EditAttachPrintable
r1 - 12 Oct 2011 - 23:30:55 - TWikiGuestYou are here: TWiki >  Main Web > 2010930

##alert tcp $EXTERNAL_NET $HTTP_PORTS -> $HOME_NET any (msg:"ET ACTIVEX Foxit Reader ActiveX? OpenFile? method Remote Code Execution Function Call"; flow:to_client,established; file_data; content:"ActiveXObject"; nocase; distance:0; content:"FOXITREADEROCXLib.FoxitReaderOCX"; nocase; distance:0; content:"OpenFile "; nocase; distance:0; reference:url,www.exploit-db.com/exploits/11196; reference:url,doc.emergingthreats.net/2010930; classtype:attempted-user; sid:2010930; rev:6;)

Added 2011-10-12 19:30:55 UTC

 

##alert tcp $EXTERNAL_NET $HTTP_PORTS -> $HOME_NET any (msg:"ET ACTIVEX Foxit Reader ActiveX? OpenFile? method Remote Code Execution Function Call"; flow:to_client,established; file_data; content:"ActiveXObject"; nocase; distance:0; content:"FOXITREADEROCXLib.FoxitReaderOCX"; nocase; distance:0; content:"OpenFile "; nocase; distance:0; classtype:attempted-user; reference:url,www.exploit-db.com/exploits/11196; reference:url,doc.emergingthreats.net/2010930; sid:2010930; rev:6;)

Added 2011-09-14 22:44:04 UTC

##alert tcp $EXTERNAL_NET $HTTP_PORTS -> $HOME_NET any (msg:"ET ACTIVEX Foxit Reader ActiveX? OpenFile? method Remote Code Execution Function Call"; flow:to_client,established; file_data; content:"ActiveXObject"; nocase; distance:0; content:"FOXITREADEROCXLib.FoxitReaderOCX"; nocase; distance:0; content:"OpenFile "; nocase; distance:0; classtype:attempted-user; reference:url,www.exploit-db.com/exploits/11196; reference:url,doc.emergingthreats.net/2010930; reference:url,www.emergingthreats.net/cgi-bin/cvsweb.cgi/sigs/WEB_CLIENT/WEB_Foxit; sid:2010930; rev:6;)

Added 2011-02-04 17:30:37 UTC

alert tcp $EXTERNAL_NET $HTTP_PORTS -> $HOME_NET any ( msg:"ET WEB_CLIENT Foxit Reader ActiveX? OpenFile? method Remote Code Execution Function Call"; flow:to_client,established; content:"ActiveXObject"; nocase; content:"FOXITREADEROCXLib.FoxitReaderOCX"; nocase; distance:0; content:"OpenFile "; nocase; classtype:attempted-user; reference:url,www.exploit-db.com/exploits/11196; reference:url,doc.emergingthreats.net/2010930; reference:url,www.emergingthreats.net/cgi-bin/cvsweb.cgi/sigs/WEB_CLIENT/WEB_Foxit; sid:2010930; rev:2;)

Added 2010-03-10 15:00:57 UTC

Edit | Attach | Printable | Raw View | Backlinks: Web, All Webs | History: r1 | More topic actions
 
Emerging Threats
This site is powered by the TWiki collaboration platformCopyright © by the contributing authors. All material on this collaboration platform is the property of the contributing authors.
Ideas, requests, problems regarding TWiki? Send feedback