alert tcp $EXTERNAL_NET $HTTP_PORTS -> $HOME_NET any (msg:"ET WEB_CLIENT Possible Adobe Multimedia Doc.media.newPlayer Memory Corruption Attempt"; flow:to_client,established; content:"PDF-"; depth:300; content:"this.media.newPlayer|28|null"; nocase; distance:0; content:"util.printd"; nocase; within:150; reference:url,www.metasploit.com/redmine/projects/framework/repository/revisions/7881/entry/modules/exploits/windows/fileformat/adobe_media_newplayer.rb; reference:url,vrt-sourcefire.blogspot.com/2009/12/adobe-reader-medianewplayer-analysis.html; reference:bid,37331; reference:cve,2009-4324; classtype:attempted-user; sid:2010495; rev:12;)

Added 2013-02-27 13:22:51 UTC


alert tcp $EXTERNAL_NET $HTTP_PORTS -> $HOME_NET any (msg:"ET WEB_CLIENT Possible Adobe Multimedia Doc.media.newPlayer Memory Corruption Attempt"; flow:to_client,established; content:"PDF-"; depth:300; content:"this.media.newPlayer|28|null"; nocase; distance:0; content:"util.printd"; nocase; within:150; reference:url,www.metasploit.com/redmine/projects/framework/repository/revisions/7881/entry/modules/exploits/windows/fileformat/adobe_media_newplayer.rb; reference:url,vrt-sourcefire.blogspot.com/2009/12/adobe-reader-medianewplayer-analysis.html; reference:bid,37331; reference:cve,2009-4324; reference:url,doc.emergingthreats.net/2010495; classtype:attempted-user; sid:2010495; rev:12;)

Added 2011-10-12 19:29:54 UTC


alert tcp $EXTERNAL_NET $HTTP_PORTS -> $HOME_NET any (msg:"ET WEB_CLIENT Possible Adobe Multimedia Doc.media.newPlayer Memory Corruption Attempt"; flow:to_client,established; content:"PDF-"; depth:300; content:"this.media.newPlayer|28|null"; nocase; distance:0; content:"util.printd"; nocase; within:150; classtype:attempted-user; reference:url,www.metasploit.com/redmine/projects/framework/repository/revisions/7881/entry/modules/exploits/windows/fileformat/adobe_media_newplayer.rb; reference:url,vrt-sourcefire.blogspot.com/2009/12/adobe-reader-medianewplayer-analysis.html; reference:bid,37331; reference:cve,2009-4324; reference:url,doc.emergingthreats.net/2010495; sid:2010495; rev:12;)

Added 2011-06-30 23:31:11 UTC


alert tcp $EXTERNAL_NET $HTTP_PORTS -> $HOME_NET any (msg:"ET WEB_CLIENT Possible Adobe Multimedia Doc.media.newPlayer Memory Corruption Attempt"; flow:to_client,established; content:"PDF-"; depth:300; content:"this.media.newPlayer|28|null"; nocase; distance:0; content:"util.printd"; nocase; within:150; classtype:attempted-user; reference:url,www.metasploit.com/redmine/projects/framework/repository/revisions/7881/entry/modules/exploits/windows/fileformat/adobe_media_newplayer.rb; reference:url,vrt-sourcefire.blogspot.com/2009/12/adobe-reader-medianewplayer-analysis.html; reference:url,www.securityfocus.com/bid/37331; reference:cve,2009-4324; reference:url,doc.emergingthreats.net/2010495; reference:url,www.emergingthreats.net/cgi-bin/cvsweb.cgi/sigs/CURRENT_EVENTS/CURRENT_Adobe; sid:2010495; rev:11;)

