[Snort-sigs] Sourcefire VRT Certified Snort Rules Update 2010-02-26
research at ...435...
Fri Feb 26 16:07:51 EST 2010
-----BEGIN PGP SIGNED MESSAGE-----
Sourcefire VRT Certified Snort Rules Update
The Sourcefire VRT is aware of a vulnerability affecting Microsoft
Microsoft Internet Explorer Command Execution:
Microsoft Internet Explorer contains a programming error that may allow
a remote attacker to execute commands on a vulnerable system. The
attacker needs to supply VBScript to invoke winhlp32.exe, which can
then be used to execute commands via a specially crafted .HLP file.
A rule to detect attacks targeting this vulnerability is included in
this release and is identified with GID 1, SID 16452.
For a complete list of new and modified rules please see:
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.6 (GNU/Linux)
-----END PGP SIGNATURE-----
More information about the Snort-sigs