* [Blog](https://www.paloaltonetworks.com/blog)
* [Palo Alto Networks](https://www.paloaltonetworks.com/blog/corporate/)
* [Cybersecurity](https://www.paloaltonetworks.com/blog/category/cybersecurity-2/)
* Palo Alto Networks Traps ...

# Palo Alto Networks Traps Covers Top High Risk Vulnerabilities Highlighted By US-CERT

[](https://www.facebook.com/sharer/sharer.php?u=https%3A%2F%2Fwww.paloaltonetworks.com%2Fblog%2F2015%2F06%2Fpalo-alto-networks-traps-covers-top-high-risk-vulnerabilities-highlighted-by-us-cert%2F)  
[](https://twitter.com/share?text=Palo+Alto+Networks+Traps+Covers+Top+High+Risk+Vulnerabilities+Highlighted+By+US-CERT&url=https%3A%2F%2Fwww.paloaltonetworks.com%2Fblog%2F2015%2F06%2Fpalo-alto-networks-traps-covers-top-high-risk-vulnerabilities-highlighted-by-us-cert%2F)  
[](https://www.linkedin.com/shareArticle?mini=true&url=https%3A%2F%2Fwww.paloaltonetworks.com%2Fblog%2F2015%2F06%2Fpalo-alto-networks-traps-covers-top-high-risk-vulnerabilities-highlighted-by-us-cert%2F&title=Palo+Alto+Networks+Traps+Covers+Top+High+Risk+Vulnerabilities+Highlighted+By+US-CERT&summary=&source=)  
[](https://www.paloaltonetworks.com//www.reddit.com/submit?url=https://www.paloaltonetworks.com/blog/2015/06/palo-alto-networks-traps-covers-top-high-risk-vulnerabilities-highlighted-by-us-cert/&ts=markdown)  
\[\](mailto:?subject=Palo Alto Networks Traps Covers Top High Risk Vulnerabilities Highlighted By US-CERT)  
Link copied  
By [Palo Alto Networks](https://www.paloaltonetworks.com/blog/author/palo-alto-networks-staff/?ts=markdown "Posts by Palo Alto Networks")  
Jun 23, 2015  
4 minutes  
[Cybersecurity](https://www.paloaltonetworks.com/blog/category/cybersecurity-2/?ts=markdown)  
[Endpoint](https://www.paloaltonetworks.com/blog/category/endpoint-2/?ts=markdown)  
[Traps](https://www.paloaltonetworks.com/blog/tag/traps/?ts=markdown)  
[US CERT](https://www.paloaltonetworks.com/blog/tag/us-cert/?ts=markdown)

US-CERT recently issued an [alert](https://www.us-cert.gov/ncas/alerts/TA15-119A) regarding the 30 most prevalent vulnerabilities in targeted attacks that took place in 2014. Each of these vulnerabilities, when exploited, equals a compromised endpoint.

From this compromised endpoint the attacker will expand to other endpoints and servers in your network until it reaches its goal, possibly stealing the crown jewels it set out for.

The CERT list is a valuable source, reflecting the actual threat landscape. Security decision makers can derive important knowledge from reading between its lines:

**The prevailing attack scenario is still a user browsing or opening an attachment.** According to the CERT list\*\*,\*\*the only exceptions are one OpenSSL and four ColdFusion vulnerabilities. The following discussion does not relate to these vulnerabilities.

