McAfee IntruShield Manager Software 3.1

McAfee IntruShield Manager Software 4.1

McAfee IntruShield Sensor Software 3.1

McAfee IntruShield Sensor Software 4.1

Network Security Platform 5.1

Please review the current release notes KB38000 for any new additions/modifications or deletions to these attacks.

 

List One:

The following attacks require the HTTP response option to be enabled. For a detailed description on how to configure this option, please see article 2789494.

1  HIGH - HTTP: Winamp Player PLS Handling Buffer Overflow (0x40228200)
2  HIGH - HTTP: RealPlayer IERPPLUG.DLL ActiveX Control Buffer Overflow Vulnerability (0x4023ee00)
3  HIGH - HTTP:Microsoft Core XML Core Services XMLHTTP Control setRequestHeader Code Execution (0x4022f800)
4  HIGH - HTTP: VMware Inc IntraProcessLogging dll Arbitrary Data Write vulnerability (0x4023b900)
5  HIGH - HTTP: Internet Explorer DirectAnimation PathControl Object Vulnerability (0x4022db00)
6  HIGH - HTTP:Microsoft SQL Server Distributed Management Objects Buffer Overflow (0x4023d800)
7  HIGH - HTTP: IE6 Cross Domain Script (0x40249900)
8  HIGH - HTTP: Microsoft SQL Server Distributed Management Objects Buffer Overflow (0x4023ed00)
9  HIGH - HTTP: Mozilla/Firefox InstallVersion Object Validation Vulnerability (0x40226500)
10  HIGH - HTTP: Microsoft PowerPoint Exploit.d Vulnerability (0x4022e700)
11  HIGH - HTTP: Microsoft IE WebViewFolderIcon setSlice Integer Underflow (0x4022e600)
12  HIGH - HTTP: Windows Media Player Code Execution (0x40228e00)
13  HIGH - HTTP: McAfee Subscription Manager Stack Buffer Overflow Vulnerability (0x4022e500)
14  HIGH - HTTP: Microsoft IE Frame Element Heap Overflow (0x4021d600)
15  HIGH - HTTP: FaceBook/Aurigma ImageUploader/PhotoUploader Buffer Overflow (0x40242600)
16  HIGH - HTTP: Microsoft JPEG Segment Length Integer Underflow (0x4021fb00)
17  HIGH - HTTP: Malicious XML File (0x4022f200)
18  HIGH - HTTP: Adobe Flash Player SWF File Remote Code Execution Vulnerability (0x40247800)
19  HIGH - HTTP: Apple QuickTime PICT Clip Opcode Heap Overflow (0x40245d00)
20  HIGH - HTTP: Apple Mac OS X ImageIO gifGetBandProc GIF Image Handling Integer Overflow Vulnerability (0x40237e00)
21  HIGH - HTTP: Microsoft Excel Indexing Validation Vulnerability (0x40250f00)
22  HIGH - HTTP: Microsoft Windows PNG Image Rendering Vulnerability (0x40222d00)
23  HIGH - HTTP: Microsoft Publisher Invalid Memory Reference Vulnerability (0x40243200)
24  HIGH - HTTP: Symantec Norton Personal Firewall 2004 ActiveX Control Buffer Overflow (0x4024ea00)
25  HIGH - HTTP: Microsoft Internet Explorer Memory Corruption Vulnerability (0x40236100)
26  HIGH - HTTP: PowerPoint Malformed Data Record Vulnerability (0x40237a00)
27  HIGH - HTTP: Microsoft IE COM Instantiation Memory Corruption 4 (0x40233500)
28  HIGH - HTTP: Microsoft Windows Media Encoder Buffer Overrun Vulnerability (0x40252d00)
29  HIGH - HTTP: Microsoft Excel Remote Code Execution (0x40241f00)
30  HIGH - HTTP: Microsoft Help and Support Center argument injection vulnerability (0x4021ed00)
31  HIGH - HTTP: Microsoft PICT Filter Parsing Vulnerability (0x4024d800)
32  HIGH - HTTP: Microsoft Vista Feed Headlines Gadget Remote Code Execution Vulnerability (0x4023c800)
33  HIGH - HTTP: Microsoft Vista Contacts Gadget Remote Code Execution Vulnerability (0x4023d600)
34  HIGH - HTTP: Microsoft IE Onload Window in Body Tag Vulnerability (0x40223e00)
35  HIGH - HTTP: Microsoft Word Smart Tags Remote Code Execution (0x4024a200)
36  HIGH - HTTP: Microsoft Jet DB Engine Buffer Overflow (0x4023f400)
37  HIGH - HTTP: Microsoft Response Header Cross-Domain Vulnerability (0x40247c00)
38  HIGH - HTTP: IE UTF-8 HTML Decoding Vulnerability (0x4022c200)
39  HIGH - HTTP: Microsoft IE HxTocCtrl ActiveX Memory Corruption Vulnerability (0x40244b00)
40  HIGH - HTTP: IBM Lotus Expeditor rcplauncher Command Injection (0x40246900)
41  HIGH - HTTP: MSN Heartbeat Control Buffer Overflow (0x40224f00)
42  HIGH - HTTP: Microsoft Works 7 WkImgSrv.dll ActiveX Vulnerability (0x40246200)
43  HIGH - HTTP: Microsoft DirectShow Code Execution Vulnerability Parsing SAMI Files (0x4023fe00)
44  HIGH - HTTP: Microsoft Malformed BMP Filter Vulnerability (0x4024da00)
45  HIGH - HTTP: Microsoft Parsing Overflow Vulnerability (0x40248100)
46  HIGH - HTTP: Microsoft IE Malform CSS Heap Corruption (0x4021d100)
47  HIGH - HTTP: Microsoft Antivirus Engine Vulnerability (0x40232500)
48  HIGH - HTTP: Apache Tomcat JK Web Server Connector Long URL Stack Overflow Vulnerability (0x4023a300)
49  HIGH - HTTP: Malformed Windows RTF File Transferring (0x40232400)
50  HIGH - HTTP: Apple Safari Regular Expression Heap Buffer Overflow (0x4023c200)
51  HIGH - HTTP: Microsoft Internet Explorer Script Error Handling Memory Corruption Vulnerability (0x4023e800)
52  HIGH - HTTP: Yahoo Messenger AudioConf ActiveX Control Buffer Overflow Vulnerability (0x40235900)
53  HIGH - HTTP: Microsoft Excel Style Record Vulnerability (0x40244100)
54  HIGH - HTTP: Microsoft HTML Help File Parsing Buffer Overflow (0x40222b00)
55  HIGH - HTTP: Microsoft IE Security Update Of ActiveX Kill Bits IV (0x40250b00)
56  HIGH - HTTP: Potential Malicious CBO File Detected (0x4022fc00)
57  HIGH - HTTP: Microsoft IE Security Update Of ActiveX Kill Bits II (0x40250900)
58  HIGH - HTTP: Microsoft Excel File Format Parsing Vulnerability (0x40253900)
59  HIGH - HTTP: Microsoft Word Drawing Object Vulnerability (0x40246700)
60  HIGH - HTTP: Yahoo Webcam ActiveX Control Buffer Overflow Vulnerability (0x40238500)
61  HIGH - HTTP: Microsoft GDI+ VML Buffer Overrun Vulnerability (0x40251800)
62  HIGH - HTTP: Firefox firefoxurl URI Handler Registration Vulnerability (0x4023a900)
63  HIGH - HTTP: Apple QuickTime Remote Security Bypass Vulnerability (0x4023e200)
64  HIGH - HTTP: Windows Graphics Rendering Engine Vulnerability (0x40225b00)
65  HIGH - HTTP: Microsoft Excel Format Parsing Vulnerability (0x40253700)
66  HIGH - HTTP: Microsoft Excel Formula Parsing Vulnerability (0x40244200)
67  HIGH - HTTP: Microsoft Workspace Memory Corruption (0x4023ab00)
68  HIGH - HTTP: Symantec Products NavComUI ActiveX Control Code Execution  (0x4023cc00)
69  HIGH - HTTP: Microsoft IE COM Instantiation Memory Corruption (0x40222500)
70  HIGH - HTTP: MySQL MaxDB Webtool Percent Buffer Overflow (0x40247200)
71  HIGH - HTTP: Microsoft Word 0-Day Vulnerability V (0x40231e00)
72  HIGH - HTTP: Apple QuickTime RTSP URL Buffer Overflow (0x40231a00)
73  HIGH - HTTP: Microsoft IE COM Instantiation Memory Corruption 1 (0x40233000)
