About Us | Contact Us    

 


 

Binary Analysis & Exploits

 
  BA Service Overview
  BA for Security Vendors

  BA for Governments & CERTs

  BA for Corporations & MSSPs
  Receive More Information
 
   
 

Receive Datasheet  

 
   

 
 

Evaluate risks and protect against the most critical 1-day vulnerabilities

During the last few years, a significant increase in attacks exploiting known (1-day) vulnerabilities in commonly used programs such as Adobe Flash or Microsoft Internet Explorer is being observed. This is currently the primary initial infection vector used to compromise computers that have Internet access.

Although there are many ways to protect against cyber attacks and threats, governments and corporations need to leverage the most detailed security intelligence to evaluate and qualify risks, and protect their infrastructures and assets.

VUPEN Security provides in-depth binary analysis of the most significant public vulnerabilities based on disassembly, reverse engineering, protocol analysis, and code auditing.

Only Available for trusted organizations

Because of the sensitive nature of the information provided through this service, VUPEN Security has defined strict eligibility criteria for participants. VUPEN Security solely reserves the right to determine whether an organization or corporation meets the criteria.

Eligible organizations are:

- Trusted Security Vendors Providing Defensive Software or Hardware (Antivirus, IPS, IDS)
- Governments, Law Enforcement, and CERTs (countries members of NATO, ANZUS, ASEAN)
- Worldwide Corporations and MSSPs (Fortune 1000, Finance, Technology, Research)

               BA for Security Vendors                 BA for Corporations & MSSPs
              
BA for Governments & CERTs         Receive More Information     

Why subscribe to this service?

With 15 to 20 binary analysis and private 1-day exploits/PoCs released by VUPEN each month, the VUPEN Binary Analysis and Exploits service allows organizations and corporations to evaluate and qualify risks, and protect national infrastructures and corporate assets from emerging attacks.

As a partner, you will also have a direct access to the VUPEN Vulnerability Research Team, the most active security team in the world.

Latest Binary Analysis and Exploits/PoCs Released by VUPEN

 Microsoft Internet Explorer VML Remote Integer Overflow (MS13-037 / CVE-2013-2551) [BA+Code]

 Mozilla Firefox "JITChunk" Object Processing Remote Use-after-free (NO-CVE) [BA+Code]

 IBM SPSS SamplePower ActiveX "Vsflex8l.ocx" Remote Buffer Overflow (CVE-2012-5945) [BA+Code]

 Microsoft Internet Explorer "CDisplayPointer" Remote Use-after-free (MS13-028 / NO-CVE) [BA+Code]

 Microsoft Internet Explorer "Scroll" Use-after-free Code Execution (MS13-028 / NO-CVE) [BA+Code]

 Oracle Java "DecodeFrameMbs" Heap Overflow Remote Code Execution (CVE-2013-0402) [BA+Code]

 Adobe Flash Player RTMP Object Confusion Remote Code Execution (CVE-2013-2555) [BA+Code]

 Microsoft Internet Explorer "OnResize" Remote Use-after-free (MS13-021 / CVE-2013-0087) [BA+Code]

 Microsoft Internet Explorer "OnMove" Remote Use-after-free (MS13-021 / CVE-2013-0087) [BA+Code]

 Microsoft Internet Explorer Style Object Remote Use-after-free (MS13-021 / CVE-2013-1288) [BA+Code]

 Novell ZENworks Mobile Management LFI Remote Code Execution (CVE-2013-1081) [BA+Code]

 Mozilla Firefox "nsHTMLEditRules" Use-after-free (MFSA-2013-29 / CVE-2013-0787) [BA+Code]

 Linux Kernel "sock_diag_handlers" Array Indexing Privilege Escalation (CVE-2013-1763) [BA+Code]

 Microsoft Windows .NET WinForms Callback Code Execution (MS13-015 / CVE-2013-0073) [BA+Code]

 Honeywell Products HSCRemoteDeploy ActiveX Command Injection (CVE-2013-0108) [BA+Code]

 

 

Next Steps  

 


 

 

 

 

 

 

 

 

 

© 2004-2013 VUPEN Security - Copyright - Privacy Policy