Talos has added and modified multiple rules in the browser-plugins, file-image, file-other and malware-cnc rule sets to provide coverage for emerging threats from these technologies.
For information about Snort Subscriber Rulesets available for purchase, please visit the Snort product page.
This is the complete list of rules modified and added in the Sourcefire VRT Certified rule pack for Snort version 2983.
The format of the file is:
gid:sid <-> Default rule state <-> Message (rule group)
* 1:47928 <-> DISABLED <-> FILE-PDF Adobe Reader JavaScript endInitiatorMailOperation heap overflow attempt (file-pdf.rules) * 1:47923 <-> DISABLED <-> FILE-PDF Adobe Acrobat Reader PDF out of bounds read attempt (file-pdf.rules) * 1:47924 <-> DISABLED <-> FILE-PDF Adobe Reader JavaScript annotation object rotation use-after-free attempt (file-pdf.rules) * 1:47932 <-> DISABLED <-> FILE-IMAGE Adobe Acrobat Pro Universal 3D Engine untrusted pointer dereference attempt (file-image.rules) * 1:47933 <-> DISABLED <-> FILE-IMAGE Adobe Acrobat Pro Universal 3D Engine untrusted pointer dereference attempt (file-image.rules) * 1:47996 <-> ENABLED <-> FILE-IMAGE Adobe Acrobat Pro EMF pointer out of bounds write attempt (file-image.rules) * 1:47934 <-> ENABLED <-> MALWARE-CNC Win.Trojan.MSDownloader variant outbound connection (malware-cnc.rules) * 1:47935 <-> ENABLED <-> MALWARE-CNC Win.Trojan.MSDownloader variant download (malware-cnc.rules) * 1:47936 <-> ENABLED <-> MALWARE-CNC Win.Trojan.MSDownloader variant download (malware-cnc.rules) * 1:47949 <-> DISABLED <-> FILE-IMAGE Adobe Acrobat Pro EMF out of bounds read attempt (file-image.rules) * 1:47929 <-> DISABLED <-> FILE-PDF Adobe Reader JavaScript endInitiatorMailOperation heap overflow attempt (file-pdf.rules) * 1:47965 <-> DISABLED <-> FILE-PDF Adobe Reader getProps Javascript heap overflow attempt (file-pdf.rules) * 1:47930 <-> DISABLED <-> FILE-PDF Adobe Acrobat Reader JavaScript engine heap overflow attempt (file-pdf.rules) * 1:47981 <-> ENABLED <-> FILE-IMAGE Adobe Acrobat Pro EMF out of bounds read attempt (file-image.rules) * 1:47976 <-> ENABLED <-> FILE-OTHER Adobe Acrobat Pro EMF memory corruption attempt (file-other.rules) * 1:47974 <-> DISABLED <-> FILE-PDF Adobe Acrobat Reader JavaScript engine use after free attempt (file-pdf.rules) * 1:47948 <-> DISABLED <-> FILE-PDF Adobe Acrobat Reader JavaScript Engine use after free attempt (file-pdf.rules) * 1:47973 <-> DISABLED <-> FILE-PDF Adobe Acrobat Reader JavaScript engine use after free attempt (file-pdf.rules) * 1:47971 <-> DISABLED <-> FILE-IMAGE Adobe Acrobat Pro EMF out of bounds read attempt (file-image.rules) * 1:47972 <-> DISABLED <-> FILE-IMAGE Adobe Acrobat Pro EMF out of bounds read attempt (file-image.rules) * 1:47969 <-> DISABLED <-> FILE-PDF Adobe Acrobat Reader JPEG2000 out of bounds read attempt (file-pdf.rules) * 1:47970 <-> DISABLED <-> FILE-PDF Adobe Acrobat Reader JPEG2000 out of bounds read attempt (file-pdf.rules) * 1:47968 <-> DISABLED <-> FILE-PDF Adobe Acrobat Reader JPEG2000 out of bounds read attempt (file-pdf.rules) * 1:47964 <-> DISABLED <-> FILE-OTHER Adobe Acrobat Pro WebCapture JavaScript manipulation type confusion attempt (file-other.rules) * 1:47997 <-> ENABLED <-> FILE-IMAGE Adobe Acrobat Pro EMF pointer out of bounds read attempt (file-image.rules) * 1:47947 <-> DISABLED <-> FILE-PDF Adobe Acrobat Reader JavaScript Engine use after free attempt (file-pdf.rules) * 1:47920 <-> DISABLED <-> FILE-PDF Adobe Acrobat Reader PDF out of bounds read attempt (file-pdf.rules) * 1:47921 <-> DISABLED <-> FILE-PDF Adobe Acrobat Reader PDF out of bounds read attempt (file-pdf.rules) * 1:47960 <-> ENABLED <-> FILE-OTHER Adobe Acrobat Pro EMF file out-of-bounds write attempt (file-other.rules) * 1:47922 <-> DISABLED <-> FILE-PDF Adobe Acrobat Reader PDF out of bounds read attempt (file-pdf.rules) * 1:47998 <-> ENABLED <-> FILE-IMAGE Adobe Acrobat Pro EMF pointer out of bounds read attempt (file-image.rules) * 1:47954 <-> ENABLED <-> FILE-IMAGE Adobe Acrobat Pro malformed TIF tag entry out of bounds read attempt (file-image.rules) * 1:47927 <-> ENABLED <-> FILE-OTHER Adobe Acrobat Pro EMF ImageConversion out-of-bounds write attempt (file-other.rules) * 1:47943 <-> DISABLED <-> FILE-IMAGE Adobe Acrobat Distiller PostScript stack overflow attempt (file-image.rules) * 1:47937 <-> DISABLED <-> FILE-PDF Adobe Acrobat Reader rendering engine use-after-free attempt (file-pdf.rules) * 1:47994 <-> ENABLED <-> FILE-OTHER Acrobat Adobe Pro XPS out-of-bounds read attempt (file-other.rules) * 1:47995 <-> ENABLED <-> FILE-IMAGE Adobe Acrobat Pro EMF pointer out of bounds write attempt (file-image.rules) * 1:47951 <-> DISABLED <-> FILE-OTHER Adobe Distiller PostScript conversion heap overflow attempt (file-other.rules) * 1:47992 <-> DISABLED <-> FILE-IMAGE Adobe Acrobat Pro EMF engine type confusion attempt (file-image.rules) * 1:47990 <-> DISABLED <-> FILE-OTHER Adobe Acrobat Pro EMF out of bounds write attempt (file-other.rules) * 1:47993 <-> ENABLED <-> FILE-OTHER Acrobat Adobe Pro XPS out-of-bounds read attempt (file-other.rules) * 1:47991 <-> DISABLED <-> FILE-IMAGE Adobe Acrobat Pro EMF engine type confusion attempt (file-image.rules) * 1:47945 <-> DISABLED <-> FILE-PDF Adobe Acrobat Distiller invalid Keywords tag double free attempt (file-pdf.rules) * 1:47946 <-> DISABLED <-> FILE-PDF Adobe Acrobat Distiller invalid Keywords tag double free attempt (file-pdf.rules) * 1:47944 <-> DISABLED <-> FILE-IMAGE Adobe Acrobat Distiller PostScript stack overflow attempt (file-image.rules) * 1:47980 <-> ENABLED <-> FILE-IMAGE Adobe Acrobat Pro EMF out of bounds read attempt (file-image.rules) * 1:47979 <-> ENABLED <-> FILE-IMAGE Adobe Acrobat Pro EMF out of bounds read attempt (file-image.rules) * 1:47950 <-> DISABLED <-> FILE-IMAGE Adobe Acrobat Pro EMF out of bounds read attempt (file-image.rules) * 1:47941 <-> ENABLED <-> FILE-IMAGE Adobe Acrobat XPS heap overflow attempt (file-image.rules) * 1:47940 <-> DISABLED <-> FILE-IMAGE Adobe Acrobat Pro EMF+ GIF parsing out of bounds read attempt (file-image.rules) * 1:47939 <-> DISABLED <-> FILE-IMAGE Adobe Acrobat Pro EMF+ GIF parsing out of bounds read attempt (file-image.rules) * 1:47938 <-> DISABLED <-> FILE-PDF Adobe Acrobat Reader rendering engine use-after-free attempt (file-pdf.rules) * 1:47942 <-> ENABLED <-> FILE-IMAGE Adobe Acrobat XPS heap overflow attempt (file-image.rules) * 1:47931 <-> DISABLED <-> FILE-PDF Adobe Acrobat Reader JavaScript engine heap overflow attempt (file-pdf.rules) * 1:47989 <-> DISABLED <-> FILE-OTHER Adobe Acrobat Pro EMF out of bounds write attempt (file-other.rules) * 1:47967 <-> DISABLED <-> FILE-PDF Adobe Acrobat Reader JPEG2000 out of bounds read attempt (file-pdf.rules) * 1:47953 <-> ENABLED <-> FILE-IMAGE Adobe Acrobat Pro malformed TIF tag entry out of bounds read attempt (file-image.rules) * 1:47962 <-> DISABLED <-> FILE-OTHER Adobe Acrobat Pro EmfPlusDrawBeziers out of bounds write attempt (file-other.rules) * 1:47963 <-> DISABLED <-> FILE-OTHER Adobe Acrobat Pro WebCapture JavaScript manipulation type confusion attempt (file-other.rules) * 1:47966 <-> DISABLED <-> FILE-PDF Adobe Reader getProps Javascript heap overflow attempt (file-pdf.rules) * 1:47977 <-> DISABLED <-> FILE-PDF Adobe Acrobat Pro heap overflow attempt (file-pdf.rules) * 1:47961 <-> DISABLED <-> FILE-OTHER Adobe Acrobat Pro EmfPlusDrawBeziers out of bounds write attempt (file-other.rules) * 1:47959 <-> ENABLED <-> FILE-OTHER Adobe Acrobat Pro EMF file out-of-bounds write attempt (file-other.rules) * 1:47956 <-> ENABLED <-> FILE-IMAGE Adobe Acrobat Pro malformed TIF tag entry out of bounds read attempt (file-image.rules) * 1:47955 <-> ENABLED <-> FILE-IMAGE Adobe Acrobat Pro malformed TIF tag entry out of bounds read attempt (file-image.rules) * 1:47958 <-> DISABLED <-> FILE-OTHER Adobe Acrobat Pro EMF EmfPlusDrawDriverString malformed GlyphCount value integer overflow attempt (file-other.rules) * 1:47985 <-> ENABLED <-> FILE-OTHER Adobe Acrobat Pro XPS out-of-bounds write attempt (file-other.rules) * 1:47987 <-> ENABLED <-> FILE-OTHER Adobe Acrobat Pro XPS file out-of-bounds read attempt (file-other.rules) * 1:47984 <-> ENABLED <-> FILE-OTHER Adobe Acrobat Pro EMF out-of-bounds read attempt (file-other.rules) * 1:47986 <-> ENABLED <-> FILE-OTHER Adobe Acrobat Pro XPS out-of-bounds write attempt (file-other.rules) * 1:47982 <-> ENABLED <-> FILE-IMAGE Adobe Acrobat Pro EMF out of bounds read attempt (file-image.rules) * 1:47925 <-> DISABLED <-> FILE-PDF Adobe Reader JavaScript annotation object rotation use-after-free attempt (file-pdf.rules) * 1:47957 <-> DISABLED <-> FILE-OTHER Adobe Acrobat Pro EMF EmfPlusDrawDriverString malformed GlyphCount value integer overflow attempt (file-other.rules) * 1:47978 <-> DISABLED <-> FILE-PDF Adobe Acrobat Pro heap overflow attempt (file-pdf.rules) * 1:47975 <-> ENABLED <-> FILE-OTHER Adobe Acrobat Pro EMF memory corruption attempt (file-other.rules) * 1:47983 <-> ENABLED <-> FILE-OTHER Adobe Acrobat Pro EMF out-of-bounds read attempt (file-other.rules) * 1:47926 <-> ENABLED <-> FILE-OTHER Adobe Acrobat Pro EMF ImageConversion out-of-bounds write attempt (file-other.rules) * 1:47988 <-> ENABLED <-> FILE-OTHER Adobe Acrobat Pro XPS file out-of-bounds read attempt (file-other.rules) * 1:47952 <-> DISABLED <-> FILE-OTHER Adobe Distiller PostScript conversion heap overflow attempt (file-other.rules)
* 1:47271 <-> DISABLED <-> FILE-PDF Adobe Reader JavaScript XSL value-of select transformation out-of-bounds write attempt (file-pdf.rules) * 1:47885 <-> DISABLED <-> FILE-OTHER Microsoft Windows JET Database Engine out-of-bounds write attempt (file-other.rules) * 1:44060 <-> DISABLED <-> FILE-IMAGE Adobe Acrobat Pro malformed TIFF memory corruption attempt (file-image.rules) * 1:47367 <-> DISABLED <-> FILE-IMAGE Adobe Acrobat Pro PSD malformed image data out-of-bounds write attempt (file-image.rules) * 1:47886 <-> DISABLED <-> FILE-OTHER Microsoft Windows JET Database Engine out-of-bounds write attempt (file-other.rules) * 1:46709 <-> ENABLED <-> FILE-OTHER Adobe Professional EMF embedded image heap overflow attempt (file-other.rules) * 1:47270 <-> DISABLED <-> FILE-PDF Adobe Reader JavaScript XSL value-of select transformation out-of-bounds write attempt (file-pdf.rules) * 1:47688 <-> DISABLED <-> FILE-PDF Adobe Acrobat Pro U3D SGI RGB information leak attempt (file-pdf.rules) * 1:44059 <-> DISABLED <-> FILE-IMAGE Adobe Acrobat Pro malformed TIFF memory corruption attempt (file-image.rules) * 1:44024 <-> DISABLED <-> FILE-IMAGE Adobe Acrobat Pro malformed TIFF memory corruption attempt (file-image.rules) * 1:44023 <-> DISABLED <-> FILE-IMAGE Adobe Acrobat Pro malformed TIFF memory corruption attempt (file-image.rules) * 1:47284 <-> DISABLED <-> FILE-OTHER Adobe Reader HTML to PDF conversion getMatchedCSSRules use-after-free attempt (file-other.rules) * 1:47283 <-> DISABLED <-> FILE-OTHER Adobe Reader HTML to PDF conversion getMatchedCSSRules use-after-free attempt (file-other.rules) * 1:47368 <-> DISABLED <-> FILE-IMAGE Adobe Acrobat Pro PSD malformed image data out-of-bounds write attempt (file-image.rules) * 1:47686 <-> DISABLED <-> FILE-PDF Adobe Acrobat Pro U3D IFF out of bounds read attempt (file-pdf.rules) * 1:47439 <-> ENABLED <-> FILE-PDF Adobe Acrobat Reader JBIG parsing out of bounds read attempt (file-pdf.rules) * 1:47685 <-> DISABLED <-> FILE-PDF Adobe Acrobat Pro U3D IFF out of bounds read attempt (file-pdf.rules) * 1:47438 <-> ENABLED <-> FILE-PDF Adobe Acrobat Reader JBIG parsing out of bounds read attempt (file-pdf.rules) * 1:47687 <-> DISABLED <-> FILE-PDF Adobe Acrobat Pro U3D SGI RGB information leak attempt (file-pdf.rules) * 1:46710 <-> ENABLED <-> FILE-OTHER Adobe Professional EMF embedded image heap overflow attempt (file-other.rules) * 1:47887 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Windows JET Database Engine ActiveX clsid access attempt (browser-plugins.rules) * 1:47888 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Windows JET Database Engine ActiveX clsid access attempt (browser-plugins.rules)
This is the complete list of rules modified and added in the Sourcefire VRT Certified rule pack for Snort version 2990.