74  HIGH - HTTP: Microsoft Macro Validation Vulnerability (0x40243f00)
75  HIGH - HTTP: Microsoft Malware Protection Engine Vulnerability II (0x40247000)
76  HIGH - HTTP: Microsoft Internet Explorer Arbitrary File Rewrite Vulnerability (0x40236300)
77  HIGH - HTTP: Microsoft Office WPG Image File Heap Corruption Vulnerability (0x40251200)
78  HIGH - HTTP: Microsoft IE ActiveX Control Vulnerability (0x40232300)
79  HIGH - HTTP: Malicious Word Document Download (0x4022ff00)
80  HIGH - HTTP: Microsoft IE DHTML Object Memory Corruption Vulnerability (0x40222100)
81  HIGH - HTTP: Microsoft IE sapi.dll ActiveX Vulnerability (0x40247b00)
82  HIGH - HTTP: Microsoft DirectShow Code Execution Vulnerability Parsing WAV Files (0x4023fd00)
83  HIGH - HTTP: LinkedIn ActiveX Control Code Execution (0x4023bb00)
84  HIGH - HTTP: Microsoft VBScript and JScript Remote Code Execution Vulnerability (0x40245800)
85  HIGH - HTTP: Microsoft IE HTML Tag Memory Corruption Vulnerability (0x4022b800)
86  HIGH - HTTP: Microsoft SQL Memory Corruption Vulnerability (0x40249f00)
87  HIGH - HTTP: Microsoft Uniform Resource Locator Validation Error Vulnerability (0x40252f00)
88  HIGH - HTTP: Word RTF Parsing Vulnerability (0x40235f00)
89  HIGH - HTTP: Vulnerabilities in Microsoft Word Could Allow Remote Code Execution (0x40232700)
90  HIGH - HTTP: Sun Java JRE WebStart JNLP Stack Overflow Vulnerability (0x40244a00)
91  HIGH - HTTP: Microsoft Snapshot Viewer for Microsoft Access Code Execution (0x4024a000)
92  HIGH - HTTP: MS06-014 Microsoft Windows MDAC Vulnerability  (0x4022b400)
93  HIGH - HTTP: Microsoft Publisher Object Handler Validation Vulnerability (0x40246c00)
94  HIGH - HTTP: Mozilla QueryInterface Memory Corruption Vulnerability (0x4022a600)
95  HIGH - HTTP: Yahoo! Music Jukebox ActiveX BOF (0x40242700)
96  HIGH - HTTP: Microsoft ActiveX Object Memory Corruption Vulnerability (0x4023e000)
97  HIGH - HTTP: Microsoft Agent Remote Code Execution Vulnerability (0x4023c100)
98  HIGH - HTTP: Microsoft IE DHTML Method Memory Corruption (0x40224200)
99  HIGH - HTTP: Intuit QuickBooks Online Edition ActiveX Buffer Overflow (0x40240000)
100  HIGH - HTTP: Microsoft Outlook mailto URL Exploit (0x4021d000)
101  HIGH - HTTP: RealNetworks RealPlayer rmoc3260.dll ActiveX Control Memory Corruption (0x40244700)
102  HIGH - HTTP: Microsoft IE Double-Byte Character Parsing Memory Corruption Vulnerability (0x4022b200)
103  HIGH - HTTP: Microsoft Word Memory Corruption Vulnerability (0x40243100)
104  HIGH - HTTP: Mozilla Firefox IFRAME Style Change Handling Code Execution (0x40244d00)
105  HIGH - HTTP: IE Install Engine ActiveX Control Buffer Overflow (0x4021d300)
106  HIGH - HTTP: Symantec Norton Internet Security 2006 COM Object Security ByPass Vulnerability  (0x40236a00)
107  HIGH - HTTP: Microsoft GDI+ WMF Buffer Overrun Vulnerability (0x40253100)
108  HIGH - HTTP: Microsoft Win32 API Vulnerability (0x40238600)
109  HIGH - HTTP: Microsoft IE COM Instantiation Memory Corruption 3 (0x40233400)
110  HIGH - HTTP: Yahoo Widgets YDP ActiveX Control Remote Command Execution Vulnerability (0x4023b700)
111  HIGH - HTTP: Microsoft Excel Calendar Object Validation Vulnerability (0x40254e00)
112  HIGH - HTTP: Microsoft Help Workshop Crafted HPJ File Buffer Overflow (0x40242000)
113  HIGH - HTTP: Adobe Pagemaker Long Font Name Buffer Overflow (0x40241900)
114  HIGH - HTTP: Microsoft Word Array Overflow (0x40236000)
115  HIGH - HTTP: Microsoft Project Memory Validation Vulnerability (0x40245400)
116  HIGH - HTTP: Mozilla Firefox URI Handling Vulnerability (0x4023b600)
117  HIGH - HTTP: HP Software Update HPeDiag ActiveX Buffer Overflow (0x40246b00)
118  HIGH - HTTP: Microsoft Remote Code Execution Vulnerability in Crystal Reports (0x4023d500)
119  HIGH - HTTP: Microsoft JPEG Image Rendering Memory Corruption (0x40222c00)
120  HIGH - HTTP: Microsoft IE Security Update Of ActiveX Kill Bits VI (0x40250d00)
121  HIGH - HTTP: CA BrightStor ARCServe Backup AddColumn Buffer Overflow (0x40245500)
122  HIGH - HTTP: Microsoft IE Security Update Of ActiveX Kill Bits III (0x40250a00)
123  HIGH - HTTP: Microsoft IE HTA Execution Vulnerability (0x4022b100)
124  HIGH - HTTP: IE HTML Objects Memory Corruption Vulnerability (0x40247d00)
125  HIGH - HTTP: Apache 1.3 mod_proxy Buffer Overflow (0x4023e300)
126  HIGH - HTTP:Yahoo Messenger CYFT Object (ft60.dll) Arbitrary File Download (0x4023e100)
127  HIGH - HTTP: Microsoft Internet Explorer ADODB.connection 0-Day (0x4022f000)
128  HIGH - HTTP: Microsoft IE Uninitialized Memory Corruption Vulnerability (0x40238c00)
129  HIGH - HTTP: McAfee ePO remote code execution (0x40233200)
130  HIGH - HTTP: Microsoft Internet Explorer ActiveX Object Vulnerability (0x4023c500)
131  HIGH - HTTP: Microsoft Internet Explorer CSS Memory Corruption Vulnerability (0x4023c700)
132  HIGH - HTTP: Microsoft Windows HTML Help Control Cross Zone Scripting Vulnerability (0x4021f400)
133  HIGH - HTTP: Microsoft XML Core Services Vulnerability (0x4023c300)
134  HIGH - HTTP: HP ActiveX Object Remote Code Execution Vulnerability (0x40239300)
135  HIGH - HTTP: Adobe Flash Player Invalid Pointer Vulnerability (0x40246a00)
136  HIGH - HTTP: Microsoft Word DOCX Macro Vulnerability (0x40232600)
137  HIGH - HTTP: Microsoft Word Section Table Array Buffer Overflow (0x40231c00)
138  HIGH - HTTP: ViewPoint Media Player ActiveX Stack Overflow Vulnerabilities (0x4023f600)
139  HIGH - HTTP: Microsoft Mini-Redirector Heap Overflow Vulnerability (0x40242a00)
140  HIGH - HTTP: IBM Lotus 1-2-3 File Viewer Buffer Overflow (0x40240500)
141  HIGH - HTTP: Sun JRE isInstalled.dnsResolve Overflow (0x40243800)
142  HIGH - HTTP: Microsoft Windows Kodak Image Viewer Remote Code Execution Vulnerability (0x4023e600)
143  HIGH - HTTP: Microsoft Word 0-Day Vulnerability I (0x40230800)
144  HIGH - HTTP: Microsoft Excel Sheet Name Memory Corruption (0x40242400)
145  HIGH - HTTP: Macrovision InstallShield Update Service ActiveX Control Code Execution (0x4023f300)
146  HIGH - HTTP: Microsoft Works File Converter Field Length Vulnerability (0x40243000)
147  HIGH - HTTP: IFRAME Attack Detected (0x40247700)
148  HIGH - HTTP: IE Nested HTML Tag Memory Corruption Vulnerability (0x4022bb00)
149  HIGH - HTTP: Microsoft Excel Malformed File Denial of Service (0x4023ac00)
150  HIGH - HTTP: Microsoft Excel Rich Text Validation Vulnerability (0x40244300)
151  HIGH - HTTP: Cisco Webex Meeting Manager atucfobj ActiveX Control Buffer Overflow (0x40251c00)
