|
Evaluate risks and protect against the most critical 1-day vulnerabilities
During the last few years, a
significant increase in attacks
exploiting known (1-day) vulnerabilities in commonly
used programs such as Adobe Flash or Microsoft Internet Explorer is being observed. This is
currently the primary initial
infection vector used to compromise
computers that have Internet access.
Although there are many ways to
protect against cyber attacks and
threats, governments and corporations need to leverage
the most detailed security
intelligence to evaluate and qualify risks, and protect their
infrastructures and assets.
VUPEN Security provides in-depth binary analysis of
the most significant public
vulnerabilities based on disassembly,
reverse engineering, protocol analysis,
and code auditing.
Only Available for trusted organizations
Because of
the
sensitive
nature of
the
information
provided
through
this
service,
VUPEN
Security
has
defined
strict
eligibility
criteria
for
participants.
VUPEN
Security
solely
reserves
the right
to
determine
whether an
organization
or
corporation
meets the
criteria.
Eligible
organizations
are:
- Trusted
Security
Vendors
Providing
Defensive
Software
or
Hardware
(Antivirus,
IPS, IDS)
-
Governments,
Law
Enforcement,
and CERTs
(countries
members of
NATO,
ANZUS,
ASEAN)
-
Worldwide
Corporations
and MSSPs
(Fortune
1000,
Finance,
Technology,
Research)
BA for Security Vendors
BA for Corporations & MSSPs
BA for Governments & CERTs
Receive More Information
Why subscribe to this service?
With 15 to 20 binary analysis and
private 1-day exploits/PoCs released by VUPEN each
month, the
VUPEN Binary Analysis and Exploits service
allows organizations
and corporations to
evaluate and qualify risks, and protect
national
infrastructures and corporate assets
from emerging attacks.
As a
partner, you will also have a
direct access to the VUPEN
Vulnerability Research Team,
the most active security team in the
world.
Latest Binary Analysis and
Exploits/PoCs
Released by VUPEN
|
 Microsoft Internet Explorer VML Remote Integer Overflow (MS13-037 / CVE-2013-2551) [BA+Code]
|
|
Mozilla Firefox "JITChunk" Object Processing Remote Use-after-free (NO-CVE) [BA+Code]
|
|
IBM SPSS SamplePower ActiveX "Vsflex8l.ocx" Remote Buffer Overflow (CVE-2012-5945) [BA+Code]
|
|
Microsoft Internet Explorer "CDisplayPointer" Remote Use-after-free (MS13-028 / NO-CVE) [BA+Code]
|
|
Microsoft Internet Explorer "Scroll" Use-after-free Code Execution (MS13-028 / NO-CVE) [BA+Code]
|
|
Oracle Java "DecodeFrameMbs" Heap Overflow Remote Code Execution (CVE-2013-0402) [BA+Code]
|
|
Adobe Flash Player RTMP Object Confusion Remote Code Execution (CVE-2013-2555) [BA+Code]
|
|
Microsoft Internet Explorer "OnResize" Remote Use-after-free (MS13-021 / CVE-2013-0087) [BA+Code]
|
|
Microsoft Internet Explorer "OnMove" Remote Use-after-free (MS13-021 / CVE-2013-0087) [BA+Code]
|
|
Microsoft Internet Explorer Style Object Remote Use-after-free (MS13-021 / CVE-2013-1288) [BA+Code]
|
|
 Novell ZENworks Mobile Management LFI Remote Code Execution (CVE-2013-1081) [BA+Code]
|
|
Mozilla Firefox "nsHTMLEditRules" Use-after-free (MFSA-2013-29 / CVE-2013-0787) [BA+Code]
|
|
 Linux Kernel "sock_diag_handlers" Array Indexing Privilege Escalation (CVE-2013-1763) [BA+Code]
|
|
Microsoft Windows .NET WinForms Callback Code Execution (MS13-015 / CVE-2013-0073) [BA+Code]
|
|
Honeywell Products HSCRemoteDeploy ActiveX Command Injection (CVE-2013-0108) [BA+Code]
|
|
| 
