[Snort-sigs] [Emerging-Sigs] New IE Zero Day

yew chuan Ong yewchuan_23 at ...144...
Mon Sep 17 10:28:30 EDT 2012


More info here....

>http://anubis.iseclab.org/?action=result&task_id=18c249beaa2a439448d22da893ea6c6df&format=html

>http://jsunpack.jeek.org/?report=77f232aedd005b0054ec285cbb3781ae89e7196a

>https://www.virustotal.com/file/85ad20e922f5e9d497ec06ff8db5af81fbdcbb6e8e63dc426b8faf40d5cc32c6/analysis/


________________________________
 From: Will Metcalf <wmetcalf at ...3525...>
To: yew chuan Ong <yewchuan_23 at ...144...> 
Cc: "emerging-sigs at ...3694..." <emerging-sigs at ...3694...>; "snort-sigs at lists.sourceforge.net" <snort-sigs at lists.sourceforge.net> 
Sent: Monday, September 17, 2012 10:13 PM
Subject: Re: [Emerging-Sigs] New IE Zero Day
 

Working on it... Will have "something" in today's set for sure.

Regards,

Will


On Mon, Sep 17, 2012 at 9:13 AM, yew chuan Ong <yewchuan_23 at ...144...> wrote:

Hi,
>
>
>Let's see how we can craft sig for this!
>
>
>> http://blog.vulnhunt.com/index.php/2012/09/17/ie-execcommand-fuction-u
>> http://labs.alienvault.com/labs/index.php/2012/new-internet-explorer-z
>> http://eromang.zataz.com/2012/09/16/zero-day-season-is-really-not-over
>
>
>
>
>Metasploit
>>>http://dev.metasploit.com/redmine/projects/framework/repository/revisions/aac41e91fd38f99238971892d61ead4cfbedabb4/entry/modules/exploits/windows/browser/ie_execcommand_uaf.rb
>
>
>
>
>
>RegardsYew Chuan, Ong
>_______________________________________________
>Emerging-sigs mailing list
>Emerging-sigs at ...3694...
>http://lists.emergingthreats.net/mailman/listinfo/emerging-sigs
>
>Support Emerging Threats! Subscribe to Emerging Threats Pro http://www.emergingthreatspro.com
>The ONLY place to get complete premium rulesets for Snort 2.4.0 through Current!
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.snort.org/pipermail/snort-sigs/attachments/20120917/edef787e/attachment.html>


More information about the Snort-sigs mailing list