Search

Traffic File Update - October 2016

This Traffic IQ Professional update for October 2016 contains the latest application exploits, threats and security evasion techniques along with technical data and high quality security rules.

Traffic IQ Professional

Traffic File Update for October 2016

200 Application Exploits

Adobe Acrobat Reader DC 15.016.20045 - Invalid Font '.ttf' Memory Corruption (7) S
Adobe Flash - BitmapData.copyPixels Use-After-Free S
Adobe Flash - BitmapData.copyPixels Use-After-Free_1 S
Adobe Flash - Method Calls Use-After-Free S
Adobe Flash - Method Calls Use-After-Free_1 S
Adobe Flash - MovieClip Transform Getter Use-After-Free S
Adobe Flash - MovieClip Transform Getter Use-After-Free_1 S
Adobe Flash - Selection.setFocus Use-After-Free S
Adobe Flash - Selection.setFocus Use-After-Free_1 S
Adobe Flash - Stage.align Setter Use-After-Free S
Adobe Flash - Stage.align Setter Use-After-Free_1 S
Adobe Flash - Transform.colorTranform Getter Info Leak S
Adobe Flash - Transform.colorTranform Getter Info Leak_1 S
Adobe Flash - Use-After-Free When Returning Rectangle S
Adobe Flash - Use-After-Free When Returning Rectangle_1 S
Adobe Flash Player 22.0.0.192 - TAG Memory Corruption S
AnoBBS 1.0.1 - Remote File Inclusion Vulnerability S
Eye of Gnome 3.10.2 - GMarkup Out of Bounds Write S
Foxit PDF Reader 1.0.1.0925 - CFX_BaseSegmentedArrayIterateIndex Memory Corruption S
Foxit PDF Reader 1.0.1.0925 - CFX_BaseSegmentedArrayIterateIndex Memory Corruption_1 S
Foxit PDF Reader 1.0.1.0925 - CFX_BaseSegmentedArrayIterateIndex Memory Corruption_2 S
Foxit PDF Reader 1.0.1.0925 - CFX_BaseSegmentedArrayIterateIndex Memory Corruption_3 S
Foxit PDF Reader 1.0.1.0925 - CFX_BaseSegmentedArrayIterateIndex Memory Corruption_4 S
Foxit PDF Reader 1.0.1.0925 - CFX_BaseSegmentedArrayIterateIndex Memory Corruption_5 S
Foxit PDF Reader 1.0.1.0925 - CFX_WideStringoperator= Invalid Read S
Foxit PDF Reader 1.0.1.0925 - CPDF_DIBSourceTranslateScanline24bpp Out-of-Bounds Read S
Foxit PDF Reader 1.0.1.0925 - kdu_corekdu_codestreamget_subsampling Memory Corruption S
Foxit PDF Reader CPDF_StreamContentParser Memory Corruption Vulnerability S
Foxit PDF Reader CPDF_StreamContentParser Memory Corruption Vulnerability_1 S
Foxit PDF Reader CPDF_StreamContentParser Memory Corruption Vulnerability_2 S
FTP PCMAN FTP Server Buffer Overflow - PUT Command S
HTTP Adobe Flash - Crash When Freeing Memory After AVC decoding S
HTTP Adobe Flash - Video Decompression Memory Corruption S
HTTP Banshee 2.6.2 - .mp3 Crash PoC S
HTTP Cisco EPC 3925 h_sortWireless Parameter DoS Vulnerability S
HTTP Cisco EPC 3925 Lang Cookie DoS Vulnerability S
HTTP Cisco EPC 3925 Lang Cookie DoS Vulnerability_1 S
HTTP Cisco EPC 3925 Multiple CSRF Vulnerabilities S
HTTP Cisco EPC 3925 Stored XSS in Advanced VPN Setup Vulnerability S
HTTP Cisco EPC 3925 Stored XSS in DDNS Settings Vulnerability S
HTTP Cisco EPC 3925 Stored XSS in Domain Name Vulnerability S
HTTP Cisco EPC 3925 Stored XSS in Network Name Vulnerability S
HTTP Cisco EPC 3925 Stored XSS in Rule Name Vulnerability S
HTTP Cisco EPC 3925 Stored XSS in SMTP Settings Vulnerability S
HTTP Cisco EPC 3925 Stored XSS in ToD Filter Vulnerability S
HTTP Cisco EPC 3925 Stored XSS in User Name Vulnerability S
HTTP Cisco EPC 3925 Stored XSS in User Name Vulnerability_1 S
HTTP Contrexx CMS egov Module 1.0.0 - SQL Injection S