Added 2011-04-12 14:06:59 UTC


alert tcp $EXTERNAL_NET $HTTP_PORTS -> $HOME_NET any (msg:"ET WEB_CLIENT Possible Adobe Multimedia Doc.media.newPlayer Memory Corruption Attempt"; flow:to_client,established; content:"PDF-"; nocase; depth:300; content:"this.media.newPlayer|28|null"; nocase; distance:0; content:"util.printd"; nocase; within:150; classtype:attempted-user; reference:url,www.metasploit.com/redmine/projects/framework/repository/revisions/7881/entry/modules/exploits/windows/fileformat/adobe_media_newplayer.rb; reference:url,vrt-sourcefire.blogspot.com/2009/12/adobe-reader-medianewplayer-analysis.html; reference:url,www.securityfocus.com/bid/37331; reference:cve,2009-4324; reference:url,doc.emergingthreats.net/2010495; reference:url,www.emergingthreats.net/cgi-bin/cvsweb.cgi/sigs/CURRENT_EVENTS/CURRENT_Adobe; sid:2010495; rev:10;)

Added 2011-02-04 17:30:03 UTC


alert tcp $EXTERNAL_NET $HTTP_PORTS -> $HOME_NET any (msg:"ET CURRENT_EVENTS Adobe Multimedia Doc.media.newPlayer Memory Corruption Attempt"; flow:to_client,established; content:"PDF-"; nocase; depth:300; content:"this.media.newPlayer|28|null|29|"; nocase; distance:0; content:"util.printd"; nocase; distance:0; classtype:attempted-user; reference:url,www.metasploit.com/redmine/projects/framework/repository/revisions/7881/entry/modules/exploits/windows/fileformat/adobe_media_newplayer.rb; reference:url,vrt-sourcefire.blogspot.com/2009/12/adobe-reader-medianewplayer-analysis.html; reference:cve,2009-4324; reference:url,doc.emergingthreats.net/2010495; reference:url,www.emergingthreats.net/cgi-bin/cvsweb.cgi/sigs/CURRENT_EVENTS/CURRENT_Adobe; sid:2010495; rev:10;)

Added 2010-08-20 14:16:25 UTC


alert tcp $EXTERNAL_NET $HTTP_PORTS -> $HOME_NET any (msg:"ET CURRENT_EVENTS Adobe Multimedia Doc.media.newPlayer Memory Corruption Attempt"; flow:to_client,established; content:"PDF-"; nocase; depth:300; content:"this.media.newPlayer|28|null|29|"; nocase; distance:0; content:"util.printd"; nocase; distance:0; classtype:attempted-user; reference:url,www.metasploit.com/redmine/projects/framework/repository/revisions/7881/entry/modules/exploits/windows/fileformat/adobe_media_newplayer.rb; reference:url,vrt-sourcefire.blogspot.com/2009/12/adobe-reader-medianewplayer-analysis.html; reference:cve,2009-4324; reference:url,doc.emergingthreats.net/2010495; reference:url,www.emergingthreats.net/cgi-bin/cvsweb.cgi/sigs/CURRENT_EVENTS/CURRENT_Adobe; sid:2010495; rev:10;)

Added 2010-08-20 14:16:25 UTC


alert tcp $EXTERNAL_NET $HTTP_PORTS -> $HOME_NET any (msg:"ET CURRENT_EVENTS Possible Adobe Multimedia Doc.media.newPlayer Memory Corruption Attempt"; flow:to_client,established; content:"PDF-"; nocase; depth:300; content:"this.media.newPlayer|28|null"; nocase; distance:0; content:"util.printd"; nocase; within:150; classtype:attempted-user; reference:url,www.metasploit.com/redmine/projects/framework/repository/revisions/7881/entry/modules/exploits/windows/fileformat/adobe_media_newplayer.rb; reference:url,vrt-sourcefire.blogspot.com/2009/12/adobe-reader-medianewplayer-analysis.html; reference:url,www.securityfocus.com/bid/37331; reference:cve,2009-4324; reference:url,doc.emergingthreats.net/2010495; reference:url,www.emergingthreats.net/cgi-bin/cvsweb.cgi/sigs/CURRENT_EVENTS/CURRENT_Adobe; sid:2010495; rev:9;)

