[Snort-sigs] Sourcefire VRT Certified Snort Rules Update

research at ...435... research at ...435...
Tue Apr 21 14:34:16 EDT 2009


-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

ourcefire VRT Certified Snort Rules Update

Synopsis:
The Sourcefire VRT is aware of vulnerabilities affecting products from
Adobe, Oracle and RealNetworks.

Details:
Adobe Flash Player Buffer Overflow (CVE-2009-0520):
Adobe Flash Player contains a programming error that may allow a remote
attacker to execute code on a vulnerable system via a specially crafted
flash file.

A rule to detect attacks targeting this vulnerability is included in
this release and is identified with GID 1, SID 15478.

Oracle BEA WebLogic Buffer Overflow (CVE-2008-5457):
Oracle BEA WebLogic contains a programming error that may allow a
remote attacker to execute code on a vulnerable system.

A rule to detect attacks targeting this vulnerability is included in
this release and is identified with GID 1, SID 15477.

A previously released rule identified with GID 1, SID 15263 will also
detect attacks targeting this vulnerability.

RealNetworks Helix Server Buffer Overflow (CVE-2008-5911):
RealNetworks Helix Server contains a programming error that may allow a
remote attacker to execute code on a vulnerable system. The error
occurs when the application fails to properly process RTSP header
information.

A rule to detect attacks targeting this vulnerability is included in
this release and is identified with GID 1, SID 15479.

For a complete list of new and modified rules please see:

http://www.snort.org/vrt/docs/ruleset_changelogs/changes-2009-04-21.html
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.6 (GNU/Linux)

iD8DBQFJ7goIQcQOxItLLaMRAk8/AKCLCg5Xevk1w0gjDwtovXEAPmQp2QCgiIWM
n9QQR5PNRj/hdVnQh/cBdj0=
=yBBX
-----END PGP SIGNATURE-----




More information about the Snort-sigs mailing list