Search

Traffic File Update - May 2009

This Traffic IQ Professional update for May 2009 contains the latest application exploits, threats and security evasion techniques along with technical data and high quality security rules.

Traffic IQ Professional

Traffic File Update for May 2009

45 Application Exploits

Adobe Acrobat Stack Exhaustion Denial of Service Vulnerability S
HTTP AOL Radio AmpX 'ConvertFile()' Buffer Overflow Vulnerability (win_exec) S
HTTP AOL Radio AmpX 'ConvertFile()' Buffer Overflow Vulnerability (win_shell_bind_tcp) S
HTTP AOL Radio AmpX 'ConvertFile()' Buffer Overflow Vulnerability S
HTTP Autodesk 'IDrop.ocx' Multiple Heap Memory Corruption (win_exec) S
HTTP Autodesk 'IDrop.ocx' Multiple Heap Memory Corruption (win_shell_reverse_tcp) S
HTTP Autodesk 'IDrop.ocx' Multiple Heap Memory Corruption Vulnerabilities S
HTTP BaoFeng Storm 'OnBeforeVideoDownload()' Buffer Overflow Vulnerability S
HTTP BaoFeng Storm 'SetAttributeValue()' Buffer Overflow Vulnerability S
HTTP Chinagames 'CreateChinagames()' Buffer Overflow Vulnerability S
HTTP Cisco Subscriber Edge Services Manager Cross Site Scripting S
HTTP Cisco Subscriber Edge Services Manager Cross Site Scripting_1 S
HTTP Google Chrome 'throw()' function Null Pointer Dereference Vulnerability S
HTTP Kingsoft Webshield Cross Site scripting and Remote Command Execution Vulnerability S
HTTP Linksys WVC54GCA Wireless-G Cross Site Scripting Vulnerability S
HTTP Linksys WVC54GCA Wireless-G Information Disclosure Vulnerability S
HTTP Linksys WVC54GCA Wireless-G Information Disclosure Vulnerability_1 S
HTTP Microsoft Internet Explorer Unprintable Characters Denial of Service S
HTTP Mozilla Firefox 'keygen' HTML Tag Denial of Service Vulnerability S
HTTP Mozilla Firefox 'nsTextFrame ClearTextRun()' Remote Memory Corruption S
HTTP Mozilla Firefox Loop Denial of Service Vulnerability S
HTTP Profense Web Application Firewall Security Bypass Vulnerability S
HTTP Roxio CinePlayer SonicDVDDashVRNav.DLL Buffer Overflow Vulnerability S
HTTP SAP cFolders 'col_table_filter.htm' Cross Site Scripting Vulnerability S
HTTP SAP cFolders 'me_ov.htm' Cross Site Scripting Vulnerability S
HTTP Sun Java System Communications Express 'UWCMain' Cross Site Scripting S
HTTP Symantec WinFax Pro 'DCCFAXVW.DLL' Heap Buffer Overflow Vulnerability S
IBM Lotus Sametime Community Services Multiplexer Buffer Overflow (add_user) S
IBM Lotus Sametime Community Services Multiplexer Buffer Overflow (win_exec) S
Microchip MPLAB IDE '.mcp' File Handling Remote Buffer Overflow Vulnerability S
Microchip MPLAB IDE 'CAT_FILTERS' Buffer Overflow Vulnerability S
Microchip MPLAB IDE 'FILE_INFO' Buffer Overflow Vulnerability S
Microsoft .Net Framework Multiple Null Byte Injection Vulnerabilities S
Microsoft IIS Unicode Requests to WebDAV Authentication Bypass Multiple Vulnerabilities S
Microsoft IIS Unicode Requests to WebDAV Authentication Bypass Multiple Vulnerabilities_1 S
RealNetworks RealPlayer MP3 File Handling Remote Denial of Service S
Recover Data for Novell Netware '.SAV' File Remote Denial of Service S
Sun Java Runtime Environment Remote Buffer Overflow Vulnerability S
Symantec Multiple Products Intel Common Base Agent Remote Command Execution S
Symantec Norton Ghost 'EasySetupInt.dll' Remote Denial of Service S
Winamp MAKI Parsing Integer Overflow Vulnerability (adduser) S
Winamp MAKI Parsing Integer Overflow Vulnerability (bind_shell) S
Winamp MAKI Parsing Integer Overflow Vulnerability (calc) S
Winamp MAKI Parsing Integer Overflow Vulnerability S
Winamp MAKI Parsing Integer Overflow Vulnerability_1 S

5 Evasions

Evasion HTML base64 (Autodesk 'IDrop.ocx' Heap Memory Corruption) S
Evasion HTML javascript escape (AOL Radio 'ConvertFile()' Buffer Overflow) S
Evasion HTTP chunked (Autodesk 'IDrop.ocx' Heap Memory Corruption) S
Evasion HTTP Header Folding (Autodesk 'IDrop.ocx' Heap Memory Corruption) S
Evasion HTTP junk headers (AOL Radio 'ConvertFile()' Buffer Overflow) S


idappcom - Auditing, verifying and enhancing the capabilities of corporate security defences.

We do not use cookies for tracking users, displaying customised content or storing information about users, other than that required to maintain 'session state' for the login system for registered users. Please read our cookie policy for more information. Please note that by using this site you are consenting to the use of cookies.