alert tcp $EXTERNAL_NET $HTTP_PORTS -> $HOME_NET any (msg:"ET CURRENT_EVENTS Office Web Components OWC11.Spreadsheet ActiveX? Vulnerability"; flow:to_client,established; content:"ActiveXObject"; nocase; content:"OWC11.Spreadsheet"; nocase; distance:0; content:"msDataSource"; nocase; reference:url,microsoft.com/technet/security/advisory/973472.mspx; reference:url,milw0rm.com/exploits/9224;classtype:web-application-attack; reference:url,doc.emergingthreats.net/2009669; reference:url,www.emergingthreats.net/cgi-bin/cvsweb.cgi/sigs/CURRENT_EVENTS/CURRENT_IE_Office_Web; sid:2009669; rev:2;)

Added 2009-07-22 15:45:41 UTC


alert tcp $EXTERNAL_NET $HTTP_PORTS -> $HOME_NET any (msg:"ET CURRENT_EVENTS Office Web Components OWC11.Spreadsheet ActiveX? Vulnerability"; flow:to_client,established; content:"ActiveXObject"; nocase; content:"OWC11.Spreadsheet"; nocase; distance:0; content:"msDataSource"; nocase; reference:url,microsoft.com/technet/security/advisory/973472.mspx; reference:url,milw0rm.com/exploits/9224;classtype:web-application-attack; reference:url,doc.emergingthreats.net/2009669; reference:url,www.emergingthreats.net/cgi-bin/cvsweb.cgi/sigs/CURRENT_EVENTS/CURRENT_IE_Office_Web; sid:2009669; rev:2;)

Added 2009-07-22 15:45:41 UTC


alert tcp $EXTERNAL_NET $HTTP_PORTS -> $HOME_NET any (msg:"ET CURRENT_EVENTS Office Web Components OWC11.Spreadsheet ActiveX? Vulnerability"; flow:to_client,established; content:"ActiveXObject"; nocase; content:"OWC11.Spreadsheet"; nocase; distance:0; content:"msDataSource"; nocase; reference:url,microsoft.com/technet/security/advisory/973472.mspx; reference:url,milw0rm.com/exploits/9224;classtype:web-application-attack; sid:2009669; rev:1;)

Added 2009-07-22 14:06:21 UTC


Topic revision: r1 - 2009-07-22 - TWikiGuest
 
This site is powered by the TWiki collaboration platform Powered by Perl This site is powered by the TWiki collaboration platformCopyright © Emerging Threats