alert http $EXTERNAL_NET any -> $HOME_NET any (msg:"ET WEB_CLIENT MP4 Embedded in PDF File - Potential Flash Exploit"; flow:established,to_client; content:"obj"; content:"<<"; within:4; content:"stream"; distance:0; content:"|00 00 00 18 66 74 79 70|mp4"; within:13; reference:cve,2012-0754; reference:url,blog.9bplus.com/observing-the-enemy-cve-2012-0754-pdf-interac; classtype:bad-unknown; sid:2014865; rev:3; metadata:affected_product Web_Browsers, affected_product Web_Browser_Plugins, attack_target Client_Endpoint, deployment Perimeter, tag Web_Client_Attacks, signature_severity Major, created_at 2012_06_07, updated_at 2016_07_01;)

Added 2017-08-07 21:08:18 UTC


alert tcp $EXTERNAL_NET $HTTP_PORTS -> $HOME_NET any (msg:"ET WEB_CLIENT MP4 Embedded in PDF File - Potential Flash Exploit"; flow:established,to_client; content:"obj"; content:"<<"; within:4; content:"stream"; distance:0; content:"|00 00 00 18 66 74 79 70|mp4"; within:13; reference:cve,2012-0754; reference:url,blog.9bplus.com/observing-the-enemy-cve-2012-0754-pdf-interac; classtype:bad-unknown; sid:2014865; rev:2;)

Added 2012-06-06 23:07:36 UTC


Topic revision: r1 - 2017-08-08 - TWikiGuest
 
This site is powered by the TWiki collaboration platform Powered by Perl This site is powered by the TWiki collaboration platformCopyright © Emerging Threats