[Snort-sigs] Sourcefire VRT Certified Snort Rules Update

research at ...435... research at ...435...
Tue Jun 24 15:50:15 EDT 2008


-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Sourcefire VRT Certified Snort Rules Update

Synopsis:
The Sourcefire VRT is aware of vulnerabilities affecting Adobe Photoshop and HP Instant Support DataManager.

Details:
Adobe BMP Handling Buffer Overflow (CVE-2008-1765):
Adobe Photoshop Album Starter Edition contains a programming error that may allow a remote attacker to execute code on a vulnerable system. The problem arises when the application attempts to process a specially crafted bitmap (BMP) image.

A rule to detect attacks targeting this vulnerability is included in this release and is identified with GID 1 SID 13865.

HP Instant Support Remote Unauthorized Access (CVE-2008-0953):
The HP Instant Support ActiveX control contains a programming error that may allow a remote attacker to take control of an affected system.

Rules to detect attacks targeting this vulnerability are included in this release and are identified with GID 1 and SIDs 13857 through 13860.

Additionally, as a result of ongoing research, the Sourcefire VRT has added multiple rules to the spyware-put and backdoor rule sets to provide coverage for emerging threats from these technologies.

For a complete list of new and modified rules please see:

http://www.snort.org/vrt/docs/ruleset_changelogs/changes-2008-06-24.html

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.2.2 (GNU/Linux)

iD8DBQFIYRyM8GAEVQeoGrMRAqHdAKCoI2qRGZbebHfs5m9WvRajend+CgCeLbr8
zhsYq5jAoClpdy9oiVtiBMY=
=t0ru
-----END PGP SIGNATURE-----




More information about the Snort-sigs mailing list