Search

Traffic File Update - November 2009

This Traffic IQ Professional update for November 2009 contains the latest application exploits, threats and security evasion techniques along with technical data and high quality security rules.

Traffic IQ Professional

Traffic File Update for November 2009

50 Application Exploits

Adobe Reader and Acrobat U3D File Invalid Array Index Remote Vuln (gen_shell_bind_tcp) S
Adobe Reader and Acrobat U3D File Invalid Array Index Remote Vuln (win_exec) S
Adobe Reader and Acrobat U3D File Invalid Array Index Remote Vuln (win_shell_reverse_ord_tcp) S
Adobe Reader and Acrobat U3D File Invalid Array Index Remote Vuln (win_shell_reverse_tcp) S
Autodesk Softimage Scene TOC File Remote Code Execution Vulnerability S
CA Anti-Spyware 'ppctl.dl' Remote Buffer Overflow Vulnerability (win_exec) S
CA Anti-Spyware 'ppctl.dl' Remote Buffer Overflow Vulnerability (win_shell_bind_tcp) S
CA Anti-Spyware 'ppctl.dl' Remote Buffer Overflow Vulnerability (win_shell_reverse_tcp) S
FTP Home FTP Server 'MKD' Command Directory Traversal Vulnerability S
FTP Home FTP Server 'SITE INDEX' Command Remote DoS Vulnerability S
FTP TYPSoft FTP Server 'APPE' and 'DELE' Commands Remote Denial of Service Vulnerability S
Hewlett-Packard Power Manager Web Server Remote Code Execution Vulnerability S
HP Openview Network Node Manager Invalid DB Error Code vulnerability S
HTTP Apple Safari CSS Denial of Service Vulnerability S
HTTP Cherokee Web Server Remote Directory Traversal Vulnerability S
HTTP FireStats WordPress Plugin Authentication Bypass Vulnerability S
HTTP FireStats WordPress Plugin Multiple Cross Site Scripting S
HTTP Fuctweb CapCC Plugin for WordPress CAPTCHA Cross-Site Request Forgery S
HTTP Fuctweb CapCC Plugin for WordPress CAPTCHA Security Bypass Vulnerability S
HTTP Fuctweb CapCC Plugin for WordPress CAPTCHA SQL Injection Vulnerability S
HTTP Fuctweb CapCC Plugin for WordPress CAPTCHA SQL Injection Vulnerability_1 S
HTTP Joomla Google Calendar Component 'gcid' Parameter SQL Injection Vulnerability S
HTTP Mozilla Firefox CVE-2009-3382 Remote Memory Corruption Vulnerability S
HTTP RhinoSoft Serv-U Web Client HTTP Request Remote Buffer Overflow Vulnerability S
HTTP Subscribe to Comments WordPress Plugin Cross Site Scripting Vulnerability S
HTTP WordPress WP-Cumulus Plugin 'tagcloud.swf' Cross-Site Scripting Vulnerability S
IBM Installation Manager 'iim' URI Remote Library Injection Vulnerability S
IBM SolidDB 'solid.exe' Denial of Service Vulnerability S
McAfee Network Security Manager Information Disclosure Vulnerability S
McAfee Network Security Manager Multiple Cross Site Scripting Vulnerabilities S
McAfee Network Security Manager Multiple Cross Site Scripting Vulnerabilities_1 S
Microsoft IE 'Style' Object Remote Code Execution (generic_shell_bind_tcp) S
Microsoft Internet Explorer 'Style' Object Remote Code Execution (win_exec) S
Microsoft Internet Explorer 'Style' Object Remote Code Execution (win_shell_bind_tcp) S
Microsoft Internet Explorer 'Style' Object Remote Code Execution S
Microsoft Internet Explorer 'Style' Object Remote Code Execution_1 S
Mozilla Firefox 'libpr0n' GIF File Handling Denial of Service Vulnerability S
Mozilla Firefox 'libpr0n' GIF File Handling Denial of Service Vulnerability_1 S
Mozilla Firefox CVE-2009-3379 Multiple Remote Memory Corruption Vulnerabilities S
Mozilla Firefox CVE-2009-3379 Multiple Remote Memory Corruption Vulnerabilities_1 S
Novell eDirectory iMonitor HTTPSTK Buffer Overflow Vulnerability (win2k) S
Novell eDirectory iMonitor HTTPSTK Buffer Overflow Vulnerability (winNT) S
Novell eDirectory iMonitor HTTPSTK Buffer Overflow Vulnerability (winXP) S
Novell eDirectory iMonitor HTTPSTK Buffer Overflow Vulnerability S
Novell eDirectory iMonitor HTTPSTK Buffer Overflow Vulnerability_1 S
Opera Web Browser 'dtoa()' Remote Code Execution Vulnerability S
Opera Web Browser 'dtoa()' Remote Code Execution Vulnerability_1 S
Winamp Ultravox Streaming Metadata Buffer Overflow Vulnerability (win_exec) S
Winamp Ultravox Streaming Metadata Buffer Overflow Vulnerability (win_shell_bind_tcp) S
Yahoo Messenger 'YahooBridgeLib.dll' Control Remote Denial of Service Vulnerability S

5 Evasions

Evasion HTML base64 (random_space_injection) (for CVE-2009-4054) S
Evasion HTML javascript escape (for CVE-2009-4054) S
Evasion HTML unicode (utf-16be) (for CVE-2009-4054) S
Evasion HTTP Header Folding (for CVE-2009-4054) S
Evasion HTTP junk headers (for CVE-2009-4054) S


idappcom - Auditing, verifying and enhancing the capabilities of corporate security defences.

We do not use cookies for tracking users, displaying customised content or storing information about users, other than that required to maintain 'session state' for the login system for registered users. Please read our cookie policy for more information. Please note that by using this site you are consenting to the use of cookies.