**Memory corruption, logical and Java Vulnerabilities:**

|----------------|--------------------------|---------------------------------|--------------|
| **CVE ID**     | **Targeted Application** | **Vulnerability Type**          | **Zero Day** |
| ​CVE-2006-3227 | Internet Explorer        | Charset obfuscation             |
| CVE-2008-2244  | MS Word                  | Buffer overflow                 |
| CVE-2009-3129  | MS Excel                 | Excel featherhead record        |
| ​CVE-2009-3674 | Internet Explorer        | Uninitialized memory corruption |
| ​CVE-2009-3953 | Adobe Reader\\Acrobat    | Array overflow                  |
| CVE-2010-0806​ | Internet Explorer        | Use after free                  | yes          |
| CVE-2010-3333  | MS Office                | Stack buffer overflow           |
| ​CVE-2010-0188 | Adobe Reader\\Acrobat    | Stack buffer overflow           | yes          |
| ​CVE-2010-2883 | Adobe Reader\\Acrobat    | Stack buffer overflow           | yes          |
| CVE-2011-0101  | MS Excel                 | Excel record parsing WriteAV    |
| ​CVE-2011-0611 | Adobe Flash Player       | Object type confusion           | yes          |
| ​CVE-2011-2462 | Adobe Reader\\Acrobat    | Unspecified                     | yes          |
| CVE-2012-0158  | MSOffice DOC\\RTF        | Stack buffer overflow           | yes          |
| CVE-2012-1856  | MS Office                | Use after free                  |
| ​CVE-2012-4792 | Internet Explorer        | Use after free                  | yes          |
| CVE-2012-1723  | Oracle Java              | Sandbox escape                  |
| CVE-2013-0074​ | MS Silverlight           | Double Dereference              |
| CVE-2013-1347  | Internet Explorer        | Use after free                  | yes          |
| CVE-2013-2465  | Oracle Java              | Sandbox escape                  |
| ​CVE-2013-2729 | Adobe Reader             | Integer overflow                |
| CVE-2014-0322​ | Internet Explorer        | Use after free                  | yes          |
| CVE-2014-1761  | Word                     | Object Type confusion           | yes          |
| ​CVE-2014-1776 | Internet Explorer        | Use after free                  | yes          |
| CVE-2014-4114  | MS Office                | logical                         | yes          |

*Credit: US-CERT*

**The targeted applications are the most common ones.** This comes as no surprise. The list is solely comprised of Internet Explorer, Silverlight MS Office, Oracle Java and Adobe Flash, Reader and Acrobat.

**Vulnerabilities from 2012 and backwards comprise more than half of the list.** This tells us more about victims rather attackers. Apparently non-patching is a common practice. Updating vulnerable software is not prioritized. This enables attackers to successfully leverage old vulnerabilities (dating back as far as 2006!) for their purpose.

\*\*Browser and attachment attacks are equally distributed.\*\*The distribution of these two main attack vectors is around 50/50 with slightly more browser exploits shown. Browser exploits are common in watering hole attacks and are typically integrated in exploit kits. Attachments on the other hand (Office, Adobe Reader etc.) are utilized in spear phishing attacks, targeting specific users. The nearly equal distribution implies that both vectors remain areas of concern..

**Half of these vulnerabilities are zero days.** One of the most pressing issues for current cybersecurity strategists is the correlation between sophistication and prevalence. The non -proportional zero day presence in the CERT list implies that today's zero day is tomorrow's common attack vector. Of course, there is a natural selection involved which determines which zero-days will spread and which will decline.

**Most of the memory corruption** **vulnerabilities enable exploits to bypass DEP and ASLR**. In recent years, Windows integrated exploit mitigations forced attackers to adjust how exploits are written. The CERT list suggests they have succeeded; ROP, for example is common to almost all exploits shown. This illustrates once more the ever changing nature of the cyber threat arena in which whenever a security measure is introduced, attackers reflect, learn, reshape and attack in alternative patterns.

**Addressing the Security Gap**

Palo Alto Networks Traps directly addresses the security gaps reflected in the CERT list.

Traps prevents exploitation in real time by mitigating the core techniques that are common to all exploits. Exploitations of the vulnerabilities on the CERT list are different from each other but all of them converge into a known pool of techniques. Traps proactively obstructs these techniques, providing protection without relying on signatures or prior knowledge.

Learn more about advanced endpoint protection [here](https://www.paloaltonetworks.com/products/endpoint-security.html?ts=markdown).

*** ** * ** ***

## Related Blogs

### [Endpoint](https://www.paloaltonetworks.com/blog/category/endpoint-2/?ts=markdown), [Products and Services](https://www.paloaltonetworks.com/blog/category/products-and-services/?ts=markdown), [Secure the Enterprise](https://www.paloaltonetworks.com/blog/category/secure-the-enterprise/?ts=markdown)

[#### Protecting Endpoints From Day One](https://www.paloaltonetworks.com/blog/2019/01/protecting-endpoints-day-one/)

