<div dir="ltr">This is a Shared Object rule that is detecting CVE-2016-2208 that was published inĀ <a href="https://bugs.chromium.org/p/project-zero/issues/detail?id=820">https://bugs.chromium.org/p/project-zero/issues/detail?id=820</a><div><br></div><div>Thanks</div><div>Alex McDonnell</div><div>TALOS</div></div><div class="gmail_extra"><br><div class="gmail_quote">On Mon, Feb 13, 2017 at 3:01 PM, Charlie Dyer <span dir="ltr"><<a href="mailto:charlierwdyer@...2420..." target="_blank">charlierwdyer@...2420...</a>></span> wrote:<br><blockquote class="gmail_quote" style="margin:0 0 0 .8ex;border-left:1px #ccc solid;padding-left:1ex"><div dir="ltr"><div><div>Hello list<br><br></div>Could anyone shed light on the rule 39379?<br><br></div><div>I can't see any content matching, it simply alerts on any file that is an executable being downloaded, is that right?<br></div><div>If so, what has this got to do with Norton Antivirus?<br><br></div><div>Many thanks in advance.<span class="HOEnZb"><font color="#888888"><br><br></font></span></div><span class="HOEnZb"><font color="#888888"><div>Charlie<br></div></font></span></div>
<br>------------------------------<wbr>------------------------------<wbr>------------------<br>
Check out the vibrant tech community on one of the world's most<br>
engaging tech sites, SlashDot.org! <a href="http://sdm.link/slashdot" rel="noreferrer" target="_blank">http://sdm.link/slashdot</a><br>______________________________<wbr>_________________<br>
Snort-sigs mailing list<br>
<a href="mailto:Snort-sigs@lists.sourceforge.net">Snort-sigs@...1744...<wbr>net</a><br>
<a href="https://lists.sourceforge.net/lists/listinfo/snort-sigs" rel="noreferrer" target="_blank">https://lists.sourceforge.net/<wbr>lists/listinfo/snort-sigs</a><br>
<br>
<a href="http://www.snort.org" rel="noreferrer" target="_blank">http://www.snort.org</a><br>
<br>
Please visit <a href="http://blog.snort.org" rel="noreferrer" target="_blank">http://blog.snort.org</a> for the latest news about Snort!<br>
<br>
Visit the Snort.org to subscribe to the official Snort ruleset, make sure to stay up to date to catch the most <a href=" <a href="https://snort.org/downloads/#rule-downloads" rel="noreferrer" target="_blank">https://snort.org/downloads/#<wbr>rule-downloads</a>">emerging threats</a>!<br></blockquote></div><br></div>