Ticket | Info |
---|---|
DE8045 | Modified strikes/exploits/clientside/cve_2012_4914_coolpdf_huffman.xml: fixed an edge case that caused an error; added support for PDF Evasions. |
Ticket | Info |
---|---|
US20321 (1140668) | Added function codes "Mask Write Register", "Read FIFO Queue" and new parameters "And Mask", "Or Mask", "FIFO Registers Values" for both request and response.Added functionality for user-made PDUs with new parameter "Custom PDU Data" and new function codes "None (Custom Request PDU)" , "None (Custom Response PDU)". |
US70236 | Added a new EvasionProfile group: PDF, which allows applying PDF evasions to certain strikes targeting PDF vulnerabiliteis. Option include: PDF VersionString, Hex-Encoding Name Objects, using Abbreviated Filter Names and Randomizing Dictionary Key Order. * Strikes supporting these evasions can be found by searching for "pdf_evasion" keyword. |
US70566 (INF1445176) | Added new EvasionProfile Group: Microsoft ExchangePorts, with ability to specify a range of ports for strikes targeting MS Exchange SystemAttendant service. The default port range is: 53, 88, 135, 389, 1025-5000, 6001-6004 (matching ports used by Exchange 2000)* Strike denial/smtp/ms09_003_exchange_system_attendant_udp_dos.xml was modified to select a destination port from this range. |
Name | Category | Info |
---|---|---|
Office 365 Excel Jul 17 | Distributed Computing | The use of the Office 365 Excel website as of July 2017. This protocol uses dynamically created flows to simulate the various internal actions performed by a modern Web browser. Because these dynamic flows may be large in number and may contain a large amount of generated data, profile creation and test initialization may require a considerable amount of time. The "Max. Request/Response Pairs per Action" and "Max. Generated File Size" flow parameters can be used to control the number and size of the interactions performed by the actions. DNS resolution is always performed for each host. Delete the DNS host from the Super Flow to disable this feature. |
Google Photos Jul17 | Storage | Google Photos is a photo sharing and storage service developed by Google. It's was formerly a part of Google+. This protocol uses dynamically created flows to simulate the various internal actions performed by a modern Web browser. Because these dynamic flows may be large in number and may contain a large amount of generated data, profile creation and test initialization may require a considerable amount of time. The "Max. Request/Response Pairs per Action" and "Max. Generated File Size" flow parameters can be used to control the number and size of the interactions performed by the actions. DNS resolution is always performed for each host. Delete the DNS host from the Super Flow to disable this feature. |
Name | Category | Info |
---|---|---|
Office 365 Excel Jul 17 | Distributed Computing | The use of the Office 365 Excel website as of July 2017. All of the available actions for this flow are exercised. This protocol uses dynamically created flows to simulate the various internal actions performed by a modern Web browser. Because these dynamic flows may be large in number and may contain a large amount of generated data, profile creation and test initialization may require a considerable amount of time. The "Max. Request/Response Pairs per Action" and "Max. Generated File Size" flow parameters can be used to control the number and size of the interactions performed by the actions. DNS resolution is always performed for each host. Delete the DNS host from the Super Flow to disable this feature. |
Office 365 Excel Jul 17 Create Workbook | Distributed Computing | The use of the Office 365 Excel website as of July 2017. A basic workbook is created and edited. This protocol uses dynamically created flows to simulate the various internal actions performed by a modern Web browser. Because these dynamic flows may be large in number and may contain a large amount of generated data, profile creation and test initialization may require a considerable amount of time. The "Max. Request/Response Pairs per Action" and "Max. Generated File Size" flow parameters can be used to control the number and size of the interactions performed by the actions. DNS resolution is always performed for each host. Delete the DNS host from the Super Flow to disable this feature. |
