Advisory Archive The eEye Digital Security Research Team is dedicated to discovering new vulnerabilities and responsibly reporting them to the vendor via CERT coordination. This advisory information is meant to serve as a "time capsule" of the eEye Research vulnerabilities from the past and is intended solely as technical, in-depth analysis of the various vulnerabilities discovered by the eEye Research Team. This advisory information provided here adheres to eEye's responsible disclosure policy and supports the Company's goal to eliminate security vulnerabilities within computing networks.

July 10, 2009	eEye Retina Wireless Scanner .RWS File Processing Memory Corruption
November 20, 2007	BitDefender Online Scanner 8 Double Decode Heap Overflow
November 15, 2007	Multiple Vulnerabilities In .FLAC File Format and Various Media Applications
October 11, 2007	CA BrightStor ARCserve Backup Server Arbitrary Pointer Dereference
September 20, 2007	Multiple Vulnerabilities in CA ARCserve for Laptops and Desktops
August 14, 2007	Windows Metafile AttemptWrite Heap Overflow
August 14, 2007	VGX.DLL Compressed Content Heap Overflow Vulnerability
July 10, 2007	Microsoft Publisher 2007 Arbitrary Pointer Dereference
July 5, 2007	Sun Java WebStart JNLP Stack Buffer Overflow Vulnerability
June 8, 2007	Yahoo! Webcam ActiveX Controls Multiple Buffer Overflows
April 10, 2007	Windows Vista CSRSS Dangling Process Pointer Privilege Escalation
April 10, 2007	Windows VDM Zero Page Race Condition Privilege Escalation
December 7, 2006	Intel Network Adapter Driver Local Privilege Escalation
December 5, 2006	Adobe Download Manager AOM Stack Buffer Overflow Vulnerability
November 14, 2006	Workstation Service NetpManageIPCConnect Buffer Overflow
September 12, 2006	Internet Explorer Compressed Content URL Heap Overflow Vulnerability #2
August 24, 2006	Internet Explorer Compressed Content URL Heap Overflow Vulnerability
August 16, 2006	IBM eGatherer ActiveX Code Execution Vulnerability
August 5, 2006	McAfee Subscription Manager Stack Buffer Overflow
July 13, 2006	McAfee ePolicy Orchestrator Remote Compromise
July 13, 2006	D-Link Router UPNP Stack Overflow
June 12, 2006	Symantec Remote Management Stack Buffer Overflow
May 11, 2006	Apple QuickTime FPX Integer Overflow
May 9, 2006	Microsoft Distributed Transaction Coordinator Denial of Service
May 9, 2006	Microsoft Distributed Transaction Coordinator Heap Overflow
April 25, 2006	Juniper Networks SSL-VPN Client Buffer Overflow
February 14, 2006	Windows Media Player BMP Heap Overflow
January 10, 2006	Apple QuickTime STSD Atom Heap Overflow
January 10, 2006	Apple iTunes (QuickTime.qts) Heap Overflow
January 10, 2006	Apple QuickTime QTIF Stack Overflow
January 10, 2006	Apple QuickTime Malformed GIF Heap Overflow
January 10, 2006	Windows Embedded Open Type (EOT) Font Heap Overflow Vulnerability
December 13, 2005	Windows Kernel APC Data-Free Local Privilege Escalation Vulnerability
November 10, 2005	RealPlayer Zipped Skin File Buffer Overflow II
November 10, 2005	RealPlayer Data Packet Stack Overflow
November 8, 2005	Windows Metafile Multiple Heap Overflows
November 8, 2005	Windows Metafile SetPalette Entries Heap Overflow Vulnerability (Graphics Rendering Engine Vulnerability)
November 4, 2005	Macromedia Flash Player Improper Memory Access Vulnerability
October 11, 2005	Vulnerability in DirectShow Could Allow Remote Code Execution
October 11, 2005	Microsoft Distributed Transaction Coordinator Memory Modification Vulnerability
October 11, 2005	Windows UMPNPMGR wsprintfW Stack Buffer Overflow Vulnerability
October 11, 2005	MDT2DD.DLL COM Object Uninitialized Heap Memory Vulnerability
June 23, 2005	RealPlayer vidplin.dll AVI Processing Heap Overflow
June 14, 2005	HTML Help File Parsing Buffer Overflow
March 2, 2005	Computer Associates License Manager Remote Vulnerabilities
February 8, 2005	Windows SMB Client Transaction Response Handling Vulnerability
January 11, 2005	Windows ANI File Parsing Buffer Overflow
November 09, 2004	Kerio Personal Firewall Multiple IP Options Denial of Service
October 27, 2004	RealPlayer Zipped Skin File Buffer Overflow