Added 2010-03-08 13:53:45 UTC


alert tcp $EXTERNAL_NET $HTTP_PORTS -> $HOME_NET any (msg:"ET CURRENT_EVENTS Possible Adobe Multimedia Doc.media.newPlayer Memory Corruption Attempt"; flow:to_client,established; content:"PDF-"; nocase; depth:300; content:"this.media.newPlayer|28|null"; nocase; distance:0; content:"util.printd"; nocase; within:150; classtype:attempted-user; reference:url,www.metasploit.com/redmine/projects/framework/repository/revisions/7881/entry/modules/exploits/windows/fileformat/adobe_media_newplayer.rb; reference:url,vrt-sourcefire.blogspot.com/2009/12/adobe-reader-medianewplayer-analysis.html; reference:url,www.securityfocus.com/bid/37331; reference:cve,2009-4324; reference:url,doc.emergingthreats.net/2010495; reference:url,www.emergingthreats.net/cgi-bin/cvsweb.cgi/sigs/CURRENT_EVENTS/CURRENT_Adobe; sid:2010495; rev:9;)

Added 2010-03-08 13:53:45 UTC


alert tcp $EXTERNAL_NET $HTTP_PORTS -> $HOME_NET any (msg:"ET CURRENT_EVENTS Possible Adobe Multimedia Doc.media.newPlayer Memory Corruption Attempt"; flowbits:isset,ET.pdf.request; flow:to_client,established; content:"PDF-"; nocase; depth:300; content:"this.media.newPlayer|28|null"; nocase; distance:0; content:"util.printd"; nocase; within:150; classtype:attempted-user; reference:url,www.metasploit.com/redmine/projects/framework/repository/revisions/7881/entry/modules/exploits/windows/fileformat/adobe_media_newplayer.rb; reference:url,vrt-sourcefire.blogspot.com/2009/12/adobe-reader-medianewplayer-analysis.html; reference:url,www.securityfocus.com/bid/37331; reference:cve,2009-4324; reference:url,doc.emergingthreats.net/2010495; reference:url,www.emergingthreats.net/cgi-bin/cvsweb.cgi/sigs/CURRENT_EVENTS/CURRENT_Adobe; sid:2010495; rev:7;)

Added 2010-02-26 04:31:30 UTC


alert tcp $EXTERNAL_NET $HTTP_PORTS -> $HOME_NET any (msg:"ET CURRENT_EVENTS Possible Adobe Multimedia Doc.media.newPlayer Memory Corruption Attempt"; flowbits:isset,ET.pdf.request; flow:to_client,established; content:"PDF-"; nocase; depth:300; content:"this.media.newPlayer|28|null"; nocase; distance:0; content:"util.printd"; nocase; within:150; classtype:attempted-user; reference:url,www.metasploit.com/redmine/projects/framework/repository/revisions/7881/entry/modules/exploits/windows/fileformat/adobe_media_newplayer.rb; reference:url,vrt-sourcefire.blogspot.com/2009/12/adobe-reader-medianewplayer-analysis.html; reference:url,www.securityfocus.com/bid/37331; reference:cve,2009-4324; reference:url,doc.emergingthreats.net/2010495; reference:url,www.emergingthreats.net/cgi-bin/cvsweb.cgi/sigs/CURRENT_EVENTS/CURRENT_Adobe; sid:2010495; rev:7;)

Added 2010-02-26 04:31:30 UTC


alert tcp $EXTERNAL_NET $HTTP_PORTS -> $HOME_NET any (msg:"ET CURRENT_EVENTS Possible Adobe Multimedia Doc.media.newPlayer Memory Corruption Attempt"; flowbits:isset,ET.pdf.request; flow:to_client,established; content:"media|2E|newPlayer"; nocase; content:"|28|null|28|"; nocase; within:8; content:"util|2E|printd"; nocase; distance:0; classtype:attempted-user; reference:url,www.metasploit.com/redmine/projects/framework/repository/revisions/7881/entry/modules/exploits/windows/fileformat/adobe_media_newplayer.rb; reference:url,vrt-sourcefire.blogspot.com/2009/12/adobe-reader-medianewplayer-analysis.html; reference:url,www.securityfocus.com/bid/37331; reference:cve,2009-4324; reference:url,doc.emergingthreats.net/2010495; reference:url,www.emergingthreats.net/cgi-bin/cvsweb.cgi/sigs/CURRENT_EVENTS/CURRENT_Adobe; sid:2010495; rev:6;)