Office 365 Excel Jul 17 Open Workbook | Distributed Computing | The use of the Office 365 Excel website as of July 2017. An existing workbook is opened and edited. This protocol uses dynamically created flows to simulate the various internal actions performed by a modern Web browser. Because these dynamic flows may be large in number and may contain a large amount of generated data, profile creation and test initialization may require a considerable amount of time. The "Max. Request/Response Pairs per Action" and "Max. Generated File Size" flow parameters can be used to control the number and size of the interactions performed by the actions. DNS resolution is always performed for each host. Delete the DNS host from the Super Flow to disable this feature. |
Google Photos July 2017 | Storage | Simulates the viewing, uploading and downloading of photos from Google Photos. This protocol uses dynamically created flows to simulate the various internal actions performed by a modern Web browser. Because these dynamic flows may be large in number and may contain a large amount of generated data, profile creation and test initialization may require a considerable amount of time. The "Max. Request/Response Pairs per Action" and "Max. Generated File Size" flow parameters can be used to control the number and size of the interactions performed by the actions. DNS resolution is always performed for each host. Delete the DNS host from the Super Flow to disable this feature. |
CVSS | ID | References | Category | Info |
---|---|---|---|---|
10.0 | E17-0gdq1 |
BID-98520 CVE-2017-6622 CVSS-10.0 (AV:N/AC:L/AU:N/C:C/I:C/A:C) SCIP-10147 URL ZDI-17-445 |
Exploits | This strike exploits an authentication bypass vulnerability in Cisco Prime Collaboration Provisioning ScriptMgr servlet. The ScriptMgr servlet is intended to allow authenticated users to access BeanShell, which can execute Java and Javascript code with root privileges. However, it only authenticates HTTP GET and POST requests. Other HTTP requests, such as HEAD, are processed without authentication. An attacker can send an HTTP request other than GET or POST to the vulnerable servlet to achieve execution of arbitrary Java or Javascript code with root privileges. |
10.0 | E17-ajhd1 |
BID-98056 CVE-2017-1000353 CVSS-10.0 (AV:N/AC:L/AU:N/C:C/I:C/A:C) EXPLOITDB-41965 URL |
Exploits | This strike exploits a Java deserialization vulnerability in CloudBees Jenkins. The vulnerability is due to lack of input validation of HTTP POST requests. An attacker could exploit this by sending specifically crafted packets, potentially resulting in the code execution. |
8.5 | E17-m91t3 |
CVSS-8.5 (AV:N/AC:M/AU:S/C:C/I:C/A:C) SECURITYTRACKER-1038161 URL ZDI-17-214 |
Exploits | This strike exploits a command execution vulnerability in Trend Micro InterScan Web Security Virtual Appliance (IWSVA). The haport parameter, which is sent in HTTP GET requests to the /deploywizard/deploywizard.do uri, is vulnerable to command injection and is not sanitized. An attacker can send a specially crafted HTTP GET request to achieve arbitrary command execution. NOTE: By default the vulnerable services are accessed via SSL connection (port 8443) |
7.6 | E17-0hts1 |
BID-98880 CVE-2017-8496 CVSS-7.6 (AV:N/AC:H/AU:N/C:C/I:C/A:C) GOOGLE-1254 |
Exploits | This strike exploits a type confusion vulnerability in the Microsoft Edge browser. Specifically, if a user sets an event handler with the DOMAttrModified event and the style property clip-path, type confusion can occur when the PrivateFindlnl method of the CAttrArray Function is called. This can result in a denial of service condition in the browser or potentially lead to remote code execution on the targeted system. |
7.6 | E17-0fh01 |
BID-97940 CVE-2017-5444 CVSS-7.6 (AV:N/AC:H/AU:N/C:C/I:C/A:C) URL |
