Search

Traffic File Update - October 2012

This Traffic IQ Professional update for October 2012 contains the latest application exploits, threats and security evasion techniques along with technical data and high quality security rules.

Traffic IQ Professional

Traffic File Update for October 2012

111 Application Exploits

Avaya IP Office Customer Call Reporter 'ImageUpload.ashx' Vulnerability S
Avaya WinPDM Unite Host Router Service Buffer Overflow (MessageBox) S
Avaya WinPDM Unite Host Router Service Buffer Overflow (win_exec) S
FastStone Image Viewer Read Access Violation Arbitrary Code Execution Vulnerability S
HP Application Lifecycle Management 'XGO.ocx' Multiple Vulnerabilities S
HP Application Lifecycle Management 'XGO.ocx' Multiple Vulnerabilities_1 S
HTTP AContent 'file' Parameter Cross-Site Scripting Vulnerability S
HTTP AContent 'framed' Parameter Cross-Site Scripting Vulnerability S
HTTP AContent 'pathext' Parameter Cross-Site Scripting Vulnerability S
HTTP AContent 'popup' Parameter Cross-Site Scripting Vulnerability S
HTTP AjaXplorer checkInstall.php Command Execution Vulnerability (bind_ruby) S
HTTP AjaXplorer checkInstall.php Command Execution Vulnerability (cmd) S
HTTP AjaXplorer checkInstall.php Command Execution Vulnerability (reverse_shell) S
HTTP Aladdin Knowledge System PrivAgent ActiveX Buffer Overflow Vulnerability S
HTTP BigPond Wireless Broadband Gateway Command Injection Vulnerability S
HTTP Bitweaver 'highlight' Parameter Cross Site Scripting CVE-2012-5193 Vulnerability S
HTTP Bitweaver 'newsletters' Cross Site Scripting CVE-2012-5193 Vulnerability S
HTTP Bitweaver 'stats' Cross Site Scripting CVE-2012-5193 Vulnerability S
HTTP Bitweaver Local File Inclusion CVE-2012-5192 Vulnerability S
HTTP D-Link DSL-2640B 'redpass.cgi' CVE-2012-1308 CSRF Vulnerability S
HTTP Interspire Email Marketer 'index.php' XSS Vulnerability S
HTTP Interspire Email Marketer 'index.php' XSS Vulnerability_1 S
HTTP JAMF Software Casper Suite CVE-2012-4051 'change password' CSRF Vulnerability S
HTTP JAMF Software Casper Suite CVE-2012-4051 'create user' CSRF Vulnerability S
HTTP jCore 'path' Parameter CVE-2012-4231 XSS Vulnerability S
HTTP JW Player 'logo.link' Parameter Cross Site Scripting Vulnerability S
HTTP ManageEngine Support Center Plus Multiple Security Vulnerabilities S
HTTP Mozilla Firefox CVE-2012-1965 Cross Site Scripting Vulnerability S
HTTP NTR ActiveX Control StopModule() CVE-2012-0267 Vulnerability (MessageBox) S
HTTP NTR ActiveX Control StopModule() CVE-2012-0267 Vulnerability (win_exec) S
HTTP OpenX plugin-index.php Cross Site Scripting Vulnerability S
HTTP Samsung Kies Arbitrary Directory Modification CVE-2012-3809 Vulnerability S
HTTP Samsung Kies Arbitrary File Execution CVE-2012-3807 Vulnerability S
HTTP Samsung Kies Arbitrary File Modification CVE-2012-3808 Vulnerability S
HTTP Samsung Kies Arbitrary Registry Modification CVE-2012-3810 Vulnerability S
HTTP Samsung Kies Null Pointer Dereference CVE-2012-3806 Vulnerability S
HTTP SilverStripe 'BackURL' Parameter URI Redirection Vulnerability S
HTTP Subrion CMS 'group' Parameter XSS CVE-2012-4771 vulnerabilities S
HTTP Subrion CMS 'id' Parameter XSS CVE-2012-4771 vulnerabilities S
HTTP Subrion CMS 'id' Parameter XSS CVE-2012-4771 vulnerabilities_1 S
HTTP Subrion CMS 'id' Parameter XSS CVE-2012-4771 vulnerabilities_2 S
HTTP Symphony CMS 'bluePRINTs' URI SQL Injection Vulnerability S
HTTP Trend Micro IMSS 'addRuleAttrWrsApproveUrl.imss' XSS Vulnerability S
HTTP Trend Micro IMSS 'initUpdSchPage.imss' XSS Vulnerability S
HTTP WordPress ABC Test Plugin 'id' Parameter XSS Vulnerability S
HTTP WordPress Crayon Syntax Highlighter 'wp_load' Remote File Include Vulnerability S
HTTP WordPress Cross Site Request Forgery CVE-2012-4448 Vulnerability S
HTTP WordPress Notices Ticker Plugin CSRF Vulnerability S
HTTP Wordpress Slideshow Plugin Multiple Cross Site Scripting Vulnerabilities S
HTTP Wordpress Slideshow Plugin Multiple Cross Site Scripting Vulnerabilities_1 S
HTTP WordPress Token Manager Plugin 'tid' Parameter XSS Vulnerability S
HTTP WordPress Token Manager Plugin 'tid' Parameter XSS Vulnerability_1 S
HTTP WordPress White Label CMS Plugin CVE-2012-5387 CSRF Vulnerability S
HTTP XAVi X7968 'host_name_txtbox' Parameter XSS Vulnerability S
HTTP XAVi X7968 'pvcName' Parameter XSS Vulnerability S
HTTP XAVi X7968 CVE-2012-5323 Cross Site Request Forgery Vulnerability S