Added 2009-12-16 17:15:40 UTC


alert tcp $EXTERNAL_NET $HTTP_PORTS -> $HOME_NET any (msg:"ET CURRENT_EVENTS Possible Adobe Multimedia Doc.media.newPlayer Memory Corruption Attempt"; flowbits:isset,ET.pdf.request; flow:to_client,established; content:"media|2E|newPlayer"; nocase; content:"|28|null|28|"; nocase; within:8; content:"util|2E|printd"; nocase; distance:0; classtype:attempted-user; reference:url,www.metasploit.com/redmine/projects/framework/repository/revisions/7881/entry/modules/exploits/windows/fileformat/adobe_media_newplayer.rb; reference:url,vrt-sourcefire.blogspot.com/2009/12/adobe-reader-medianewplayer-analysis.html; reference:url,www.securityfocus.com/bid/37331; reference:cve,2009-4324; reference:url,doc.emergingthreats.net/2010495; reference:url,www.emergingthreats.net/cgi-bin/cvsweb.cgi/sigs/CURRENT_EVENTS/CURRENT_Adobe; sid:2010495; rev:6;)

Added 2009-12-16 17:15:40 UTC


alert tcp $EXTERNAL_NET $HTTP_PORTS -> $HOME_NET any (msg:"ET CURRENT_EVENTS Possible Adobe Multimedia Doc.media.newPlayer Memory Corruption Attempt"; flowbits:isset,ET.pdf.request; flow:to_client,established; content:"media|2E|newPlayer"; nocase; content:"|28|null|28|"; nocase; within:8; content:"util|2E|printd"; nocase; distance:0; classtype:attempted-user; reference:url,www.metasploit.com/redmine/projects/framework/repository/revisions/7881/entry/modules/exploits/windows/fileformat/adobe_media_newplayer.rb; reference:url,vrt-sourcefire.blogspot.com/2009/12/adobe-reader-medianewplayer-analysis.html; reference:url,www.securityfocus.com/bid/37331; reference:cve,2009-4324; reference:url,doc.emergingthreats.net/2010495; reference:url,www.emergingthreats.net/cgi-bin/cvsweb.cgi/sigs/CURRENT_EVENTS/CURRENT_Adobe; sid:2010495; rev:6;)

Added 2009-12-16 17:14:54 UTC


alert tcp $EXTERNAL_NET $HTTP_PORTS -> $HOME_NET any (msg:"ET CURRENT_EVENTS Possible Adobe Multimedia Doc.media.newPlayer Memory Corruption Attempt"; flowbits:isset,ET.pdf.request; flow:to_client,established; content:"media|2E|newPlayer"; nocase; content:"|28|null|28|"; nocase; within:8; content:"util|2E|printd"; nocase; distance:0; classtype:attempted-user; reference:url,www.metasploit.com/redmine/projects/framework/repository/revisions/7881/entry/modules/exploits/windows/fileformat/adobe_media_newplayer.rb; reference:url,vrt-sourcefire.blogspot.com/2009/12/adobe-reader-medianewplayer-analysis.html; reference:url,www.securityfocus.com/bid/37331; reference:cve,2009-4324; reference:url,doc.emergingthreats.net/2010495; reference:url,www.emergingthreats.net/cgi-bin/cvsweb.cgi/sigs/CURRENT_EVENTS/CURRENT_Adobe; sid:2010495; rev:6;)

Added 2009-12-16 17:14:54 UTC


alert tcp $EXTERNAL_NET $HTTP_PORTS -> $HOME_NET any (msg:"ET CURRENT Possible Adobe Multimedia Doc.media.newPlayer Memory Corruption Attempt"; flowbits:isset,ET.pdf.request; flow:to_client,established; content:"media|2E|newPlayer"; nocase; content:"|28|null|28|"; nocase; within:8; content:"util|2E|printd"; nocase; distance:0; classtype:attempted-user; reference:url,www.metasploit.com/redmine/projects/framework/repository/revisions/7881/entry/modules/exploits/windows/fileformat/adobe_media_newplayer.rb; reference:url,vrt-sourcefire.blogspot.com/2009/12/adobe-reader-medianewplayer-analysis.html; reference:url,www.securityfocus.com/bid/37331; reference:cve,2009-4324; reference:url,doc.emergingthreats.net/2010495; reference:url,www.emergingthreats.net/cgi-bin/cvsweb.cgi/sigs/CURRENT_EVENTS/CURRENT_Adobe; sid:2010495; rev:5;)

