Search

Traffic File Update - May 2012

This Traffic IQ Professional update for May 2012 contains the latest application exploits, threats and security evasion techniques along with technical data and high quality security rules.

Traffic IQ Professional

Traffic File Update for May 2012

137 Application Exploits

BeyondCHM '.chm' File Remote Stack Buffer Overflow Vulnerability S
bsnes '.nes' File Buffer Overflow Vulnerability S
EMC Data Protection Advisor NULL Pointer Dereference Vulnerability S
EMC Data Protection Advisor NULL Pointer Dereference Vulnerability_1 S
Foxit Reader PDF Handling Vulnerability (MessageBox) S
Foxit Reader PDF Handling Vulnerability (win_exec) S
Foxit Reader PDF Handling Vulnerability (win_shell_bind_tcp) S
Foxit Reader PDF Handling Vulnerability (win_shell_reverse_ord_tcp) S
Foxit Reader PDF Handling Vulnerability (win_shell_reverse_tcp) S
GSM SIM Utility '.sms' Buffer Overflow Vulnerability (win_shell_bind_tcp_xpfw) S
GSM SIM Utility '.sms' Buffer Overflow Vulnerability (win_shell_reverse_ord_tcp) S
GSM SIM Utility '.sms' Buffer Overflow Vulnerability (win_shell_reverse_tcp) S
HP StorageWorks P4000 Virtual SAN Appliance Command Execution S
HTTP backupDB() 'onlyDB' Parameter Cross Site Scripting Vulnerability S
HTTP eLearning Server 4G Remote File Include Vulnerability S
HTTP eLearning Server 4G Remote SQL Injection Vulnerability S
HTTP eZ Publish 'ezjscore' Module Cross Site Scripting Vulnerability S
HTTP Firefox AttributeChildRemoved() Use-After-Free Vulnerability (debug_trap) S
HTTP Firefox AttributeChildRemoved() Use-After-Free Vulnerability (MessageBox) S
HTTP Firefox AttributeChildRemoved() Use-After-Free Vulnerability (win_exec) S
HTTP Firefox AttributeChildRemoved() Use-After-Free Vulnerability (win_shell_bind_tcp) S
HTTP Firefox AttributeChildRemoved() Use-After-Free Vulnerability (win_shell_bind_tcp_xpfw) S
HTTP Firefox AttributeChildRemoved() Use-After-Free Vulnerability (win_shell_reverse_ord_tcp) S
HTTP Firefox AttributeChildRemoved() Use-After-Free Vulnerability (win_shell_reverse_tcp) S
HTTP FreeNAC 'deviceadd.php' Cross Site Scripting Vulnerability S
HTTP FreeNAC 'deviceadd.php' SQL Injection Vulnerability S
HTTP FreeNAC 'stats.php' Cross Site Scripting Vulnerability S
HTTP Genium CMS Cross Site Scripting Vulnerability S
HTTP Havalite 'linkId' Parameter Cross Site Scripting Vulnerability S
HTTP Havalite 'postId' Parameter Cross Site Scripting Vulnerability S
HTTP Havalite 'userId' Parameter Cross Site Scripting Vulnerability S
HTTP iGuard Security Access Control Cross Site Scripting Vulnerability S
HTTP JW Player 'debug' Parameter Cross Site Scripting Vulnerability S
HTTP JW Player 'debug' Parameter Cross Site Scripting Vulnerability_1 S
HTTP Kerio WinRoute Firewall Remote Source Code Disclosure Vulnerability S
HTTP Lynx Message Server 'wrapper.plx' XSS Vulnerability S
HTTP Newscoop 'f_country_code' Cross Site Scripting Vulnerability S
HTTP Newscoop 'f_email' Cross Site Scripting Vulnerability S
HTTP Newscoop 'token' Cross Site Scripting Vulnerability S
HTTP OrangeHRM 'hspSummaryId' Parameter SQL Injection Vulnerability (CVE-2012-1506) S
HTTP OrangeHRM 'newHspStatus' Parameter XSS Vulnerability (CVE-2012-1507) S
HTTP OrangeHRM 'sortOrder1' Parameter XSS Vulnerability (CVE-2012-1507) S
HTTP OrangeHRM 'uri' Parameter XSS Vulnerability (CVE-2012-1507) S
HTTP OSSIM 'base_qry_main.php' Cross Site Scripting Vulnerability S
HTTP OSSIM 'top.php' Cross Site Scripting Vulnerability S
HTTP OSSIM SQL Injection Vulnerability S
HTTP PivotX 'ajaxhelper.php' XSS Vulnerability (CVE-2012-2274) S
HTTP Piwigo 'installstatus' parameter XSS CVE-2012-2209 Vulnerability S
HTTP Piwigo 'section' parameter XSS CVE-2012-2209 Vulnerability S
HTTP Piwigo 'theme' parameter XSS CVE-2012-2209 Vulnerability S
HTTP Piwigo Directory Traversal Vulnerability CVE-2012-2208 S
HTTP PragmaMX CVE-2012-2452 Multiple Cross Site Scripting Vulnerabilities S
HTTP PragmaMX CVE-2012-2452 Multiple Cross Site Scripting Vulnerabilities_1 S
HTTP Samsung NET-i Viewer 'msls31.dll' Buffer Overflow Vulnerability S
HTTP SkinCrafter 'InitLicenKeys()' Function Buffer Overflow Vulnerability S
HTTP Symantec Web Gateway 'l' Parameter Cross Site Scripting Vulnerability S
HTTP Symantec Web Gateway 'l' Parameter Cross Site Scripting Vulnerability_1 S
HTTP Websense Triton Report Management Interface XSS Vulnerability S
HTTP WordPress Download Manager Plugin 'cid' Parameter XSS Vulnerability S
HTTP Yandex.Server 'text' Parameter Cross Site Scripting Vulnerability S
Invensys Wonderware InTouch SuiteLink Service DoS Vulnerability S
LAN Messenger Malformed Packet Remote DoS Vulnerability S
Lattice Semiconductor ispVM System XCF Vulnerability (debug_trap) S
Lattice Semiconductor ispVM System XCF Vulnerability (MessageBox) S
Lattice Semiconductor ispVM System XCF Vulnerability (win_exec) S
Lattice Semiconductor ispVM System XCF Vulnerability (win_shell_bind_tcp) S