### [Endpoint](https://www.paloaltonetworks.com/blog/category/endpoint-2/?ts=markdown), [Products and Services](https://www.paloaltonetworks.com/blog/category/products-and-services/?ts=markdown), [Secure the Enterprise](https://www.paloaltonetworks.com/blog/category/secure-the-enterprise/?ts=markdown)

[#### Traps: Fighting Threats With Cloud-Based Malware Analysis](https://www.paloaltonetworks.com/blog/2018/11/traps-fighting-fire-cloud-based-malware-analysis/)

### [Endpoint](https://www.paloaltonetworks.com/blog/category/endpoint-2/?ts=markdown), [Products and Services](https://www.paloaltonetworks.com/blog/category/products-and-services/?ts=markdown), [Secure the Enterprise](https://www.paloaltonetworks.com/blog/category/secure-the-enterprise/?ts=markdown), [Technical Documentation](https://www.paloaltonetworks.com/blog/category/technical-documentation/?ts=markdown)

[#### Tech Docs: Five New Features in the Traps Management Service](https://www.paloaltonetworks.com/blog/2018/08/tech-docs-five-new-features-traps-management-service/)

### [Endpoint](https://www.paloaltonetworks.com/blog/category/endpoint-2/?ts=markdown), [Products and Services](https://www.paloaltonetworks.com/blog/category/products-and-services/?ts=markdown), [Secure the Enterprise](https://www.paloaltonetworks.com/blog/category/secure-the-enterprise/?ts=markdown), [Technical Documentation](https://www.paloaltonetworks.com/blog/category/technical-documentation/?ts=markdown)

[#### Tech Docs: Traps 5.0.2 and the July Traps Management Service - So Hot Right Now!](https://www.paloaltonetworks.com/blog/2018/07/tech-docs-traps-5-0-2-july-traps-management-service-hot-right-now/)

### [Endpoint](https://www.paloaltonetworks.com/blog/category/endpoint-2/?ts=markdown), [Products and Services](https://www.paloaltonetworks.com/blog/category/products-and-services/?ts=markdown), [Secure the Enterprise](https://www.paloaltonetworks.com/blog/category/secure-the-enterprise/?ts=markdown)

[#### Introducing Traps for Android](https://www.paloaltonetworks.com/blog/2018/06/introducing-traps-android/)

### [Endpoint](https://www.paloaltonetworks.com/blog/category/endpoint-2/?ts=markdown), [Products and Services](https://www.paloaltonetworks.com/blog/category/products-and-services/?ts=markdown), [Technical Documentation](https://www.paloaltonetworks.com/blog/category/technical-documentation/?ts=markdown)

[#### Tech Docs: 3 New Features in the Latest Traps Management Service Release](https://www.paloaltonetworks.com/blog/2018/06/tech-docs-3-new-features-latest-traps-management-service-release/)

### Subscribe to the Blog!

Sign up to receive must-read articles, Playbooks of the Week, new feature announcements, and more.
![spinner](https://www.paloaltonetworks.com/blog/wp-content/themes/panwblog2023/dist/images/ajax-loader.gif) Sign up  
Please enter a valid email.  
By submitting this form, you agree to our [Terms of Use](https://www.paloaltonetworks.com/legal-notices/terms-of-use?ts=markdown) and acknowledge our [Privacy Statement](https://www.paloaltonetworks.com/legal-notices/privacy?ts=markdown). Please look for a confirmation email from us. If you don't receive it in the next 10 minutes, please check your spam folder.  
This site is protected by reCAPTCHA and the Google [Privacy Policy](https://policies.google.com/privacy) and [Terms of Service](https://policies.google.com/terms) apply.  
{#footer} {#footer}

## Products and Services

* [AI-Powered Network Security Platform](https://www.paloaltonetworks.com/network-security?ts=markdown)

* [Secure AI by Design](https://www.paloaltonetworks.com/precision-ai-security/secure-ai-by-design?ts=markdown)

* [Prisma AIRS](https://www.paloaltonetworks.com/prisma/prisma-ai-runtime-security?ts=markdown)

* [AI Access Security](https://www.paloaltonetworks.com/sase/ai-access-security?ts=markdown)

* [Cloud Delivered Security Services](https://www.paloaltonetworks.com/network-security/security-subscriptions?ts=markdown)

* [Advanced Threat Prevention](https://www.paloaltonetworks.com/network-security/advanced-threat-prevention?ts=markdown)