Exploits | This strike exploits a buffer overflow vulnerability in Mozilla Firefox. When parsing content-type application/http-index-format data, it is possible for an out of bounds read of memory to occur causing a buffer overflow. This can cause a denial of service condition in the browser or potentially allow for remote code execution to occur. |
7.5 | R95-wge91 |
BID-126 CVE-1999-0017 CVSS-7.5 (AV:N/AC:L/AU:N/C:P/I:P/A:P) URL |
Recon | This strike sends a crafted FTP PORT command, directing the FTP server to open a data connection different system. |
7.5 | E95-wge91 |
BID-126 CVE-1999-0017 CVSS-7.5 (AV:N/AC:L/AU:N/C:P/I:P/A:P) URL |
Exploits | This strike simulates an FTP Bounce Attack. By sending a crafted PORT command, an attacker can cause a vulnerable FTP server to communicate with a third system. The results of the communication can subsequently be accessed by the attacker, allowing communication with otherwise unreachable systems. |
5.0 | R17-zf091 |
CVSS-5.0 (AV:N/AC:L/AU:N/C:P/I:N/A:N) URL |
Recon | This strike emulates the reconnaissance tool known as iistouch. The tool attempts to check IIS information such as IIS version, IIS OS version, IIS OS language, target pathname and if webdav is enabled. |
CVSS | ID | References | Category | Info |
---|---|---|---|---|
10.0 | E14-a2e01 |
BID-71577 CVE-2014-9158 CVSS-10.0 (AV:N/AC:L/AU:N/C:C/I:C/A:C) URL |
Exploits | Added a new EvasionProfile group: PDF, which allows applying PDF evasions to certain strikes targeting PDF vulnerabiliteis. Option include: PDF VersionString, Hex-Encoding Name Objects, using Abbreviated Filter Names and Randomizing Dictionary Key Order. * Strikes supporting these evasions can be found by searching for "pdf_evasion" keyword. |
10.0 | E14-9j101 |
BID-71578 CVE-2014-8461 CVSS-10.0 (AV:N/AC:L/AU:N/C:C/I:C/A:C) URL |
Exploits | Added a new EvasionProfile group: PDF, which allows applying PDF evasions to certain strikes targeting PDF vulnerabiliteis. Option include: PDF VersionString, Hex-Encoding Name Objects, using Abbreviated Filter Names and Randomizing Dictionary Key Order. * Strikes supporting these evasions can be found by searching for "pdf_evasion" keyword. |
10.0 | E14-9j001 |
BID-71579 CVE-2014-8460 CVSS-10.0 (AV:N/AC:L/AU:N/C:C/I:C/A:C) URL |
Exploits | Added a new EvasionProfile group: PDF, which allows applying PDF evasions to certain strikes targeting PDF vulnerabiliteis. Option include: PDF VersionString, Hex-Encoding Name Objects, using Abbreviated Filter Names and Randomizing Dictionary Key Order. * Strikes supporting these evasions can be found by searching for "pdf_evasion" keyword. |
10.0 | E14-9iz01 |
BID-71576 CVE-2014-8459 CVSS-10.0 (AV:N/AC:L/AU:N/C:C/I:C/A:C) URL |
Exploits | Added a new EvasionProfile group: PDF, which allows applying PDF evasions to certain strikes targeting PDF vulnerabiliteis. Option include: PDF VersionString, Hex-Encoding Name Objects, using Abbreviated Filter Names and Randomizing Dictionary Key Order. * Strikes supporting these evasions can be found by searching for "pdf_evasion" keyword. |
10.0 | E14-9iy01 |
BID-71573 CVE-2014-8458 CVSS-10.0 (AV:N/AC:L/AU:N/C:C/I:C/A:C) URL |
Exploits | Added a new EvasionProfile group: PDF, which allows applying PDF evasions to certain strikes targeting PDF vulnerabiliteis. Option include: PDF VersionString, Hex-Encoding Name Objects, using Abbreviated Filter Names and Randomizing Dictionary Key Order. * Strikes supporting these evasions can be found by searching for "pdf_evasion" keyword. |
10.0 | E14-9ix01 |
BID-71566 CVE-2014-8457 CVSS-10.0 (AV:N/AC:L/AU:N/C:C/I:C/A:C) URL |
Exploits | Added a new EvasionProfile group: PDF, which allows applying PDF evasions to certain strikes targeting PDF vulnerabiliteis. Option include: PDF VersionString, Hex-Encoding Name Objects, using Abbreviated Filter Names and Randomizing Dictionary Key Order. * Strikes supporting these evasions can be found by searching for "pdf_evasion" keyword. |
10.0 | E14-9iw01 |
BID-71572 CVE-2014-8456 CVSS-10.0 (AV:N/AC:L/AU:N/C:C/I:C/A:C) URL |
Exploits | Added a new EvasionProfile group: PDF, which allows applying PDF evasions to certain strikes targeting PDF vulnerabiliteis. Option include: PDF VersionString, Hex-Encoding Name Objects, using Abbreviated Filter Names and Randomizing Dictionary Key Order. * Strikes supporting these evasions can be found by searching for "pdf_evasion" keyword. |