152  HIGH - HTTP: VMware ESX Server Management Interface Password Vulnerability (0x4023e400)
153  HIGH - HTTP: Microsoft Windows Media Format Remote Code Execution Vulnerability Parsing ASF (0x4023ff00)
154  HIGH - HTTP: Microsoft Excel Conditional Formatting Vulnerability (0x40244400)
155  HIGH - HTTP: Microsoft IE Security Update Of ActiveX Kill Bits VIII (0x40252c00)
156  HIGH - HTTP: Microsoft Malformed EPS Filter Vulnerability (0x4024d900)
157  HIGH - HTTP: Microsoft Excel Workspace Memory Corruption Vulnerability (0x4023c000)
158  HIGH - HTTP: Microsoft SAMI Format Parsing Vulnerability (0x40248000)
159  HIGH - HTTP: Microsoft CSS Tag Memory Corruption Vulnerability (0x40238b00)
160  HIGH - HTTP: Potential Malicious Word Document (0x40230700)
161  HIGH - HTTP: Microsoft GDI+ BMP Integer Overflow Vulnerability (0x40252e00)
162  HIGH - HTTP: Microsoft Excel Data Validation Record Vulnerability (0x40244000)
163  HIGH - HTTP: Microsoft OLE Heap Overrun Vulnerability (0x40242d00)
164  HIGH - HTTP: Microsoft COM Object Instantiation Memory Corruption Vulnerability (0x40238e00)
165  HIGH - HTTP: Microsoft GDI Heap Overflow Vulnerability (0x40245200)
166  HIGH - HTTP: Microsoft Works Converter Index Table Vulnerability (0x40243300)
167  HIGH - HTTP: Microsoft IE COM Instantiation Memory Corruption 2 (0x40233100)
168  HIGH - HTTP: Microsoft .NET PE Loader Vulnerability (0x4023af00)
169  HIGH - HTTP: VMware vielib dll Remode Code Execution vulnerability (0x4023b800)
170  HIGH - HTTP: Adobe Flash Player JPG Processing (0x40245e00)
171  HIGH - HTTP: Microsoft GDI+ GIF Parsing Vulnerability (0x40251900)
172  HIGH - HTTP: Microsoft Malformed PICT Filter Vulnerability (0x4024d700)
173  HIGH - HTTP: Microsoft DXMedia SDK ActiveX Remote Code Execution Vulnerability (0x4023c900)
174  HIGH - HTTP: Vulnerability in HTML Help ActiveX Control (0x40232900)
175  HIGH - HTTP: Adobe Reader Mailto Vulnerability (0x4023ef00)
176  HIGH - HTTP: PowerPoint Malformed Record Memory Corruption Vulnerability (0x40232800)
177  HIGH - HTTP: Microsoft Windows Workspace Memory Corruption Vulnerability (0x4023e700)
178  HIGH - HTTP: IE VML 0-day Remote Code Execution (0x4022df00)
179  HIGH - HTTP: Microsoft IE Security Update Of ActiveX Kill Bits I (0x40250700)
180  HIGH - HTTP: Microsoft Office Web Components ActiveX vulnerability (0x4023fc00)
181  HIGH - HTTP: Microsoft Outlook URI Vulnerability (0x40243e00)
182  HIGH - HTTP: Mozilla Firefox Browser Crash Memory Corruption Code Execution (0x40241e00)
183  HIGH - HTTP: EMF Malformed Embedded Description Size Field (0x40234f00)
184  HIGH - HTTP: Microsoft Internet Explorer Argument Handling Memory Corruption Vulnerability (0x40242c00)
185  HIGH - HTTP: Microsoft Word Font Parsing Buffer Overflow Vulnerability (0x4023d100)
186  HIGH - HTTP: Microsoft Excel Calculation Error Vulnerability (0x4023aa00)
187  HIGH - HTTP: Windows Metafile Heap Overflow Vulnerability (0x40225a00)
188  HIGH - HTTP: Adobe Reader and Acrobat ActiveX Control Remote Code Execution Vulnerability (0x40237700)
189  HIGH - HTTP: IE CreateTextRange Code Execution Vulnerability (0x4022ad00)
190  HIGH - HTTP: Microsoft Windows MFC Library FileFind Class Heap Overflow (0x4023df00)
191  HIGH - HTTP: Microsoft Visual Basic for Applications Document Properties Buffer Overrun Vulnerability (0x40237c00)
192  HIGH - HTTP: Microsoft IIS Memory Request Vulnerability (0x4023ad00)
193  HIGH - HTTP: Apple QuickTime PICT Heap Overflow (0x40241d00)
194  HIGH - HTTP: Microsoft Agent ActiveX Control Memory Corruption Vulnerability (0x40235600)
195  HIGH - HTTP: IASystemInfo.DLL ActiveX Control Remote Buffer Overflow Vulnerabilities (0x4024f300)
196  HIGH - HTTP: Trend Micro OfficeScan ActiveX Remote Code Execution (0x40249a00)
197  HIGH - HTTP: VMWare vielib dll CreateProcess and CreateProcessEx ActiveX Vulnerability (0x4023BA00)
198  HIGH - HTTP: HP Info Center HPInfo Class ActiveX Control Insecure Methods  Vulnerability (0x40240400)
199  HIGH - HTTP: Microsoft HTML Objects Memory Corruption Vulnerability (0x40250300)
200  HIGH - HTTP: Microsoft Visio Memory Corruption Vulnerability (0x40238000)
201  HIGH - HTTP: Microsoft Publisher Memory Corruption Vulnerability (0x40243400)
202  HIGH - HTTP: Microsoft IE Security Update Of ActiveX Kill Bits VII (0x40250e00)
203  HIGH - HTTP: Microsoft Visio Memory Validation Vulnerability (0x40245700)
204  HIGH - HTTP: Microsoft Internet Explorer ActiveX Object Memory Corruption Vulnerability (0x4023c600)
205  HIGH - HTTP: Microsoft GDI Stack Overflow Vulnerability (0x40245300)
206  HIGH - HTTP: Malicious Word Document Download II (0x40232100)
207  HIGH - HTTP: Microsoft Memory Allocation Vulnerability II (0x40251500)
208  HIGH - HTTP: Microsoft IE Security Update Of ActiveX Kill Bits V (0x40250c00)
209  HIGH - HTTP: Oracle JInitiator ActiveX control stack buffer overflows (0x4023d900)
210  HIGH - HTTP: HP Software Update Tool ActiveX Control File Overwrite vulnerability (0x40241500)
211  HIGH - HTTP: Microsoft Windows LoadImage API Integer Overflow (0x40220400)
212  HIGH - HTTP: Microsoft GDI+ EMF Memory Corruption Vulnerability (0x40253000)
213  HIGH - HTTP: Microsoft Argument Handling Memory Corruption Vulnerability (0x40250500)
214  HIGH - HTTP: Potential Malicious ANI File Detected (0x40234b00)
215  HIGH - HTTP: PNG Image Height Processing Vulnerability (0x40225000)
216  HIGH - HTTP: Mozilla Firefox Plugin Access Control (0x40221500)
217  HIGH - HTTP: Microsoft Publisher 2007 Remote Code Execution (0x4023ae00)
218  HIGH - HTTP: Microsoft Word Malformed Object Pointer Vulnerability (0x4022bc00)
219  HIGH - HTTP: Microsoft Word Cascading Style Sheet (CSS) Vulnerability (0x40246800)
220  HIGH - HTTP: Microsoft Office Memory Corruption Vulnerability (0x40243d00)
221  HIGH - HTTP: Microsoft Works Converter Input Validation Vulnerability (0x40242f00)
222  HIGH - HTTP: Microsoft Visual Studio VBTOVSI.DLL ActiveX Control Arbitrary File Overwrite (0x4023db00)
223  HIGH - HTTP: Microsoft Visio Object Header Vulnerability (0x40245600)
224  HIGH - HTTP: Microsoft CAPICOM Remote Code Execution Vulnerability (0x40235800)
225  HIGH - HTTP: Microsoft Speech Control Memory Corruption Vulnerability (0x40238d00)
226  HIGH - HTTP: Microsoft Visual FoxPro vfp6r.dll DoCmd ActiveX Control Command Execution (0x40241700)
227  HIGH - HTTP: IE XML Page Object Type Validation Vulnerability (0x40224800)
228  HIGH - HTTP: Microsoft Visual Studio PDWizard.ocx ActiveX Control Code Execution (0x4023da00)
