-08
Published On: 2009-12-09
Microsoft Windows License Logging Service Heap Corruption Vulnerability
Severity: High
TPTI-09-07
Published On: 2009-11-10
Microsoft Windows Workstation Service NetrGetJoinInformation Heap Corruption Vulnerability
Severity: Medium
TPTI-09-06
Published On: 2009-08-11
Microsoft DirectShow Quicktime Atom Parsing Memory Corruption Vulnerability
Severity: High
TPTI-09-05
Published On: 2009-07-14
Apple Terminal xterm Resize Escape Sequence Memory Corruption Vulnerability
Severity: High
TPTI-09-04
Published On: 2009-06-02
Apple iTunes Multiple Protocol Handler Buffer Overflow Vulnerabilities
Severity: High
TPTI-09-03
Published On: 2009-06-02
VMWare VMnc Codec Open-DML Standard Index dwSize Heap Overflow Vulnerability
Severity: High
TPTI-09-02
Published On: 2009-04-06
VMWare VMnc Codec Invalid RFB Message Type Heap Overflow Vulnerability
Severity: High
TPTI-09-01
Published On: 2009-04-06

2008

Microsoft Office RTF \stylesheet Control Word Buffer Overflow Vulnerability
Severity: High
TPTI-08-09
Published On: 2008-12-09
Microsoft Office RTF \dpendgroup Control Word Buffer Overflow Vulnerability
Severity: High
TPTI-08-08
Published On: 2008-12-09
Microsoft Windows Message Queuing Service Memory Corruption Vulnerability
Severity: Medium
TPTI-08-07
Published On: 2008-10-14
Landesk QIP Server Service Heal Packet Buffer Overflow Vulnerability
Severity: High
TPTI-08-06
Published On: 2008-09-15
CA ETrust Secure Content Manager Gateway FTP Listing Display Stack Overflow Vulnerability
Severity: High
TPTI-08-05
Published On: 2008-06-04
Microsoft Office Jet Database Engine Column Parsing Stack Overflow Vulnerability
Severity: High
TPTI-08-04
Published On: 2008-05-13
Microsoft Excel Rich Text Memory Corruption Vulnerability
Severity: High
TPTI-08-03
Published On: 2008-03-11
Cisco Call Manager CTLProvider Heap Overflow Vulnerability
Severity: High
TPTI-08-02
Published On: 2008-01-16
Apple Quicktime Image File IDSC Atom Memory Corruption Vulnerability
Severity: High
TPTI-08-01
Published On: 2008-01-15