The format of the file is:
gid:sid <-> Default rule state <-> Message (rule group)
* 1:47931 <-> DISABLED <-> FILE-PDF Adobe Acrobat Reader JavaScript engine heap overflow attempt (file-pdf.rules) * 1:47924 <-> DISABLED <-> FILE-PDF Adobe Reader JavaScript annotation object rotation use-after-free attempt (file-pdf.rules) * 1:47985 <-> ENABLED <-> FILE-OTHER Adobe Acrobat Pro XPS out-of-bounds write attempt (file-other.rules) * 1:47926 <-> ENABLED <-> FILE-OTHER Adobe Acrobat Pro EMF ImageConversion out-of-bounds write attempt (file-other.rules) * 1:47934 <-> ENABLED <-> MALWARE-CNC Win.Trojan.MSDownloader variant outbound connection (malware-cnc.rules) * 1:47935 <-> ENABLED <-> MALWARE-CNC Win.Trojan.MSDownloader variant download (malware-cnc.rules) * 1:47936 <-> ENABLED <-> MALWARE-CNC Win.Trojan.MSDownloader variant download (malware-cnc.rules) * 1:47921 <-> DISABLED <-> FILE-PDF Adobe Acrobat Reader PDF out of bounds read attempt (file-pdf.rules) * 1:47942 <-> ENABLED <-> FILE-IMAGE Adobe Acrobat XPS heap overflow attempt (file-image.rules) * 1:47922 <-> DISABLED <-> FILE-PDF Adobe Acrobat Reader PDF out of bounds read attempt (file-pdf.rules) * 1:47920 <-> DISABLED <-> FILE-PDF Adobe Acrobat Reader PDF out of bounds read attempt (file-pdf.rules) * 1:47938 <-> DISABLED <-> FILE-PDF Adobe Acrobat Reader rendering engine use-after-free attempt (file-pdf.rules) * 1:47932 <-> DISABLED <-> FILE-IMAGE Adobe Acrobat Pro Universal 3D Engine untrusted pointer dereference attempt (file-image.rules) * 1:47939 <-> DISABLED <-> FILE-IMAGE Adobe Acrobat Pro EMF+ GIF parsing out of bounds read attempt (file-image.rules) * 1:47933 <-> DISABLED <-> FILE-IMAGE Adobe Acrobat Pro Universal 3D Engine untrusted pointer dereference attempt (file-image.rules) * 1:47940 <-> DISABLED <-> FILE-IMAGE Adobe Acrobat Pro EMF+ GIF parsing out of bounds read attempt (file-image.rules) * 1:47981 <-> ENABLED <-> FILE-IMAGE Adobe Acrobat Pro EMF out of bounds read attempt (file-image.rules) * 1:47989 <-> DISABLED <-> FILE-OTHER Adobe Acrobat Pro EMF out of bounds write attempt (file-other.rules) * 1:47988 <-> ENABLED <-> FILE-OTHER Adobe Acrobat Pro XPS file out-of-bounds read attempt (file-other.rules) * 1:47941 <-> ENABLED <-> FILE-IMAGE Adobe Acrobat XPS heap overflow attempt (file-image.rules) * 1:47957 <-> DISABLED <-> FILE-OTHER Adobe Acrobat Pro EMF EmfPlusDrawDriverString malformed GlyphCount value integer overflow attempt (file-other.rules) * 1:47927 <-> ENABLED <-> FILE-OTHER Adobe Acrobat Pro EMF ImageConversion out-of-bounds write attempt (file-other.rules) * 1:47971 <-> DISABLED <-> FILE-IMAGE Adobe Acrobat Pro EMF out of bounds read attempt (file-image.rules) * 1:47982 <-> ENABLED <-> FILE-IMAGE Adobe Acrobat Pro EMF out of bounds read attempt (file-image.rules) * 1:47986 <-> ENABLED <-> FILE-OTHER Adobe Acrobat Pro XPS out-of-bounds write attempt (file-other.rules) * 1:47987 <-> ENABLED <-> FILE-OTHER Adobe Acrobat Pro XPS file out-of-bounds read attempt (file-other.rules) * 1:47983 <-> ENABLED <-> FILE-OTHER Adobe Acrobat Pro EMF out-of-bounds read attempt (file-other.rules) * 1:47956 <-> ENABLED <-> FILE-IMAGE Adobe Acrobat Pro malformed TIF tag entry out of bounds read attempt (file-image.rules) * 1:47991 <-> DISABLED <-> FILE-IMAGE Adobe Acrobat Pro EMF engine type confusion attempt (file-image.rules) * 1:47990 <-> DISABLED <-> FILE-OTHER Adobe Acrobat Pro EMF out of bounds write attempt (file-other.rules) * 1:47995 <-> ENABLED <-> FILE-IMAGE Adobe Acrobat Pro EMF pointer out of bounds write attempt (file-image.rules) * 1:47994 <-> ENABLED <-> FILE-OTHER Acrobat Adobe Pro XPS out-of-bounds read attempt (file-other.rules) * 1:47993 <-> ENABLED <-> FILE-OTHER Acrobat Adobe Pro XPS out-of-bounds read attempt (file-other.rules) * 1:47998 <-> ENABLED <-> FILE-IMAGE Adobe Acrobat Pro EMF pointer out of bounds read attempt (file-image.rules) * 1:47997 <-> ENABLED <-> FILE-IMAGE Adobe Acrobat Pro EMF pointer out of bounds read attempt (file-image.rules) * 1:47970 <-> DISABLED <-> FILE-PDF Adobe Acrobat Reader JPEG2000 out of bounds read attempt (file-pdf.rules) * 1:47974 <-> DISABLED <-> FILE-PDF Adobe Acrobat Reader JavaScript engine use after free attempt (file-pdf.rules) * 1:47973 <-> DISABLED <-> FILE-PDF Adobe Acrobat Reader JavaScript engine use after free attempt (file-pdf.rules) * 1:47972 <-> DISABLED <-> FILE-IMAGE Adobe Acrobat Pro EMF out of bounds read attempt (file-image.rules) * 1:47975 <-> ENABLED <-> FILE-OTHER Adobe Acrobat Pro EMF memory corruption attempt (file-other.rules) * 1:47928 <-> DISABLED <-> FILE-PDF Adobe Reader JavaScript endInitiatorMailOperation heap overflow attempt (file-pdf.rules) * 1:47979 <-> ENABLED <-> FILE-IMAGE Adobe Acrobat Pro EMF out of bounds read attempt (file-image.rules) * 1:47955 <-> ENABLED <-> FILE-IMAGE Adobe Acrobat Pro malformed TIF tag entry out of bounds read