Search

Traffic File Update - November 2008

This Traffic IQ Professional update for November 2008 contains the latest application exploits, threats and security evasion techniques along with technical data and high quality security rules.

Traffic IQ Professional

Traffic File Update for November 2008

40 Application Exploits

Adobe Acrobat and Reader 'util.printf()' Remote Buffer Overflow S
BitDefender 'pdf.xmd' Module PDF Parsing Remote Denial Of Service S
HTTP A-LINK WL54AP3 and WL54AP2 Cross-Site Request Forgery Vulnerability S
HTTP Belkin F5D7230-4 Wireless G Router Authentication Vulnerability S
HTTP Chilkat Crypt ActiveX 'WriteFile()' Insecure Method Vulnerability S
HTTP Google Chrome MetaCharacter URI Obfuscation Vulnerability S
HTTP Google Chrome Pop-Up Address Bar URI Spoofing Vulnerability S
HTTP iseemedia LPViewer ActiveX Control Code Execution (shell_bind_tcp) S
HTTP iseemedia LPViewer ActiveX Control Code Execution (shell_reverse_tcp) S
HTTP iseemedia LPViewer ActiveX Control Code Execution (win_exec) S
HTTP NETGEAR WGR614 Administration Interface Remote Denial of Service S
HTTP ooVoo URI Handler Remote Buffer Overflow Vulnerability S
HTTP Opera 'file' URI Handling Buffer Overflow Vulnerability S
HTTP Opera Web Browser History Search Input Validation Vulnerability S
HTTP Yahoo Messenger YVerInfo.DLL Multiple Buffer Overflow Vulnerability S
Microsoft Communicator SIP INVITE Message Remote Denial of Service S
Microsoft DebugDiag 'CrashHangExt.dll' Remote DoS Vulnerability S
Microsoft Host Integration Server 2006 Command Execution Vulnerability (MS08-059) S
Microsoft Windows Media Player MIDI File MThd Header Parsing DoS S
Microsoft Windows Server Service (MS08-067) Patch Scanner S
Microsoft XML Core Services DTD Cross-Domain Scripting Vulnerability (MS08-069) S
mIRC 'PRIVMSG' Command Handling Buffer Overflow Vulnerability (Vista SP0) S
mIRC 'PRIVMSG' Command Handling Buffer Overflow Vulnerability (WinXP SP3) S
mIRC 'PRIVMSG' Command Handling Buffer Overflow Vulnerability S
Multiple products MP4 File Remote Denial of Service S
Nero ShowTime m3u File Remote Buffer Overflow Vulnerability S
Net-SNMP GETBULK Remote Denial of Service Vulnerability S
Network-Client FTP Now Heap Buffer Overflow Vulnerability S
Numark CUE 5 '.m3u' File Buffer Overflow Vulnerability S
Oracle mod_wl HTTP POST Request Denial of Service Vulnerability S
Oracle mod_wl HTTP POST Request Remote Buffer Overflow (Win2k3 SP2) S
SIP Siemens C450IP and C475IP Denial of Service Vulnerability (SCADA) S
SMB Microsoft Server Service Vulnerability MS08-067 (Win2k meterpreter_bind_tcp) S
SMB Microsoft Server Service Vulnerability MS08-067 (Win2k win_adduser) S
SMB Microsoft Server Service Vulnerability MS08-067 (Win2k win_exec) S
SMB Microsoft Server Service Vulnerability MS08-067 (Win2k win_shell_bind_tcp) S
SMB Microsoft Server Service Vulnerability MS08-067 (WinXP_SP2 win_exec) S
Total Video Player 'TVP type' Tag Handling Remote Buffer Overflow S
uTorrent and BitTorrent File Handling Remote Buffer Overflow Vulnerability S
VLC Media Player RealText Processing Buffer Overflow S

6 Evasions

Evasion DCERPC append multiple fake bind (CVE-2008-4250) S
Evasion DCERPC smb pipeio trans (for CVE-2008-3466) S
Evasion HTTP Headers Folding (CVE-2008-0955) S
Evasion HTTP Junk Headers (for CVE-2008-0955) S
Evasion SMB pad_data_level_2 (CVE-2008-4250) S
Evasion SMB pipe_evasion (CVE-2008-4250) S


idappcom - Auditing, verifying and enhancing the capabilities of corporate security defences.

We do not use cookies for tracking users, displaying customised content or storing information about users, other than that required to maintain 'session state' for the login system for registered users. Please read our cookie policy for more information. Please note that by using this site you are consenting to the use of cookies.