Search

Traffic File Update - September 2011

This Traffic IQ Professional update for September 2011 contains the latest application exploits, threats and security evasion techniques along with technical data and high quality security rules.

Traffic IQ Professional

Traffic File Update for September 2011

103 Application Exploits

Apple QuickTime PICT File CVE-2011-0257 Vulnerability (debug_trap) S
Apple QuickTime PICT File CVE-2011-0257 Vulnerability (MessageBox) S
Apple QuickTime PICT File CVE-2011-0257 Vulnerability (win_exec) S
Apple QuickTime PICT File CVE-2011-0257 Vulnerability (win_shell_bind_tcp) S
Apple QuickTime PICT File CVE-2011-0257 Vulnerability (win_shell_reverse_ord_tcp) S
Apple QuickTime PICT File CVE-2011-0257 Vulnerability (win_shell_reverse_tcp) S
Apple QuickTime PICT File CVE-2011-0257 Vulnerability (win_speak_pwned) S
BroadWin WebAccess Client 'bwocxrun.ocx' Multiple Remote Vulnerabilities (SCADA) S
BroadWin WebAccess Client 'bwocxrun.ocx' Multiple Remote Vulnerabilities (SCADA)_1 S
Cogent DataHub Buffer Overflow Vulnerability (SCADA) S
Cogent DataHub Directory Traversal Vulnerability (SCADA) S
Cogent DataHub Directory Traversal Vulnerability (SCADA)_1 S
Cogent DataHub Information Disclosure Vulnerability (SCADA) S
Cogent DataHub Information Disclosure Vulnerability (SCADA)_1 S
Cogent DataHub Information Disclosure Vulnerability (SCADA)_2 S
Cogent DataHub Integer Overflow Vulnerability (SCADA) S
DVD X Player PLF File Buffer Overflow Vulnerability (debug_trap) S
DVD X Player PLF File Buffer Overflow Vulnerability (gen_shell_bind_tcp) S
DVD X Player PLF File Buffer Overflow Vulnerability (gen_shell_reverse_tcp) S
DVD X Player PLF File Buffer Overflow Vulnerability (MessageBox) S
DVD X Player PLF File Buffer Overflow Vulnerability (win_exec) S
DVD X Player PLF File Buffer Overflow Vulnerability (win_shell_reverse_ord_tcp) S
DVD X Player PLF File Buffer Overflow Vulnerability (win_speak_pwned) S
eSignal Multiple (CVE-2011-3494) Buffer Overflow Vulnerabilities S
eSignal Multiple (CVE-2011-3494) Buffer Overflow Vulnerabilities_1 S
EViews Program File (.prg) Processing Buffer Overflow Vulnerability S
EViews Program File (.wf1) Processing Buffer Overflow Vulnerability S
FTP Freefloat FTP Server 'USER' Command Buffer Overflow Vulnerability S
FTP KnFTPd FTP Server 'pass' Command Buffer Overflow Vulnerability S
FTP KnFTPd FTP Server 'pass' Command Buffer Overflow Vulnerability_1 S
FTP KnFTPd FTP Server 'pwd' Command Buffer Overflow Vulnerability S
FTP KnFTPd FTP Server 'user' Command Buffer Overflow Vulnerability S
HTTP Adobe ColdFusion Multiple Cross Site Scripting Vulnerabilities S
HTTP Adobe ColdFusion Multiple Cross Site Scripting Vulnerabilities_1 S
HTTP Adobe ColdFusion Multiple Cross Site Scripting Vulnerabilities_2 S
HTTP Apple QuickTime 'QuickTimePlayer.dll' Buffer Overflow Vulnerability S
HTTP Citrix Access Gateway Code Execution Vulnerabilities (debug_trap) S
HTTP Citrix Access Gateway Code Execution Vulnerabilities (MessageBox) S
HTTP Citrix Access Gateway Code Execution Vulnerabilities (win_exec) S
HTTP Citrix Access Gateway Code Execution Vulnerabilities (win_shell_bind_tcp) S
HTTP Citrix Access Gateway Code Execution Vulnerabilities (win_shell_reverse_ord_tcp) S
HTTP Citrix Access Gateway Code Execution Vulnerabilities (win_shell_reverse_tcp) S
HTTP FortiMail 'module admin.fe' Multiple XSS Vulnerabilities S
HTTP FortiMail 'module admin.fe' Multiple XSS Vulnerabilities_1 S
HTTP FortiMail 'module admin.fe' Multiple XSS Vulnerabilities_2 S
HTTP FortiMail 'module admin.fe' Multiple XSS Vulnerabilities_3 S
HTTP MantisBT 'CVE-2011-2938' Cross Site Scripting Vulnerability S
HTTP MantisBT SQL Injection Vulnerability S
HTTP Microsoft SharePoint 'Source' Parameter URI Open Redirection Vulnerability S
HTTP Newgen Software OmniDocs Privilege Escalation Vulnerability S
HTTP SolarWinds Orion NPM 'CustomChart.aspx' XSS Vulnerability S
HTTP SolarWinds Orion NPM 'CustomChart.aspx' XSS Vulnerability_1 S
HTTP TimeLive Time and Expense 'FileDownload.aspx' Vulnerability S
HTTP TimeLive Time and Expense 'FileDownload.aspx' Vulnerability_1 S