attempt (file-image.rules) * 1:47962 <-> DISABLED <-> FILE-OTHER Adobe Acrobat Pro EmfPlusDrawBeziers out of bounds write attempt (file-other.rules) * 1:47963 <-> DISABLED <-> FILE-OTHER Adobe Acrobat Pro WebCapture JavaScript manipulation type confusion attempt (file-other.rules) * 1:47964 <-> DISABLED <-> FILE-OTHER Adobe Acrobat Pro WebCapture JavaScript manipulation type confusion attempt (file-other.rules) * 1:47961 <-> DISABLED <-> FILE-OTHER Adobe Acrobat Pro EmfPlusDrawBeziers out of bounds write attempt (file-other.rules) * 1:47959 <-> ENABLED <-> FILE-OTHER Adobe Acrobat Pro EMF file out-of-bounds write attempt (file-other.rules) * 1:47960 <-> ENABLED <-> FILE-OTHER Adobe Acrobat Pro EMF file out-of-bounds write attempt (file-other.rules) * 1:47976 <-> ENABLED <-> FILE-OTHER Adobe Acrobat Pro EMF memory corruption attempt (file-other.rules) * 1:47977 <-> DISABLED <-> FILE-PDF Adobe Acrobat Pro heap overflow attempt (file-pdf.rules) * 1:47969 <-> DISABLED <-> FILE-PDF Adobe Acrobat Reader JPEG2000 out of bounds read attempt (file-pdf.rules) * 1:47953 <-> ENABLED <-> FILE-IMAGE Adobe Acrobat Pro malformed TIF tag entry out of bounds read attempt (file-image.rules) * 1:47968 <-> DISABLED <-> FILE-PDF Adobe Acrobat Reader JPEG2000 out of bounds read attempt (file-pdf.rules) * 1:47965 <-> DISABLED <-> FILE-PDF Adobe Reader getProps Javascript heap overflow attempt (file-pdf.rules) * 1:47966 <-> DISABLED <-> FILE-PDF Adobe Reader getProps Javascript heap overflow attempt (file-pdf.rules) * 1:47951 <-> DISABLED <-> FILE-OTHER Adobe Distiller PostScript conversion heap overflow attempt (file-other.rules) * 1:47958 <-> DISABLED <-> FILE-OTHER Adobe Acrobat Pro EMF EmfPlusDrawDriverString malformed GlyphCount value integer overflow attempt (file-other.rules) * 1:47954 <-> ENABLED <-> FILE-IMAGE Adobe Acrobat Pro malformed TIF tag entry out of bounds read attempt (file-image.rules) * 1:47930 <-> DISABLED <-> FILE-PDF Adobe Acrobat Reader JavaScript engine heap overflow attempt (file-pdf.rules) * 1:47952 <-> DISABLED <-> FILE-OTHER Adobe Distiller PostScript conversion heap overflow attempt (file-other.rules) * 1:47937 <-> DISABLED <-> FILE-PDF Adobe Acrobat Reader rendering engine use-after-free attempt (file-pdf.rules) * 1:47992 <-> DISABLED <-> FILE-IMAGE Adobe Acrobat Pro EMF engine type confusion attempt (file-image.rules) * 1:47996 <-> ENABLED <-> FILE-IMAGE Adobe Acrobat Pro EMF pointer out of bounds write attempt (file-image.rules) * 1:47950 <-> DISABLED <-> FILE-IMAGE Adobe Acrobat Pro EMF out of bounds read attempt (file-image.rules) * 1:47967 <-> DISABLED <-> FILE-PDF Adobe Acrobat Reader JPEG2000 out of bounds read attempt (file-pdf.rules) * 1:47948 <-> DISABLED <-> FILE-PDF Adobe Acrobat Reader JavaScript Engine use after free attempt (file-pdf.rules) * 1:47949 <-> DISABLED <-> FILE-IMAGE Adobe Acrobat Pro EMF out of bounds read attempt (file-image.rules) * 1:47946 <-> DISABLED <-> FILE-PDF Adobe Acrobat Distiller invalid Keywords tag double free attempt (file-pdf.rules) * 1:47947 <-> DISABLED <-> FILE-PDF Adobe Acrobat Reader JavaScript Engine use after free attempt (file-pdf.rules) * 1:47944 <-> DISABLED <-> FILE-IMAGE Adobe Acrobat Distiller PostScript stack overflow attempt (file-image.rules) * 1:47945 <-> DISABLED <-> FILE-PDF Adobe Acrobat Distiller invalid Keywords tag double free attempt (file-pdf.rules) * 1:47943 <-> DISABLED <-> FILE-IMAGE Adobe Acrobat Distiller PostScript stack overflow attempt (file-image.rules) * 1:47929 <-> DISABLED <-> FILE-PDF Adobe Reader JavaScript endInitiatorMailOperation heap overflow attempt (file-pdf.rules) * 1:47925 <-> DISABLED <-> FILE-PDF Adobe Reader JavaScript annotation object rotation use-after-free attempt (file-pdf.rules) * 1:47923 <-> DISABLED <-> FILE-PDF Adobe Acrobat Reader PDF out of bounds read attempt (file-pdf.rules) * 1:47980 <-> ENABLED <-> FILE-IMAGE Adobe Acrobat Pro EMF out of bounds read attempt (file-image.rules) * 1:47978 <-> DISABLED <-> FILE-PDF Adobe Acrobat Pro heap overflow attempt (file-pdf.rules) * 1:47984 <-> ENABLED <-> FILE-OTHER Adobe Acrobat Pro EMF out-of-bounds read attempt (file-other.rules)