* [Advanced URL Filtering](https://www.paloaltonetworks.com/network-security/advanced-url-filtering?ts=markdown)

* [Advanced WildFire](https://www.paloaltonetworks.com/network-security/advanced-wildfire?ts=markdown)

* [Advanced DNS Security](https://www.paloaltonetworks.com/network-security/advanced-dns-security?ts=markdown)

* [Enterprise Data Loss Prevention](https://www.paloaltonetworks.com/sase/enterprise-data-loss-prevention?ts=markdown)

* [Enterprise IoT Security](https://www.paloaltonetworks.com/network-security/enterprise-device-security?ts=markdown)

* [Medical IoT Security](https://www.paloaltonetworks.com/network-security/medical-device-security?ts=markdown)

* [Industrial OT Security](https://www.paloaltonetworks.com/network-security/medical-device-security?ts=markdown)

* [SaaS Security](https://www.paloaltonetworks.com/sase/saas-security?ts=markdown)

* [Next-Generation Firewalls](https://www.paloaltonetworks.com/network-security/next-generation-firewall?ts=markdown)

* [Hardware Firewalls](https://www.paloaltonetworks.com/network-security/hardware-firewall-innovations?ts=markdown)

* [Software Firewalls](https://www.paloaltonetworks.com/network-security/software-firewalls?ts=markdown)

* [Strata Cloud Manager](https://www.paloaltonetworks.com/network-security/strata-cloud-manager?ts=markdown)

* [SD-WAN for NGFW](https://www.paloaltonetworks.com/network-security/sd-wan-subscription?ts=markdown)

* [PAN-OS](https://www.paloaltonetworks.com/network-security/pan-os?ts=markdown)

* [Panorama](https://www.paloaltonetworks.com/network-security/panorama?ts=markdown)

* [Secure Access Service Edge](https://www.paloaltonetworks.com/sase?ts=markdown)

* [Prisma SASE](https://www.paloaltonetworks.com/sase?ts=markdown)

* [Application Acceleration](https://www.paloaltonetworks.com/sase/app-acceleration?ts=markdown)

* [Autonomous Digital Experience Management](https://www.paloaltonetworks.com/sase/adem?ts=markdown)

* [Enterprise DLP](https://www.paloaltonetworks.com/sase/enterprise-data-loss-prevention?ts=markdown)

* [Prisma Access](https://www.paloaltonetworks.com/sase/access?ts=markdown)

* [Prisma Browser](https://www.paloaltonetworks.com/sase/prisma-browser?ts=markdown)

* [Prisma SD-WAN](https://www.paloaltonetworks.com/sase/sd-wan?ts=markdown)

* [Remote Browser Isolation](https://www.paloaltonetworks.com/sase/remote-browser-isolation?ts=markdown)

* [SaaS Security](https://www.paloaltonetworks.com/sase/saas-security?ts=markdown)

* [AI-Driven Security Operations Platform](https://www.paloaltonetworks.com/cortex?ts=markdown)

* [Cloud Security](https://www.paloaltonetworks.com/cortex/cloud?ts=markdown)

* [Cortex Cloud](https://www.paloaltonetworks.com/cortex/cloud?ts=markdown)

* [Application Security](https://www.paloaltonetworks.com/cortex/cloud/application-security?ts=markdown)

* [Cloud Posture Security](https://www.paloaltonetworks.com/cortex/cloud/cloud-posture-security?ts=markdown)

* [Cloud Runtime Security](https://www.paloaltonetworks.com/cortex/cloud/runtime-security?ts=markdown)

* [Prisma Cloud](https://www.paloaltonetworks.com/prisma/cloud?ts=markdown)

* [AI-Driven SOC](https://www.paloaltonetworks.com/cortex?ts=markdown)

* [Cortex XSIAM](https://www.paloaltonetworks.com/cortex/cortex-xsiam?ts=markdown)

* [Cortex XDR](https://www.paloaltonetworks.com/cortex/cortex-xdr?ts=markdown)

* [Cortex XSOAR](https://www.paloaltonetworks.com/cortex/cortex-xsoar?ts=markdown)

* [Cortex Xpanse](https://www.paloaltonetworks.com/cortex/cortex-xpanse?ts=markdown)

