alert tcp $EXTERNAL_NET $HTTP_PORTS -> $HOME_NET any (msg:"ET EXPLOIT Firefox Set Wallpaper Code Execution Attempt (input)"; flow:established,from_server; content:"]*[ a-z]src[^>=]*=(?>\s*)['"]?javascript\:(\s)?./i"; reference:url,secunia.com/advisories/16043/; reference:url,www.mozilla.org/security/announce/mfsa2005-47.html; classtype:misc-attack; reference:url,doc.emergingthreats.net/bin/view/Main/2002128; reference:url,www.emergingthreats.net/cgi-bin/cvsweb.cgi/sigs/EXPLOIT/EXPLOIT_Mozilla-Firefox; sid:2002128; rev:4;)

Added 2009-02-07 22:00:25 UTC


alert tcp $EXTERNAL_NET $HTTP_PORTS -> $HOME_NET any (msg:"ET EXPLOIT Firefox Set Wallpaper Code Execution Attempt (input)"; flow:established,from_server; content:"]*[ a-z]src[^>=]*=(?>\s*)['"]?javascript\:(\s)?./i"; reference:url,secunia.com/advisories/16043/; reference:url,www.mozilla.org/security/announce/mfsa2005-47.html; classtype:misc-attack; reference:url,doc.emergingthreats.net/bin/view/Main/2002128; reference:url,www.emergingthreats.net/cgi-bin/cvsweb.cgi/sigs/EXPLOIT/EXPLOIT_Mozilla-Firefox; sid:2002128; rev:4;)

Added 2009-02-07 22:00:25 UTC


alert tcp $EXTERNAL_NET $HTTP_PORTS -> $HOME_NET any (msg:"ET EXPLOIT Firefox Set Wallpaper Code Execution Attempt (input)"; flow:established,from_server; content:"]*[ a-z]src[^>=]*=(?>\s*)['"]?javascript\:(\s)?./i"; reference:url,secunia.com/advisories/16043/; reference:url,www.mozilla.org/security/announce/mfsa2005-47.html; classtype:misc-attack; sid:2002128; rev:3;)

Added 2008-01-25 10:56:38 UTC


alert tcp $EXTERNAL_NET $HTTP_PORTS -> $HOME_NET any (msg:"ET EXPLOIT Firefox Set Wallpaper Code Execution Attempt (input)"; flow:established,from_server; content:"]*[ a-z]src[^>=]*=(?>\s*)['"]?javascript\:(\s)?./i"; reference:url,secunia.com/advisories/16043/; reference:url,www.mozilla.org/security/announce/mfsa2005-47.html; classtype:misc-attack; sid:2002128; rev:3;)

Added 2008-01-25 10:56:38 UTC


alert tcp $EXTERNAL_NET $HTTP_PORTS -> $HOME_NET any (msg:"BLEEDING-EDGE EXPLOIT Firefox Set Wallpaper Code Execution Attempt (input)"; flow:established,from_server; content:"]*[ a-z]src[^>=]*=(?>\s*)['"]?javascript\:(\s)?./i"; reference:url,secunia.com/advisories/16043/; reference:url,www.mozilla.org/security/announce/mfsa2005-47.html; classtype:misc-attack; sid:2002128; rev:2;)



Topic revision: r1 - 2009-02-08 - TWikiGuest
 
This site is powered by the TWiki collaboration platform Powered by Perl This site is powered by the TWiki collaboration platformCopyright © Emerging Threats