Added 2009-12-16 12:30:42 UTC


alert tcp $EXTERNAL_NET $HTTP_PORTS -> $HOME_NET any (msg:"ET CURRENT Possible Adobe Multimedia Doc.media.newPlayer Memory Corruption Attempt"; flowbits:isset,ET.pdf.request; flow:to_client,established; content:"media|2E|newPlayer"; nocase; content:"|28|null|28|"; nocase; within:8; content:"util|2E|printd"; nocase; distance:0; classtype:attempted-user; reference:url,www.metasploit.com/redmine/projects/framework/repository/revisions/7881/entry/modules/exploits/windows/fileformat/adobe_media_newplayer.rb; reference:url,vrt-sourcefire.blogspot.com/2009/12/adobe-reader-medianewplayer-analysis.html; reference:url,www.securityfocus.com/bid/37331; reference:cve,2009-4324; reference:url,doc.emergingthreats.net/2010495; reference:url,www.emergingthreats.net/cgi-bin/cvsweb.cgi/sigs/CURRENT_EVENTS/CURRENT_Adobe; sid:2010495; rev:5;)

Added 2009-12-16 12:30:42 UTC


alert tcp $EXTERNAL_NET $HTTP_PORTS -> $HOME_NET any (msg:"ET CURRENT Possible Adobe Multimedia Doc.media.newPlayer Memory Corruption Attempt"; flow:to_client,established; content:"media|2E|newPlayer"; nocase; content:"|28|null|28|"; nocase; within:8; content:"util|2E|printd"; nocase; distance:0; classtype:attempted-user; reference:url,www.metasploit.com/redmine/projects/framework/repository/revisions/7881/entry/modules/exploits/windows/fileformat/adobe_media_newplayer.rb; reference:url,vrt-sourcefire.blogspot.com/2009/12/adobe-reader-medianewplayer-analysis.html; reference:url,www.securityfocus.com/bid/37331; reference:cve,2009-4324; reference:url,doc.emergingthreats.net/2010495; reference:url,www.emergingthreats.net/cgi-bin/cvsweb.cgi/sigs/CURRENT_EVENTS/CURRENT_Adobe; sid:2010495; rev:4;)

Added 2009-12-16 09:58:06 UTC


alert tcp $EXTERNAL_NET $HTTP_PORTS -> $HOME_NET any (msg:"ET CURRENT Possible Adobe Multimedia Doc.media.newPlayer Memory Corruption Attempt"; flow:to_client,established; content:"media|2E|newPlayer"; nocase; content:"|28|null|28|"; nocase; within:8; content:"util|2E|printd"; nocase; distance:0; classtype:attempted-user; reference:url,www.metasploit.com/redmine/projects/framework/repository/revisions/7881/entry/modules/exploits/windows/fileformat/adobe_media_newplayer.rb; reference:url,vrt-sourcefire.blogspot.com/2009/12/adobe-reader-medianewplayer-analysis.html; reference:url,www.securityfocus.com/bid/37331; reference:cve,2009-4324; reference:url,doc.emergingthreats.net/2010495; reference:url,www.emergingthreats.net/cgi-bin/cvsweb.cgi/sigs/CURRENT_EVENTS/CURRENT_Adobe; sid:2010495; rev:4;)

