[Snort-sigs] Sourcefire VRT Certified Snort Rules Update

research at ...435... research at ...435...
Fri May 29 14:24:28 EDT 2009


-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Sourcefire VRT Certified Snort Rules Update

Synopsis:
The Sourcefire VRT is aware of a vulnerability affecting Microsoft
DirectShow.

Details:
Microsoft DirectShow Buffer Overflow (CVE-2009-1537):
Microsoft DirectShow contains a programming error that may allow a
remote attacker to execute code on an affected system. The problem
occurs when DirectShow parses a specially crafted QuickTime file.

A rule to detect attacks targeting this vulnerability is included in
this release and is identified with GID 3, SID 15517. This rule
requires GID 1, SID 15516 to be enabled.

For a complete list of new and modified rules please see:

http://www.snort.org/vrt/docs/ruleset_changelogs/changes-2009-05-29.html
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.6 (GNU/Linux)

iD8DBQFKIA9EQcQOxItLLaMRAhbWAJ9t35x7ukb9fCg4FkI66D0IVT0lGgCbBWIw
bPfK+eHyqE9eGC3Ttse+xWs=
=SIX6
-----END PGP SIGNATURE-----




More information about the Snort-sigs mailing list