Search

Traffic File Update - August 2012

This Traffic IQ Professional update for August 2012 contains the latest application exploits, threats and security evasion techniques along with technical data and high quality security rules.

Traffic IQ Professional

Traffic File Update for August 2012

52 Application Exploits

Divx Player Denial of Service Vulnerability S
HP SAN-iQ Multiple Remote Command Injection Vulnerabilities S
HTTP AOL downloadUpdater2 Firefox Plugin Buffer Overflow Vulnerability S
HTTP BarCodeWiz 'Barcode' Method Remote Buffer Overflow Vulnerability S
HTTP Cyclope Employee Surveillance Solution help.php File Include Vulnerability S
HTTP DataWatch Monarch Business Intelligence Input Validation Vulnerability S
HTTP DataWatch Monarch Business Intelligence Input Validation Vulnerability_1 S
HTTP Dir2web Information Disclosure CVE-2012-4069 Vulnerability S
HTTP Dir2web SQL Injection CVE-2012-4070 Vulnerability S
HTTP Distimo Monitor 'downloads-date' Cross Site Scripting Vulnerability S
HTTP Distimo Monitor 'downloads-map' Cross Site Scripting Vulnerability S
HTTP Distimo Monitor 'revenue-date' Cross Site Scripting Vulnerability S
HTTP E-Mail Security Virtual Appliance Remote Code Execution Vulnerability S
HTTP Elefant CMS 'id' Parameter Cross Site Scripting Vulnerability S
HTTP FCKEditor 'spellchecker.php' Cross Site Scripting Vulnerability S
HTTP Flogr 'index.php' Cross Site Scripting Vulnerability S
HTTP Flogr 'recent.php' Cross Site Scripting Vulnerability S
HTTP IOServer Directory Traversal Vulnerability (SCADA)_1 S
HTTP IOServer Directory Traversal Vulnerability (SCADA)_2 S
HTTP IOServer Information Disclosure Vulnerability (SCADA) S
HTTP Joomla En Masse Component 'sortBy' Parameter Remote SQL Injection Vulnerability S
HTTP JW Player 'player.swf' Multiple Cross Site Scripting Vulnerabilities S
HTTP KindEditor 'name' Parameter Cross Site Scripting Vulnerability S
HTTP ManageEngine Applications Manager MyPage.do forpage Parameter XSS Vulnerability S
HTTP ManageEngine Applications Manager ProcessTemplates.do templatetype Parameter XSS Vuln S
HTTP ManageEngine Applications Manager showCustom.do monitorname Parameter XSS Vulnerability S
HTTP ManageEngine Applications Manager showresource.do type Parameter XSS Vulnerability S
HTTP ManageEngine OpStor 'availability730.do' Cross-Site Scripting Vulnerability S
HTTP Microsoft Indexing Service 'ixsso.dll' DoS Vulnerability S
HTTP Mozilla Firefox Remote Denial of Service Vulnerability S
HTTP ntop 'arbfile' Parameter Cross Site Scripting Vulnerability S
HTTP Scrutinizer 'd4d exporters.php' Cross Site Scripting Vulnerability S
HTTP Websense Content Gateway Multiple Cross Site Scripting Vulnerabilities S
HTTP Websense Content Gateway Multiple Cross Site Scripting Vulnerabilities_1 S
HTTP WordPress G-Lock Double Opt-in Manager Plugin SQL Injection Vulnerability S
HTTP WordPress G-Lock Double Opt-in Manager Plugin SQL Injection Vulnerability_1 S
HTTP WordPress Monsters Editor for WP Super Edit Plugin Arbitrary File Upload Vulnerability S
HTTP WordPress Rich Widget Plugin Arbitrary File Upload Vulnerability S
HTTP Worksforweb iAuto Multiple Cross Site Scripting Vulnerabilities S
HTTP Worksforweb iAuto Multiple Cross Site Scripting Vulnerabilities_1 S
HTTP Zenoss 'editDaemonConfig' Daemon Arbitrary.conf File Manipulation Vulnerability S
HTTP Zenoss 'viewDaemonConfig' Daemon Arbitrary.conf File Access Vulnerability S
HTTP Zenoss 'viewDaemonLog' Daemon Arbitrary .log File Access Vulnerability S
HTTP Zoho BugTracker Multiple HTML Injection Vulnerabilities S
Oracle Java Runtime Environment CVE-2012-4681 Vulnerability (debug_trap) S
Oracle Java Runtime Environment CVE-2012-4681 Vulnerability (gen_shell_bind_tcp) S
Oracle Java Runtime Environment CVE-2012-4681 Vulnerability (gen_shell_reverse_tcp) S
Oracle Java Runtime Environment CVE-2012-4681 Vulnerability (MessageBox) S
Oracle Java Runtime Environment CVE-2012-4681 Vulnerability (win_exec) S
Oracle Java Runtime Environment CVE-2012-4681 Vulnerability (win_shell_reverse_ord_tcp) S
Spytech NetVizor Remote Buffer Overflow Vulnerability S
VLC Media Player '.3gp' File Divide-By-Zero DoS Vulnerability S

3 Evasions

Evasion HTTP chunked (for CVE-2012-4681) S
Evasion HTTP Header Folding (for CVE-2012-4681) S
Evasion HTTP junk headers (for CVE-2012-4681) S


idappcom - Auditing, verifying and enhancing the capabilities of corporate security defences.

We do not use cookies for tracking users, displaying customised content or storing information about users, other than that required to maintain 'session state' for the login system for registered users. Please read our cookie policy for more information. Please note that by using this site you are consenting to the use of cookies.