Lattice Semiconductor ispVM System XCF Vulnerability (win_shell_bind_tcp_xpfw) S
Lattice Semiconductor ispVM System XCF Vulnerability (win_shell_reverse_ord_tcp) S
Lattice Semiconductor ispVM System XCF Vulnerability (win_shell_reverse_tcp) S
LibreOffice '.rtf' File Denial of Service Vulnerability S
McAfee Virtual Technician 'GetObject()' DoS Vulnerability S
McAfee Virtual Technician 'GetObject()' Vulnerability (debug_trap) S
McAfee Virtual Technician 'GetObject()' Vulnerability (win_exec) S
McAfee Virtual Technician 'GetObject()' Vulnerability (win_shell_bind_tcp) S
McAfee Virtual Technician 'GetObject()' Vulnerability (win_shell_reverse_ord_tcp) S
McAfee Virtual Technician 'GetObject()' Vulnerability (win_shell_reverse_tcp) S
McAfee Virtual Technician 'GetObject()' Vulnerability S
MediaChance DVD-Lab Studio '.dal' DoS Vulnerability S
Microsoft MSCOMCTL.OCX Vulnerability MS12-027 (MessageBox) S
Microsoft MSCOMCTL.OCX Vulnerability MS12-027 (win_exec) S
Microsoft MSCOMCTL.OCX Vulnerability MS12-027 (win_shell_bind_tcp) S
Microsoft MSCOMCTL.OCX Vulnerability MS12-027 (win_shell_bind_tcp_xpfw) S
Microsoft MSCOMCTL.OCX Vulnerability MS12-027 (win_shell_reverse_ord_tcp) S
Microsoft MSCOMCTL.OCX Vulnerability MS12-027 (win_shell_reverse_tcp) S
Multimedia Builder '.mef' Buffer Overflow Vulnerability S
NetDecision HTTP Server Buffer Overflow Vulnerability (MessageBox) S
NetDecision HTTP Server Buffer Overflow Vulnerability (win_exec) S
NetDecision HTTP Server Buffer Overflow Vulnerability (win_shell_bind_tcp) S
NetDecision HTTP Server Buffer Overflow Vulnerability (win_shell_reverse_tcp) S
NetDecision HTTP Server Denial of Service Vulnerability S
Nokia PC Suite Video Manager '.mp4' File DoS Vulnerability S
OpenOffice OLE Importer DocumentSummaryInformation Vulnerability (MessageBox) S
OpenOffice OLE Importer DocumentSummaryInformation Vulnerability (win_exec) S
OpenOffice OLE Importer DocumentSummaryInformation Vulnerability (win_shell_bind_tcp) S
OpenOffice OLE Importer DocumentSummaryInformation Vulnerability (win_shell_reverse_ord_tcp) S
OpenOffice OLE Importer DocumentSummaryInformation Vulnerability (win_shell_reverse_tcp) S
Oracle Weblogic Apache Connector POST Request Overflow (MessageBox) S
Oracle Weblogic Apache Connector POST Request Overflow (win_add) S
Oracle Weblogic Apache Connector POST Request Overflow (win_exec) S
Oracle Weblogic Apache Connector POST Request Overflow (win_shell_bind_tcp) S
Oracle Weblogic Apache Connector POST Request Overflow (win_shell_bind_tcp_xpfw) S
Oracle Weblogic Apache Connector POST Request Overflow (win_shell_reverse_ord_tcp) S
Oracle Weblogic Apache Connector POST Request Overflow (win_shell_reverse_tcp) S
PE Explorer Heap Based Buffer Overflow Vulnerability S
Presto! PageManager Network Group Service Packet Remote Overflow S
Presto! PageManager Network Group Service Packet Unhandled Exception Remote DoS S
Presto! PageManager Network Group Service Packet Unhandled Exception Remote DoS_1 S
Pro-Server EX 'Find Node' Invalid Memory Access Vulnerability S
Pro-Server EX 'memset' Integer Overflow Vulnerability S
Pro-Server EX Invalid Memory Disclosure Vulnerability S
Pro-Server EX Invalid Memory Read Access Vulnerability S
Pro-Server EX Memory Corruption Vulnerability S
Pro-Server EX Unhandled Exception Vulnerability S
QNX Phindows bpe_decompress() Buffer Overflow Vulnerability S
RabidHamster R4 Log Entry sprintf() Vulnerability (debug_trap) S
RabidHamster R4 Log Entry sprintf() Vulnerability (MessageBox) S
RabidHamster R4 Log Entry sprintf() Vulnerability (win_exec) S
RabidHamster R4 Log Entry sprintf() Vulnerability (win_shell_bind_tcp) S
RabidHamster R4 Log Entry sprintf() Vulnerability (win_shell_reverse_ord_tcp) S
RabidHamster R4 Log Entry sprintf() Vulnerability (win_shell_reverse_tcp) S
Real-DRAW PRO Multiple Denial Of Service Vulnerabilities S
Remote-Anything Player '.flm' File DoS Vulnerability S
Resource Hacker Heap Based Buffer Overflow Vulnerability S
Samsung NET-i ware BackupToAvi Method Stack Overflow Vulnerabilities S
Samsung NET-i ware BackupToAvi Method Stack overflow Vulnerabilities_1 S
Samsung NET-i ware Multiple Remote Vulnerabilities S
Samsung NET-i ware Multiple Remote Vulnerabilities_1 S
Schneider Electric Telecontrol Products 'kw.dll' HTML Injection Vulnerability S
TFTP Server Packet Handling Buffer Overflow Vulnerability (MessageBox) S
TFTP Server Packet Handling Buffer Overflow Vulnerability (win_exec) S
TFTP Server Packet Handling Buffer Overflow Vulnerability (win_shell_bind_tcp) S
TFTP Server Packet Handling Buffer Overflow Vulnerability (win_shell_reverse_ord_tcp) S
TFTP Server Packet Handling Buffer Overflow Vulnerability (win_shell_reverse_tcp) S
Tftpd32 DNS Server Denial Of Service Vulnerability S
Universal Reader '.epub' Denial Of Service Vulnerability S
Wake On LAN (MagicPacket) S
Websense Triton 'ws_irpt.exe' Remote Command Execution Vulnerability S