229  MEDIUM - HTTP: Microsoft Internet Explorer Implicit Drag and Drop File Installation (0x4021cf00)
230  MEDIUM - HTTP: Microsoft HTML Help HHP File Handling Vulnerability (0x40228800)
231  MEDIUM - HTTP: MS Office Malformed String Parsing Vulnerability (0x4022c100)
232  MEDIUM - HTTP: IE Modal Dialog Script Execution (0x40220900)
233  MEDIUM - HTTP: Microsoft Excel Malformed Name Record Vulnerability (0x4022aa00)
234  MEDIUM - HTTP: Microsoft Excel Selection Record Memory Access Error (0x4022b000)
235  MEDIUM - HTTP: Windows Media Player Plug-in Vulnerability (0x40228f00)
236  MEDIUM - HTTP: Mozilla SSL lock icon view-source URL spoofing (0x40230400)
237  MEDIUM - HTTP: Windows Media Player Skins Download Code Execution (0x4021cb00)
238  MEDIUM - HTTP: Macromedia Flash Improper Memory Access (0x4022b900)
239  MEDIUM - HTTP: IE IsComponentInstalled Stack Overflow Vulnerability (0x4022a500)
240  MEDIUM - HTTP: Microsoft Agent Spoofing Vulnerability (0x40222800)
241  MEDIUM - HTTP: MS06-042 Microsoft IE Cumulative Security Vulnerability Detected (0x4022ce00)
242  MEDIUM - HTTP: Windows Help and Support Center Buffer Overrun (0x4021d400)
243  MEDIUM - HTTP: Mozilla Browser/Firefox Chrome Window Spoofing Vulnerability (0x40230500)
244  MEDIUM - HTTP: Microsoft Excel Malformed Record Vulnerability (0x4022a900)
245  MEDIUM - HTTP: Microsoft Windows DHTML Edit Control Cross Site Scripting (0x4021fd00)
246  MEDIUM - HTTP: Microsoft Product Shell Program Execution (0x4021e200)
247  MEDIUM - HTTP: IE HTML Element Action Handlers Overflow (0x4022ac00)
248  MEDIUM - HTTP: Microsoft JScript Code Execution Vulnerability (0x4022c300)
249  MEDIUM - HTTP: Microsoft Internet Explorer Cross Site/Domain Vulnerability (0x4021f300)
250  MEDIUM - HTTP: IE Similar Method Name Redirection Cross Domain (0x4021d200)
251  MEDIUM - HTTP: MS Channel Definition Format (CDF) Cross Domain Vulnerability (0x40221c00)
252  MEDIUM - HTTP: IE URL Decoding Zone Spoof Vulnerability (0x40224d00)
253  MEDIUM - HTTP: Winamp Midi File Header Handling Client Side Buffer Overflow Vulnerability (0x4022c700)
254  MEDIUM - HTTP: Internet Explorer Object Data Remote Execution (0x4021d800)
255  MEDIUM - HTTP: Encoded javascript shellcode (0x4022fb00)
256  MEDIUM - HTTP: Juniper SSL-VPN Client Buffer Overflow (0x4022ba00)
257  MEDIUM - HTTP: Microsoft IE Drag and Drop Vulnerability (0x40229100)
258  MEDIUM - HTTP: Internet Explorer Content Advisor Memory Corruption (0x40221d00)
259  MEDIUM - HTTP: Malicious Microsoft Excel Payload Detected (0x40231d00)
260  MEDIUM - HTTP: Malformed Microsoft Excel Exploit (0x4022c500)
261  MEDIUM - HTTP: Malformed Microsoft Excel Exploit II (0x40235e00)
262  MEDIUM - HTTP:Microsoft IE HTML Help COM Object Image Property Heap Overflow (0x4022c900)
263  MEDIUM - HTTP: Microsoft IE Malformed HTML Vulnerability (0x40224500)
264  MEDIUM - HTTP: Microsoft Windows GRE WMF Memory Overrun DoS (0x40227400)
265  MEDIUM - HTTP: Macromedia Flash ActionDefine Memory Corruption (0x40228600)
266  MEDIUM - HTTP: Yahoo Messenger Unspecified ActiveX Control Buffer Overflow (0x40230900)
267  MEDIUM - HTTP: Microsoft Windows WMF Handling Remote Code Execution Vulnerability (0x40227300)
268  MEDIUM - HTTP: Mozilla Firefox potential memory corruption in the JavaScript engine (0x40232b00)
269  MEDIUM - HTTP: Microsoft DirectX MIDI Filetype Buffer Overflow (0x4021f100)
270  MEDIUM - HTTP: Microsoft WMF Rendering Vulnerability (0x40228700)
271  MEDIUM - HTTP: Internet Explorer Frame Flood Request Zone Bypass (0x4021d500)
272  MEDIUM - HTTP: ActSoft DVD Tools Stack Overflow Exploit  (0x40236700)
273  MEDIUM - HTTP: Microsoft IE MHTML Protocol Cross Domain Policy (0x4021f200)
274  MEDIUM - HTTP: Microsoft Office Malformed Data Vulnerability (0x4022ab00)
275  MEDIUM - HTTP: Microsoft Word Perfect Converter Buffer Overrun (0x4021ef00)
276  MEDIUM - HTTP: Oracle Data Control ORADC ActiveX Control Code Execution (0x40231100)
277  MEDIUM - HTTP: RealNetworks RealPlayer .smil Buffer Overflow Vulnerability (0x40220300)
278  MEDIUM - HTTP: Danmec Trojan Downloading Detected (0x40246e00)
279  MEDIUM - HTTP: Microsoft Word Exploit-VBE (0x4022be00)
280  MEDIUM - HTTP: Microsoft Internet Explorer OnBeforeUnload JavaScript Address Bar Spoofing (0x4023ec00)
281  MEDIUM - HTTP: Microsoft Image Viewer .GIF Processing Heap Overflow (0x40221400)
282  MEDIUM - HTTP: IE Object Tag Cross Domain Violation Vulnerability (0x40224600)
283  MEDIUM - HTTP: Internet Explorer Msdds.dll Remote Code Execution (0x40222600)
284  MEDIUM - HTTP: MS06-013 Microsoft IE HTML Parsing Vulnerability (0x4022b600)
285  MEDIUM - HTTP: Microsoft Windows WMF/EMF Image Format Rendering Buffer Overflow (0x4021f900)
286  MEDIUM - HTTP: IE File Download Dialog Box Manipulation Vulnerability (0x40226700)
287  MEDIUM - HTTP: Malicious ACF File (0x4022f300)
288  MEDIUM - HTTP: MS Office Malformed Image Parsing Vulnerability (0x4022c600)
289  MEDIUM - HTTP: IE Malicious Shortcut Self-Executing HTML (0x40220600)
290  MEDIUM - HTTP: IE NULL Character Evasion (0x40224b00)
291  MEDIUM - HTTP: Microsoft IE Cancelled URI Spoofing Vulnerability (0x40234800)
292  MEDIUM - HTTP: PowerPoint 2000 Information Disclosure Vulnerability (0x40229000)
293  MEDIUM - HTTP: DOS Device in Path Name Vulnerability (0x40223c00)
294  MEDIUM - HTTP: Potential Malicious ActiveX Detected (0x4022f500)
295  MEDIUM - HTTP: Possible Vector Markup Language Exploit (0x40230d00)
296  MEDIUM - HTTP: Microsoft Internet Explorer Page Update Race Condition (0x40240200)
297  MEDIUM - HTTP: Microsoft Windows showHelp Code Execution Vulnerability (0x4021cc00)
298  MEDIUM - HTTP: Microsoft Internet Explorer Bitmap Processing Integer Overflow Vulnerability (0x4021e000)
299  MEDIUM - HTTP: Apple Quicktime HREFTrack Cross-Zone Scripting vulnerability (0x40237800)
300  MEDIUM - HTTP: Potential Malicious OSS File Transferring (0x40230c00)
301  MEDIUM - HTTP: Potential Malicious Script Detected (0x4022fd00)
302  MEDIUM - HTTP: Microsoft OLE Automation Memory Corruption Vulnerability (0x4023c400)
303  MEDIUM - HTTP: Microsoft Internet Explorer File Download Security Warning Bypass Vulnerability (0x4021fe00)
304  MEDIUM - HTTP: Microsoft Window Location Property Cross-Domain Information Disclosure Vulnerability (0x40254d00)
305  MEDIUM - HTTP: Microsoft Windows HSC DVD Driver Upgrade Code Execution (0x4021ee00)
306  MEDIUM - HTTP: Microsoft HTML Tag Element Cross-Domain Information Disclosure Vulnerability (0x40254b00)