10.0 | E14-9iv01 |
BID-71571 CVE-2014-8455 CVSS-10.0 (AV:N/AC:L/AU:N/C:C/I:C/A:C) |
Exploits | Added a new EvasionProfile group: PDF, which allows applying PDF evasions to certain strikes targeting PDF vulnerabiliteis. Option include: PDF VersionString, Hex-Encoding Name Objects, using Abbreviated Filter Names and Randomizing Dictionary Key Order. * Strikes supporting these evasions can be found by searching for "pdf_evasion" keyword. |
10.0 | E13-2nd01 |
BID-62149 CVE-2013-3346 CVSS-10.0 (AV:N/AC:L/AU:N/C:C/I:C/A:C) |
Exploits | Added a new EvasionProfile group: PDF, which allows applying PDF evasions to certain strikes targeting PDF vulnerabiliteis. Option include: PDF VersionString, Hex-Encoding Name Objects, using Abbreviated Filter Names and Randomizing Dictionary Key Order. * Strikes supporting these evasions can be found by searching for "pdf_evasion" keyword. |
10.0 | E09-61v01 |
BID-37757 CVE-2009-3955 CVSS-10.0 (AV:N/AC:L/AU:N/C:C/I:C/A:C) URL |
Exploits | Added a new EvasionProfile group: PDF, which allows applying PDF evasions to certain strikes targeting PDF vulnerabiliteis. Option include: PDF VersionString, Hex-Encoding Name Objects, using Abbreviated Filter Names and Randomizing Dictionary Key Order. * Strikes supporting these evasions can be found by searching for "pdf_evasion" keyword. |
9.3 | E10-3yg07 |
CVE-2010-1240 CVSS-9.3 (AV:N/AC:M/AU:N/C:C/I:C/A:C) URL |
Exploits | Added a new EvasionProfile group: PDF, which allows applying PDF evasions to certain strikes targeting PDF vulnerabiliteis. Option include: PDF VersionString, Hex-Encoding Name Objects, using Abbreviated Filter Names and Randomizing Dictionary Key Order. * Strikes supporting these evasions can be found by searching for "pdf_evasion" keyword. |
9.3 | E10-3yg06 |
CVE-2010-1240 CVSS-9.3 (AV:N/AC:M/AU:N/C:C/I:C/A:C) URL |
Exploits | Added a new EvasionProfile group: PDF, which allows applying PDF evasions to certain strikes targeting PDF vulnerabiliteis. Option include: PDF VersionString, Hex-Encoding Name Objects, using Abbreviated Filter Names and Randomizing Dictionary Key Order. * Strikes supporting these evasions can be found by searching for "pdf_evasion" keyword. |
9.3 | E10-3yg05 |
CVE-2010-1240 CVSS-9.3 (AV:N/AC:M/AU:N/C:C/I:C/A:C) URL |
Exploits | Added a new EvasionProfile group: PDF, which allows applying PDF evasions to certain strikes targeting PDF vulnerabiliteis. Option include: PDF VersionString, Hex-Encoding Name Objects, using Abbreviated Filter Names and Randomizing Dictionary Key Order. * Strikes supporting these evasions can be found by searching for "pdf_evasion" keyword. |
9.3 | E10-3yg04 |
CVE-2010-1240 CVSS-9.3 (AV:N/AC:M/AU:N/C:C/I:C/A:C) URL |
Exploits | Added a new EvasionProfile group: PDF, which allows applying PDF evasions to certain strikes targeting PDF vulnerabiliteis. Option include: PDF VersionString, Hex-Encoding Name Objects, using Abbreviated Filter Names and Randomizing Dictionary Key Order. * Strikes supporting these evasions can be found by searching for "pdf_evasion" keyword. |
9.3 | E10-3yg03 |
CVE-2010-1240 CVSS-9.3 (AV:N/AC:M/AU:N/C:C/I:C/A:C) URL |
Exploits | Added a new EvasionProfile group: PDF, which allows applying PDF evasions to certain strikes targeting PDF vulnerabiliteis. Option include: PDF VersionString, Hex-Encoding Name Objects, using Abbreviated Filter Names and Randomizing Dictionary Key Order. * Strikes supporting these evasions can be found by searching for "pdf_evasion" keyword. |
9.3 | E10-3yg02 |
CVE-2010-1240 CVSS-9.3 (AV:N/AC:M/AU:N/C:C/I:C/A:C) URL |
Exploits | Added a new EvasionProfile group: PDF, which allows applying PDF evasions to certain strikes targeting PDF vulnerabiliteis. Option include: PDF VersionString, Hex-Encoding Name Objects, using Abbreviated Filter Names and Randomizing Dictionary Key Order. * Strikes supporting these evasions can be found by searching for "pdf_evasion" keyword. |
9.3 | E10-3yg01 |
CVE-2010-1240 CVSS-9.3 (AV:N/AC:M/AU:N/C:C/I:C/A:C) URL |