October 12, 2004	Windows Shell ZIP File Decompression DUNZIP32.DLL Buffer Overflow Vulnerability
October 12, 2004	Windows VDM #UD Local Privilege Escalation
October 1, 2004	RealPlayer pnen3260.dll Heap Overflow
June 15, 2004	IBM acpRunner Activex Dangerous Methods Vulnerability
June 15, 2004	"IBM Access Support" (eGatherer) Activex Dangerous Methods Vulnerability
June 10, 2004	RealPlayer embd3260.dll Error Response Heap Overflow
May 12, 2004	Symantec Multiple Firewall NBNS Response Processing Stack Overflow
May 12, 2004	Symantec Multiple Firewall DNS Response Denial-of-Service
May 12, 2004	Symantec Multiple Firewall NBNS Response Remote Heap Corruption
May 12, 2004	Symantec Multiple Firewall Remote DNS KERNEL Overflow
May 2, 2004	Apple QuickTime (QuickTime.qts) Heap Overflow
May 1, 2004	ANALYSIS: Sasser Worm
April 23, 2004	Symantec Multiple Firewall TCP Options Denial of Service
April 19, 2004	"Yahoo! Mail" Account Filter Overflow Hijack
April 13, 2004	Microsoft DCOM RPC Memory Leak
April 13, 2004	Microsoft DCOM RPC Race Condition
April 13, 2004	Windows Expand-Down Data Segment Local Privilege Escalation
April 13, 2004	Windows VDM TIB Local Privilege Escalation
April 13, 2004	Windows Metafile Heap Overflow
March 18, 2004	Internet Security Systems PAM ICQ Server Response Processing Vulnerability
February 26, 2004	RealSecure/BlackICE Server Message Block (SMB) Processing Overflow
February 18, 2004	Zone Labs SMTP Processing Buffer Overflow
February 10, 2004	Microsoft ASN.1 Library Length Overflow Heap Corruption
February 10, 2004	Microsoft ASN.1 Library Bit String Heap Corruption
September 10, 2003	Microsoft RPC Heap Corruption Vulnerability - Part II
September 3, 2003	VBE Document Property Buffer Overflow
September 3, 2003	Microsoft WordPerfect Document Converter Buffer Overflow
August 20, 2003	Internet Explorer Object Data Remote Execution Vulnerability
August 11, 2003	ANALYSIS: Blaster Worm
July 23, 2003	Windows MIDI Decoder (QUARTZ.DLL) Heap Corruption
June 4, 2003	Internet Explorer Object Type Property Overflow
March 19, 2003	XDR Integer Overflow
January 25, 2003	ANALYSIS: Microsoft SQL Server Sapphire Worm
December 16, 2002	Macromedia Shockwave Flash Malformed Header Overflow #2
December 11, 2002	PNG (Portable Network Graphics) Deflate Heap Corruption Vulnerability
November 12, 2002	Macromedia ColdFusion/JRun Remote SYSTEM Buffer Overflow
August 8, 2002	Macromedia Shockwave Flash Malformed Header Overflow
July 10, 2002	Remote PGP Outlook Encryption Plug-in Vulnerability
May 22, 2002	ANALYSIS: Spida or Digispid.B.Worm SQL Worm
May 8, 2002	MSN Messenger OCX Buffer Overflow
May 2, 2002	Macromedia Flash Activex Buffer overflow
March 8, 2002	Windows Shell Overflow
February 8, 2002	ALERT: ISS BlackICE Kernel Overflow Exploitable
December 20, 2001	UPNP - Multiple Remote Windows XP/ME/98 Vulnerabilities
September 5, 2001	%u encoding IDS bypass vulnerability
August 4, 2001	ANALYSIS: CodeRed II Worm
July 17, 2001	ANALYSIS: .ida "Code Red" Worm
May 11, 2001	iPlanet – Netscape Enterprise Web Publisher Buffer Overflow
April 24, 2001	IPSwitch IMail 6.06 SMTP Remote System Access Vulnerability
April 12, 2001	Trend Micro Interscan VirusWall 3.01 vulnerability
April 11, 2001	Solaris ipcs Vulnerability
April 10, 2001	Solaris Xsun Buffer Overflow Vulnerability
April 9, 2001	Solaris kcms_configure vulnerability
Dec 22, 2000	Frontpage Publishing Denial of Service
November 3, 2000	IIS ASP $19.95 hack - IISHack 1.5
August 17, 2000	Imail Web Service Remote DoS Attack v.2
November 4, 1999	Printer (spooler) Service Vulnerabilities
June 8, 1999	Retina vs. IIS4, Round 2
June 15, 1999	Retina vs. IIS4, Round 2 - The Ogle
June 8, 1999	Retina vs. IIS4, Round 2 - The Brain File
May 26, 1999	Multiple Web Interface Security Holes
March 1, 1999	Multiple IMail Vulnerabilites
February 22, 1999	Multiple WinGate Vulnerabilites
February 21, 1999	Multiple Vulnerabilites in Mercur Mail Server
February 20, 1999	MDaemon Remote DoS Attack
February 04, 1999	Multiple SLMail Vulnerabilities
February 02, 1999	WS_FTP Server Remote DoS Attack
January 24, 1999	IIS Remote FTP Exploit/DoS Attack