307  MEDIUM - HTTP: IE Execcommand Zone Bypass Vulnerability (0x40220b00)
308  MEDIUM - HTTP: IBM Access Support (eGatherer) ActiveX Remote Code Execution (0x4021db00)
309  MEDIUM - HTTP: Sony DRM CodeSupport ActiveX Control Vulnerability (0x40225f00)
310  MEDIUM - HTTP: Windows Kernel ANI Parsing Crash Vulnerability (0x40225200)
311  MEDIUM - HTTP: Microsoft Internet Explorer GetObject Vulnerability (0x40223200)
312  MEDIUM - HTTP: IE Multimedia Page Cross-Site Scripting (0x40221000)
313  MEDIUM - HTTP: Malformed Word File (0x4022ea00)
314  MEDIUM - HTTP: IE Windows Script Host Object Vulnerability (0x40220700)
315  MEDIUM - HTTP: Microsoft VML Buffer Overrun Vulnerability (0x4023ca00)
316  MEDIUM - HTTP: Microsoft Office MSODataSourceControl ActiveX vulnerabiliby (0x4023fb00)
317  MEDIUM - HTTP: IE Pop-up.show Method Vulnerability (0x4021e300)
318  MEDIUM - HTTP: Potential Malicious Microsoft Outlook ICS File (0x40230e00)
319  MEDIUM - HTTP: Microsoft HTML Objects Memory Corruption Vulnerability (0x40254700)
320  MEDIUM - HTTP: Microsoft Windows HTML Converter HR Align Buffer Overflow Vulnerability (0x4021ce00)
321  MEDIUM - HTTP: Microsoft IE ExecScript File Disclosure Vulnerability (0x40223300)
322  MEDIUM - HTTP: JVM GIF Image Parsing Zero Width Exploit Detected (0x40231200)
323  MEDIUM - HTTP: IE Mouse Click Event Vulnerability (0x40220500)
324  MEDIUM - HTTP: Microsoft IE ShowHelp Command Execution Vulnerability (0x40224100)
325  MEDIUM - HTTP: Microsoft Uninitialized Memory Corruption Vulnerability (0x40254800)
326  MEDIUM - HTTP: Microsoft Windows Script Engine Heap Overflow (0x40220d00)
327  MEDIUM - HTTP: Microsoft Source Element Cross-Domain Information Disclosure Vulnerability (0x40254c00)
328  MEDIUM - HTTP: Windows Kernel ANI Parsing DOS Vulnerability (0x40225300)
329  MEDIUM - HTTP: Symantec Firewall Products WrapNISUM Class Remote Command Execution (0x4021d700)
330  MEDIUM - HTTP: Microsoft Outlook Express Windows Address Book File Vulnerability (0x4022b700)
331  MEDIUM - HTTP: Acer LunchApp.APlunch ActiveX Command Execution Vulnerability (0x4022fe00)
332  MEDIUM - HTTP: Microsoft Internet Explorer ADODB.Stream Object File Installation (0x4021dd00)
333  MEDIUM - HTTP: LibPNG Graphics Library Multiple Remote Vulnerabilities (0x4021e400)
334  MEDIUM - HTTP: Temporary Information Files Folder Information Disclosure (0x40230100)
335  MEDIUM - HTTP: Microsoft IE CHM File Processing Arbitrary Code Execution Vulnerability (0x4021e500)
336  MEDIUM - HTTP: Microsoft WinHlp Item Buffer Overflow Vulnerability (0x4021dc00)
337  MEDIUM - HTTP: Windows Media ASX PlayList Vulnerability (0x40230200)
338  MEDIUM - HTTP: Microsoft Internet Explorer Shell.Application Object Code Execution (0x4021de00)
339  MEDIUM - HTTP: Microsoft IE OBJECT Tag Buffer Overflow (0x40219000)
340  MEDIUM - HTTP: Microsoft Office 2003 Brazilian Portuguese Grammar Checker Vulnerability (0x40230f00)
341  MEDIUM - HTTP: Microsoft IE External Object Caching Vulnerability (0x40223400)
342  MEDIUM - HTTP: Microsoft Win2k Troubleshooter Activex Control Buffer Overflow (0x4021d900)
343  MEDIUM - HTTP: Information Disclosure in ASP.NET 2.0 (0x40231800)
344  MEDIUM - HTTP: Microsoft Internet Explorer Remote urlmon.dll Buffer Overflow (0x4021ca00)
345  MEDIUM - HTTP: Microsoft Windows XP HCP URI Handler Abuse Vulnerability (0x4021c900)
346  MEDIUM - HTTP: Internet Explorer Disclosure of Sensitive Information (0x4022eb00)
347  MEDIUM - HTTP: Microsoft IE Plug-in Navigation Address Bar Spoofing (0x40224a00)
348  MEDIUM - HTTP: Yahoo Messenger Yauto.dll Control Buffer Overflow (0x40221b00)
349  MEDIUM - HTTP: Microsoft Internet Explorer Improper URL Canonicalization (0x40220000)
350  MEDIUM - HTTP: Microsoft VM ActiveX Component Vulnerability (0x40223000)
351  MEDIUM - HTTP: Microsoft Windows Shell CLSID File Extension Vulnerability (0x4021df00)
352  MEDIUM - HTTP: Potential Malicious PDF File Detected (0x40254a00)
353  MEDIUM - HTTP: Microsoft Office 2000 UA Control Vulnerability (0x40223a00)
354  MEDIUM - HTTP: Malformed PowerPoint File Transfer (0x4022ed00)
355  MEDIUM - HTTP: IBM acpRunner ActiveX Remote Code Execution (0x4021da00)
356  MEDIUM - HTTP: RFC 2397 Data URL Usage to Bypass Detection (0x40220c00)
357  MEDIUM - HTTP: WMF File Denial of Service Vulnerability (0x40235000)
358  MEDIUM - HTTP: Microsoft Messenger Information Disclosure Vulnerability (0x40250600)
359  MEDIUM - HTTP: Mozilla Firefox Chrome URL Information Disclosure (0x40244900)
360  MEDIUM - HTTP: Symantec Security Check RuFSI ActiveX BO Vulnerability (0x40220a00)
361  MEDIUM - HTTP: Microsoft Publisher Stack Overflow (0x4022d800)
362  MEDIUM - HTTP: IE URL Local Resource Access Weakness (0x4021f000)
363  MEDIUM - HTTP: Microsoft IE XML Redirect File Disclosure (0x40222900)
364  MEDIUM - HTTP: Microsoft IE XMLHTTP File Disclosure Vulnerability (0x40223500)
365  MEDIUM - HTTP: Windows WMF File Parsing DOS (0x40225d00)
366  MEDIUM - HTTP: IE XML Object Cross-Site Scripting Vulnerability (0x40224c00)
367  MEDIUM - HTTP: Windows GDI32.dll EMF Parsing DOS (0x40225900)
368  LOW - HTTP: Suspicious PowerPoint File Download (0x4022d000)
369  LOW - HTTP: Home Router UPnP Flash Vulnerability (0x40242100)
370  LOW - HTTP: Microsoft IE DYNSRC File Information Disclosure (0x4021e100)
371  LOW - HTTP:  Microsoft Internet Explorer CPeerHolderCPeerSiteQueryService Vulnerability (0x40255000)
372  LOW - HTTP: Nimda Worm (0x40224000)
373  LOW - HTTP: IE File System Object Vulnerability (0x40220800)
374  LOW - HTTP: Windows 2003 Shell Folders Directory Traversal (0x40221100)
375  LOW - HTTP: Mcafee FreeScan Information Disclosure (0x4023a700)
376  LOW - HTTP: Response UTF16/32 Encoding (0x40223600)
377  LOW - HTTP: Microsoft Office 2000 DoS Vulnerability (0x4022da00)
378  LOW - HTTP: Mozilla GIF Processing (0x40221300)
379  LOW - HTTP: Possible attempt to create javascript shellcode (0x4022f900)
380  LOW - HTTP: Microsoft Outlook Express Information Disclosure Vulnerability (0x40238a00)
381  LOW - HTTP: Microsoft IE setHomePage Function Vulnerability (0x40223f00)
382  LOW - HTTP: Microsoft Memory Allocation Vulnerability I (0x40251400)
383  LOW - HTTP: Microsoft Excel Record Parsing Vulnerability (0x40251100)
384  LOW - HTTP: Microsoft IE Clip Board Data Reading Vulnerability (0x40223d00)
385  LOW - HTTP: Microsoft Excel Index Array Vulnerability (0x40251000)
386  INFO - HTTP: Uncompressed Visio File Found (0x40238900)
387  INFO - HTTP: Generic Double Unescape Evasion Attempt Detected (0x40239b00)

