Traffic IQ Professional
Traffic File Update for December 2010
46 Application Exploits
Aesop GIF Creator Project File Handling Buffer Overflow Vulnerability S
Apple QuickTime Pictureviewer '.jp2' File Denial of Service Vulnerability S
FTP SolarFTP 'APPE' Command Remote Denial of Service Vulnerability S
FTP SolarFTP 'GET' Command Remote Denial of Service Vulnerability S
FTP SolarFTP 'MDTM' Command Remote Denial of Service Vulnerability S
FTP SolarFTP 'NLST' Command Remote Denial of Service Vulnerability S
FTP SolarFTP 'PUT' Command Remote Denial of Service Vulnerability S
HP Data Protector Manager Remote Denial of Service Vulnerability S
HTTP Alt-N WebAdmin Remote Source Code Information Disclosure Vulnerability S
HTTP Alt-N WebAdmin Remote Source Code Information Disclosure Vulnerability_1 S
HTTP Appweb Web Server Cross Site Scripting Vulnerability S
HTTP Awstats Apache Tomcat Configuration File Command Execution S
HTTP Awstats Apache Tomcat Configuration File Command Execution_1 S
HTTP Chilkat FTP2 Multiple Insecure Method Vulnerability S
HTTP D-Link DIR-300 'tools_admin.php' Cross-Site Request Forgery Vulnerability S
HTTP HP Insight Diagnostics Online Edition Multiple XSS Vulnerabilities S
HTTP HP Insight Diagnostics Online Edition Multiple XSS Vulnerabilities_1 S
HTTP J-Integra 'SetIdentity()' Buffer Overflow Vulnerability S
HTTP ManageEngine EventLog Analyzer 6.1 Multiple XSS Vulnerabilities S
HTTP ManageEngine EventLog Analyzer 6.1 Multiple XSS Vulnerabilities_1 S
HTTP ManageEngine EventLog Analyzer 6.1 Multiple XSS Vulnerabilities_2 S
HTTP Mitel Audio and Web Conferencing Shell Command Injection Vulnerability S
HTTP Mitel Audio and Web Conferencing Shell Command Injection Vulnerability_1 S
HTTP Openfiler 'device' Parameter Cross Site Scripting Vulnerability S
HTTP SAP Crystal Reports Print ActiveX Control Buffer Overflow Vulnerability S
HTTP WordPress Processing Embed Plugin 'pluginurl' XSS Vulnerability S
HTTP WordPress Safe Search Plugin 'v1' Parameter XSS Vulnerability S
IBM Tivoli Access Manager for e-business Directory Traversal Vulnerability S
Microsoft IE CSS Parsing Vulnerability (win_exec) S
Microsoft IE CSS Parsing Vulnerability (win_shell_bind_tcp) S
Microsoft IE CSS Parsing Vulnerability (win_shell_reverse_ord_tcp) S
Microsoft IE CSS Parsing Vulnerability (win_shell_reverse_tcp) S
Microsoft IIS FTP Service Remote Buffer Overflow Vulnerability S
Microsoft Office MS10-087 Buffer Overflow Vulnerability (debug_trap) S
Microsoft Office MS10-087 Buffer Overflow Vulnerability (win_exec) S
Microsoft Office MS10-087 Buffer Overflow Vulnerability (win_messagebox) S
Microsoft Office MS10-087 Buffer Overflow Vulnerability (win_shell_bind_tcp) S
Microsoft Office MS10-087 Buffer Overflow Vulnerability (win_shell_reverse_ord_tcp) S
Microsoft Office MS10-087 Buffer Overflow Vulnerability (win_shell_reverse_tcp) S
MP3 CD Converter Professional '.mp3' File Buffer Overflow Vulnerability S
SolarWinds Orion NPM 'InterfaceDetails.aspx' XSS Vulnerability S
SolarWinds Orion NPM 'MapView.aspx' XSS Vulnerability S
SolarWinds Orion NPM 'NodeDetails.aspx' XSS Vulnerability S
Stuxnet Privilege Elevation Vulnerability (CVE-2010-3888) S
Winamp 'in_midi' Component MIDI Timestamp Buffer Overflow Vulnerability S
Word Splash Pro Word List Processing Buffer Overflow Vulnerability S
7 Evasions
Evasion HTML base64 double_pad (for CVE-2010-3971) S
Evasion HTML javascript escape (for CVE-2010-3971) S
Evasion HTML unicode (utf-16le) (for CVE-2010-3971) S
Evasion HTTP chunked (for CVE-2010-3971) S
Evasion HTTP gzip compression (for CVE-2010-3971) S
Evasion HTTP Header Folding (for CVE-2010-3971) S
Evasion HTTP junk headers (for CVE-2010-3971) S