HTTP Dell KACE K1000 - File Upload S
HTTP Easy File Sharing HTTP Server 7.2 SEH Overflow S
HTTP ElasticSearch - Search Groovy Sandbox Bypass S
HTTP Exponent CMS Blind SQL Injection Vulnerability S
HTTP FreePBX 13.0.188 - Remote Command Execution (Metasploit) S
HTTP Goron WebServer CSRF Vulnerability (From Server) S
HTTP Goron WebServer CSRF Vulnerability (To Server) S
HTTP Goron WebServer XSS Vulnerability (From Server) S
HTTP Goron WebServer XSS Vulnerability (To Server) S
HTTP Goron WebServer XSS Vulnerability S
HTTP Huawei ISM Professional Cross Site Scripting Vulnerability S
HTTP Iris ID IrisAccess ICU XSS Vulnerability (From Server) S
HTTP Iris ID IrisAccess ICU XSS Vulnerability (To Server) S
HTTP Iris ID IrisAccess ICU XSS Vulnerability_1 (From Server) S
HTTP Iris ID IrisAccess ICU XSS Vulnerability_1 (To Server) S
HTTP Joomla! Component Event Booking SQL Injection Vulnerability S
HTTP Joomla! Component Huge-IT Video Gallery 1.0.9 - SQL Injection S
HTTP Kajona Cross Site Scripting Vulnerability S
HTTP Kajona Cross Site Scripting Vulnerability_1 S
HTTP Kajona Directory Traversal Vulnerability S
HTTP Kaltura 11.1.0-2 - Remote Code Execution (Metasploit) S
HTTP Kerio Control Unified Threat Management - 'hash' Cross Site Scripting S
HTTP Kerio Control Unified Threat Management - 'k_historyTimestamp' Reflected XSS S
HTTP Kerio Control Unified Threat Management - Call Unserialize Vulnerability S
HTTP Kerio Control Unified Threat Management - Information Disclosure S
HTTP Kerio Control Unified Threat Management - Remote Code Execution S
HTTP LamaHub 0.0.6.2 - Buffer Overflow S
HTTP Matrimonial Website Script SQL Injection Vulnerability S
HTTP Microix Timesheet Module - SQL Injection S
HTTP Microsoft GDI+ - ValidateBitmapInfo Invalid Pointer Arithmetic OOB Reads (MS16-097) S
HTTP MuM MapEdit 3.2.6.0 - Arbitrary File Manipulation - DownloadFile S
HTTP MuM MapEdit 3.2.6.0 - Arbitrary File Manipulation - GetFileName S
HTTP MuM MapEdit 3.2.6.0 - Arbitrary File Manipulation - UploadFile S
HTTP MuM MapEdit 3.2.6.0 - Arbritrary SQL Command S
HTTP Nagios Incident Manager Command Execution Vulnerability S
HTTP Nagios Incident Manager Command Execution Vulnerability_1 S
HTTP Nagios Incident Manager Command Execution Vulnerability_2 S
HTTP Nagios Incident Manager Command Execution Vulnerability_3 S
HTTP Nagios Incident Manager Command Execution Vulnerability_4 S
HTTP Nagios Incident Manager Command Execution Vulnerability_5 S
HTTP Nagios Incident Manager Command Execution Vulnerability_6 S
HTTP Nagios Incident Manager Command Execution Vulnerability_7 S
HTTP Nagios Incident Manager SQL Injection Vulnerability S
HTTP Nagios Incident Manager XSS Vulnerability S
HTTP Nagios Incident Manager XSS Vulnerability_1 S
HTTP Nagios Incident Manager XSS Vulnerability_2 S
HTTP Nagios Incident Manager XSS Vulnerability_3 S
HTTP Nagios Incident Manager XSS Vulnerability_4 S
HTTP Nagios Incident Manager XSS Vulnerability_5 S
HTTP Nagios Incident Manager XSS Vulnerability_6 S
HTTP Nagios Incident Manager XSS Vulnerability_7 S
HTTP Nagios Incident Manager XSS Vulnerability_8 S
HTTP Nagios Network Analyzer Command Execution Vulnerability S
HTTP Nagios Network Analyzer Command Execution Vulnerability_1 S
HTTP Nagios Network Analyzer CSRF Vulnerability (From Server) S
HTTP Nagios Network Analyzer CSRF Vulnerability (To Server) S
