[Snort-sigs] Sourcefire VRT Certified Snort Rules Update

research at ...435... research at ...435...
Fri Mar 27 17:15:56 EDT 2009


-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Sourcefire VRT Certified Snort Rules Update

Synopsis:
The Sourcefire VRT is aware of vulnerabilities affecting Microsoft
Internet Explorer and Mozilla Firefox.

Details:
Microsoft Windows GDI Buffer Overflow:
A programming error in the Microsoft Windows kernel may allow a remote
attacker to execute code with system level privileges. This may be
exploited when specially crafted EMF files are viewed using Microsoft
Internet Explorer.

A rule to detect attacks targeting this vulnerability is included in
this release and is identified with GID 1, SID 15430.

Mozilla Firefox XSL Buffer Overflow:
A programming error in Mozilla Firefox may allow a remote attacker to
execute code on a victim machine. The error is exposed when the
application attempts to process an XML file that has a specially
crafted XSLT transform.

A rule to detect attacks targeting this vulnerability is included in
this release and is identified with GID 1, SID 15431.

For a complete list of new and modified rules please see:

http://www.snort.org/vrt/docs/ruleset_changelogs/changes-2009-03-27.html
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.6 (GNU/Linux)

iD8DBQFJzS3y8GAEVQeoGrMRAhaKAJ4t7RtGrGAtwVwYdNOdGq4EkgFSvgCdFH2t
+IhMQyobN5z+cRb8ASq+OpU=
=Uw3W
-----END PGP SIGNATURE-----




More information about the Snort-sigs mailing list