Upcoming Advisories
The following is a list of vulnerabilities discovered by TippingPoint DVLabs researchers that are yet to be publicly disclosed. The affected vendor has been contacted on the specified date and while they work on a patch for these vulnerabilities, TippingPoint customers are protected from exploitation by IPS filters delivered ahead of public disclosure. A list of published advisories discovered through the Zero Day Initiative extended research network is available from:
http://www.zerodayinitiative.com/advisories/upcoming
- Microsoft
- Reported on: 2009-05-11
- Severity: Medium
- Discovered by: Cody Pierce
-
53 days since report
This vulnerability allows attackers to execute arbitrary code on vulnerable installations of Microsoft Windows.
- Sophos
- Reported on: 2009-04-01
- Severity: Medium
- Discovered by: Cody Pierce
-
93 days since report
This vulnerability allows local attackers to execute arbitrary code under the context of the kernel on vulnerable installations of Sophos software.
- Oracle
- Reported on: 2009-03-13
- Severity: High
- Discovered by: Cody Pierce
-
112 days since report
This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Oracle software. Authentication is not required to exploit this vulnerability.
- Microsoft
- Reported on: 2008-08-12
- Severity: High
- Discovered by: Ganesh Devarajan
-
325 days since report
This vulnerability allows attackers to execute arbitrary code on
vulnerable installations of Microsoft Office. User interaction is
required to exploit this vulnerability in that the target must visit a
malicious page or open a malicious file.
- Hewlett-Packard
- Reported on: 2007-07-09
- Severity: High
- Discovered by: Aaron Portnoy
-
725 days since report
This vulnerability allows attackers to execute arbitrary code on
vulnerable installations of Hewlett-Packard software. User
interaction is not required to exploit this vulnerability.
- Hewlett-Packard
- Reported on: 2006-10-10
- Severity: High
- Discovered by: Pedram Amini
-
997 days since report
This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of HP OpenView software. Authentication is not required to exploit this vulnerability.