Exploits | Added a new EvasionProfile group: PDF, which allows applying PDF evasions to certain strikes targeting PDF vulnerabiliteis. Option include: PDF VersionString, Hex-Encoding Name Objects, using Abbreviated Filter Names and Randomizing Dictionary Key Order. * Strikes supporting these evasions can be found by searching for "pdf_evasion" keyword. |
9.3 | E10-3yg00 |
CVE-2010-1240 CVSS-9.3 (AV:N/AC:M/AU:N/C:C/I:C/A:C) URL |
Exploits | Added a new EvasionProfile group: PDF, which allows applying PDF evasions to certain strikes targeting PDF vulnerabiliteis. Option include: PDF VersionString, Hex-Encoding Name Objects, using Abbreviated Filter Names and Randomizing Dictionary Key Order. * Strikes supporting these evasions can be found by searching for "pdf_evasion" keyword. |
9.3 | E10-3cc07 |
CVE-2010-1240 CVSS-9.3 (AV:N/AC:M/AU:N/C:C/I:C/A:C) URL |
Exploits | Added a new EvasionProfile group: PDF, which allows applying PDF evasions to certain strikes targeting PDF vulnerabiliteis. Option include: PDF VersionString, Hex-Encoding Name Objects, using Abbreviated Filter Names and Randomizing Dictionary Key Order. * Strikes supporting these evasions can be found by searching for "pdf_evasion" keyword. |
9.3 | E10-3cc06 |
CVE-2010-1240 CVSS-9.3 (AV:N/AC:M/AU:N/C:C/I:C/A:C) URL |
Exploits | Added a new EvasionProfile group: PDF, which allows applying PDF evasions to certain strikes targeting PDF vulnerabiliteis. Option include: PDF VersionString, Hex-Encoding Name Objects, using Abbreviated Filter Names and Randomizing Dictionary Key Order. * Strikes supporting these evasions can be found by searching for "pdf_evasion" keyword. |
9.3 | E10-3cc05 |
CVE-2010-1240 CVSS-9.3 (AV:N/AC:M/AU:N/C:C/I:C/A:C) URL |
Exploits | Added a new EvasionProfile group: PDF, which allows applying PDF evasions to certain strikes targeting PDF vulnerabiliteis. Option include: PDF VersionString, Hex-Encoding Name Objects, using Abbreviated Filter Names and Randomizing Dictionary Key Order. * Strikes supporting these evasions can be found by searching for "pdf_evasion" keyword. |
9.3 | E10-3cc04 |
CVE-2010-1240 CVSS-9.3 (AV:N/AC:M/AU:N/C:C/I:C/A:C) URL |
Exploits | Added a new EvasionProfile group: PDF, which allows applying PDF evasions to certain strikes targeting PDF vulnerabiliteis. Option include: PDF VersionString, Hex-Encoding Name Objects, using Abbreviated Filter Names and Randomizing Dictionary Key Order. * Strikes supporting these evasions can be found by searching for "pdf_evasion" keyword. |
9.3 | E10-3cc03 |
CVE-2010-1240 CVSS-9.3 (AV:N/AC:M/AU:N/C:C/I:C/A:C) URL |
Exploits | Added a new EvasionProfile group: PDF, which allows applying PDF evasions to certain strikes targeting PDF vulnerabiliteis. Option include: PDF VersionString, Hex-Encoding Name Objects, using Abbreviated Filter Names and Randomizing Dictionary Key Order. * Strikes supporting these evasions can be found by searching for "pdf_evasion" keyword. |
9.3 | E10-3cc02 |
CVE-2010-1240 CVSS-9.3 (AV:N/AC:M/AU:N/C:C/I:C/A:C) URL |
Exploits | Added a new EvasionProfile group: PDF, which allows applying PDF evasions to certain strikes targeting PDF vulnerabiliteis. Option include: PDF VersionString, Hex-Encoding Name Objects, using Abbreviated Filter Names and Randomizing Dictionary Key Order. * Strikes supporting these evasions can be found by searching for "pdf_evasion" keyword. |
9.3 | E10-3cc01 |
CVE-2010-1240 CVSS-9.3 (AV:N/AC:M/AU:N/C:C/I:C/A:C) URL |
Exploits | Added a new EvasionProfile group: PDF, which allows applying PDF evasions to certain strikes targeting PDF vulnerabiliteis. Option include: PDF VersionString, Hex-Encoding Name Objects, using Abbreviated Filter Names and Randomizing Dictionary Key Order. * Strikes supporting these evasions can be found by searching for "pdf_evasion" keyword. |
9.3 | E10-3cc00 |
BID-39109 CVE-2010-1240 CVSS-9.3 (AV:N/AC:M/AU:N/C:C/I:C/A:C) URL |
Exploits | Added a new EvasionProfile group: PDF, which allows applying PDF evasions to certain strikes targeting PDF vulnerabiliteis. Option include: PDF VersionString, Hex-Encoding Name Objects, using Abbreviated Filter Names and Randomizing Dictionary Key Order. * Strikes supporting these evasions can be found by searching for "pdf_evasion" keyword. |
