2008170 < Main < EmergingThreats

Main Web>2008170 (2020-08-05, TWikiGuest) (raw view)
 <h2>
 

#alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"ET WEB_CLIENT Microsoft Internet Explorer ieframe.dll Script Injection Vulnerability"; flow:to_server; content:"GET"; http_method; content:"res|3a|"; http_uri; content:"ieframe.dll"; http_uri; content:"acr_error"; pcre:"/(\&lt\;).+(\&gt\;)/Ui"; reference:bugtraq,28581; reference:url,doc.emergingthreats.net/bin/view/Main/2008170; classtype:web-application-attack; sid:2008170; rev:8; metadata:affected_product Web_Browsers, affected_product Web_Browser_Plugins, attack_target Client_Endpoint, created_at 2010_07_30, deployment Perimeter, signature_severity Major, tag Web_Client_Attacks, updated_at 2016_07_01;)

</h2>

Added 2020-08-05 19:05:16 UTC


 %COMMENT{type="threadmode" default="Please enter documentation, comments, false positives, or concerns with this signature. Press the Attach button below to add samples or Pcaps." button="Add to Documentation" }%
 
 <hr>
 


 <h2>
 

#alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"ET WEB_CLIENT Microsoft Internet Explorer ieframe.dll Script Injection Vulnerability"; flow:to_server; content:"GET"; http_method; content:"res|3a|"; http_uri; content:"ieframe.dll"; http_uri; content:"acr_error"; pcre:"/(\&lt\;).+(\&gt\;)/Ui"; reference:bugtraq,28581; reference:url,doc.emergingthreats.net/bin/view/Main/2008170; classtype:web-application-attack; sid:2008170; rev:8; metadata:affected_product Web_Browsers, affected_product Web_Browser_Plugins, attack_target Client_Endpoint, deployment Perimeter, tag Web_Client_Attacks, signature_severity Major, created_at 2010_07_30, updated_at 2016_07_01;)

</h2>

Added 2017-08-07 21:01:20 UTC


 
 <hr>
 


 <h2>
 

#alert tcp  $HOME_NET any ->  $EXTERNAL_NET $HTTP_PORTS (msg:"ET WEB_CLIENT Microsoft Internet Explorer ieframe.dll Script Injection Vulnerability"; flow:to_server; content:"GET"; http_method; content:"res|3a|"; http_uri; content:"ieframe.dll"; http_uri; content:"acr_error"; pcre:"/(\&lt\;).+(\&gt\;)/Ui"; reference:bugtraq,28581; reference:url,doc.emergingthreats.net/bin/view/Main/2008170; classtype:web-application-attack; sid:2008170; rev:9;)

</h2>

Added 2011-10-12 19:24:34 UTC


 
 <hr>
 


 <h2>
 

#alert tcp  $HOME_NET any ->  $EXTERNAL_NET $HTTP_PORTS (msg:"ET WEB_CLIENT Microsoft Internet Explorer ieframe.dll Script Injection Vulnerability"; flow:to_server; content:"GET"; http_method; content:"res|3a|"; http_uri; content:"ieframe.dll"; http_uri; content:"acr_error"; pcre:"/(\&lt\;).+(\&gt\;)/Ui"; classtype:web-application-attack; reference:bugtraq,28581; reference:url,doc.emergingthreats.net/bin/view/Main/2008170; sid:2008170; rev:9;)

</h2>

Added 2011-09-14 22:38:02 UTC


 
 <hr>
 


 <h2>
 

#alert tcp  $HOME_NET any ->  $EXTERNAL_NET $HTTP_PORTS (msg:"ET WEB_CLIENT Microsoft Internet Explorer ieframe.dll Script Injection Vulnerability"; flow:to_server; content:"GET"; http_method; content:"res|3a|"; http_uri; content:"ieframe.dll"; http_uri; content:"acr_error"; pcre:"/(\&lt\;).+(\&gt\;)/Ui"; classtype:web-application-attack; reference:bugtraq,28581; reference:url,doc.emergingthreats.net/bin/view/Main/2008170; reference:url,www.emergingthreats.net/cgi-bin/cvsweb.cgi/sigs/WEB_CLIENT/WEB_CLIENT_IE_Vulnerabilities; sid:2008170; rev:9;)