* 1:47887 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Windows JET Database Engine ActiveX clsid access attempt (browser-plugins.rules) * 1:47438 <-> ENABLED <-> FILE-PDF Adobe Acrobat Reader JBIG parsing out of bounds read attempt (file-pdf.rules) * 1:44023 <-> DISABLED <-> FILE-IMAGE Adobe Acrobat Pro malformed TIFF memory corruption attempt (file-image.rules) * 1:46710 <-> ENABLED <-> FILE-OTHER Adobe Professional EMF embedded image heap overflow attempt (file-other.rules) * 1:47271 <-> DISABLED <-> FILE-PDF Adobe Reader JavaScript XSL value-of select transformation out-of-bounds write attempt (file-pdf.rules) * 1:47284 <-> DISABLED <-> FILE-OTHER Adobe Reader HTML to PDF conversion getMatchedCSSRules use-after-free attempt (file-other.rules) * 1:47439 <-> ENABLED <-> FILE-PDF Adobe Acrobat Reader JBIG parsing out of bounds read attempt (file-pdf.rules) * 1:47368 <-> DISABLED <-> FILE-IMAGE Adobe Acrobat Pro PSD malformed image data out-of-bounds write attempt (file-image.rules) * 1:44059 <-> DISABLED <-> FILE-IMAGE Adobe Acrobat Pro malformed TIFF memory corruption attempt (file-image.rules) * 1:47886 <-> DISABLED <-> FILE-OTHER Microsoft Windows JET Database Engine out-of-bounds write attempt (file-other.rules) * 1:47686 <-> DISABLED <-> FILE-PDF Adobe Acrobat Pro U3D IFF out of bounds read attempt (file-pdf.rules) * 1:47888 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Windows JET Database Engine ActiveX clsid access attempt (browser-plugins.rules) * 1:47685 <-> DISABLED <-> FILE-PDF Adobe Acrobat Pro U3D IFF out of bounds read attempt (file-pdf.rules) * 1:47270 <-> DISABLED <-> FILE-PDF Adobe Reader JavaScript XSL value-of select transformation out-of-bounds write attempt (file-pdf.rules) * 1:47283 <-> DISABLED <-> FILE-OTHER Adobe Reader HTML to PDF conversion getMatchedCSSRules use-after-free attempt (file-other.rules) * 1:46709 <-> ENABLED <-> FILE-OTHER Adobe Professional EMF embedded image heap overflow attempt (file-other.rules) * 1:44024 <-> DISABLED <-> FILE-IMAGE Adobe Acrobat Pro malformed TIFF memory corruption attempt (file-image.rules) * 1:44060 <-> DISABLED <-> FILE-IMAGE Adobe Acrobat Pro malformed TIFF memory corruption attempt (file-image.rules) * 1:47687 <-> DISABLED <-> FILE-PDF Adobe Acrobat Pro U3D SGI RGB information leak attempt (file-pdf.rules) * 1:47688 <-> DISABLED <-> FILE-PDF Adobe Acrobat Pro U3D SGI RGB information leak attempt (file-pdf.rules) * 1:47885 <-> DISABLED <-> FILE-OTHER Microsoft Windows JET Database Engine out-of-bounds write attempt (file-other.rules) * 1:47367 <-> DISABLED <-> FILE-IMAGE Adobe Acrobat Pro PSD malformed image data out-of-bounds write attempt (file-image.rules)
This is the complete list of rules modified and added in the Sourcefire VRT Certified rule pack for Snort version 3000.
The format of the file is:
gid:sid <-> Default rule state <-> Message (rule group)
* 1:47983 <-> ENABLED <-> FILE-OTHER Adobe Acrobat Pro EMF out-of-bounds read attempt (snort3-file-other.rules) * 1:47982 <-> ENABLED <-> FILE-IMAGE Adobe Acrobat Pro EMF out of bounds read attempt (snort3-file-image.rules) * 1:47984 <-> ENABLED <-> FILE-OTHER Adobe Acrobat Pro EMF out-of-bounds read attempt (snort3-file-other.rules) * 1:47998 <-> ENABLED <-> FILE-IMAGE Adobe Acrobat Pro EMF pointer out of bounds read attempt (snort3-file-image.rules) * 1:47997 <-> ENABLED <-> FILE-IMAGE Adobe Acrobat Pro EMF pointer out of bounds read attempt (snort3-file-image.rules) * 1:47996 <-> ENABLED <-> FILE-IMAGE Adobe Acrobat Pro EMF pointer out of bounds write attempt (snort3-file-image.rules) * 1:47995 <-> ENABLED <-> FILE-IMAGE Adobe Acrobat Pro EMF pointer out of bounds write attempt (snort3-file-image.rules) * 1:47994 <-> ENABLED <-> FILE-OTHER Acrobat Adobe Pro XPS out-of-bounds read attempt (snort3-file-other.rules) * 1:47993 <-> ENABLED <-> FILE-OTHER Acrobat Adobe Pro XPS out-of-bounds read attempt (snort3-file-other.rules) * 1:47992 <-> DISABLED <-> FILE-IMAGE Adobe Acrobat Pro EMF engine type confusion attempt (snort3-file-image.rules) * 1:47991 <-> DISABLED <-> FILE-IMAGE Adobe Acrobat Pro EMF engine type confusion attempt (snort3-file-image.rules) * 1:47990 <-> DISABLED <-> FILE-OTHER Adobe Acrobat Pro EMF out of bounds write attempt (snort3-file-other.rules) * 1:47989 <-> DISABLED <-> FILE-OTHER Adobe Acrobat Pro EMF out of bounds write attempt (snort3-file-other.rules) * 1:47988 <-> ENABLED <-> FILE-OTHER Adobe Acrobat Pro XPS file out-of-bounds read attempt (snort3-file-other.rules) * 1:47987 <-> ENABLED <-> FILE-OTHER Adobe Acrobat Pro XPS file out-of-bounds read attempt (snort3-file-other.rules) * 1:47986 <-> ENABLED <-> FILE-OTHER Adobe Acrobat Pro XPS out-of-bounds write attempt (snort3-file-other.rules) * 1:47985 <-> ENABLED <-> FILE-OTHER Adobe Acrobat Pro XPS out-of-bounds write attempt (snort3-file-other.rules) * 1:47928 <-> DISABLED <-> FILE-PDF Adobe Reader JavaScript endInitiatorMailOperation heap overflow attempt (snort3-file-pdf.rules) * 1:47933 <-> DISABLED <-> FILE-IMAGE Adobe Acrobat Pro Universal 3D Engine untrusted pointer dereference attempt (snort3-file-image.rules) * 1:47931 <-> DISABLED <-> FILE-PDF Adobe Acrobat Reader JavaScript engine heap overflow attempt (snort3-file-pdf.rules) * 1:47932 <-> DISABLED <-> FILE-IMAGE Adobe Acrobat Pro Universal 3D Engine untrusted pointer dereference attempt (snort3-file-image.rules) * 1:47934 <-> ENABLED <-> MALWARE-CNC Win.Trojan.MSDownloader variant outbound connection (snort3-malware-cnc.rules) * 1:47935 <-> ENABLED <-> MALWARE-CNC Win.Trojan.MSDownloader variant download (snort3-malware-cnc.rules) * 