HTTP Nagios Network Analyzer CSRF Vulnerability_1 (From Server) S
HTTP Nagios Network Analyzer CSRF Vulnerability_1 (To Server) S
HTTP Nagios Network Analyzer CSRF Vulnerability_2 (From Server) S
HTTP Nagios Network Analyzer CSRF Vulnerability_2 (To Server) S
HTTP Nagios Network Analyzer CSRF Vulnerability_3 (From Server) S
HTTP Nagios Network Analyzer CSRF Vulnerability_3 (To Server) S
HTTP Nagios Network Analyzer CSRF Vulnerability_4 (From Server) S
HTTP Nagios Network Analyzer CSRF Vulnerability_4 (To Server) S
HTTP Nagios Network Analyzer SQL Injection Vulnerability S
HTTP Nagios Network Analyzer SQL Injection Vulnerability_1 S
HTTP Nagios Network Analyzer SQL Injection Vulnerability_2 S
HTTP ntopnbox 2.3 = 2.5 - 'cmd' Remote Command Execution S
HTTP ntopnbox 2.3 = 2.5 - 'dir' Remote Command Execution S
HTTP ntopnbox 2.3 = 2.5 - 'interface' Remote Command Execution S
HTTP ntopnbox 2.3 = 2.5 - 'out_dir' Remote Command Execution S
HTTP ntopnbox 2.3 = 2.5 - 'params' Remote Command Execution S
HTTP ntopnbox 2.3 = 2.5 - Crontab CSRF Vulnerability S
HTTP ntopnbox 2.3 = 2.5 - Factory Reset CSRF Vulnerability S
HTTP NUUO NVRmini CSRF Vulnerability (From Server) S
HTTP NUUO NVRmini CSRF Vulnerability (To Server) S
HTTP ObiHai ObiPhone 10321062 5-0-0-3497 - Buffer Overflow S
HTTP ObiHai ObiPhone 10321062 5-0-0-3497 - Command Injection in WiFi Config S
HTTP ObiHai ObiPhone 10321062 5-0-0-3497 - Digest Authentication Vulnerability S
HTTP ObiHai ObiPhone 10321062 5-0-0-3497 - Invalid Content-Length Vulnerability S
HTTP ObiHai ObiPhone 10321062 5-0-0-3497 - Invalid HTTP Authorization Header S
HTTP ObiHai ObiPhone 10321062 5-0-0-3497 - Memory Corruption S
HTTP ObiHai ObiPhone 10321062 5-0-0-3497 - Null Pointer Dereference S
HTTP PaKnPost Pro File Upload Vulnerability (From Server) S
HTTP PaKnPost Pro File Upload Vulnerability (To Server) S
HTTP Phoenix Exploit Kit - Remote Code Execution (Metasploit) S
HTTP PHPIPAM Cross Site Scripting Vulnerability S
HTTP PHPIPAM Cross Site Scripting Vulnerability_1 S
HTTP PHPIPAM Cross Site Scripting Vulnerability_10 S
HTTP PHPIPAM Cross Site Scripting Vulnerability_11 S
HTTP PHPIPAM Cross Site Scripting Vulnerability_2 S
HTTP PHPIPAM Cross Site Scripting Vulnerability_3 S
HTTP PHPIPAM Cross Site Scripting Vulnerability_4 S
HTTP PHPIPAM Cross Site Scripting Vulnerability_5 S
HTTP PHPIPAM Cross Site Scripting Vulnerability_6 S
HTTP PHPIPAM Cross Site Scripting Vulnerability_7 S
HTTP PHPIPAM Cross Site Scripting Vulnerability_8 S
HTTP PHPIPAM Cross Site Scripting Vulnerability_9 S
HTTP PHPIPAM SQL Injection Vulnerability S
HTTP PHPIPAM SQL Injection Vulnerability_1 S
HTTP PHPIPAM SQL Injection Vulnerability_2 S
HTTP QNAP - Web Server RCE via Bash Environment Variable Code Injection S
HTTP SimplePHPQuiz Blind SQL Injection Vulnerability S
HTTP SimplePHPQuiz Blind SQL Injection Vulnerability_1 S
HTTP SimplePHPQuiz Blind SQL Injection Vulnerability_2 S
HTTP SimplePHPQuiz Blind SQL Injection Vulnerability_3 S
HTTP SimplePHPQuiz Blind SQL Injection Vulnerability_4 S
HTTP Subrion CMS SQL Injection Vulnerability S
HTTP SugarCRM 6.5.23 - REST PHP Object Injection Exploit (Metasploit) S
HTTP Symantec rar Decomposer Engine (Multiple Products) - Out-of-Bounds Read S
HTTP Symantec rar Decomposer Engine (Multiple Products) - Out-of-Bounds Write S
