简介：publicly disclosed software, hardware and internet security vulnerabilities that do not have a manufacturer fix or patch.

原站：http://research.eeye.com/html/alerts/zeroday/index.html

“eEye Digital Security - Zero-Day Tracker”的内容更新

累计：48 篇（自 2006-12-07 起）

更新：约9篇/年，最后更新1089 天前

eEye Digital Security - Zero-Day Tracker

Excel Invalid Object

A remote code execution vulnerability exists within Microsoft Excel which may allow for a remote attacker to execute arbitrary code under the context of the logged in user.... (317 天前)

http://inezha.com/w/ur5z9oo

eEye Digital Security - Zero-Day Tracker

Adobe PDF Buffer Overflow

A vulnerability exists within Adobe Acrobat that allows an attacker to execute arbitrary code on a victims machine if they view a malicious PDF document.... (317 天前)

http://inezha.com/w/zg1mooi

eEye Digital Security - Zero-Day Tracker

Microsoft Internet Explorer 7 XML Zero-Day

A vulnerability exists within Internet Explorer 7 that allows an attacker to execute arbitrary code on a victims machine if they visit a malicious website. Exploit code for this has been publicly released in a public forum and exploitation has been seen in-the-wild.... (317 天前)

http://inezha.com/w/qt66xof

eEye Digital Security - Zero-Day Tracker

Mac OS X ARDAgent Local Privilege Escalation

ARDAgent in Apple Mac OS X 10.5 and 10.4 allows local users to gain privileges via an osascript tell command. This vulnerability is actively being exploited by attackers to install a trojan on a target system.... (317 天前)

http://inezha.com/w/225kg3z

eEye Digital Security - Zero-Day Tracker

Microsoft Word XP/2002 SP3 Exploit

An unspecified vulnerability exists within Microsoft Word XP / 2002 which may possibly allow for a remote attacker to execute arbitrary code under the context of the logged in user. This vulnerability requires user interaction. In a web-based scenario (e-mail, Web site), a user would still have to open a file manually, as it would not be auto-opened.... (317 天前)

http://inezha.com/w/8110e3x

eEye Digital Security - Zero-Day Tracker

Microsoft Access Snapshot Viewer ActiveX

The Microsoft Access Snapshot Viewer ActiveX control is a component that enables a user to view an Access report snapshot without having the standard or run-time versions of Microsoft Office Access. A vulnerability exists within the ActiveX control that allows an attacked to execute arbitrary code on a victims machine if they visit a malicious website th... (317 天前)

http://inezha.com/w/od6qq32

eEye Digital Security - Zero-Day Tracker

Creative Software AutoUpdate Engine ActiveX stack bu

The Creative Software AutoUpdate Engine ActiveX control is a component that provides automatic update capabilities to Creative Labs software. This ActiveX control is provided by the file CTSUEng.ocx. The Create Software AutoUpdate Engine ActiveX control is marked Safe For scripting and Safe For Initialization, which means that a web page in Internet Expl... (317 天前)

http://inezha.com/w/jf5b930

相关订阅源