Search

Traffic File Update - November 2010

This Traffic IQ Professional update for November 2010 contains the latest application exploits, threats and security evasion techniques along with technical data and high quality security rules.

Traffic IQ Professional

Traffic File Update for November 2010

50 Application Exploits

Adobe Flash Player CVE-2010-3639 Remote Denial of Service Vulnerability S
Adobe Flash Reader & Acrobat CVE-2010-3654 Vulnerability (gen_debug_trap) S
Adobe Flash Reader & Acrobat CVE-2010-3654 Vulnerability (gen_shell_bind_tcp) S
Adobe Flash Reader & Acrobat CVE-2010-3654 Vulnerability (gen_shell_reverse_tcp) S
Adobe Flash Reader & Acrobat CVE-2010-3654 Vulnerability (win_exec) S
Adobe Flash Reader & Acrobat CVE-2010-3654 Vulnerability (win_shell_bind_tcp_xpfw) S
Adobe Flash Reader & Acrobat CVE-2010-3654 Vulnerability (win_shell_reverse_ord_tcp) S
DATAC RealWin SCADA SCPC_INITIALIZE Vulnerability (gen_debug_trap) S
DATAC RealWin SCADA SCPC_INITIALIZE Vulnerability (win_adduser) S
DATAC RealWin SCADA SCPC_INITIALIZE Vulnerability (win_exec) S
DATAC RealWin SCADA SCPC_INITIALIZE Vulnerability (win_shell_bind_tcp) S
DATAC RealWin SCADA SCPC_INITIALIZE Vulnerability (win_shell_reverse_ord_tcp) S
DATAC RealWin SCADA SCPC_INITIALIZE Vulnerability (win_shell_reverse_tcp) S
DATAC RealWin SCADA SCPC_INITIALIZE_RF Vulnerability (gen_shell_bind_tcp) S
DATAC RealWin SCADA SCPC_INITIALIZE_RF Vulnerability (gen_shell_reverse_tcp) S
DATAC RealWin SCADA SCPC_INITIALIZE_RF Vulnerability (win_adduser) S
DATAC RealWin SCADA SCPC_INITIALIZE_RF Vulnerability (win_exec) S
Fat Player '.wav' Buffer Overflow Vulnerability (gen_debug_trap) S
Fat Player '.wav' Buffer Overflow Vulnerability (gen_shell_bind_tcp) S
Fat Player '.wav' Buffer Overflow Vulnerability (gen_shell_reverse_tcp) S
Fat Player '.wav' Buffer Overflow Vulnerability (win_exec) S
Fat Player '.wav' Buffer Overflow Vulnerability (win_shell_reverse_ord_tcp) S
Foxit Reader Title Parsing Remote Buffer Overflow Vulnerability S
Foxit Reader Title Parsing Remote Buffer Overflow Vulnerability_1 S
HTTP Apache Shiro Directory Traversal Vulnerability S
HTTP Camtron CMNC-200 Full HD IP Camera Authentication Bypass Vulnerability S
HTTP Camtron CMNC-200 Full HD IP Camera Directory Traversal Vulnerability S
HTTP Camtron CMNC-200 Full HD IP Camera Remote Code Execution S
HTTP Crystal Reporting Viewer 'SearchByFormula()' Vulnerability S
HTTP IBM Omnifind Cross-site Request Forgery Vulnerability S
HTTP LANDesk Management Gateway Cross Site Request Forgery Vulnerability S
HTTP Microsoft IE CSS Tags Vulnerability (win_exec) S
HTTP Microsoft IE CSS Tags Vulnerability (win_shell_bind_tcp) S
HTTP Microsoft IE CSS Tags Vulnerability (win_shell_bind_tcp_xpfw) S
HTTP Microsoft IE CSS Tags Vulnerability (win_shell_reverse_ord_tcp) S
HTTP Microsoft IE CSS Tags Vulnerability (win_shell_reverse_tcp) S
HTTP Oracle Fusion Middleware CVE-2010-3581 Cross Site Scripting S
HTTP Ricoh Web Image Monitor Cross Site Scripting Vulnerability S
HTTP Ricoh Web Image Monitor Cross Site Scripting Vulnerability_1 S
HTTP XAMPP Cross Site Scripting Vulnerability S
HTTP XAMPP Information Disclosure Vulnerability S
IBM solidDB Packets Processing Remote Denial of Service Vulnerabilities S
IBM solidDB Packets Processing Remote Denial of Service Vulnerabilities_1 S
IBM solidDB Packets Processing Remote Denial of Service Vulnerabilities_2 S
Oracle Siebel Core CVE-2010-2406 Highly Interactive Client Vulnerabilities S
Oracle Siebel Core CVE-2010-2406 Highly Interactive Client Vulnerabilities_1 S
Power Audio Editor '.cda' File Processing Denial of Service S
SAP NetWeaver SQL Monitor 'connid' Cross-Site Scripting S
SAP NetWeaver SQL Monitor 'reqTableColumns' Cross-Site Scripting S
Xerox 4595 Remote Denial of Service Vulnerability S

5 Evasions

Evasion HTML unicode (utf-16le) (for CVE-2010-3962) S
Evasion HTTP chunked (for CVE-2010-3962) S
Evasion HTTP gzip compression (for CVE-2010-3962) S
Evasion HTTP Header Folding (for CVE-2010-3962) S
Evasion HTTP junk headers (for CVE-2010-3962) S


idappcom - Auditing, verifying and enhancing the capabilities of corporate security defences.

We do not use cookies for tracking users, displaying customised content or storing information about users, other than that required to maintain 'session state' for the login system for registered users. Please read our cookie policy for more information. Please note that by using this site you are consenting to the use of cookies.