</h2>

Added 2011-07-19 09:37:53 UTC


 
 <hr>
 


 <h2>
 

#alert tcp  $HOME_NET any ->  $EXTERNAL_NET $HTTP_PORTS (msg:"ET WEB_CLIENT Microsoft Internet Explorer ieframe.dll Script Injection Vulnerability"; flow:to_server; content:"GET"; http_method; content:"res|3a|"; http_uri; content:"ieframe.dll"; http_uri; content:"acr_error"; pcre:"/(\&lt\;).+(\&gt\;)/Ui"; classtype:web-application-attack; reference:bugtraq,28581; reference:url,doc.emergingthreats.net/bin/view/Main/2008170; reference:url,www.emergingthreats.net/cgi-bin/cvsweb.cgi/sigs/WEB_CLIENT/WEB_CLIENT_IE_Vulnerabilities; sid:2008170; rev:9;)

</h2>

Added 2011-07-19 00:15:47 UTC


 
 <hr>
 


 <h2>
 

#alert tcp  $HOME_NET any ->  $EXTERNAL_NET $HTTP_PORTS (msg:"ET WEB_SERVER Microsoft Internet Explorer ieframe.dll Script Injection Vulnerability"; flow:to_server; content:"GET"; http_method; content:"res|3a|"; http_uri; content:"ieframe.dll"; http_uri; content:"acr_error"; pcre:"/(\&lt\;).+(\&gt\;)/Ui"; classtype:web-application-attack; reference:bugtraq,28581; reference:url,doc.emergingthreats.net/bin/view/Main/2008170; reference:url,www.emergingthreats.net/cgi-bin/cvsweb.cgi/sigs/WEB_CLIENT/WEB_CLIENT_IE_Vulnerabilities; sid:2008170; rev:9;)

</h2>

Added 2011-07-07 22:32:01 UTC


 
 <hr>
 


 <h2>
 

#alert tcp  $HOME_NET any ->  $EXTERNAL_NET $HTTP_PORTS (msg:"ET WEB_SERVER Microsoft Internet Explorer ieframe.dll Script Injection Vulnerability"; flow:to_server; content:"GET"; http_method; content:"res|3a|"; http_uri; content:"ieframe.dll"; http_uri; content:"acr_error"; pcre:"/(\&lt\;).+(\&gt\;)/Ui"; classtype:web-application-attack; reference:bugtraq,28581; reference:url,doc.emergingthreats.net/bin/view/Main/2008170; reference:url,www.emergingthreats.net/cgi-bin/cvsweb.cgi/sigs/WEB_CLIENT/WEB_CLIENT_IE_Vulnerabilities; sid:2008170; rev:9;)

</h2>

Added 2011-07-07 21:26:58 UTC


 
 <hr>
 


 <h2>
 

#alert tcp $EXTERNAL_NET any -> $HTTP_SERVERS $HTTP_PORTS (msg:"ET WEB_SERVER Microsoft Internet Explorer ieframe.dll Script Injection Vulnerability"; flow:to_server; content:"GET"; http_method; content:"res|3a|"; http_uri; content:"ieframe.dll"; http_uri; content:"acr_error"; pcre:"/(\&lt\;).+(\&gt\;)/Ui"; classtype:web-application-attack; reference:bugtraq,28581; reference:url,www.0x000000.com/?i=544; reference:url,doc.emergingthreats.net/bin/view/Main/2008170; reference:url,www.emergingthreats.net/cgi-bin/cvsweb.cgi/sigs/WEB_CLIENT/WEB_CLIENT_IE_Vulnerabilities; sid:2008170; rev:7;)

</h2>

Added 2011-06-21 18:18:57 UTC


 
 <hr>
 


 <h2>
 

#alert tcp $EXTERNAL_NET any -> $HTTP_SERVERS $HTTP_PORTS (msg:"ET WEB_CLIENT Microsoft Internet Explorer ieframe.dll Script Injection Vulnerability"; flow:to_server; content:"GET"; http_method; content:"res|3a|"; http_uri; content:"ieframe.dll"; http_uri; content:"acr_error"; pcre:"/(\&lt\;).+(\&gt\;)/Ui"; classtype:web-application-attack; reference:bugtraq,28581; reference:url,www.0x000000.com/?i=544; reference:url,doc.emergingthreats.net/bin/view/Main/2008170; reference:url,www.emergingthreats.net/cgi-bin/cvsweb.cgi/sigs/WEB_CLIENT/WEB_CLIENT_IE_Vulnerabilities; sid:2008170; rev:6;)