HTTP Symphony CMS 2.6.7 Session Fixation S
HTTP TeamPass Passwords Management System Arbitrary File Download Vulnerability S
HTTP TWiki Debugenableplugins Remote Code Execution S
HTTP VegaDNS 0.13.2 - Remote Command Injection S
HTTP VLC Media Player 2.2.1 - Buffer Overflow S
HTTP wdCalendar SQL Injection Vulnerability S
HTTP wdCalendar SQL Injection Vulnerability_1 S
HTTP WordPress Plugin Order Export Import for WooCommerce - Order Information Disclosure S
HTTP WSO2 Carbon Cross Site Scripting Vulnerability S
HTTP WSO2 Carbon Cross Site Scripting Vulnerability_1 S
HTTP WSO2 Carbon Cross Site Scripting Vulnerability_2 S
HTTP WSO2 Carbon Cross Site Scripting Vulnerability_3 S
HTTP WSO2 Carbon Cross Site Scripting Vulnerability_4 S
HTTP WSO2 Carbon Cross Site Scripting Vulnerability_5 S
HTTP WSO2 Carbon Cross Site Scripting Vulnerability_6 S
HTTP Zabbix 'toggle_ids' SQL Injection Vulnerability S
HTTP ZineBasic 1.1 - Arbitrary File Disclosure S
HTTP ZKTeco ZKAccess Security System XSS Vulnerability (From Server) S
HTTP ZKTeco ZKAccess Security System XSS Vulnerability (To Server) S
HTTP ZKTeco ZKAccess Security System XSS Vulnerability_1 (From Server) S
HTTP ZKTeco ZKAccess Security System XSS Vulnerability_1 (To Server) S
HTTP ZKTeco ZKBioSecurity CSRF Vulnerability (From Server) S
HTTP ZKTeco ZKBioSecurity CSRF Vulnerability (To Server) S
Malware Compromised Web Page Containing iframe Linking to Rig EK and Cerber Ransomware S
Malware DNS domain associated with Afraidgate and Rig EK (mallsecrets.co.uk) S
Malware DNS domain associated with Afraidgate and Rig EK (water.campusprosegur.cl) S
Malware DNS domain associated with Locky Ransomware (jhomitevd2abj3fk.onion.to) S
Malware DNS domain associated with Locky Ransomware (jhomitevd2abj3fk.tor2web.org) S
Malware DNS domain associated with Rig EK (free.romanticviolence.com) S
Malware DNS domain associated with Rig EK and Cerber Ransomware (art.powersavasana.com) S
Malware DNS domain associated with Rig EK and Cerber Ransomware (ffoqr3ug7m726zou.17zafg.top) S
Malware DNS domain associated with Rig EK and Cerber Ransomware (ffoqr3ug7m726zou.8dlgyg.bid) S
Malware DNS domain associated with Rig EK and Cerber Ransomware (ffoqr3ug7m726zou.eujvrw.bid) S
Malware DNS domain associated with Rig EK and Cerber Ransomware (ffoqr3ug7m726zou.m54tkp.bid) S
Malware DNS domain associated with Rig EK and Cerber Ransomware (ffoqr3ug7m726zou.onion.to) S
Malware DNS domain associated with Rig EK and Cerber Ransomware (ffoqr3ug7m726zou.oxmffh.bid) S
Malware DNS domain associated with Rig EK and Cerber Ransomware (joellipman.com) S
Malware DNS domain associated with Rig EK and Cerber Ransomware (www.whatsongreece.com) S
Malware DNS domain associated with Rig EK and Locky Ransomware (emmelineramsey.com) S
Malware Flash File Download that contains Exploit from Rig EK leading to Cerber Ransomware S
Malware Locky Ransomware Post Infection Chat (emmelineramsey.com) S


idappcom - Auditing, verifying and enhancing the capabilities of corporate security defences.

We do not use cookies for tracking users, displaying customised content or storing information about users, other than that required to maintain 'session state' for the login system for registered users. Please read our cookie policy for more information. Please note that by using this site you are consenting to the use of cookies.