Search

Traffic File Update - June 2009

This Traffic IQ Professional update for June 2009 contains the latest application exploits, threats and security evasion techniques along with technical data and high quality security rules.

Traffic IQ Professional

Traffic File Update for June 2009

48 Application Exploits

Apple QuickTime CRGN Atom Parsing Heap Buffer Overflow Vulnerability S
Apple QuickTime Image Description Atom Sign Extension Vulnerability S
Baofeng Storm '.smpl' Processing Buffer Overflow Vulnerability S
Bopup Communication Server Remote Buffer Overflow (win_add_user) S
Bopup Communication Server Remote Buffer Overflow (win_exec) S
Bopup Communication Server Remote Buffer Overflow (win_shell_bind_tcp) S
Bopup Communication Server Remote Buffer Overflow (win_shell_reverse_ord_tcp) S
Bopup Communication Server Remote Buffer Overflow (win_shell_reverse_tcp) S
Bopup Communication Server Remote Buffer Overflow Vulnerability S
Bopup Communication Server Remote Buffer Overflow Vulnerability_1 S
HP Data Protector Express Denial of Service Vulnerability (meta) S
HP Data Protector Express Denial of Service Vulnerability S
HP Data Protector Express Memory Leak Vulnerability (meta) S
HP Data Protector Express Memory Leak Vulnerability S
HTTP Apache Tomcat Form Authentication Information Disclosure Vulnerability S
HTTP Apple iPhone and iPod Touch Prior to Version 2.0 Multiple Remote Vulnerabilities S
HTTP Apple iTunes Multiple URI Handler Stack Buffer Overflow Vulnerability S
HTTP Apple QuickTime NULL Pointer Dereference Denial of Service S
HTTP Apple Safari 'feed' URI Multiple Input Validation Vulnerabilities S
HTTP Apple Safari 'parent_top' Cross Domain Scripting Vulnerability S
HTTP Asmax Ar-804gu Router 'script' Remote Arbitrary Shell Command Injection Vulnerability S
HTTP Cisco IOS HTTP Server HTML Injection and Cross Site Scripting Issues S
HTTP cPanel 'lastvisit.html' Arbitrary File Disclosure Vulnerability S
HTTP DX Studio Player Remote Arbitrary Shell Command Injection Vulnerability S
HTTP Edraw PDF Viewer 'FtpDownloadFile()' Remote code execution vulnerability S
HTTP Firefox and Thunderbird and SeaMonkey Multiple Browser Engine Memory Corruption S
HTTP Green Dam URL and Blacklist Update Buffer Overflow (shell_bind_tcp) S
HTTP Green Dam URL and Blacklist Update Buffer Overflow (win_exec) S
HTTP Green Dam URL and Blacklist Update Buffer Overflow (win_shell_reverse_tcp) S
HTTP Microsoft IE HTML Attribute JavaScript URI Security Bypass Vulnerability S
HTTP Mozilla Firefox Large GIF File Background Denial of Service S
HTTP Nagios 'statuswml.cgi' Remote Arbitrary Shell Command Injection Vulnerability S
HTTP Office OCX WordViewer.OCX Word Viewer ActiveX Multiple Vulnerabilities S
HTTP Opera HTML CANVAS Remote Code Execution S
HTTP SAP AG SAPgui 'sapirrfc.dll' Remote Buffer Overflow Vulnerability S
HTTP WebKit 'Document()' Function Remote Information Disclosure Vulnerability S
HTTP WebKit JavaScript 'onload()' Event Cross Domain Scripting Vulnerability S
HTTP WebKit XML External Entity Information Disclosure Vulnerability S
McAfee Policy Manager 'naPolicyManager.dll' Arbitrary File Overwrite Vulnerability S
Microsoft Windows Media Player ScriptCommand Hijacking 'iframes' Vulnerability S
Microsoft Windows Media Player ScriptCommand Information Disclosure Vulnerability S
Microsoft Windows Media Player ScriptCommand Local Media File Enumeration S
SDP Downloader 'ASX' File Heap Buffer Overflow Vulnerability S
SDP Downloader 'ASX' File Heap Buffer Overflow Vulnerability_1 S
SDP Downloader 'ASX' File Heap Buffer Overflow Vulnerability_2 S
Sun JRE and JDK Multiple Security Vulnerabilities (win_gen_shell_bind_tcp) S
Sun JRE and JDK Multiple Security Vulnerabilities (win_gen_shell_reverse_tcp) S
VLC Media Player SMB Input Module Buffer Overflow Vulnerability S

3 Evasions

Evasion HTML javascript escape (Green Dam) S
Evasion HTTP Header Folding (Green Dam) S
Evasion HTTP junk headers (Green Dam) S


idappcom - Auditing, verifying and enhancing the capabilities of corporate security defences.

We do not use cookies for tracking users, displaying customised content or storing information about users, other than that required to maintain 'session state' for the login system for registered users. Please read our cookie policy for more information. Please note that by using this site you are consenting to the use of cookies.