Added 2009-12-16 09:58:06 UTC


alert tcp $EXTERNAL_NET $HTTP_PORTS -> $HOME_NET any (msg:"ET CURRENT Possible Adobe Multimedia Doc.media.newPlayer Memory Corruption Attempt"; flow:to_client,established; content:"media|2E|newPlayer"; nocase; content:"|28|null|28|"; nocase; within:8; content:"util|2E|printd"; nocase; distance:0; classtype:attempted-user; reference:url,www.metasploit.com/redmine/projects/framework/repository/revisions/7881/entry/modules/exploits/windows/fileformat/adobe_media_newplayer.rb; reference:url,vrt-sourcefire.blogspot.com/2009/12/adobe-reader-medianewplayer-analysis.html?utm_source=feedburner&utm_medium=feed&utm_campaign=Feed%3A+Vrt+%28Sourcefire+VRT+-+Vulnerability+Research%2C+Snort+Rules+and+Explosions%29; reference:url,www.securityfocus.com/bid/37331; reference:cve,2009-4324; reference:url,doc.emergingthreats.net/2010495; reference:url,www.emergingthreats.net/cgi-bin/cvsweb.cgi/sigs/CURRENT_EVENTS/CURRENT_Adobe; sid:2010495; rev:3;)

Added 2009-12-16 09:15:45 UTC


alert tcp $EXTERNAL_NET $HTTP_PORTS -> $HOME_NET any (msg:"ET CURRENT Possible Adobe Multimedia Doc.media.newPlayer Memory Corruption Attempt"; flow:to_client,established; content:"media|2E|newPlayer"; nocase; content:"|28|null|28|"; nocase; within:8; content:"util|2E|printd"; nocase; distance:0; classtype:attempted-user; reference:url,www.metasploit.com/redmine/projects/framework/repository/revisions/7881/entry/modules/exploits/windows/fileformat/adobe_media_newplayer.rb; reference:url,vrt-sourcefire.blogspot.com/2009/12/adobe-reader-medianewplayer-analysis.html?utm_source=feedburner&utm_medium=feed&utm_campaign=Feed%3A+Vrt+%28Sourcefire+VRT+-+Vulnerability+Research%2C+Snort+Rules+and+Explosions%29; reference:url,www.securityfocus.com/bid/37331; reference:cve,2009-4324; reference:url,doc.emergingthreats.net/2010495; reference:url,www.emergingthreats.net/cgi-bin/cvsweb.cgi/sigs/CURRENT_EVENTS/CURRENT_Adobe; sid:2010495; rev:3;)

Added 2009-12-16 09:15:45 UTC


alert tcp $EXTERNAL_NET $HTTP_PORTS -> $HOME_NET any (msg:"ET CURRENT Possible Adobe Multimedia Doc.media.newPlayer Memory Corruption Attempt"; flow:to_client,established; content:"media|2E|newPlayer"; nocase; content:"|28|null|28|"; nocase; within:8; content:"util|2E|printd"; nocase; distance:0; classtype:attempted-user; reference:url,www.metasploit.com/redmine/projects/framework/repository/revisions/7881/entry/modules/exploits/windows/fileformat/adobe_media_newplayer.rb; reference:url,vrt-sourcefire.blogspot.com/2009/12/adobe-reader-medianewplayer-analysis.html?utm_source=feedburner&utm_medium=feed&utm_campaign=Feed%3A+Vrt+%28Sourcefire+VRT+-+Vulnerability+Research%2C+Snort+Rules+and+Explosions%29; reference:url,www.securityfocus.com/bid/37331; reference:cve,2009-4324; reference:url,doc.emergingthreats.net/2010495; reference:url,www.emergingthreats.net/cgi-bin/cvsweb.cgi/sigs/CURRENT_EVENTS/CURRENT_Adobe; sid:2010495; rev:3;)

Added 2009-12-16 09:14:07 UTC


alert tcp $EXTERNAL_NET $HTTP_PORTS -> $HOME_NET any (msg:"ET CURRENT Possible Adobe Multimedia Doc.media.newPlayer Memory Corruption Attempt"; flow:to_client,established; content:"media|2E|newPlayer"; nocase; content:"|28|null|28|"; nocase; within:8; content:"util|2E|printd"; nocase; distance:0; classtype:attempted-user; reference:url,www.metasploit.com/redmine/projects/framework/repository/revisions/7881/entry/modules/exploits/windows/fileformat/adobe_media_newplayer.rb; reference:url,vrt-sourcefire.blogspot.com/2009/12/adobe-reader-medianewplayer-analysis.html?utm_source=feedburner&utm_medium=feed&utm_campaign=Feed%3A+Vrt+%28Sourcefire+VRT+-+Vulnerability+Research%2C+Snort+Rules+and+Explosions%29; reference:url,www.securityfocus.com/bid/37331; reference:cve,2009-4324; reference:url,doc.emergingthreats.net/2010495; reference:url,www.emergingthreats.net/cgi-bin/cvsweb.cgi/sigs/CURRENT_EVENTS/CURRENT_Adobe; sid:2010495; rev:3;)

