[Snort-sigs] SIDs 41338 and 41340 - FILE-IMAGE Adobe Acrobat Pro malformed JPEG APP1 segment out of bounds memory access attempt
charlierwdyer at ...2420...
Fri Jan 20 12:07:48 EST 2017
The number of false positives these two rules produce is huge!
Has anyone else seen the same or amended the rule to be a bit more specific
to the exploit,i.e. user agent is Acrobat Reader or something so it's a bit
Any thoughts gratefully received
-------------- next part --------------
An HTML attachment was scrubbed...
More information about the Snort-sigs