Which products are vulnerable to latest Zero Day vulnerabilities raised by Pwn2Own

Q1:
Is there a list of software (including network devices IOS) & their version that are vulnerable to this zero day vulnerability
below?

Q2:
Below are some further information.  I would like to assess if any specific signature in this release have been
known to disrupt legit services/apps & how can I go about testing them?

  http://h30499.www3.hp.com/t5/HP-Security-Products-Blog/Pwn2Own-2015-The-view-from-HP-TippingPoint-DVLabs/ba-p/6723119
  http://h30499.www3.hp.com/t5/HP-Security-Research-Blog/Pwn2Own-2015-Day-Two-results/ba-p/6722884
  http://h30499.www3.hp.com/t5/HP-Security-Research-Blog/Pwn2Own-2015-Day-One-results/ba-p/6722204
  http://h30499.www3.hp.com/t5/HP-Security-Research-Blog/Pwn2Own-2015-The-lineup/ba-p/6722078
  http://h30499.www3.hp.com/t5/HP-Security-Research-Blog/Pwn2Own-2015-The-final-contestants/ba-p/6721403

========================================================================================

Subject: TippingPoint Digital Vaccine - Early Release Reminder

The DV originally scheduled for this coming Tuesday (March 24, 2015) was released ahead of schedule on Saturday (March 21, 2015) to provide preemptive coverage for 15 zero-day vulnerabilities found in various products during Pwn2Own 2015 held last week, where researchers were given the opportunity to show off their skills using attacks against Microsoft, Google, Mozilla, Apple and Adobe.

For every exploit of a vulnerability successfully demonstrated, HP TippingPoint DVLabs worked with the researchers, the Zero Day Initiative and the vendors to root cause the flaws and find the best way to provide filter coverage for HP TippingPoint customers.

As the exploits and vulnerabilities purchased by our Zero Day Initiative are essentially fully weaponized, DVLabs decided to replace the regularly scheduled Tuesday DV release with this critical out-of-band release, including Pwn2Own filters as well as a number of standard weekly filters planned for the Tuesday release. Doing so grants HP TippingPoint customers the exclusive ability to virtually patch against some of the most impactful vulnerabilities and exploits in existence.
sunhuxAsked:
Who is Participating?

[Product update] Infrastructure Analysis Tool is now available with Business Accounts.Learn More

x
I wear a lot of hats...

"The solutions and answers provided on Experts Exchange have been extremely helpful to me over the last few years. I wear a lot of hats - Developer, Database Administrator, Help Desk, etc., so I know a lot of things but not a lot about one thing. Experts Exchange gives me answers from people who do know a lot about one thing, in a easy to use platform." -Todd S.

btanExec ConsultantCommented:
Q1, Unless we have the exact CVE (e.g. via online cvedetail, nvd, vulcert  website) to further extrapolate to relevance of other possible Network based IOS, I will say that it will be tough for the confirmed case of listing. But with the summary for the final numbers of Pwn2Own 2015, this may serves as a basis of the impacted apps (as of now) since the vendor is working to patch them timely.
5 bugs in the Windows operating system
4 bugs in Internet Explorer 11
3 bugs in Mozilla Firefox
3 bugs in Adobe Reader
3 bugs in Adobe Flash
2 bugs in Apple Safari
1 bug in Google Chrome

Otherwise, the ZDI published and upcoming CVE listing may help to highlight
http://zerodayinitiative.com/advisories/published/
http://zerodayinitiative.com/advisories/upcoming/

Q2. Wait for the signature and scanner will typically have those incorporated, it is tough to "jump the gun" as mentioned till patches are out, vulnerability will not be fully disclosed hence no reliable gauge to detecting or scanning those vulnerability from any targeted servers or network architecture
0

Experts Exchange Solution brought to you by

Your issues matter to us.

Facing a tech roadblock? Get the help and guidance you need from experienced professionals who care. Ask your question anytime, anywhere, with no hassle.

Start your 7-day free trial
It's more than this solution.Get answers and train to solve all your tech problems - anytime, anywhere.Try it for free Edge Out The Competitionfor your dream job with proven skills and certifications.Get started today Stand Outas the employee with proven skills.Start learning today for free Move Your Career Forwardwith certification training in the latest technologies.Start your trial today
Network Security

From novice to tech pro — start learning today.