 

List Two:

The following attacks do not require the HTTP response option to be enabled, but contain HTTP response signatures. For a detailed description of the operation of these attacks, please see article 2789494. 

1  HIGH - HTTP: Microsoft Frontpage fp30reg.dll Buffer Overflow (0x40208F00)
2  HIGH - HTTP: Allaire JRun JSP Execute (0x4020bc00)
3  HIGH - HTTP: IIS .printer Buffer Overflow (0x40208800)
4  HIGH - HTTP: IIS ism.dll/SSI Buffer Overflow (0x40208C00)
5  HIGH - HTTP: Nimda Worm - IIS Extended Unicode Directory Traversal Attack (0x40208400)
6  HIGH - HTTP: Microsoft Remote Data Services Attack (0x40208900)
7  HIGH - HTTP: Apache Chunked Encoding Exploit (0x40208D00)
8  HIGH - HTTP: IIS ASP Buffer Overflow (0x40208700)
9  HIGH - HTTP: RSA Authentication Web Agent Buffer Overflow (0x40225100)
10  HIGH - HTTP: ActivePerl perlIIS.dll Buffer Overflow (0x4020e800)
11  HIGH - HTTP: Microsoft Site Server Arbitrary ASP Code Execution Vulnerability (0x4020dc00)
12  HIGH - HTTP: Windows Media Services ISAPI BO (0x40217200)
13  HIGH - HTTP: Mnogosearch Buffer Overflow (0x40217100)
14  HIGH - HTTP: DCForum GetAdmin Attempt (0x40212f00)
15  HIGH - HTTP: KW Whois Remote Command Execution (0x40216b00)
16  HIGH - HTTP:  IIS .BAT Execute Command (0x4020fd00)
17  HIGH - HTTP: IIS HTR Chunk Encoding Heap Overflow (0x4020e600)
18  HIGH - HTTP: Apache Jakarta Tomcat URL Parsing Vulnerability (0x40211a00)
19  HIGH - HTTP: LISTSERV wa.exe Buffer Overflow (0x40213600)
20  HIGH - HTTP: Cisco Secure ACS Web Management Interface Buffer Overflow (0x40213a00)
21  HIGH - HTTP: Novell eDirectory Server iMonitor Remote Buffer Overflow Exploit (0x40223100)
22  HIGH - HTTP: iPlanet Search Buffer Overflow (0x4020d800)
23  HIGH - HTTP: IIS 5.0 In-Process Table Privilege Escalation (0x4020e900)
24  HIGH - HTTP: Cobalt Raq Appliance SHP Command Execution (0x40211100)
25  HIGH - HTTP: IIS Index Server query.dll Overflow (0x40213200)
26  HIGH - HTTP: Webmin and Usermin miniserv.pl Remote Format String Vulnerability (0x40226000)
27  HIGH - HTTP: CA Unicenter File Upload (0x40217000)
28  HIGH - HTTP: Microsoft W3Who ISAPI DLL Buffer Overflow (0x40221a00)
29  HIGH - HTTP: IIS WebDAV Server DoS (0x4020eb00)
30  HIGH - HTTP: PHP Upload File Buffer Overflow (0x40208300)
31  HIGH - HTTP: IIS WebDAV propfind Server DoS (0x4020ea00)
32  HIGH - HTTP:  IIS root.exe Execute Command (0x4020fe00)
33  HIGH - HTTP: Buffer Overflow in NGSSoftware Webadmin (0x40218100)
34  HIGH - HTTP: HP Openview Network Node Manager Code Execution (0x40222e00)
35  HIGH - HTTP: Virus Wall Overflow (0x40213500)
36  HIGH - HTTP: IIS Command Execution (0x4020ff00)
37  HIGH - HTTP: Mambo Site Server PHPSESSID Exploit (0x40213700)
38  HIGH - HTTP: IIS Chunk Encoding Heap Overflow (0x4020e700)
39  HIGH - HTTP: ColdFusion fileexists Vulnerability (0x4020c200)
40  HIGH - HTTP: Microsoft Commerce Server AuthFile ISAPI Filter Buffer Overflow (0x40211900)
41  HIGH - HTTP: Sun AnswerBook2 Administrative Script Access Vulnerability (0x4020dd00)
42  HIGH - HTTP: Lotus Domino Web Server iNotes s_Viewname Overflow (0x40212400)
43  HIGH - HTTP: Bizdb-Search Remote Command Execution (0x40216900)
44  HIGH - HTTP: IIS cmd.exe Execution (0x40207e00)
45  HIGH - HTTP: PostQuery CGI Overflow (0x40213900)
46  HIGH - HTTP: AWStats Shell Command Injection Vulnerability (0x4022bf00)
47  HIGH - HTTP: PDGSoft Shopping Cart Overflow (0x40213800)
48  HIGH - HTTP: Microsoft SQLXML ISAPI Buffer Overflow (0x40211400)
49  MEDIUM - HTTP: CGI nlog Exploit (0x4020ab00)
50  MEDIUM - HTTP: Microsoft Media Service NSIISLOG.DLL Exploit (0x40216200)
51  MEDIUM - HTTP: CCBill WhereAmI.CGI Remote Arbitrary Command Execution (0x40217c00)
52  MEDIUM - HTTP: ColdFusion sourcewindow File Disclosure (0x4020c300)
53  MEDIUM - HTTP: Weblogic Plugin Overflow (0x40214200)
54  MEDIUM - HTTP: HAHTSite Server Buffer Overflow (0x4021ae00)
55  MEDIUM - HTTP: PHP MyAdmin Eval Execute (0x40214500)
56  MEDIUM - HTTP: Quikstore Config File Exposure (0x4020a900)
57  MEDIUM - HTTP: NewsPHP Input Validation Vulnerability (0x40218300)
58  MEDIUM - HTTP: ColdFusion Sample Application Usage (0x40212e00)
59  MEDIUM - HTTP: WWWThreads SQL Command Input (0x4020b400)
60  MEDIUM - HTTP: IIS MDAC RDS Buffer Overflow Vulnerability (0x40211f00)
61  MEDIUM - HTTP: Poster.version:two Setup Vulnerability (0x40218200)
62  MEDIUM - HTTP: php.cgi Buffer Overflow (0x4020a700)
63  MEDIUM - HTTP: Microsoft FrontPage Buffer Overflow (0x40202f00)
64  MEDIUM - HTTP: Webdist.cgi Execute Command (0x40204a00)
65  MEDIUM - HTTP: Microsoft IIS Alternator Data Streams Source Disclosure (0x40203300)
66  MEDIUM - HTTP: Kruse Calender Remote Command Execution (0x40214d00)
67  MEDIUM - HTTP: jj Sample CGI Access (0x40203b00)
68  MEDIUM - HTTP: campas.cgi Web Access (0x40201800)
69  MEDIUM - HTTP: IIS newdsn.exe File Creation (0x40203800)
70  MEDIUM - HTTP: MailStudio Design Error (0x40207900)
71  MEDIUM - HTTP: Request Path Too Long With Shellcode Detected (0x40215700)
72  MEDIUM - HTTP: Cart32 Admin Password Vulnerability (0x4020be00)
73  MEDIUM - HTTP: whois_raw.cgi Run Command (0x40201100)
74  MEDIUM - HTTP: ESdotOne Input Validation Error (0x40207c00)
75  MEDIUM - HTTP: SGI wrap Input Validation (0x40202d00)
76  MEDIUM - HTTP: IIS ASP Server Side Buffer Overflow (0x40216c00)
77  MEDIUM - HTTP: Novell Netware Web Server 3.x files.pl Exploit (0x4020a100)
78  MEDIUM - HTTP: PCCS MySQL Database Obtain Sensitive Infomation (0x40205e00)
79  MEDIUM - HTTP: Axis StorPoint Auth Sidestep (0x40209700)
80  MEDIUM - HTTP: Nortel Contivity File View (0x40205200)
81  MEDIUM - HTTP: Windmail.exe Remote File Read (0x40204b00)
82  MEDIUM - HTTP: WEBactive HTTP Server File Disclosure (0x40206300)
83  MEDIUM - HTTP: gwweb Buffer Overflow (0x40204300)
84  MEDIUM - HTTP: Anyform Execute Arbitrary Command (0x40201600)
85  MEDIUM - HTTP: DCForum DCShop File Disclosure (0x40215000)
86  MEDIUM - HTTP: w3-msql Execute Command (0x40205000)
87  MEDIUM - HTTP: IDS Evading Attempt (0x4020b100)
88  MEDIUM - HTTP: IIS Index Server Cross-site Scripting (0x4022d700)
89  MEDIUM - HTTP: CGI Bugzilla Execute Command (0x40205d00)
90  MEDIUM - HTTP: Trend Micro Control Manager Chunk Overflow (0x4022a700)
91  MEDIUM - HTTP: IIS JET VBA Run Command Attempt (0x40203700)
92  MEDIUM - HTTP: View Source Input Validation (0x40202700)
93  MEDIUM - HTTP: EZShopper Command Execution (0x4020c600)
94  MEDIUM - HTTP: PHP Strings Exploit Buffer Overflow (0x40201000)
95  MEDIUM - HTTP: Thttpd Stack Overflow (0x40206c00)
96  MEDIUM - HTTP: Ipswitch WhatsUp Gold Web Server Buffer Overflow (0x4021be00)
97  MEDIUM - HTTP: Hassan Consulting Shopping Cart Arbitrary Command Execution (0x40215400)
98  MEDIUM - HTTP: SurgeLDAP 1.0g Web Service user.cgi Directory Traversal (0x4021b100)
99  MEDIUM - HTTP: Apache Win32 .Bat Exploit (0x40208600)