HTTP TWiki (CVE-2011-3010) Multiple Cross Site Scripting Vulnerabilities S
HTTP TWiki (CVE-2011-3010) Multiple Cross Site Scripting Vulnerabilities_1 S
HTTP Zikula Application Framework 'themename' Parameter XSS Vulnerability S
IBM Lotus Domino 'NSFComputeEvaluateExt()' Buffer Overflow Vulnerability S
Measuresoft ScadaPro 'RF' command Vulnerability (SCADA) S
Measuresoft ScadaPro 'UF' command Vulnerability (SCADA) S
Measuresoft ScadaPro 'WF' command Vulnerability (SCADA) S
Measuresoft ScadaPro 'XF' command Vulnerability (SCADA) S
Measuresoft ScadaPro Multiple Security Vulnerabilities (SCADA) S
Measuresoft ScadaPro Multiple Security Vulnerabilities (SCADA)_1 S
Measuresoft ScadaPro Multiple Security Vulnerabilities (SCADA)_2 S
MetaStock Use-After-Free Remote Code Execution Vulnerability S
Movicon 'EIDP' Packet Memory Corruption Vulnerability (SCADA) S
Movicon (CVE-2011-3491) Heap Based Buffer Overflow Vulnerability (SCADA) S
Movicon (CVE-2011-3498) Heap Based Buffer Overflow Vulnerability (SCADA) S
PcVue 'aipgctl.ocx' DeletePage Method Vulnerability (SCADA) S
PcVue 'SVUIGrd.ocx' GetExtendedColor Method Vulnerability (SCADA) S
PcVue 'SVUIGrd.ocx' SaveObject and LoadObject Directory Traversal Vulnerability (SCADA) S
PcVue 'SVUIGrd.ocx' SaveObject and LoadObject Methods Vulnerability (SCADA) S
PlantVisor Enhanced Multiple Directory Traversal Vulnerabilities (SCADA) S
PlantVisor Enhanced Multiple Directory Traversal Vulnerabilities (SCADA)_1 S
PlantVisor Enhanced Multiple Directory Traversal Vulnerabilities (SCADA)_2 S
PlantVisor Enhanced Multiple Directory Traversal Vulnerabilities (SCADA)_3 S
Progea Movicon 'TCPUploadServer.exe' Create Folder Vulnerability (SCADA) S
Progea Movicon 'TCPUploadServer.exe' Create Shortcut Vulnerability (SCADA) S
Progea Movicon 'TCPUploadServer.exe' Delete File Vulnerability (SCADA) S
Progea Movicon 'TCPUploadServer.exe' Denial of Service Vulnerability (SCADA) S
Progea Movicon 'TCPUploadServer.exe' Information Disclosure Vulnerability (SCADA) S
Progea Movicon 'TCPUploadServer.exe' Information Disclosure Vulnerability (SCADA)_1 S
Progea Movicon 'TCPUploadServer.exe' Overwrite File Vulnerability (SCADA) S
Progea Movicon Execute 'moviconRunTime.exe' Vulnerability (SCADA) S
RSLogix (CVE-2011-3489) Remote Denial of Service Vulnerability (SCADA) S
RSLogix (CVE-2011-3489) Remote Denial of Service Vulnerability (SCADA)_1 S
RSyslog 'parseLegacySyslogMsg()' Function Buffer Overflow Vulnerability S
Sunway ForceControl ActiveX Remote Code Execution Vulnerability (SCADA) S
Sunway ForceControl AngelServer Stack Overflow Vulnerability (SCADA) S
Sunway ForceControl Multiple DoS Vulnerabilities (SCADA) S
Sunway ForceControl Multiple DoS Vulnerabilities (SCADA)_1 S
Sunway ForceControl Multiple DoS Vulnerabilities (SCADA)_2 S
Sunway ForceControl Multiple DoS Vulnerabilities (SCADA)_3 S
Sunway ForceControl Multiple DoS Vulnerabilities (SCADA)_4 S
Sunway ForceControl NetServer Information Disclosure Vulnerability (SCADA) S
Sunway ForceControl SNMP NetDBServer DoS Vulnerability (SCADA) S
Sunway ForceControl SNMP NetDBServer Integer Stack Overflow Vulnerability (SCADA) S
Sunway ForceControl SNMP NetDBServer Stack Overflow Vulnerability (SCADA) S
Sunway ForceControl WebServer Directory Traversal Vulnerability (SCADA) S
TwinCAT (CVE-2011-3486) 'TCATSysSrv.exe' Network Packet DoS Vulnerability (SCADA) S
Wibu-Systems CodeMeter License Server Directory Traversal Vulnerability S
Wibu-Systems CodeMeter License Server Directory Traversal Vulnerability_1 S

3 Evasions

Evasion HTTP chunked (for CVE-2011-2882) S
Evasion HTTP Header Folding (for CVE-2011-2882) S
Evasion HTTP junk headers (for CVE-2011-2882) S


idappcom - Auditing, verifying and enhancing the capabilities of corporate security defences.

We do not use cookies for tracking users, displaying customised content or storing information about users, other than that required to maintain 'session state' for the login system for registered users. Please read our cookie policy for more information. Please note that by using this site you are consenting to the use of cookies.