</h2>

Added 2011-02-04 17:27:16 UTC


 
 <hr>
 


 <h2>
 

alert tcp $EXTERNAL_NET any -> $HTTP_SERVERS $HTTP_PORTS (msg:"ET WEB_CLIENT Microsoft Internet Explorer ieframe.dll Script Injection Vulnerability"; flow:to_server; content:"GET "; depth:4; uricontent:"res|3a|"; uricontent:"ieframe.dll"; uricontent:"acr_error"; pcre:"/(\&lt\;).+(\&gt\;)/Ui"; classtype:web-application-attack; reference:bugtraq,28581; reference:url,www.0x000000.com/?i=544; reference:url,doc.emergingthreats.net/bin/view/Main/2008170; reference:url,www.emergingthreats.net/cgi-bin/cvsweb.cgi/sigs/WEB_CLIENT/WEB_CLIENT_IE_Vulnerabilities; sid:2008170; rev:3;)

</h2>

Added 2010-01-15 11:41:20 UTC


 
 <hr>
 


 <h2>
 

alert tcp $EXTERNAL_NET any -> $HTTP_SERVERS $HTTP_PORTS (msg:"ET WEB_CLIENT Microsoft Internet Explorer ieframe.dll Script Injection Vulnerability"; flow:to_server; content:"GET "; depth:4; uricontent:"res|3a|"; uricontent:"ieframe.dll"; uricontent:"acr_error"; pcre:"/(\&lt\;).+(\&gt\;)/Ui"; classtype:web-application-attack; reference:bugtraq,28581; reference:url,www.0x000000.com/?i=544; reference:url,doc.emergingthreats.net/bin/view/Main/2008170; reference:url,www.emergingthreats.net/cgi-bin/cvsweb.cgi/sigs/WEB_CLIENT/WEB_CLIENT_IE_Vulnerabilities; sid:2008170; rev:3;)

</h2>

Added 2010-01-15 11:41:20 UTC


 
 <hr>
 


 <h2>
 

alert tcp $EXTERNAL_NET any -> $HTTP_SERVERS $HTTP_PORTS (msg:"ET EXPLOIT Microsoft Internet Explorer ieframe.dll Script Injection Vulnerability"; flow:to_server; content:"GET "; depth:4; uricontent:"res|3a|"; uricontent:"ieframe.dll"; uricontent:"acr_error"; pcre:"/(\&lt\;).+(\&gt\;)/Ui"; classtype:web-application-attack; reference:bugtraq,28581; reference:url,www.0x000000.com/?i=544; reference:url,doc.emergingthreats.net/bin/view/Main/2008170; reference:url,www.emergingthreats.net/cgi-bin/cvsweb.cgi/sigs/EXPLOIT/EXPLOIT_IE_Vulnerabilities; sid:2008170; rev:2;)

</h2>

Added 2009-02-07 22:00:25 UTC


 
 <hr>
 


 <h2>
 

alert tcp $EXTERNAL_NET any -> $HTTP_SERVERS $HTTP_PORTS (msg:"ET EXPLOIT Microsoft Internet Explorer ieframe.dll Script Injection Vulnerability"; flow:to_server; content:"GET "; depth:4; uricontent:"res|3a|"; uricontent:"ieframe.dll"; uricontent:"acr_error"; pcre:"/(\&lt\;).+(\&gt\;)/Ui"; classtype:web-application-attack; reference:bugtraq,28581; reference:url,www.0x000000.com/?i=544; reference:url,doc.emergingthreats.net/bin/view/Main/2008170; reference:url,www.emergingthreats.net/cgi-bin/cvsweb.cgi/sigs/EXPLOIT/EXPLOIT_IE_Vulnerabilities; sid:2008170; rev:2;)

</h2>

Added 2009-02-07 22:00:25 UTC


 
 <hr>
 


 <h2>
 

alert tcp $EXTERNAL_NET any -> $HTTP_SERVERS $HTTP_PORTS (msg:"ET EXPLOIT Microsoft Internet Explorer ieframe.dll Script Injection Vulnerability"; flow:to_server; content:"GET "; depth:4; uricontent:"res|3a|"; uricontent:"ieframe.dll"; uricontent:"acr_error"; pcre:"/(\&lt\;).+(\&gt\;)/Ui"; classtype:web-application-attack; reference:bugtraq,28581; reference:url,www.0x000000.com/?i=544; sid:2008170; rev:1;)

</h2>

Added 2008-04-25 08:14:31 UTC


 
 <hr>
Topic revision: r1 - 2020-08-05 - TWikiGuest
Main
User Reference
ATasteOfTWiki
TextFormattingRules
Signature Reference
WebRss Feed
EmergingFAQ