alert tcp $EXTERNAL_NET $HTTP_PORTS -> $HOME_NET any (msg:"ET CURRENT_EVENTS Real Player rmoc3260.dll ActiveX? Remote Code Execution Exploit"; flow:established,from_server; content:"CLSID"; nocase; content:"2F542A2E-EDC9-4BF7-8CB1-87C9919F7F93"; nocase; distance:0; content:"Console"; nocase; distance:0; classtype:web-application-attack; reference:bugtraq,28157; reference:cve,CVE-2008-1309; reference:url,www.milw0rm.com/exploits/5332; sid:2008080; rev:3;)

Added 2008-05-18 19:52:12 UTC

alert tcp $EXTERNAL_NET $HTTP_PORTS -> $HOME_NET any (msg:"ET CURRENT_EVENTS Real Player rmoc3260.dll ActiveX? Remote Code Execution Exploit"; flow:established,from_server; content:"CLSID"; nocase; content:"2F542A2E-EDC9-4BF7-8CB1-87C9919F7F93"; nocase; distance:0; content:"Console"; nocase; distance:0; classtype:web-application-attack; reference:bugtraq,28157; reference:cve,CVE-2008-1309; reference:url,www.milw0rm.com/exploits/5332; sid:2008080; rev:3;)

Added 2008-05-18 19:52:12 UTC

alert tcp $EXTERNAL_NET $HTTP_PORTS -> $HOME_NET any (msg:"ET CURRENT_EVENTS Real Player rmoc3260.dll ActiveX? Remote Code Execution Exploit"; content:"CLSID"; nocase; content:"2F542A2E-EDC9-4BF7-8CB1-87C9919F7F93"; nocase; distance:0; content:"Console"; nocase; distance:0; classtype:web-application-attack; reference:bugtraq,28157; reference:cve,CVE-2008-1309; reference:url,www.milw0rm.com/exploits/5332; sid:2008080; rev:2;)

Added 2008-04-02 08:53:20 UTC

alert tcp $EXTERNAL_NET $HTTP_PORTS -> $HOME_NET any (msg:"ET CURRENT_EVENTS Real Player rmoc3260.dll ActiveX? Remote Code Execution Exploit"; content:"CLSID"; nocase; content:"2F542A2E-EDC9-4BF7-8CB1-87C9919F7F93"; nocase; distance:0; content:"Console"; nocase; classtype:web-application-attack; reference:bugtraq,28157; reference:cve,CVE-2008-1309; reference:url,www.milw0rm.com/exploits/5332; sid:2008080; rev:1;)

Added 2008-04-02 08:49:45 UTC