100  MEDIUM - HTTP: Microsoft Index Sever Directory Traversal (0x40205400)
101  MEDIUM - HTTP: info2www Execute Arbitary Command (0x40201f00)
102  MEDIUM - HTTP: BadBlue Null Byte File Disclosure (0x4020b800)
103  MEDIUM - HTTP: Allaire JRun WEB-INF Disclosure (0x40209500)
104  MEDIUM - HTTP: BadBlue Unencrypted Password File Read Attempt (0x4020b900)
105  MEDIUM - HTTP: sample.exe Run Command (0x40202c00)
106  MEDIUM - HTTP: Microsoft IIS ..SLASH..DenialofService (0x40203200)
107  MEDIUM - HTTP: Compaq Web Admin Buffer Overflow (0x40214e00)
108  MEDIUM - HTTP: PlanetIntra pi Buffer Overflow (0x40214400)
109  MEDIUM - HTTP: OmniHTTPd Range Header Remote Buffer Overflow (0x4021b200)
110  MEDIUM - HTTP: Web+ Read File (0x40205a00)
111  MEDIUM - HTTP: Lotus Domino ReplicaID Access Vulnerability (0x4020e100)
112  MEDIUM - HTTP: MailSite Buffer Overflow (0x40206700)
113  MEDIUM - HTTP: Jason Maloney's CGI Guestbook Command Execution (0x40219300)
114  MEDIUM - HTTP: Brown Orifice HTTPD Access (0x40210b00)
115  MEDIUM - HTTP: Apache PHP3 File Disclosure (0x4020f300)
116  MEDIUM - HTTP: cgitest.exe Buffer Overflow (0x40200a00)
117  MEDIUM - HTTP: Talkback CGI Traversal (0x40215f00)
118  MEDIUM - HTTP: AWStats  Remote Code Execution (0x40220100)
119  MEDIUM - HTTP: Allaire JRun SSIFilter File Read (0x40209400)
120  MEDIUM - HTTP: Guestbook Execute Command Attempt (0x40203e00)
121  MEDIUM - HTTP: Biztalk Receive Buffer Overflow (0x40217b00)
122  MEDIUM - HTTP: SquirrelMail load_prefs.php Code Execution (0x40214700)
123  MEDIUM - HTTP: WebLogic Java/JSP Insertion (0x40213f00)
124  MEDIUM - HTTP: Apache Win32 Directory Listing (0x40206e00)
125  MEDIUM - HTTP: Cisco Catalyst Remote Arbitrary Command Execution (0x40210900)
126  MEDIUM - HTTP: Siteserver site.csc File Read (0x4020ad00)
127  MEDIUM - HTTP: Foxweb 2.5 Buffer Overflow (0x40218b00)
128  MEDIUM - HTTP: IIS fpcount.exe Buffer Overflow (0x40216700)
129  MEDIUM - HTTP: BigBrother Access Validation Error (0x40207700)
130  MEDIUM - HTTP: WebSpeed Sensitive Info Disclosure (0x40205500)
131  MEDIUM - HTTP: phpBB Viewtopic.php Remote Command Execution (0x4021c500)
132  MEDIUM - HTTP: Cisco HTTP Admin Authentication (0x40207200)
133  MEDIUM - HTTP: Netscape Directory Indexing Browse Directory (0x40205900)
134  MEDIUM - HTTP: MaxDB WebTools Remote Buffer Overflow (0x4021c800)
135  MEDIUM - HTTP: IPlanet Shtml Exploit (0x40208100)
136  MEDIUM - HTTP: IIS iisadmpwd Proxied Password Attack Attempt (0x40203600)
137  MEDIUM - HTTP: Microsoft Visual Studio .NET Crystal Reports Vulnerability (0x4021b300)
138  MEDIUM - HTTP: Cisco Collaboration Server Upload Vulnerability (0x4021b800)
139  MEDIUM - HTTP: PHP Arbitrary File Location Upload Vulnerability (0x4021c400)
140  MEDIUM - HTTP: Htdig Arbitrary File Disclosure (0x40216800)
141  MEDIUM - HTTP: Apache source.asp Writing File (0x40203a00)
142  MEDIUM - HTTP: Mdaemon Mail Server FORM2RAW.exe Buffer Overflow (0x40219600)
143  MEDIUM - HTTP: Apache Tomcat System Path Info Disclosure (0x4020f800)
144  MEDIUM - HTTP: Microsoft IIS HOST Header DoS (0x40217900)
145  MEDIUM - HTTP: WebDAV Search Buffer Overflow (0x40201300)
146  MEDIUM - HTTP: NETObserve Security Bypass Vulnerability (0x40219700)
147  MEDIUM - HTTP: EZMall Information Disclosure (0x4020c500)
148  MEDIUM - HTTP: rpm_query List Installed Package (0x40204800)
149  MEDIUM - HTTP: Vibechild Directory Manager Command Execution (0x40215200)
150  MEDIUM - HTTP: Squid NTLM Authentication Buffer Overflow (0x4021b500)
151  MEDIUM - HTTP: Carello File Duplication/Disclosure (0x4020bd00)
152  MEDIUM - HTTP: Anaconda Directory Traversal Attempt (0x40201500)
153  MEDIUM - HTTP: Auktion Directory Traversal (0x40207400)
154  MEDIUM - HTTP: Apache Tomcat Sensitive Information Disclosure (0x4020fa00)
155  MEDIUM - HTTP: BOOZT! Index.cgi Buffer Overflow (0x40218e00)
156  MEDIUM - HTTP: Interpreter Access Attempt (0x40202500)
157  MEDIUM - HTTP: IIS Escape Character Parsing (0x40205100)
158  MEDIUM - HTTP: Sybase EAServer TreeAction.do Buffer Overflow (0x40222700)
159  MEDIUM - HTTP: Forms.exe Buffer Overflow (0x40215300)
160  MEDIUM - HTTP: PhpPhotoAlbum Directory Traversal (0x40207500)
161  MEDIUM - HTTP: e107 PHP Code Injection (0x4021bb00)
162  MEDIUM - HTTP: Request Parameters Overly Long with Shellcode Detected (0x40215900)
163  MEDIUM - HTTP: Parameter Value Too Long with Shellcode Detected (0x40215800)
164  MEDIUM - HTTP: Faxsurvey Execute Command (0x40201c00)
165  MEDIUM - HTTP: WebDAV Method URL Overly Long (0x4021bf00)
166  MEDIUM - HTTP: Auction Weaver Remote Command Execution (0x40214c00)
167  MEDIUM - HTTP: Convert.bas Retrieval Files (0x40203c00)
168  MEDIUM - HTTP: Cisco IOS HTTP DoS (0x40205c00)
169  MEDIUM - HTTP: PHPix Gallery Remote Command Execution (0x4021a300)
170  MEDIUM - HTTP: phpBB Search.php SQL Injection (0x40219400)
171  MEDIUM - HTTP: Read UNIX History File (0x40210800)
172  MEDIUM - HTTP: ColdFusion MX with Microsoft IIS Buffer Overflow (0x40221700)
173  MEDIUM - HTTP: Imagemap Buffer Overflow (0x40204f00)
174  MEDIUM - HTTP: InterScan WebManager HttpSave.dll Buffer Overflow (0x40213e00)
175  MEDIUM - HTTP: IIS Translate F Read Source Code (0x40205f00)
176  MEDIUM - HTTP: WEBgais Input Validation (0x40202900)
177  MEDIUM - HTTP: CSVForm Remote Arbitrary Command Execution (0x40214f00)
178  MEDIUM - HTTP: Htgrep Arbitrary File Disclosure (0x40216a00)
179  MEDIUM - HTTP: Oracle Web Listener Batch Execute Command (0x40204500)
180  MEDIUM - HTTP: Phorum SQL read.php3 Attack (0x40200400)
181  MEDIUM - HTTP: HP Web JetAdmin Command Execution (0x4021ad00)
182  MEDIUM - HTTP: checklogin.php Execute Command (0x40212d00)
183  MEDIUM - HTTP: Shtml Exe DoS (0x40204d00)
184  MEDIUM - HTTP: Apache Tomcat Servlet Path Disclosure (0x4020f900)
185  MEDIUM - HTTP: Apache Log File Overwrite (0x4020e300)
186  MEDIUM - HTTP: IIS Double Byte Code Page Vulnerability (0x4020db00)
187  MEDIUM - HTTP: WEBgais Websendmail Remote Command Execution (0x40202a00)
188  MEDIUM - HTTP: Apache Win32 PHP.EXE Remote File Disclosure (0x4020f700)
189  MEDIUM - HTTP: Nortel Contivity cgiproc DoS (0x40205300)
190  MEDIUM - HTTP: Phf Execute Arbitrary Command (0x40202100)
191  MEDIUM - HTTP: Handler Execute Command Attempt (0x40203f00)
192  MEDIUM - HTTP: Apache Tomcat DefaultServlet File Disclosure (0x4020fb00)
193  MEDIUM - HTTP: IIS File Fragment Disclosure Vulnerability (0x4020ec00)
194  MEDIUM - HTTP: iPlanet Remote File Viewing Vulnerability (0x4020d900)
195  MEDIUM - HTTP: Samba 3.x SWAT Preauthentication Buffer Overflow (0x4021b900)
196  MEDIUM - HTTP: Textportal Default Editor Password (0x40216300)
197  MEDIUM - HTTP: WebSPIRS Input Validation Error (0x40207d00)
198  MEDIUM - HTTP: gwweb Access File (0x40204200)
199  MEDIUM - HTTP: Google Search Appliance Cross Site Scripting Vulnerability (0x40226200)
200  MEDIUM - HTTP: InfoSearch Run Command (0x40205800)
