|
Evaluate risks and protect against the most important vulnerabilities
During the last few years, a
significant increase in attacks
exploiting known vulnerabilities in commonly
used programs such as Adobe Acrobat/Reader, Flash, or Internet Explorer is being observed. This is
currently the primary initial
infection vector used to compromise
computers that have Internet access.
Although there are many ways to
protect against cyber attacks and
threats, governments and corporations need to leverage
the most detailed security
intelligence to evaluate and qualify risks, and protect their
infrastructures and assets.
VUPEN Security provides in-depth binary analysis of
the most significant public
vulnerabilities based on disassembly,
reverse engineering, protocol analysis,
and code auditing.
Only Available for trusted organizations
Because of
the
sensitive
nature of
the
information
provided
through
this
service,
VUPEN
Security
has
defined
strict
eligibility
criteria
for
participants.
VUPEN
Security
solely
reserves
the right
to
determine
whether an
organization
or
corporation
meets the
criteria.
Eligible
organizations
are:
- Trusted
Security
Vendors
Providing
Defensive
Software
or
Hardware
(Antivirus,
IPS, IDS)
-
Governments,
Law
Enforcement,
and CERTs
(countries
members of
NATO,
ANZUS,
ASEAN)
-
Worldwide
Corporations
and MSSPs
(Fortune
1000,
Finance,
Technology,
Research)
BA for Security Vendors
BA for Corporations & MSSPs
BA for Governments & CERTs
Receive More Information
Why subscribe to this service?
With 20 to 25 binary analysis and
private exploits/PoCs released each
month, the
VUPEN In-Depth
Binary Analysis and Exploits service
allows organizations
and corporations to
evaluate and qualify risks, and protect
national
infrastructures and corporate assets
from emerging attacks.
As a
subscriber, you will also have a
direct access to the VUPEN
Vulnerability Research Team,
the most active security team in the
world.
Latest Binary Analysis and
Exploits/PoCs
Released by VUPEN
|
OpenSSL "asn1_d2i_read_bio()" DER Data Processing Memory Corruption (CVE-2012-2110) [BA+Code]
|
|
PHP CGI Script Arguments Processing Remote Command Injection (CVE-2012-1823) [BA+Code]
|
|
Samba Remote Procedure Call (RPC) Unmarshalling Code Execution (CVE-2012-1182) [BA+Code]
|
|
VideoLAN VLC Media Player RTSP Processing Remote Heap Overflow (CVE-2012-1776) [BA+Code]
|
|
Microsoft Windows Common Controls Stack Buffer Overflow (MS12-027 / CVE-2012-0158) [BA+Code]
|
|
Microsoft Internet Explorer VGX Use-after-free Code Execution (MS12-023 / CVE-2012-0172) [BA+Code]
|
|
VideoLAN VLC Media Player MMS URI Processing Stack Overflow (CVE-2012-1775) [BA+Code]
|
|
Cisco Linksys PlayerPT ActiveX "SetSource()" Remote Buffer Overflow (NO-CVE) [BA+Code]
|
|
Adobe Flash Player Memory Corruption Code Execution (APSB12-07 / CVE-2012-0773) [BA+Code]
|
|
Apple Safari WebKit "range" Use-after-free Remote Code Execution (NO-CVE) [BA+Code]
|
|
Apple Safari WebKit "ruby" Tag Handling Use-after-free Remote Code Execution (NO-CVE) [BA+Code]
|
|
IBM Personal Communications WorkStation File Handling Stack Overflow (CVE-2012-0201) [BA+Code]
|
|
Oracle Java Web Start Parameter Injection Remote Code Execution (CVE-2012-0500) [BA+Code]
|
|
Adobe Flash ActiveX Control Use-after-free Code Execution (APSB12-03 / CVE-2012-0751) [BA+Code]
|
|
PHP "php_register_variable_ex()" Function Remote Code Execution (CVE-2012-0830) [BA+Code]
|
|
|