[Snort-sigs] Sourcefire VRT Certified Snort Rules Update 2010-02-26

Research research at ...435...
Fri Feb 26 16:07:51 EST 2010


-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1


Sourcefire VRT Certified Snort Rules Update

Synopsis:
The Sourcefire VRT is aware of a vulnerability affecting Microsoft
Internet Explorer.

Details:
Microsoft Internet Explorer Command Execution:
Microsoft Internet Explorer contains a programming error that may allow
a remote attacker to execute commands on a vulnerable system. The
attacker needs to supply VBScript to invoke winhlp32.exe, which can
then be used to execute commands via a specially crafted .HLP file.

A rule to detect attacks targeting this vulnerability is included in
this release and is identified with GID 1, SID 16452.

For a complete list of new and modified rules please see:

http://www.snort.org/vrt/docs/ruleset_changelogs/changes-2010-02-26.html
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.6 (GNU/Linux)

iD8DBQFLiDgnQcQOxItLLaMRAvEaAJ9rpY1fUgU+FqlTRm66BLe1CBJGXACfW11A
QGugTZe+7KTde2i/54mF+L0=
=DBm/
-----END PGP SIGNATURE-----





More information about the Snort-sigs mailing list