9.3 | E13-wxx01 |
BID-57461 CVE-2012-4914 CVSS-9.3 (AV:N/AC:M/AU:N/C:C/I:C/A:C) |
Exploits |
|
9.3 | E10-gcp01 |
BID-43057 CVE-2010-2883 CVSS-9.3 (AV:N/AC:M/AU:N/C:C/I:C/A:C) |
Exploits | Added a new EvasionProfile group: PDF, which allows applying PDF evasions to certain strikes targeting PDF vulnerabiliteis. Option include: PDF VersionString, Hex-Encoding Name Objects, using Abbreviated Filter Names and Randomizing Dictionary Key Order. * Strikes supporting these evasions can be found by searching for "pdf_evasion" keyword. |
9.3 | E09-9bd01 |
BID-36600 CVE-2009-3459 CVSS-9.3 (AV:N/AC:M/AU:N/C:C/I:C/A:C) URL |
Exploits | Added a new EvasionProfile group: PDF, which allows applying PDF evasions to certain strikes targeting PDF vulnerabiliteis. Option include: PDF VersionString, Hex-Encoding Name Objects, using Abbreviated Filter Names and Randomizing Dictionary Key Order. * Strikes supporting these evasions can be found by searching for "pdf_evasion" keyword. |
9.3 | E09-3c408 |
BID-37331 CVE-2009-4324 CVSS-9.3 (AV:N/AC:M/AU:N/C:C/I:C/A:C) |
Exploits | Added a new EvasionProfile group: PDF, which allows applying PDF evasions to certain strikes targeting PDF vulnerabiliteis. Option include: PDF VersionString, Hex-Encoding Name Objects, using Abbreviated Filter Names and Randomizing Dictionary Key Order. * Strikes supporting these evasions can be found by searching for "pdf_evasion" keyword. |
9.3 | E09-3c407 |
BID-37331 CVE-2009-4324 CVSS-9.3 (AV:N/AC:M/AU:N/C:C/I:C/A:C) |
Exploits | Added a new EvasionProfile group: PDF, which allows applying PDF evasions to certain strikes targeting PDF vulnerabiliteis. Option include: PDF VersionString, Hex-Encoding Name Objects, using Abbreviated Filter Names and Randomizing Dictionary Key Order. * Strikes supporting these evasions can be found by searching for "pdf_evasion" keyword. |
9.3 | E09-3c406 |
BID-37331 CVE-2009-4324 CVSS-9.3 (AV:N/AC:M/AU:N/C:C/I:C/A:C) |
Exploits | Added a new EvasionProfile group: PDF, which allows applying PDF evasions to certain strikes targeting PDF vulnerabiliteis. Option include: PDF VersionString, Hex-Encoding Name Objects, using Abbreviated Filter Names and Randomizing Dictionary Key Order. * Strikes supporting these evasions can be found by searching for "pdf_evasion" keyword. |
9.3 | E09-3c405 |
BID-37331 CVE-2009-4324 CVSS-9.3 (AV:N/AC:M/AU:N/C:C/I:C/A:C) |
Exploits | Added a new EvasionProfile group: PDF, which allows applying PDF evasions to certain strikes targeting PDF vulnerabiliteis. Option include: PDF VersionString, Hex-Encoding Name Objects, using Abbreviated Filter Names and Randomizing Dictionary Key Order. * Strikes supporting these evasions can be found by searching for "pdf_evasion" keyword. |
9.3 | E09-3c404 |
BID-37331 CVE-2009-4324 CVSS-9.3 (AV:N/AC:M/AU:N/C:C/I:C/A:C) |
Exploits | Added a new EvasionProfile group: PDF, which allows applying PDF evasions to certain strikes targeting PDF vulnerabiliteis. Option include: PDF VersionString, Hex-Encoding Name Objects, using Abbreviated Filter Names and Randomizing Dictionary Key Order. * Strikes supporting these evasions can be found by searching for "pdf_evasion" keyword. |
9.3 | E09-3c403 |
BID-37331 CVE-2009-4324 CVSS-9.3 (AV:N/AC:M/AU:N/C:C/I:C/A:C) |
Exploits | Added a new EvasionProfile group: PDF, which allows applying PDF evasions to certain strikes targeting PDF vulnerabiliteis. Option include: PDF VersionString, Hex-Encoding Name Objects, using Abbreviated Filter Names and Randomizing Dictionary Key Order. * Strikes supporting these evasions can be found by searching for "pdf_evasion" keyword. |
9.3 | E09-3c402 |
BID-37331 CVE-2009-4324 CVSS-9.3 (AV:N/AC:M/AU:N/C:C/I:C/A:C) |
Exploits | Added a new EvasionProfile group: PDF, which allows applying PDF evasions to certain strikes targeting PDF vulnerabiliteis. Option include: PDF VersionString, Hex-Encoding Name Objects, using Abbreviated Filter Names and Randomizing Dictionary Key Order. * Strikes supporting these evasions can be found by searching for "pdf_evasion" keyword. |
9.3 | E09-3c401 |