1:47948 <-> DISABLED <-> FILE-PDF Adobe Acrobat Reader JavaScript Engine use after free attempt (snort3-file-pdf.rules) * 1:47942 <-> ENABLED <-> FILE-IMAGE Adobe Acrobat XPS heap overflow attempt (snort3-file-image.rules) * 1:47950 <-> DISABLED <-> FILE-IMAGE Adobe Acrobat Pro EMF out of bounds read attempt (snort3-file-image.rules) * 1:47949 <-> DISABLED <-> FILE-IMAGE Adobe Acrobat Pro EMF out of bounds read attempt (snort3-file-image.rules) * 1:47952 <-> DISABLED <-> FILE-OTHER Adobe Distiller PostScript conversion heap overflow attempt (snort3-file-other.rules) * 1:47945 <-> DISABLED <-> FILE-PDF Adobe Acrobat Distiller invalid Keywords tag double free attempt (snort3-file-pdf.rules) * 1:47946 <-> DISABLED <-> FILE-PDF Adobe Acrobat Distiller invalid Keywords tag double free attempt (snort3-file-pdf.rules) * 1:47943 <-> DISABLED <-> FILE-IMAGE Adobe Acrobat Distiller PostScript stack overflow attempt (snort3-file-image.rules) * 1:47944 <-> DISABLED <-> FILE-IMAGE Adobe Acrobat Distiller PostScript stack overflow attempt (snort3-file-image.rules) * 1:47978 <-> DISABLED <-> FILE-PDF Adobe Acrobat Pro heap overflow attempt (snort3-file-pdf.rules) * 1:47979 <-> ENABLED <-> FILE-IMAGE Adobe Acrobat Pro EMF out of bounds read attempt (snort3-file-image.rules) * 1:47976 <-> ENABLED <-> FILE-OTHER Adobe Acrobat Pro EMF memory corruption attempt (snort3-file-other.rules) * 1:47977 <-> DISABLED <-> FILE-PDF Adobe Acrobat Pro heap overflow attempt (snort3-file-pdf.rules) * 1:47974 <-> DISABLED <-> FILE-PDF Adobe Acrobat Reader JavaScript engine use after free attempt (snort3-file-pdf.rules) * 1:47975 <-> ENABLED <-> FILE-OTHER Adobe Acrobat Pro EMF memory corruption attempt (snort3-file-other.rules) * 1:47972 <-> DISABLED <-> FILE-IMAGE Adobe Acrobat Pro EMF out of bounds read attempt (snort3-file-image.rules) * 1:47973 <-> DISABLED <-> FILE-PDF Adobe Acrobat Reader JavaScript engine use after free attempt (snort3-file-pdf.rules) * 1:47970 <-> DISABLED <-> FILE-PDF Adobe Acrobat Reader JPEG2000 out of bounds read attempt (snort3-file-pdf.rules) * 1:47971 <-> DISABLED <-> FILE-IMAGE Adobe Acrobat Pro EMF out of bounds read attempt (snort3-file-image.rules) * 1:47968 <-> DISABLED <-> FILE-PDF Adobe Acrobat Reader JPEG2000 out of bounds read attempt (snort3-file-pdf.rules) * 1:47957 <-> DISABLED <-> FILE-OTHER Adobe Acrobat Pro EMF EmfPlusDrawDriverString malformed GlyphCount value integer overflow attempt (snort3-file-other.rules) * 1:47937 <-> DISABLED <-> FILE-PDF Adobe Acrobat Reader rendering engine use-after-free attempt (snort3-file-pdf.rules) * 1:47951 <-> DISABLED <-> FILE-OTHER Adobe Distiller PostScript conversion heap overflow attempt (snort3-file-other.rules) * 1:47922 <-> DISABLED <-> FILE-PDF Adobe Acrobat Reader PDF out of bounds read attempt (snort3-file-pdf.rules) * 1:47930 <-> DISABLED <-> FILE-PDF Adobe Acrobat Reader JavaScript engine heap overflow attempt (snort3-file-pdf.rules) * 1:47938 <-> DISABLED <-> FILE-PDF Adobe Acrobat Reader rendering engine use-after-free attempt (snort3-file-pdf.rules) * 1:47936 <-> ENABLED <-> MALWARE-CNC Win.Trojan.MSDownloader variant download (snort3-malware-cnc.rules) * 1:47958 <-> DISABLED <-> FILE-OTHER Adobe Acrobat Pro EMF EmfPlusDrawDriverString malformed GlyphCount value integer overflow attempt (snort3-file-other.rules) * 1:47966 <-> DISABLED <-> FILE-PDF Adobe Reader getProps Javascript heap overflow attempt (snort3-file-pdf.rules) * 1:47967 <-> DISABLED <-> FILE-PDF Adobe Acrobat Reader JPEG2000 out of bounds read attempt (snort3-file-pdf.rules) * 1:47965 <-> DISABLED <-> FILE-PDF Adobe Reader getProps Javascript heap overflow attempt (snort3-file-pdf.rules) * 1:47939 <-> DISABLED <-> FILE-IMAGE Adobe Acrobat Pro EMF+ GIF parsing out of bounds read attempt (snort3-file-image.rules) * 1:47940 <-> DISABLED <-> FILE-IMAGE Adobe Acrobat Pro EMF+ GIF parsing out of bounds read attempt (snort3-file-image.rules) * 1:47923 <-> DISABLED <-> FILE-PDF Adobe Acrobat Reader PDF out of bounds read attempt (snort3-file-pdf.rules) * 1:47924 <-> DISABLED <-> FILE-PDF Adobe Reader JavaScript annotation object rotation use-after-free attempt (snort3-file-pdf.rules) * 1:47925 <-> DISABLED <-> FILE-PDF Adobe Reader JavaScript annotation object rotation use-after-free attempt (snort3-file-pdf.rules) * 1:47941 <-> ENABLED <-> FILE-IMAGE Adobe Acrobat XPS heap overflow attempt (snort3-file-image.rules) * 1:47927 <-> ENABLED <-> FILE-OTHER Adobe Acrobat Pro EMF ImageConversion out-of-bounds write attempt (snort3-file-other.rules) * 1:47929 <-> DISABLED <-> FILE-PDF Adobe Reader JavaScript endInitiatorMailOperation heap overflow attempt (snort3-file-pdf.rules) * 1:47954 <-> ENABLED <-> FILE-IMAGE Adobe Acrobat Pro malformed TIF tag entry out of bounds read attempt (snort3-file-image.rules) * 1:47955 <-> ENABLED <-> FILE-IMAGE Adobe Acrobat Pro malformed TIF