[Snort-sigs] Sourcefire VRT Certified Snort Rules Update

research at ...435... research at ...435...
Fri Feb 27 15:34:52 EST 2009


-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Sourcefire VRT Certified Snort Rules Update

Synopsis:
The Sourcefire VRT is aware of a vulnerability in Microsoft Excel that
is being actively exploited by a Trojan Horse program.

Details:
Microsoft Excel Code Execution (CVE-2009-0238):
Microsoft Excel contains a programming error that may allow a remote
attacker to execute code on a vulnerable system. The problem occurs
when Excel attempts to process a specially crafted document with an
invalid object.

This issue is being actively exploited by Trojan.Mdropper.AC.

A rule to detect attacks targeting this vulnerability is included in
this release and is identified with GID 3, SID 15365.

For a complete list of new and modified rules please see:

http://www.snort.org/vrt/docs/ruleset_changelogs/changes-2009-02-27.html
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.6 (GNU/Linux)

iD8DBQFJqDJt8GAEVQeoGrMRAupnAKC68h0GyQXBjnBaMl1Ws+mHYZSSvgCgm6UW
P9JprenuFt/MAvt0EiLN5YE=
=sVDG
-----END PGP SIGNATURE-----




More information about the Snort-sigs mailing list