BID-37331 CVE-2009-4324 CVSS-9.3 (AV:N/AC:M/AU:N/C:C/I:C/A:C) |
Exploits | Added a new EvasionProfile group: PDF, which allows applying PDF evasions to certain strikes targeting PDF vulnerabiliteis. Option include: PDF VersionString, Hex-Encoding Name Objects, using Abbreviated Filter Names and Randomizing Dictionary Key Order. * Strikes supporting these evasions can be found by searching for "pdf_evasion" keyword. |
9.3 | E09-15g08 |
BID-34736 CVE-2009-1492 CVSS-9.3 (AV:N/AC:M/AU:N/C:C/I:C/A:C) |
Exploits | Added a new EvasionProfile group: PDF, which allows applying PDF evasions to certain strikes targeting PDF vulnerabiliteis. Option include: PDF VersionString, Hex-Encoding Name Objects, using Abbreviated Filter Names and Randomizing Dictionary Key Order. * Strikes supporting these evasions can be found by searching for "pdf_evasion" keyword. |
9.3 | E09-15g04 |
BID-34736 CVE-2009-1492 CVSS-9.3 (AV:N/AC:M/AU:N/C:C/I:C/A:C) |
Exploits | Added a new EvasionProfile group: PDF, which allows applying PDF evasions to certain strikes targeting PDF vulnerabiliteis. Option include: PDF VersionString, Hex-Encoding Name Objects, using Abbreviated Filter Names and Randomizing Dictionary Key Order. * Strikes supporting these evasions can be found by searching for "pdf_evasion" keyword. |
9.3 | E09-15g07 |
BID-34736 CVE-2009-1492 CVSS-9.3 (AV:N/AC:M/AU:N/C:C/I:C/A:C) |
Exploits | Added a new EvasionProfile group: PDF, which allows applying PDF evasions to certain strikes targeting PDF vulnerabiliteis. Option include: PDF VersionString, Hex-Encoding Name Objects, using Abbreviated Filter Names and Randomizing Dictionary Key Order. * Strikes supporting these evasions can be found by searching for "pdf_evasion" keyword. |
9.3 | E09-15g02 |
BID-34736 CVE-2009-1492 CVSS-9.3 (AV:N/AC:M/AU:N/C:C/I:C/A:C) |
Exploits | Added a new EvasionProfile group: PDF, which allows applying PDF evasions to certain strikes targeting PDF vulnerabiliteis. Option include: PDF VersionString, Hex-Encoding Name Objects, using Abbreviated Filter Names and Randomizing Dictionary Key Order. * Strikes supporting these evasions can be found by searching for "pdf_evasion" keyword. |
9.3 | E09-15g06 |
BID-34736 CVE-2009-1492 CVSS-9.3 (AV:N/AC:M/AU:N/C:C/I:C/A:C) |
Exploits | Added a new EvasionProfile group: PDF, which allows applying PDF evasions to certain strikes targeting PDF vulnerabiliteis. Option include: PDF VersionString, Hex-Encoding Name Objects, using Abbreviated Filter Names and Randomizing Dictionary Key Order. * Strikes supporting these evasions can be found by searching for "pdf_evasion" keyword. |
9.3 | E09-15g03 |
BID-34736 CVE-2009-1492 CVSS-9.3 (AV:N/AC:M/AU:N/C:C/I:C/A:C) |
Exploits | Added a new EvasionProfile group: PDF, which allows applying PDF evasions to certain strikes targeting PDF vulnerabiliteis. Option include: PDF VersionString, Hex-Encoding Name Objects, using Abbreviated Filter Names and Randomizing Dictionary Key Order. * Strikes supporting these evasions can be found by searching for "pdf_evasion" keyword. |
9.3 | E09-15g05 |
BID-34736 CVE-2009-1492 CVSS-9.3 (AV:N/AC:M/AU:N/C:C/I:C/A:C) |
Exploits | Added a new EvasionProfile group: PDF, which allows applying PDF evasions to certain strikes targeting PDF vulnerabiliteis. Option include: PDF VersionString, Hex-Encoding Name Objects, using Abbreviated Filter Names and Randomizing Dictionary Key Order. * Strikes supporting these evasions can be found by searching for "pdf_evasion" keyword. |
9.3 | E09-15g01 |
BID-34736 CVE-2009-1492 CVSS-9.3 (AV:N/AC:M/AU:N/C:C/I:C/A:C) |
Exploits | Added a new EvasionProfile group: PDF, which allows applying PDF evasions to certain strikes targeting PDF vulnerabiliteis. Option include: PDF VersionString, Hex-Encoding Name Objects, using Abbreviated Filter Names and Randomizing Dictionary Key Order. * Strikes supporting these evasions can be found by searching for "pdf_evasion" keyword. |
9.3 | E09-0pr01 |
CVE-2009-0927 CVSS-9.3 (AV:N/AC:M/AU:N/C:C/I:C/A:C) |