tag entry out of bounds read attempt (snort3-file-image.rules) * 1:47956 <-> ENABLED <-> FILE-IMAGE Adobe Acrobat Pro malformed TIF tag entry out of bounds read attempt (snort3-file-image.rules) * 1:47969 <-> DISABLED <-> FILE-PDF Adobe Acrobat Reader JPEG2000 out of bounds read attempt (snort3-file-pdf.rules) * 1:47953 <-> ENABLED <-> FILE-IMAGE Adobe Acrobat Pro malformed TIF tag entry out of bounds read attempt (snort3-file-image.rules) * 1:47947 <-> DISABLED <-> FILE-PDF Adobe Acrobat Reader JavaScript Engine use after free attempt (snort3-file-pdf.rules) * 1:47963 <-> DISABLED <-> FILE-OTHER Adobe Acrobat Pro WebCapture JavaScript manipulation type confusion attempt (snort3-file-other.rules) * 1:47964 <-> DISABLED <-> FILE-OTHER Adobe Acrobat Pro WebCapture JavaScript manipulation type confusion attempt (snort3-file-other.rules) * 1:47959 <-> ENABLED <-> FILE-OTHER Adobe Acrobat Pro EMF file out-of-bounds write attempt (snort3-file-other.rules) * 1:47962 <-> DISABLED <-> FILE-OTHER Adobe Acrobat Pro EmfPlusDrawBeziers out of bounds write attempt (snort3-file-other.rules) * 1:47961 <-> DISABLED <-> FILE-OTHER Adobe Acrobat Pro EmfPlusDrawBeziers out of bounds write attempt (snort3-file-other.rules) * 1:47960 <-> ENABLED <-> FILE-OTHER Adobe Acrobat Pro EMF file out-of-bounds write attempt (snort3-file-other.rules) * 1:47920 <-> DISABLED <-> FILE-PDF Adobe Acrobat Reader PDF out of bounds read attempt (snort3-file-pdf.rules) * 1:47921 <-> DISABLED <-> FILE-PDF Adobe Acrobat Reader PDF out of bounds read attempt (snort3-file-pdf.rules) * 1:47980 <-> ENABLED <-> FILE-IMAGE Adobe Acrobat Pro EMF out of bounds read attempt (snort3-file-image.rules) * 1:47926 <-> ENABLED <-> FILE-OTHER Adobe Acrobat Pro EMF ImageConversion out-of-bounds write attempt (snort3-file-other.rules) * 1:47981 <-> ENABLED <-> FILE-IMAGE Adobe Acrobat Pro EMF out of bounds read attempt (snort3-file-image.rules)
* 1:47887 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Windows JET Database Engine ActiveX clsid access attempt (snort3-browser-plugins.rules) * 1:47888 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Windows JET Database Engine ActiveX clsid access attempt (snort3-browser-plugins.rules) * 1:47886 <-> DISABLED <-> FILE-OTHER Microsoft Windows JET Database Engine out-of-bounds write attempt (snort3-file-other.rules) * 1:47687 <-> DISABLED <-> FILE-PDF Adobe Acrobat Pro U3D SGI RGB information leak attempt (snort3-file-pdf.rules) * 1:47688 <-> DISABLED <-> FILE-PDF Adobe Acrobat Pro U3D SGI RGB information leak attempt (snort3-file-pdf.rules) * 1:47885 <-> DISABLED <-> FILE-OTHER Microsoft Windows JET Database Engine out-of-bounds write attempt (snort3-file-other.rules) * 1:47686 <-> DISABLED <-> FILE-PDF Adobe Acrobat Pro U3D IFF out of bounds read attempt (snort3-file-pdf.rules) * 1:47438 <-> ENABLED <-> FILE-PDF Adobe Acrobat Reader JBIG parsing out of bounds read attempt (snort3-file-pdf.rules) * 1:47439 <-> ENABLED <-> FILE-PDF Adobe Acrobat Reader JBIG parsing out of bounds read attempt (snort3-file-pdf.rules) * 1:47685 <-> DISABLED <-> FILE-PDF Adobe Acrobat Pro U3D IFF out of bounds read attempt (snort3-file-pdf.rules) * 1:47368 <-> DISABLED <-> FILE-IMAGE Adobe Acrobat Pro PSD malformed image data out-of-bounds write attempt (snort3-file-image.rules) * 1:47283 <-> DISABLED <-> FILE-OTHER Adobe Reader HTML to PDF conversion getMatchedCSSRules use-after-free attempt (snort3-file-other.rules) * 1:47284 <-> DISABLED <-> FILE-OTHER Adobe Reader HTML to PDF conversion getMatchedCSSRules use-after-free attempt (snort3-file-other.rules) * 1:47367 <-> DISABLED <-> FILE-IMAGE Adobe Acrobat Pro PSD malformed image data out-of-bounds write attempt (snort3-file-image.rules) * 1:47271 <-> DISABLED <-> FILE-PDF Adobe Reader JavaScript XSL value-of select transformation out-of-bounds write attempt (snort3-file-pdf.rules) * 1:46709 <-> ENABLED <-> FILE-OTHER Adobe Professional EMF embedded image heap overflow attempt (snort3-file-other.rules) * 1:46710 <-> ENABLED <-> FILE-OTHER Adobe Professional EMF embedded image heap overflow attempt (snort3-file-other.rules) * 1:47270 <-> DISABLED <-> FILE-PDF Adobe Reader JavaScript XSL value-of select transformation out-of-bounds write attempt (snort3-file-pdf.rules) * 1:44060 <-> DISABLED <-> FILE-IMAGE Adobe Acrobat Pro malformed TIFF memory corruption attempt (snort3-file-image.rules) * 1:44023 <-> DISABLED <-> FILE-IMAGE Adobe Acrobat Pro malformed TIFF memory corruption attempt (snort3-file-image.rules) * 1:44024 <-> DISABLED <-> FILE-IMAGE Adobe Acrobat Pro malformed TIFF memory corruption attempt (snort3-file-image.rules) * 1:44059 <-> DISABLED <-> FILE-IMAGE Adobe Acrobat Pro malformed TIFF memory corruption attempt (snort3-file-image.rules)
This is the complete list of rules modified and added in the Sourcefire VRT Certified rule pack for Snort version 2091100.
