Search

Traffic File Update - April 2010

This Traffic IQ Professional update for April 2010 contains the latest application exploits, threats and security evasion techniques along with technical data and high quality security rules.

Traffic IQ Professional

Traffic File Update for April 2010

51 Application Exploits

Aladdin eToken PKI Client ETV File Remote Code Execution Vulnerability S
Apache ActiveMQ Request Handling Source Disclosure Vulnerability S
Apache ActiveMQ Request Handling Source Disclosure Vulnerability_1 S
Apache ActiveMQ Request Handling Source Disclosure Vulnerability_2 S
Archive Searcher ZIP Archive Processing Buffer Overflow Vulnerability S
EDraw Flowchart '.edd' File Buffer Overflow Vulnerability S
Foxit Reader 'Launch Action' Remote Code Execution Vulnerability S
Foxit Reader 'Launch Action' Remote Code Execution Vulnerability_1 S
FTP Xftp Response Processing Remote Buffer Overflow Vulnerability S
HP Operations Manager Remote Buffer Overflow Vulnerability S
HTTP Agile Technologies Components for Joomla 'controller' File Include Vulnerability S
HTTP Agile Technologies Components for Joomla 'controller' File Include Vulnerability_1 S
HTTP Agile Technologies Components for Joomla 'controller' File Include Vulnerability_2 S
HTTP agXchange ESM 'ucquerydetails.jsp' Cross Site Scripting Vulnerability S
HTTP Aris agXchange ESM 'ucschcancelproc.jsp' Open Redirection Vulnerability S
HTTP EDraw Flowchart 'OpenDocument()' Remote Code Execution Vulnerability S
HTTP FlashCard 'id' Parameter Cross Site Scripting Vulnerability S
HTTP IBM Lotus Notes 'names.nsf' Cross Site Scripting Vulnerability S
HTTP Iomega Network Hard Drive 'smbwebclient.php' Authentication Bypass Vulnerability S
HTTP Iomega Network Hard Drive 'smbwebclient.php' Authentication Bypass Vulnerability_1 S
HTTP McAfee Email Gateway 'queuedMessage.do' Cross-Site Scripting Vulnerability S
HTTP Microsoft IE 8 XSS Filter 'script' Tag Cross-Site Scripting Vulnerability S
HTTP Mozilla Firefox CVE-2010-0167 Memory Corruption Vulnerability S
HTTP TANDBERG Video Communication Server 'helppage.php' Vulnerability S
HTTP TANDBERG Video Communication Server 'user-helppage.php' Vulnerability S
HTTP Virata EmWeb URI Remote Denial Of Service Vulnerability S
IBM BladeCenter Advanced Management Module Denial of Service Vulnerability S
IBM Informix Dynamic Server librpc.dll Buffer Overflow S
Microsoft IE 'Tabular Data Control' Remote Code Execution Vulnerability S
Mocha W32 LPD Remote Buffer Overflow Vulnerability S
MPlayer WAV File Remote Null Pointer Dereference Vulnerability S
netKar PRO '.nkuser' File Creation NULL Pointer Denial Of Service Vulnerability S
netKar PRO '.nkuser' File Creation NULL Pointer Denial Of Service Vulnerability_1 S
Novell iPrint Client 'Date & Time' Buffer Overflow (win_exec) S
Novell iPrint Client 'Date & Time' Buffer Overflow (win_shell_bind_tcp) S
Novell iPrint Client 'target-frame' Remote Buffer Overflow (gen_shell_bind_tcp) S
Novell iPrint Client 'target-frame' Remote Buffer Overflow (win_exec) S
Oracle JRE Java Platform SE and Java Deployment Toolkit Plugins Code Execution S
SpeedCommander ZIP Processing Buffer Overflow Vulnerability S
Tembria Server Monitor HTTP Request Remote Buffer Overflow Vulnerability S
TweakFS Zip Utility ZIP File Remote Stack Overflow Vulnerability S
VariCAD 2010 'DWB' File Remote Buffer Overflow (add_user) S
VariCAD 2010 'DWB' File Remote Buffer Overflow (bind_shell) S
VariCAD 2010 'DWB' File Remote Buffer Overflow (win_exec) S
VLC Media Player '.ass' File Buffer Overflow Vulnerability S
VLC Media Player ASS File Buffer Overflow Vulnerability S
WinMount ZIP File Remote Buffer Overflow Vulnerability S
WinSoftMagic Photo Editor PNG File Buffer Overflow Vulnerability (win_bind) S
WinSoftMagic Photo Editor PNG File Buffer Overflow Vulnerability (win_exec) S
Xilisoft Video Converter Wizard '.yuv' Buffer Overflow Vulnerability S
ZipGenius 'zgtips.dll' Filename Buffer Overflow Vulnerability S

6 Evasions

Evasion HTML base64 double_pad (for CVE-2009-1569) S
Evasion HTML javascript escape (for CVE-2009-1569) S
Evasion HTML unicode (utf-16le) (for CVE-2009-1569) S
Evasion HTTP chunked (for CVE-2009-1569) S
Evasion HTTP Header Folding (for CVE-2009-1569) S
Evasion HTTP junk headers (for CVE-2009-1569) S


idappcom - Auditing, verifying and enhancing the capabilities of corporate security defences.

We do not use cookies for tracking users, displaying customised content or storing information about users, other than that required to maintain 'session state' for the login system for registered users. Please read our cookie policy for more information. Please note that by using this site you are consenting to the use of cookies.