Upcoming Advisories

The following is a list of vulnerabilities discovered by TippingPoint DVLabs researchers that are yet to be publicly disclosed. The affected vendor has been contacted on the specified date and while they work on a patch for these vulnerabilities, TippingPoint customers are protected from exploitation by IPS filters delivered ahead of public disclosure. A list of published advisories discovered through the Zero Day Initiative extended research network is available from:

http://www.zerodayinitiative.com/advisories/upcoming

RealNetworks: Reported on: 2010-02-26; Severity: High; Discovered by: Aaron Portnoy, Zef Cekaj, Logan Brown; 15 days since report
This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of RealNetworks software. User interaction is required to exploit this vulnerability.
Sophos: Reported on: 2009-04-01; Severity: Medium; Discovered by: Cody Pierce; 346 days since report
This vulnerability allows local attackers to execute arbitrary code under the context of the kernel on vulnerable installations of Sophos software.
Oracle: Reported on: 2009-03-13; Severity: High; Discovered by: Cody Pierce; 365 days since report
This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Oracle software. Authentication is not required to exploit this vulnerability.