Search

Traffic File Update - September 2010

This Traffic IQ Professional update for September 2010 contains the latest application exploits, threats and security evasion techniques along with technical data and high quality security rules.

Traffic IQ Professional

Traffic File Update for September 2010

47 Application Exploits

A-PDF All to MP3 Converter '.wav' File Remote Buffer Overflow Vulnerability S
Adobe Acrobat and Reader 'AcroForm.api' Memory Corruption Vulnerability S
Adobe Acrobat and Reader 'acroform_PlugInMain' Memory Corruption Vulnerability S
Adobe Acrobat and Reader 'pushstring' and 'debugfile' Remote Code Execution S
Adobe Reader 'CoolType.dll' TTF Font Remote Code Execution (gen_debug_trap) S
Adobe Reader 'CoolType.dll' TTF Font Remote Code Execution (gen_shell_bind_tcp) S
Adobe Reader 'CoolType.dll' TTF Font Remote Code Execution (gen_shell_reverse_tcp) S
Adobe Reader 'CoolType.dll' TTF Font Remote Code Execution (win_exec) S
Adobe Reader 'CoolType.dll' TTF Font Remote Code Execution (win_shell_reverse_ord_tcp) S
Apple QuickTime FlashPix Encoded File 'NumberOfTiles' Remote Integer Overflow Vulnerability S
Apple QuickTime _Marshaled_pUnk Remote Code Execution (generic_debug_trap) S
Apple QuickTime _Marshaled_pUnk Remote Code Execution (win_exec) S
HP OpenView Network Node Manager 'execvp_nc()' Code Execution Vulnerability S
HTTP ATutor 'cid' Parameter Cross-Site Scripting Vulnerability S
HTTP Autodesk MapGuide Viewer 'LayersViewWidth()' Buffer Overflow Vulnerability S
HTTP Axigen Webmail Directory Traversal Vulnerability S
HTTP Axigen Webmail Directory Traversal Vulnerability_1 S
HTTP Axigen Webmail Directory Traversal Vulnerability_2 S
HTTP LEADTOOLS Imaging 'LtocxTwainu.dll' Buffer Overflow Vulnerability S
HTTP MW6 Technologies Barcode 'Supplement' Heap Buffer Overflow Vulnerability S
HTTP Netautor Professional 'login2.php' Cross Site Scripting Vulnerability S
HTTP Novell iPrint Client call-back-url buffer overflow S
HTTP QuickShare Directory Traversal Vulnerability S
HTTP Softek Barcode Reader Toolkit 'SoftekATL.dll' Buffer Overflow Vulnerability S
HTTP Trend Micro Internet Security Pro 2010 'extSetOwner' Remote Code Execution S
HTTP Trend Micro Internet Security Pro 2010 'extSetOwner' Remote Code Execution_1 S
ImTOO MPEG Encoder Remote Stack Buffer Overflow Vulnerability S
Integard Home and Pro Password Remote Buffer Overflow (generic_debug_trap) S
Integard Home and Pro Password Remote Buffer Overflow (win_exec) S
Integard Home and Pro Password Remote Buffer Overflow (win_shell_bind_tcp) S
Integard Home and Pro Password Remote Buffer Overflow (win_shell_bind_tcp_xpfw) S
Integard Home and Pro Password Remote Buffer Overflow (win_shell_reverse_ord_tcp) S
Integard Home and Pro Password Remote Buffer Overflow (win_shell_reverse_tcp) S
Microsoft Excel 'FEATHEADER' Remote Code Execution Vulnerability (MS09-067) S
Microsoft Excel HFPicture Record Parsing Remote Code Execution (MS10-038) S
Microsoft Excel Real Time Data (RTD) Remote Code Execution Vulnerability (MS10-038) S
Microsoft IIS 5.1 Alternate Data Stream Authentication Bypass Vulnerability (MS10-065) S
Microsoft Office Property Code Execution Vulnerability S
Microsoft Visio 'DXF' File Insertion Buffer Overflow Vulnerability S
Microsoft Windows Cinepak Codec Media Decompression Remote Code Execution (MS10-055) S
Microsoft Windows Movie Maker and Producer '.mswmm' Buffer Overflow (MS10-016) S
Microsoft Word 'sprmCMajority' Remote Code Execution (MS10-056) S
RealNetworks RealPlayer FLV Parsing Integer Overflow Vulnerability S
SCADA Engine BACnet OPC Client Buffer Overflow Vulnerability S
SnackAmp '.smp' File Buffer Overflow Vulnerability S
SnackAmp '.wav' File Buffer Overflow Vulnerability S
Unsniff Network Analyzer '.usnf' File Heap-Based Buffer Overflow_1 S

4 Evasions

Evasion HTTP chunked (for CVE-2010-1818) S
Evasion HTTP gzip compression (for CVE-2010-1818) S
Evasion HTTP Header Folding (for CVE-2010-1818) S
Evasion HTTP junk headers (for CVE-2010-1818) S


idappcom - Auditing, verifying and enhancing the capabilities of corporate security defences.

We do not use cookies for tracking users, displaying customised content or storing information about users, other than that required to maintain 'session state' for the login system for registered users. Please read our cookie policy for more information. Please note that by using this site you are consenting to the use of cookies.