Exploits | Added a new EvasionProfile group: PDF, which allows applying PDF evasions to certain strikes targeting PDF vulnerabiliteis. Option include: PDF VersionString, Hex-Encoding Name Objects, using Abbreviated Filter Names and Randomizing Dictionary Key Order. * Strikes supporting these evasions can be found by searching for "pdf_evasion" keyword. |
9.3 | E09-0pr04 |
CVE-2009-0927 CVSS-9.3 (AV:N/AC:M/AU:N/C:C/I:C/A:C) |
Exploits | Added a new EvasionProfile group: PDF, which allows applying PDF evasions to certain strikes targeting PDF vulnerabiliteis. Option include: PDF VersionString, Hex-Encoding Name Objects, using Abbreviated Filter Names and Randomizing Dictionary Key Order. * Strikes supporting these evasions can be found by searching for "pdf_evasion" keyword. |
9.3 | E09-0pr07 |
CVE-2009-0927 CVSS-9.3 (AV:N/AC:M/AU:N/C:C/I:C/A:C) |
Exploits | Added a new EvasionProfile group: PDF, which allows applying PDF evasions to certain strikes targeting PDF vulnerabiliteis. Option include: PDF VersionString, Hex-Encoding Name Objects, using Abbreviated Filter Names and Randomizing Dictionary Key Order. * Strikes supporting these evasions can be found by searching for "pdf_evasion" keyword. |
9.3 | E09-0pr06 |
CVE-2009-0927 CVSS-9.3 (AV:N/AC:M/AU:N/C:C/I:C/A:C) |
Exploits | Added a new EvasionProfile group: PDF, which allows applying PDF evasions to certain strikes targeting PDF vulnerabiliteis. Option include: PDF VersionString, Hex-Encoding Name Objects, using Abbreviated Filter Names and Randomizing Dictionary Key Order. * Strikes supporting these evasions can be found by searching for "pdf_evasion" keyword. |
9.3 | E09-0pr03 |
CVE-2009-0927 CVSS-9.3 (AV:N/AC:M/AU:N/C:C/I:C/A:C) |
Exploits | Added a new EvasionProfile group: PDF, which allows applying PDF evasions to certain strikes targeting PDF vulnerabiliteis. Option include: PDF VersionString, Hex-Encoding Name Objects, using Abbreviated Filter Names and Randomizing Dictionary Key Order. * Strikes supporting these evasions can be found by searching for "pdf_evasion" keyword. |
9.3 | E09-0pr08 |
CVE-2009-0927 CVSS-9.3 (AV:N/AC:M/AU:N/C:C/I:C/A:C) |
Exploits | Added a new EvasionProfile group: PDF, which allows applying PDF evasions to certain strikes targeting PDF vulnerabiliteis. Option include: PDF VersionString, Hex-Encoding Name Objects, using Abbreviated Filter Names and Randomizing Dictionary Key Order. * Strikes supporting these evasions can be found by searching for "pdf_evasion" keyword. |
9.3 | E09-0pr05 |
CVE-2009-0927 CVSS-9.3 (AV:N/AC:M/AU:N/C:C/I:C/A:C) |
Exploits | Added a new EvasionProfile group: PDF, which allows applying PDF evasions to certain strikes targeting PDF vulnerabiliteis. Option include: PDF VersionString, Hex-Encoding Name Objects, using Abbreviated Filter Names and Randomizing Dictionary Key Order. * Strikes supporting these evasions can be found by searching for "pdf_evasion" keyword. |
9.3 | E09-0pr02 |
CVE-2009-0927 CVSS-9.3 (AV:N/AC:M/AU:N/C:C/I:C/A:C) |
Exploits | Added a new EvasionProfile group: PDF, which allows applying PDF evasions to certain strikes targeting PDF vulnerabiliteis. Option include: PDF VersionString, Hex-Encoding Name Objects, using Abbreviated Filter Names and Randomizing Dictionary Key Order. * Strikes supporting these evasions can be found by searching for "pdf_evasion" keyword. |
5.0 | D09-02r01 |
BID-33136 CVE-2009-0099 CVSS-5.0 (AV:N/AC:L/AU:N/C:N/I:N/A:P) MS09-003 SCIP-46455 |
Denial | Added new EvasionProfile Group: Microsoft ExchangePorts, with ability to specify a range of ports for strikes targeting MS Exchange SystemAttendant service. The default port range is: 53, 88, 135, 389, 1025-5000, 6001-6004 (matching ports used by Exchange 2000)* Strike denial/smtp/ms09_003_exchange_system_attendant_udp_dos.xml was modified to select a destination port from this range. |
4.3 | E14-3eh01 |
BID-67363 CVE-2014-0521 CVSS-4.3 (AV:N/AC:M/AU:N/C:P/I:N/A:N) URL |
Exploits | Added a new EvasionProfile group: PDF, which allows applying PDF evasions to certain strikes targeting PDF vulnerabiliteis. Option include: PDF VersionString, Hex-Encoding Name Objects, using Abbreviated Filter Names and Randomizing Dictionary Key Order. * Strikes supporting these evasions can be found by searching for "pdf_evasion" keyword. |