2007

Adobe Flash Player JPG Processing Heap Overflow Vulnerability
Severity: High
TPTI-07-21
Published On: 2007-12-19
Apple Quicktime Movie Stack Overflow Vulnerability
Severity: High
TPTI-07-20
Published On: 2007-11-14
CA Multiple Product DBASVR RPC Server Pointer Arithmetic Vulnerablities
Severity: High
TPTI-07-19
Published On: 2007-10-16
EMC RepliStor Server Heap Overflow Vulnerability
Severity: High
TPTI-07-18
Published On: 2007-10-10
CA BrightStor Hierarchical Storage Manager SQL Injection Vulnerabilities
Severity: High
TPTI-07-17
Published On: 2007-10-02
CA BrightStor Hierarchical Storage Manager Buffer Overflow Vulnerabilities
Severity: High
TPTI-07-16
Published On: 2007-10-02
Automated Solutions Modbus TCP Slave ActiveX Control Heap Corruption Vulnerability
Severity: High
TPTI-07-15
Published On: 2007-09-17
HP OpenView Multiple Product Shared Trace Service Stack Overflow Vulnerabilities
Severity: High
TPTI-07-14
Published On: 2007-08-14
Borland Interbase ibserver.exe Create-Request Buffer Overflow Vulnerability
Severity: High
TPTI-07-13
Published On: 2007-07-24
Multiple Vendor Progress Server Heap Overflow Vulnerability
Severity: High
TPTI-07-12
Published On: 2007-07-12
Multiple Vendor SQL fbserver 'connect' Buffer Overflow Vulnerability
Severity: High
TPTI-07-11
Published On: 2007-06-11
Centennial Software XFERWAN Stack Overflow Vulnerability
Severity: High
TPTI-07-10
Published On: 2007-06-04
Macrovision FLEXnet boisweb.dll ActiveX Control Buffer Overflow Vulnerability
Severity: High
TPTI-07-09
Published On: 2007-06-04
Symantec Veritas Storage Foundation Scheduler Service Authentication Bypass Vulnerability
Severity: High
TPTI-07-08
Published On: 2007-06-04
Apple QuickTime STSD Parsing Heap Overflow Vulnerability
Severity: High
TPTI-07-07
Published On: 2007-05-10
Trillian Pro Rendezvous XMPP HTML Decoding Heap Corruption Vulnerability
Severity: High
TPTI-07-06
Published On: 2007-05-02
IBM Tivoli Provisioning Manager for OS Deployment Multiple Stack Overflow Vulnerabilities
Severity: High
TPTI-07-05
Published On: 2007-05-02
LANDesk Management Suite Alert Service Stack Overflow Vulnerability
Severity: High
TPTI-07-04
Published On: 2007-04-13
America Online SuperBuddy ActiveX Control Code Execution Vulnerability
Severity: High
TPTI-07-03
Published On: 2007-03-30
Trend Micro ServerProtect eng50.dll Stack Overflow Vulnerabilities
Severity: High
TPTI-07-02
Published On: 2007-02-20
Trend Micro ServerProtect StCommon.dll Stack Overflow Vulnerabilities
Severity: High
TPTI-07-01
Published On: 2007-02-20

2006

Citrix Presentation Server Client ActiveX Heap Overflow Vulnerability
Severity: High
TPTI-06-15
Published On: 2006-12-06
IBM Tivoli Storage Manager Mutiple Buffer Overflow Vulnerabilities
Severity: High
TPTI-06-14
Published On: 2006-12-04
HP OpenView Client Configuration Manager Device Code Execution Vulnerability
Severity: High
TPTI-06-13
Published On: 2006-11-08
CA BrightStor Discovery Service Mailslot Buffer Overflow Vulnerability
Severity: High
TPTI-06-12
Published On: 2006-10-05
CA Multiple Product DBASVR RPC Server Multiple Buffer Overflow Vulnerabilities
Severity: High
TPTI-06-11
Published On: 2006-10-05
Microsoft HLINK.DLL Hyperlink Object Library Buffer Overflow Vulnerability
Severity: High
TPTI-06-10
Published On: 2006-08-08
Microsoft DirectAnimation COM Object Memory Corruption Vulnerability
Severity: High
TPTI-06-09
Published On: 2006-08-08
Microsoft Internet Help COM Object Memory Corruption Vulnerability
Severity: High
TPTI-06-08
Published On: 2006-08-08
eIQnetworks Enterprise Security Analyzer Monitoring Agent Buffer Overflow Vulnerabilities
Severity: High
TPTI-06-07
Published On: 2006-08-08
CA eTrust AntiVirus WebScan Manifest Processing Buffer Overflow Vulnerability
Severity: High
TPTI-06-06
Published On: 2006-08-07
CA eTrust AntiVirus WebScan Automatic Update Code Execution Vulnerability
Severity: High
TPTI-06-05
Published On: 2006-08-07
eIQnetworks ESA Topology Server Buffer Overflow Vulnerability
Severity: High
TPTI-06-04
Published On: 2006-07-25
eIQnetworks ESA Syslog Server Buffer Overflow Vulnerabilities
Severity: High
TPTI-06-03
Published On: 2006-07-25
Microsoft SRV.SYS Mailslot Ring0 Memory Corruption Vulnerability
Severity: High
TPTI-06-02
Published On: 2006-07-11
Symantec VERITAS NetBackup vnetd Buffer Overflow Vulnerability
Severity: High
TPTI-06-01
Published On: 2006-03-27