Search

Traffic File Update - September 2012

This Traffic IQ Professional update for September 2012 contains the latest application exploits, threats and security evasion techniques along with technical data and high quality security rules.

Traffic IQ Professional

Traffic File Update for September 2012

51 Application Exploits

ActiveFax 4.3 Client Importer Buffer Overflow Vulnerability (MessageBox) S
ActiveFax 4.3 Client Importer Buffer Overflow Vulnerability (win_adduser) S
ActiveFax 4.3 Client Importer Buffer Overflow Vulnerability (win_exec) S
Adobe Flash Player CVE-2012-1535 Font Parsing Vulnerability (MessageBox) S
Adobe Flash Player CVE-2012-1535 Font Parsing Vulnerability (win_exec) S
Adobe Flash Player CVE-2012-1535 Font Parsing Vulnerability (win_shell_bind_tcp) S
CuteZip '.zip' File Buffer Overflow Vulnerability (MessageBox) S
CuteZip '.zip' File Buffer Overflow Vulnerability (win_exec) S
CuteZip '.zip' File Buffer Overflow Vulnerability (win_shell_bind) S
Express Burn Project File Heap Based Buffer Overflow Vulnerability S
GIMP 'fit' File Format Denial of Service Vulnerability S
HTTP Atlassian Confluence Error Page Cross Site Scripting Vulnerability S
HTTP AxisInternet VoIP Manager 'contacts.cgi' XSS Vulnerability S
HTTP AxisInternet VoIP Manager 'contact_chooser.cgi' XSS Vulnerability S
HTTP Flogr 'index.php' CVE-2012-4336 Multiple XSS Vulnerabilities S
HTTP Flogr 'index.php' CVE-2012-4336 Multiple XSS Vulnerabilities_1 S
HTTP Mahara CVE-2012-2237 Cross Site Scripting Vulnerability S
HTTP Microcart CVE-2012-4241 'checkout.php' XSS Vulnerability S
HTTP Multiple Conceptronic Products 'login.js' Information Disclosure Vulnerability S
HTTP Netsweeper CVE-2012-2446 Cross Site Scripting Vulnerability S
HTTP Netsweeper CVE-2012-2447 Cross Site Request Forgery Vulnerability S
HTTP NTR Check() Method Remote Code Execution Vulnerability (MessageBox) S
HTTP NTR Check() Method Remote Code Execution Vulnerability (win_exec) S
HTTP Poweradmin 'index.php' Cross Site Scripting Vulnerability S
HTTP Sciretech Multimedia Manager index.php SQL Injection Vulnerability S
HTTP Sitecom Home Storage Center Directory Traversal Vulnerability S
HTTP Sitecom Home Storage Center Multiple Security Vulnerabilities S
HTTP TCExam CVE-2012-4601 'subject_id' parameter SQL Injection Vulnerability S
HTTP TCExam CVE-2012-4601 'user_groups' parameter SQL Injection Vulnerability S
HTTP TCExam CVE-2012-4602 'cid' parameter Cross Site Scripting Vulnerability S
HTTP TCExam CVE-2012-4602 'uids' parameter Cross Site Scripting Vulnerability S
HTTP WAP Proof Denial of Service Vulnerability S
HTTP WordPress bbPress Plugin 'page' Parameter SQL Injection Vulnerability S
HTTP WordPress Cloudsafe365 Plugin 'wp-config.php' File Disclosure Vulnerability S
HTTP WordPress Cloudsafe365 Plugin 'wp-login.php' File Disclosure Vulnerability S
HTTP Wordpress Finder 'order' Parameter Cross Site Scripting Vulnerability S
HTTP Wordpress HD Webplayer Plugin 'config.php' SQL Injection Vulnerability S
HTTP Wordpress HD Webplayer Plugin 'playlist.php' SQL Injection Vulnerability S
HTTP WordPress MF Gig Calendar Plugin CVE-2012-4242 XSS Vulnerability S
HTTP WordPress WP-TopBar Plugin Cross-Site Request Forgery Vulnerability S
HTTP Zen Load Balancer 'global.conf' Information Disclosure Vulnerability S
Mcrypt CVE-2012-4409 Stack Based Buffer Overflow Vulnerability S
Mcrypt CVE-2012-4409 Stack Based Buffer Overflow Vulnerability_1 S
Microsoft Internet Explorer execCommand Use-After-Free Vulnerability (MS12-063) S
Microsoft SharePoint Malformed SOAP Request Remote Code Execution Vulnerability S
Oracle Supply Chain Products Suite CVE-2012-0549 Vulnerability (MessageBox) S
Oracle Supply Chain Products Suite CVE-2012-0549 Vulnerability (win_exec) S
TFTP NetDecision Writable Directory Traversal Execution (MessageBox) S
TFTP NetDecision Writable Directory Traversal Execution (win_exec) S
TFTP NetDecision Writable Directory Traversal Execution (win_shell_bind_tcp) S
War FTP Daemon Multiple Format String Vulnerabilities S


idappcom - Auditing, verifying and enhancing the capabilities of corporate security defences.

We do not use cookies for tracking users, displaying customised content or storing information about users, other than that required to maintain 'session state' for the login system for registered users. Please read our cookie policy for more information. Please note that by using this site you are consenting to the use of cookies.