Many exploit kits, when connecting to HTTP servers for malware download, use a non-dotted decimal IP literal as the server name. Using such notation may be indicative of malware download.

KaiXin exploit kit is a web exploit kit that operates by delivering malicious payload to the victim’s computer. Remote attackers can infect users with KaiXin exploit kit by enticing them to visit a malicious web page. Successful infection will allow the attacker to perform Remote Code Execution on the victim’s computer.

A buffer overflow exists in Microsoft Internet Information Services 6.0. The vulnerability is due to improper validation of a long header in HTTP request. A remote attacker could exploit this vulnerability by sending a crafted request over a network to the vulnerable application. Successful exploitation could result in denial of service conditions or execute arbitrary code on the target machine.

A code execution vulnerability exists in Adobe Reader and Acrobat. The vulnerability is due to heap overflow vulnerability in the JPEG decoder routine. A remote attacker can exploit this vulnerability by enticing a target user to open a specially crafted JPEG file.

A memory corruption vulnerability exist in Windows iSNS Server. The vulnerability is due to incorrect input validation of malformed attribute in iSNS packet. A remote attacker can exploit this vulnerability to execute arbitrary code on the server.

A directory traversal vulnerability has been reported in Trend Micro Control Manager. This vulnerability is caused by improper sanitization of directory traversal characters by importFile php. A remote, unauthenticated attacker could exploit this vulnerability by uploading arbitrary files onto the vulnerable server.server.

A directory traversal vulnerability exists in Brocade Network Advisor. The vulnerability is due to lack of authentication and insufficient input validation when processing HTTP requests. A remote, unauthenticated attacker can exploit this vulnerability by sending a request with a crafted URL to the target server which can enable unauthorized access to sensitive information.

A stack buffer overflow vulnerability exists in gAlan 0.2.1. The vulnerability is due to inadequate boundary checks on user-supplied input. Successful exploitation of this vulnerability could allow a remote attacker to execute arbitrary code in the context of the application.

A stack-based buffer overflow exists in Fatek Automation PLC WinProladder. The vulnerability is due to improper validation of user supplied data before copying to a stack-based buffer. A remote attacker could exploit this vulnerability by sending a crafted pdw file over a network to the vulnerable application.

An information disclosure vulnerability exists in Trend Micro Control Manager. The vulnerability is due to security misconfiguration which allows access to the unreferenced download.php file, which in turn allow reading of the arbitrary files.