201  MEDIUM - HTTP: ColdFusion viewexample.cfm File Disclosure (0x4020a200)
202  MEDIUM - HTTP: count.cgi Buffer Overflow (0x40203d00)
203  MEDIUM - HTTP: WebDAV PROPFIND List Directory (0x40204900)
204  MEDIUM - HTTP:  Remote IIS Server Name Spoof (0x40224900)
205  MEDIUM - HTTP: SQL Injection Exploit (0x40216400)
206  MEDIUM - HTTP: Dansie Shopping Cart Backdoor (0x4020a300)
207  MEDIUM - HTTP: Attempt to Read Password File (0x4020af00)
208  MEDIUM - HTTP: PDGSoft Shopping Cart Orders Exposure (0x4020a600)
209  MEDIUM - HTTP: RaQ Bash History Read (0x4020ac00)
210  MEDIUM - HTTP: PHP Includedir Include Code Execution (0x40214800)
211  MEDIUM - HTTP: IIS Index Sever idq Read File (0x40209d00)
212  MEDIUM - HTTP: IIS3 ASP Dot Bug (0x40209b00)
213  MEDIUM - HTTP: Weblogic File Source Read (0x4020b000)
214  MEDIUM - HTTP: WebCart webcart.cgi Command Execution (0x40214000)
215  MEDIUM - HTTP: IIS htr Obtain Code (0x40209a00)
216  MEDIUM - HTTP: Selena Sol Webstore Order Log Exposure (0x4020b300)
217  MEDIUM - HTTP: IIS3 ASP dot2e (0x40209c00)
218  MEDIUM - HTTP: Lotus Domino Directory Traversal Vulnerability (0x4020df00)
219  MEDIUM - HTTP: Linksys DoS Vulnerability (0x4021bd00)
220  MEDIUM - HTTP: PHPBB quick_reply.php Remote File Include Exploit (0x40217700)
221  MEDIUM - HTTP: PHPBB Admin Authentication Bypass (0x40220200)
222  MEDIUM - HTTP: QShop Privilege Escalation (0x40288000)
223  LOW - HTTP: FileSeek CGI Attack (0x4020d000)
224  LOW - HTTP: Mantis Configuration Remote File Include Exploit (0x4020d500)
225  LOW - HTTP: SGI pfdispaly.cgi Bug (0x40202000)
226  LOW - HTTP: IIS Multiple Sample ASP Script View File Attempt (0x40203900)
227  LOW - HTTP: phpbb_root_path Remote File Include (0x4020ce00)
228  LOW - HTTP: IIS Index Server Directory Disclosure (0x40216d00)
229  LOW - HTTP: PageServices Directory Disclosure (0x40204600)
230  LOW - HTTP: Cart32 cart32clientlist Information Disclosure (0x4020bf00)
231  LOW - HTTP: .htaccess File Read Attempt (0x4020b700)
232  LOW - HTTP: ICQ Webserver Directory Traversal Attempt (0x40204000)
233  LOW - HTTP: Apache Tomcat Servlet Mapping Cross Site Scripting (0x4020ef00)
234  LOW - HTTP: ARSC Chat Path Disclosure (0x4020cf00)
235  LOW - HTTP: Macromedia JRun Admin Server Authentication Bypass (0x4020d600)
236  LOW - HTTP: htmlscript Retrieve Infomation (0x40201e00)
237  LOW - HTTP: Microsoft FrontPage htimage.exe Path Disclosure (0x4020d700)
238  LOW - HTTP: Weblogic Show Code (0x4020b500)
239  LOW - HTTP: Microsoft FrontPage Server Extensions Cross Site Scripting Vulnerability (0x4022b500)
240  LOW - HTTP: IIS Bdir access (0x40216f00)
241  LOW - HTTP: IIS ASP/HTR Backslash Source Disclosure (0x40213300)
242  LOW - HTTP: FUDforum Script Exploit (0x4020d200)
243  LOW - HTTP: test-cgi Directory Listing (0x40202400)
244  LOW - HTTP: Snork Probe (0x40200600)
245  LOW - HTTP: SuSE Apache Information Leak (0x40206f00)
246  LOW - HTTP: Axis Network Camera HTTP Authentication Bypass Vulnerability (0x40218400)
247  LOW - HTTP: Host Header Overly long (0x4020b200)
248  LOW - HTTP: URI Too Long (0x40208200)
249  LOW - HTTP: xp_cmdshell Execution Attempt (0x40214b00)
250  LOW - HTTP: Possible IIS Upload File Exploit (0x4020e500)
251  LOW - HTTP: Finger Leak User Info (0x40204e00)
252  LOW - HTTP: Malformed HTTP request (0x4022c400)
253  LOW - HTTP: Abnormally Chunk Footer Header Value (0x40215b00)
254  LOW - HTTP: Cart32 /expdate Information Disclosure (0x40210c00)
255  LOW - HTTP: Apache 2 for Windows php.exe Path Disclosure (0x4020f100)
256  LOW - HTTP: ServletExec UploadServlet Usage (0x40213c00)
257  LOW - HTTP: User-Agent Too Long (0x40214100)
258  LOW - HTTP: Sun AnswerBook Admin  Access (0x40210300)
259  LOW - HTTP: cvsweb access (0x40201b00)
260  LOW - HTTP: Too Many Chunk Footer Headers (0x40215d00)
261  LOW - HTTP: Abnormal Chunk Size String Value (0x40215a00)
262  LOW - HTTP: Adobe Acrobat and Reader ActiveX Control Buffer Overflow (0x4021ba00)
263  LOW - HTTP: Microsoft Exchange Server Outlook Web Access DoS (0x40211500)
264  LOW - HTTP: .BAT Run Command (0x40203400)
265  LOW - HTTP: Parameter Name Length Too Long (0x40213b00)
266  LOW - HTTP: (Informational) FrontPage Admin Probe (0x4020b600)
267  LOW - HTTP: Multiple Vendor JSP Source Code Disclosure (0x40209e00)
268  LOW - HTTP: Too Many Headers (0x40215c00)
269  LOW - HTTP: Apache Tomcat Snoop Servlet Information Disclosure (0x4020f400)
270  LOW - HTTP: Microsoft Frontpage fp30reg.dll access (0x4021a900)
271  LOW - HTTP: Allaire JRun Sample Files Read (0x40209300)
272  LOW - HTTP: IIS Extended Unicode Character (0x4021a700)
273  LOW - HTTP: Script Attempt Found in HTTP request (0x40208A00)
274  LOW - HTTP: RedHat Apache Root Listing (0x40219900)
275  LOW - HTTP: Microsoft Exchange OWA Server Information Leakage (0x40211700)
276  LOW - HTTP: 3com AirConnect Web Interface Usage Attempt (0x40212c00)
277  LOW - HTTP: Netscape Web Publisher URI Buffer Overflow (0x40214900)
278  LOW - HTTP: IIS Cmdasp.asp Access (0x40213100)
279  LOW - HTTP: Possible Apache Directory Index Disclosure (0x4020e400)
280  LOW - HTTP: IPlanet Remote Buffer Overflow (0x40208000)
281  LOW - HTTP: GoAhead Web Server Source Code Discloses (0x40217a00)
282  LOW - HTTP: MakeBid Auction Deluxe Cross-Agent Scripting (0x4020f000)
283  INFO - HTTP: Webdriver Access Admin Function (0x40201200)
284  INFO - HTTP: listrec.pl Command Execution (0x40214a00)
285  INFO - HTTP: Survey.cgi Input Validation (0x40202300)
286  INFO - HTTP: Abnomal URL Ending with Tilde (0x40210a00)
287  INFO - HTTP: Microsoft FrontPage shtml.exe Path Disclosure (0x40203000)
288  INFO - HTTP: ICQ guestbook.cgi DoS (0x40210200)
289  INFO - HTTP: Apache 2.0 Server Unexpected File (0x40211200)
290  INFO - HTTP: PHPmyAdmin/PHPPGAdmin sql.php Include File Execution (0x40214600)
291  INFO - HTTP: Malformed HTTP Chunk Encoding Detected (0x40209200)

 

List Three:

The following attacks do not require HTTP response option to be enabled, but contain both HTTP request and response signatures. For a detailed description of the operation of these attacks, please see article 2789494.

1  HIGH - HTTP: Microsoft Windows ShellExecute and IE7 URL Handling Code Execution (0x4023eb00)
2  HIGH - HTTP: Yahoo Messenger YVerInfo.dll ActiveX Multiple Remote Buffer Overflow Vulnerabilities (0x4023d300)
3  HIGH - HTTP: Microsoft Windows Media Player Code Execution Vulnerability Parsing Skins (0x4023bf00)
4  HIGH - HTTP: Microsoft SharePoint Scripting Vulnerability (0x4023e900)
5  HIGH - HTTP: Microsoft Excel File Import Vulnerability (0x40243c00)
6  MEDIUM - HTTP: Office Malformed Record Vulnerability (0x4022bd00)
7  MEDIUM - HTTP: Microsoft Internet Explorer URI Buffer Overflow Attempt (0x4022d900)
8  MEDIUM - HTTP: IE Security Zone Bypass and Address Spoofing (0x40220e00)
9  MEDIUM - HTTP: Microsoft IE Address Bar Spoofing Vulnerability (0x4022b300)