Search

Traffic File Update - December 2008

This Traffic IQ Professional update for December 2008 contains the latest application exploits, threats and security evasion techniques along with technical data and high quality security rules.

Traffic IQ Professional

Traffic File Update for December 2008

46 Application Exploits

Acoustica Mixcraft '.mx4' Project File Buffer Overflow Vulnerability S
BreakPoint Software Hex Workshop CMAP File Handling Buffer Overflow Vulnerability S
BulletProof FTP Client '.bps' File Stack Buffer Overflow Vulnerability S
BulletProof FTP Client Bookmark File Heap Buffer Overflow Vulnerability S
Cain & Abel Malformed '.rdp' File Denial of Service Vulnerability S
Cain & Abel Malformed '.rdp' File Remote Code Execution S
DesignWorks Professional '.cct' File Buffer Overflow Vulnerability S
FutureSoft TFTP Server 2000 Remote Code Execution S
HTTP Amaya (id) Remote Stack Overflow Vulnerability S
HTTP Amaya (URL Bar) Remote Stack Overflow Vulnerability S
HTTP Chilkat Socket 'SaveLastError()' Arbitrary File Overwrite Vulnerability S
HTTP Chilkat Socket 'SaveLastError()' Arbitrary File Overwrite Vulnerability_1 S
HTTP COMTREND CT-536 and HG-536 Routers Cross-site Scripting Vulnerability S
HTTP COMTREND CT-536 and HG-536 Routers Information Disclosure Vulnerability S
HTTP DD-WRT Cross-Site Request Forgery Vulnerability S
HTTP EasyMail Objects 'emmailstore.dll' Remote Buffer Overflow S
HTTP Internet Explorer 'chromeHTML' Command Line Parameter Injection Vulnerability S
HTTP Linksys Wireless-G ADSL Gateway WAG54GS V2.0 Remote Buffer Overflow S
HTTP Megacubo URI Handler Remote Command Execution Vulnerability S
HTTP Megacubo URI Handler Remote Command Execution Vulnerability_1 S
HTTP MiniShare Server Remote Buffer Overflow Vulnerability (2k_SP2) S
HTTP MiniShare Server Remote Buffer Overflow Vulnerability (2k_SP4) S
HTTP MiniShare Server Remote Buffer Overflow Vulnerability (WinXP_SP1) S
HTTP Opera Web Browser 'file' Heap Based Buffer Overflow Vulnerability S
HTTP SasCam Webcam Server 'Get' Method Buffer Overflow Vulnerability S
HTTP Visagesoft eXPert PDF EditorX Arbitrary File Overwrite Vulnerability S
HTTP XAMPP Cross-Site Scripting and Request Forgery Vulnerabilities S
IBM Rational ClearCase Cross Site Scripting Vulnerability S
IntelliTamper 'CFG' File Buffer Overflow Vulnerability S
Microsoft Access Snapshot Viewer Arbitrary File Download (MS08-041) (gen_shell_reverse_tcp) S
Microsoft Access Snapshot Viewer Arbitrary File Download (MS08-041) (win_exec) S
Microsoft Access Snapshot Viewer Arbitrary File Download (MS08-041) (win_shell_bind_tcp) S
Microsoft Internet Explorer XML Handling Remote Code Execution (MS08-078) S
Microsoft Internet Explorer XML Handling Remote Code Execution_1 (MS08-078) S
Microsoft Internet Explorer XML Handling Remote Code Execution_2 (MS08-078) S
Microsoft Internet Explorer XML Handling Remote Code Execution_3 (MS08-078) S
Microsoft SQL Server 'sp_replwritetovarbin' Remote Memory Corruption S
Microsoft Windows Enhanced Metafile (EMF) Remote Buffer Overflow S
Microsoft Windows Enhanced Metafile (EMF) Remote Buffer Overflow_1 S
National Instruments Electronics Workbench '.ewb' Buffer Overflow S
Psi Malformed Packet Remote Denial of Service Vulnerability S
RadASM '.rap' Project File Buffer Overflow Vulnerability S
Rumpus FTP Server Command Argument Remote Buffer Overflow S
Rumpus FTP Server HTTP Command Remote Denial of Service Vulnerability S
SAWStudio '.prf' File Buffer Overflow Vulnerability S
Windows XP_2003_Vista Metafile Escape_SetAbortProc Code Execution S

4 Evasions

Evasion HTML javascript escape (for CVE-2008-2463) S
Evasion HTML junk headers (for CVE-2008-2463) S
Evasion HTML unicode (utf-16le) (for CVE-2008-2463) S
Evasion HTTP Headers Folding (for CVE-2008-2463) S

1 Standard Protocol Traffic

Microsoft Vista SP0 SMB Negotiate Protocol DoS S


idappcom - Auditing, verifying and enhancing the capabilities of corporate security defences.

We do not use cookies for tracking users, displaying customised content or storing information about users, other than that required to maintain 'session state' for the login system for registered users. Please read our cookie policy for more information. Please note that by using this site you are consenting to the use of cookies.