Added 2009-12-16 09:14:07 UTC


alert tcp $EXTERNAL_NET $HTTP_PORTS -> $HOME_NET any (msg:"ET CURRENT Possible Adobe Multimeda Doc.media.newPlayer Memory Corruption Attempt"; flow:to_client,established; content:"media|2E|newPlayer"; nocase; content:"|28|null|28|"; nocase; within:8; content:"util|2E|printd"; nocase; distance:0; classtype:attempted-user; reference:url,www.metasploit.com/redmine/projects/framework/repository/revisions/7881/entry/modules/exploits/windows/fileformat/adobe_media_newplayer.rb; reference:url,vrt-sourcefire.blogspot.com/2009/12/adobe-reader-medianewplayer-analysis.html?utm_source=feedburner&utm_medium=feed&utm_campaign=Feed%3A+Vrt+%28Sourcefire+VRT+-+Vulnerability+Research%2C+Snort+Rules+and+Explosions%29; reference:url,www.securityfocus.com/bid/37331; reference:cve,2009-4324; reference:url,doc.emergingthreats.net/2010495; reference:url,www.emergingthreats.net/cgi-bin/cvsweb.cgi/sigs/CURRENT_EVENTS/CURRENT_Adobe; sid:2010495; rev:2;)

Added 2009-12-16 09:00:47 UTC


alert tcp $EXTERNAL_NET $HTTP_PORTS -> $HOME_NET any (msg:"ET CURRENT Possible Adobe Multimeda Doc.media.newPlayer Memory Corruption Attempt"; flow:to_client,established; content:"media|2E|newPlayer"; nocase; content:"|28|null|28|"; nocase; within:8; content:"util|2E|printd"; nocase; distance:0; classtype:attempted-user; reference:url,www.metasploit.com/redmine/projects/framework/repository/revisions/7881/entry/modules/exploits/windows/fileformat/adobe_media_newplayer.rb; reference:url,vrt-sourcefire.blogspot.com/2009/12/adobe-reader-medianewplayer-analysis.html?utm_source=feedburner&utm_medium=feed&utm_campaign=Feed%3A+Vrt+%28Sourcefire+VRT+-+Vulnerability+Research%2C+Snort+Rules+and+Explosions%29; reference:url,www.securityfocus.com/bid/37331; reference:cve,2009-4324; reference:url,doc.emergingthreats.net/2010495; reference:url,www.emergingthreats.net/cgi-bin/cvsweb.cgi/sigs/CURRENT_EVENTS/CURRENT_Adobe; sid:2010495; rev:2;)

Added 2009-12-16 09:00:47 UTC


alert tcp $EXTERNAL_NET $HTTP_PORTS -> $HOME_NET any (msg:"ET CURRENT_EVENTS Possible Adobe Multimeda Doc.media.newPlayer Memory Corruption Attempt"; flow:to_client,established; content:"util|2E|printd"; nocase; content:"media|2E|newPlayer"; nocase; distance:0; classtype:attempted-user; reference:url,www.metasploit.com/redmine/projects/framework/repository/revisions/7881/entry/modules/exploits/windows/fileformat/adobe_media_newplayer.rb; reference:url,www.securityfocus.com/bid/37331; reference:cve,2009-4324; sid:2010495; rev:1;)

Added 2009-12-15 16:45:41 UTC


Topic revision: r1 - 2013-02-27 - TWikiGuest
 
This site is powered by the TWiki collaboration platform Powered by Perl This site is powered by the TWiki collaboration platformCopyright © Emerging Threats