* [Unit 42 Managed Detection \& Response](https://www.paloaltonetworks.com/cortex/managed-detection-and-response?ts=markdown)

* [Managed XSIAM](https://www.paloaltonetworks.com/cortex/managed-xsiam?ts=markdown)

* [Threat Intel and Incident Response Services](https://www.paloaltonetworks.com/unit42?ts=markdown)

* [Proactive Assessments](https://www.paloaltonetworks.com/unit42/assess?ts=markdown)

* [Incident Response](https://www.paloaltonetworks.com/unit42/respond?ts=markdown)

* [Transform Your Security Strategy](https://www.paloaltonetworks.com/unit42/transform?ts=markdown)

* [Discover Threat Intelligence](https://www.paloaltonetworks.com/unit42/threat-intelligence-partners?ts=markdown)

## Company

* [About Us](https://www.paloaltonetworks.com/about-us?ts=markdown)
* [Careers](https://jobs.paloaltonetworks.com/en/)
* [Contact Us](https://www.paloaltonetworks.com/company/contact-sales?ts=markdown)
* [Corporate Responsibility](https://www.paloaltonetworks.com/about-us/corporate-responsibility?ts=markdown)
* [Customers](https://www.paloaltonetworks.com/customers?ts=markdown)
* [Investor Relations](https://investors.paloaltonetworks.com/)
* [Location](https://www.paloaltonetworks.com/about-us/locations?ts=markdown)
* [Newsroom](https://www.paloaltonetworks.com/company/newsroom?ts=markdown)

## Popular Links

* [Blog](https://www.paloaltonetworks.com/blog/?ts=markdown)
* [Communities](https://www.paloaltonetworks.com/communities?ts=markdown)
* [Content Library](https://www.paloaltonetworks.com/resources?ts=markdown)
* [Cyberpedia](https://www.paloaltonetworks.com/cyberpedia?ts=markdown)
* [Event Center](https://events.paloaltonetworks.com/)
* [Manage Email Preferences](https://start.paloaltonetworks.com/preference-center)
* [Products A-Z](https://www.paloaltonetworks.com/products/products-a-z?ts=markdown)
* [Product Certifications](https://www.paloaltonetworks.com/legal-notices/trust-center/compliance?ts=markdown)
* [Report a Vulnerability](https://www.paloaltonetworks.com/security-disclosure?ts=markdown)
* [Sitemap](https://www.paloaltonetworks.com/sitemap?ts=markdown)
* [Tech Docs](https://docs.paloaltonetworks.com/)
* [Unit 42](https://unit42.paloaltonetworks.com/)
* [Do Not Sell or Share My Personal Information](https://panwedd.exterro.net/portal/dsar.htm?target=panwedd)
  ![PAN logo](https://www.paloaltonetworks.com/etc/clientlibs/clean/imgs/pan-logo-dark.svg)
* [Privacy](https://www.paloaltonetworks.com/legal-notices/privacy?ts=markdown)
* [Trust Center](https://www.paloaltonetworks.com/legal-notices/trust-center?ts=markdown)
* [Terms of Use](https://www.paloaltonetworks.com/legal-notices/terms-of-use?ts=markdown)
* [Documents](https://www.paloaltonetworks.com/legal?ts=markdown)

Copyright © 2026 Palo Alto Networks. All Rights Reserved

* [![Youtube](https://www.paloaltonetworks.com/etc/clientlibs/clean/imgs/social/youtube-black.svg)](https://www.youtube.com/user/paloaltonetworks)
* [![Podcast](https://www.paloaltonetworks.com/content/dam/pan/en_US/images/icons/podcast.svg)](https://www.paloaltonetworks.com/podcasts/threat-vector?ts=markdown)
* [![Facebook](https://www.paloaltonetworks.com/etc/clientlibs/clean/imgs/social/facebook-black.svg)](https://www.facebook.com/PaloAltoNetworks/)
* [![LinkedIn](https://www.paloaltonetworks.com/etc/clientlibs/clean/imgs/social/linkedin-black.svg)](https://www.linkedin.com/company/palo-alto-networks)
* [![Twitter](https://www.paloaltonetworks.com/etc/clientlibs/clean/imgs/social/twitter-x-black.svg)](https://twitter.com/PaloAltoNtwks)
* EN  
  Select your language