14 Evasions

Evasion HTTP chunked (for CVE-2011-3659) S
Evasion HTTP Header Folding (for CVE-2011-3659) S
Evasion HTTP Header Folding (for OSVDB 79007) S
Evasion HTTP junk headers (for CVE-2011-3659) S
Evasion HTTP Method Random Case (for OSVDB 79007) S
Evasion HTTP Method Random Invalid (for OSVDB 79007) S
Evasion HTTP Pad Method URI Count (for OSVDB 79007) S
Evasion HTTP Pad Post Params (for OSVDB 79007) S
Evasion HTTP Pad URI Version Count (for OSVDB 79007) S
Evasion HTTP URI Directory Fake Relative (for OSVDB 79007) S
Evasion HTTP URI Directory Self Reference (for OSVDB 79007) S
Evasion HTTP URI Fake End (for OSVDB 79007) S
Evasion HTTP URI Fake Params Start (for OSVDB 79007) S
Evasion HTTP URI Use Backslashes (for OSVDB 79007) S


idappcom - Auditing, verifying and enhancing the capabilities of corporate security defences.

We do not use cookies for tracking users, displaying customised content or storing information about users, other than that required to maintain 'session state' for the login system for registered users. Please read our cookie policy for more information. Please note that by using this site you are consenting to the use of cookies.