IBM Lotus Notes Traveler 'address' Parameter XSS Vulnerability S
IBM Lotus Notes Traveler 'redirectURL' Parameter XSS Vulnerability S
IBM Lotus Notes Traveler 'redirectURL' Parameter XSS Vulnerability_1 S
IBM Lotus Notes Traveler 'userId' Parameter XSS Vulnerability S
IBM Lotus Notes Traveler Cross-Site Request Forgery Vulnerability S
IMAP ACDSee PRO CUR Image Processing Heap Overflow Vulnerability S
IMAP ACDSee PRO GIF Image Processing Heap Overflow Vulnerability S
IMAP ACDSee PRO PCT Image Processing Heap Overflow Vulnerability S
IMAP ACDSee PRO RLE Image Processing Heap Overflow Vulnerability S
IMAP Apple iTunes '.m3u' File Buffer Overflow Vulnerability (MessageBox) S
IMAP Apple iTunes '.m3u' File Buffer Overflow Vulnerability (win_exec) S
IMAP Divx Player Denial of Service Vulnerability S
IMAP IrfanView JPEG-2000 Plugin Buffer Overflow Vulnerability (MessageBox) S
IMAP IrfanView JPEG-2000 Plugin Buffer Overflow Vulnerability (win_exec) S
IMAP IrfanView JPEG-2000 Plugin Buffer Overflow Vulnerability (win_shell_bind_tcp) S
IMAP IrfanView JPEG-2000 Plugin Buffer Overflow Vulnerability (win_shell_bind_tcp_xpfw) S
IMAP IrfanView JPEG-2000 Plugin Buffer Overflow Vulnerability (win_shell_reverse_ord_tcp) S
IMAP IrfanView JPEG-2000 Plugin Buffer Overflow Vulnerability (win_shell_reverse_tcp) S
IMAP VLC Media Player '.3gp' File Divide-By-Zero DoS Vulnerability S
IMAP WaveSurfer '.wav' File Denial of Service Vulnerability S
IMAP ZipItFast PRO '.zip' File Heap Buffer Overflow Vulnerability S
IMAP Zoom Player '.avi' File Divide-By-Zero DoS Vulnerability S
InduSoft Web Studio Arbitrary Upload Remote Code Execution (SCADA) S
Internet Mobile SMSUI plugin Buffer Overflow Vulnerability S
ManageEngine Security Manager Plus 'f' Directory Traversal Vulnerability S
ManageEngine Security Manager Plus 'f' Directory Traversal Vulnerability_1 S
Microsoft Office Picture Manager 2010 Memory Corruption Vulnerability S
NCMedia Sound Editor Pro MRUList201202.dat Buffer Overflow Vulerability S
NCMedia Sound Editor Pro MRUList201202.dat Buffer Overflow Vulerability_1 S
Novell GroupWise Internet Agent CVE-2012-0271 Remote Integer Overflow Vulnerability S
PLIB 'ssgParser.cxx' Remote Stack Buffer Overflow Vulnerability S
POP3 ACDSee PRO CUR Image Processing Heap Overflow Vulnerability S
POP3 ACDSee PRO GIF Image Processing Heap Overflow Vulnerability S
POP3 ACDSee PRO PCT Image Processing Heap Overflow Vulnerability S
POP3 ACDSee PRO RLE Image Processing Heap Overflow Vulnerability S
POP3 Apple iTunes '.m3u' File Buffer Overflow Vulnerability (MessageBox) S
POP3 Apple iTunes '.m3u' File Buffer Overflow Vulnerability (win_exec) S
POP3 Divx Player Denial of Service Vulnerability S
POP3 IrfanView JPEG-2000 Plugin Buffer Overflow Vulnerability (MessageBox) S
POP3 IrfanView JPEG-2000 Plugin Buffer Overflow Vulnerability (win_exec) S
POP3 IrfanView JPEG-2000 Plugin Buffer Overflow Vulnerability (win_shell_bind_tcp) S
POP3 IrfanView JPEG-2000 Plugin Buffer Overflow Vulnerability (win_shell_bind_tcp_xpfw) S
POP3 IrfanView JPEG-2000 Plugin Buffer Overflow Vulnerability (win_shell_reverse_ord_tcp) S
POP3 IrfanView JPEG-2000 Plugin Buffer Overflow Vulnerability (win_shell_reverse_tcp) S
POP3 VLC Media Player '.3gp' File Divide-By-Zero DoS Vulnerability S
POP3 WaveSurfer '.wav' File Denial of Service Vulnerability S
POP3 ZipItFast PRO '.zip' File Heap Buffer Overflow Vulnerability S
POP3 Zoom Player '.avi' File Divide-By-Zero DoS Vulnerability S
QNX Qconn Remote Arbitrary Command Execution Vulnerability S
QNX Qconn Remote Arbitrary Command Execution Vulnerability_1 S
SafeNet Sentinel Protection Installer Keys Server Remote DoS Vulnerability S
VLC Media Player Read Access Violation Arbitrary Code Execution Vulnerability S
WAN Emulator 'result.php pc' Parameter Command Execution Vulnerability (bind_netcat) S
WAN Emulator 'result.php pc' Parameter Command Execution Vulnerability (cmd) S
XnView JPEG-LS Image Processing Heap Based Buffer Overflow Vulnerability S


idappcom - Auditing, verifying and enhancing the capabilities of corporate security defences.

We do not use cookies for tracking users, displaying customised content or storing information about users, other than that required to maintain 'session state' for the login system for registered users. Please read our cookie policy for more information. Please note that by using this site you are consenting to the use of cookies.