The format of the file is:
gid:sid <-> Default rule state <-> Message (rule group)
* 1:47981 <-> ENABLED <-> FILE-IMAGE Adobe Acrobat Pro EMF out of bounds read attempt (file-image.rules) * 1:47931 <-> DISABLED <-> FILE-PDF Adobe Acrobat Reader JavaScript engine heap overflow attempt (file-pdf.rules) * 1:47932 <-> DISABLED <-> FILE-IMAGE Adobe Acrobat Pro Universal 3D Engine untrusted pointer dereference attempt (file-image.rules) * 1:47933 <-> DISABLED <-> FILE-IMAGE Adobe Acrobat Pro Universal 3D Engine untrusted pointer dereference attempt (file-image.rules) * 1:47934 <-> ENABLED <-> MALWARE-CNC Win.Trojan.MSDownloader variant outbound connection (malware-cnc.rules) * 1:47935 <-> ENABLED <-> MALWARE-CNC Win.Trojan.MSDownloader variant download (malware-cnc.rules) * 1:47920 <-> DISABLED <-> FILE-PDF Adobe Acrobat Reader PDF out of bounds read attempt (file-pdf.rules) * 1:47926 <-> ENABLED <-> FILE-OTHER Adobe Acrobat Pro EMF ImageConversion out-of-bounds write attempt (file-other.rules) * 1:47921 <-> DISABLED <-> FILE-PDF Adobe Acrobat Reader PDF out of bounds read attempt (file-pdf.rules) * 1:47959 <-> ENABLED <-> FILE-OTHER Adobe Acrobat Pro EMF file out-of-bounds write attempt (file-other.rules) * 1:47980 <-> ENABLED <-> FILE-IMAGE Adobe Acrobat Pro EMF out of bounds read attempt (file-image.rules) * 1:47923 <-> DISABLED <-> FILE-PDF Adobe Acrobat Reader PDF out of bounds read attempt (file-pdf.rules) * 1:47960 <-> ENABLED <-> FILE-OTHER Adobe Acrobat Pro EMF file out-of-bounds write attempt (file-other.rules) * 1:47961 <-> DISABLED <-> FILE-OTHER Adobe Acrobat Pro EmfPlusDrawBeziers out of bounds write attempt (file-other.rules) * 1:47962 <-> DISABLED <-> FILE-OTHER Adobe Acrobat Pro EmfPlusDrawBeziers out of bounds write attempt (file-other.rules) * 1:47963 <-> DISABLED <-> FILE-OTHER Adobe Acrobat Pro WebCapture JavaScript manipulation type confusion attempt (file-other.rules) * 1:47922 <-> DISABLED <-> FILE-PDF Adobe Acrobat Reader PDF out of bounds read attempt (file-pdf.rules) * 1:47988 <-> ENABLED <-> FILE-OTHER Adobe Acrobat Pro XPS file out-of-bounds read attempt (file-other.rules) * 1:47987 <-> ENABLED <-> FILE-OTHER Adobe Acrobat Pro XPS file out-of-bounds read attempt (file-other.rules) * 1:47986 <-> ENABLED <-> FILE-OTHER Adobe Acrobat Pro XPS out-of-bounds write attempt (file-other.rules) * 1:47985 <-> ENABLED <-> FILE-OTHER Adobe Acrobat Pro XPS out-of-bounds write attempt (file-other.rules) * 1:47927 <-> ENABLED <-> FILE-OTHER Adobe Acrobat Pro EMF ImageConversion out-of-bounds write attempt (file-other.rules) * 1:47984 <-> ENABLED <-> FILE-OTHER Adobe Acrobat Pro EMF out-of-bounds read attempt (file-other.rules) * 1:47982 <-> ENABLED <-> FILE-IMAGE Adobe Acrobat Pro EMF out of bounds read attempt (file-image.rules) * 1:47983 <-> ENABLED <-> FILE-OTHER Adobe Acrobat Pro EMF out-of-bounds read attempt (file-other.rules) * 1:47991 <-> DISABLED <-> FILE-IMAGE Adobe Acrobat Pro EMF engine type confusion attempt (file-image.rules) * 1:47989 <-> DISABLED <-> FILE-OTHER Adobe Acrobat Pro EMF out of bounds write attempt (file-other.rules) * 1:47990 <-> DISABLED <-> FILE-OTHER Adobe Acrobat Pro EMF out of bounds write attempt (file-other.rules) * 1:47996 <-> ENABLED <-> FILE-IMAGE Adobe Acrobat Pro EMF pointer out of bounds write attempt (file-image.rules) * 1:47995 <-> ENABLED <-> FILE-IMAGE Adobe Acrobat Pro EMF pointer out of bounds write attempt (file-image.rules) * 1:47994 <-> ENABLED <-> FILE-OTHER Acrobat Adobe Pro XPS out-of-bounds read attempt (file-other.rules) * 1:47993 <-> ENABLED <-> FILE-OTHER Acrobat Adobe Pro XPS out-of-bounds read attempt (file-other.rules) * 1:47992 <-> DISABLED <-> FILE-IMAGE Adobe Acrobat Pro EMF engine type confusion attempt (file-image.rules) * 1:47998 <-> ENABLED <-> FILE-IMAGE Adobe Acrobat Pro EMF pointer out of bounds read attempt (file-image.rules) * 1:47997 <-> ENABLED <-> FILE-IMAGE Adobe Acrobat Pro EMF pointer out of bounds read attempt (file-image.rules) * 1:47946 <-> DISABLED <-> FILE-PDF Adobe Acrobat Distiller invalid Keywords tag double free attempt (file-pdf.rules) * 1:47947 <-> DISABLED <-> FILE-PDF Adobe Acrobat Reader JavaScript Engine use after free attempt (file-pdf.rules) * 1:47944 <-> DISABLED <-> FILE-IMAGE Adobe Acrobat Distiller PostScript stack overflow attempt (file-image.rules) * 1:47945 <-> DISABLED <-> FILE-PDF Adobe Acrobat Distiller invalid Keywords tag double free attempt (file-pdf.rules) * 1:47930 <-> DISABLED <-> FILE-PDF Adobe Acrobat Reader JavaScript engine heap overflow attempt (file-pdf.rules) * 1:47943 <-> DISABLED <-> FILE-IMAGE Adobe Acrobat Distiller PostScript stack overflow attempt (file-image.rules) * 1:47929 <-> DISABLED <-> FILE-PDF Adobe Reader JavaScript endInitiatorMailOperation heap overflow attempt (file-pdf.rules) * 1:47928 <-> DISABLED <-> FILE-PDF Adobe Reader JavaScript endInitiatorMailOperation heap overflow attempt (file-pdf.rules) * 1:47925 <-> DISABLED <-> FILE-PDF Adobe Reader JavaScript annotation object rotation use-after-free attempt (file-pdf.rules) * 1:47942 <-> ENABLED <-> FILE-IMAGE Adobe Acrobat XPS heap overflow attempt (file-image.rules) * 1:47941 <-> ENABLED <-> FILE-IMAGE Adobe Acrobat XPS heap overflow attempt (file-image.rules) * 1:47940 <-> DISABLED <-> FILE-IMAGE Adobe Acrobat Pro EMF+ GIF parsing out of bounds read attempt (file-image.rules) * 1:47939 <-> DISABLED <-> FILE-IMAGE Adobe Acrobat Pro EMF+ GIF parsing out of bounds read attempt (file-image.rules) * 1:47938 <-> DISABLED <-> FILE-PDF Adobe Acrobat Reader rendering engine use-after-free attempt (file-pdf.rules) * 1:47936 <-> ENABLED <-> MALWARE-CNC Win.Trojan.MSDownloader variant download (malware-cnc.rules) * 1:47964 <-> DISABLED <-> FILE-OTHER Adobe Acrobat Pro WebCapture JavaScript manipulation type confusion attempt (file-other.rules) * 1:47979 <-> ENABLED <-> FILE-IMAGE Adobe Acrobat Pro EMF out of bounds read attempt (file-image.rules) * 1:47977 <-> DISABLED <-> FILE-PDF Adobe Acrobat Pro heap overflow attempt (file-pdf.rules) * 1:47978 <-> DISABLED <-> FILE-PDF Adobe Acrobat Pro heap overflow attempt (file-pdf.rules) * 1:47975 <-> ENABLED <-> FILE-OTHER Adobe Acrobat Pro EMF memory corruption attempt (file-other.rules) * 1:47976 <-> ENABLED <-> FILE-OTHER Adobe Acrobat Pro EMF memory corruption attempt (file-other.rules) * 1:47973 <-> DISABLED <-> FILE-PDF Adobe Acrobat Reader JavaScript engine use after free attempt (file-pdf.rules) * 1:47974 <-> DISABLED <-> FILE-PDF Adobe Acrobat Reader JavaScript engine use after free attempt (file-pdf.rules) * 1:47971 <-> DISABLED <-> FILE-IMAGE Adobe Acrobat Pro EMF out of bounds read attempt (file-image.rules) * 1:47972 <-> DISABLED <-> FILE-IMAGE Adobe Acrobat Pro EMF out of bounds read attempt (file-image.rules) * 1:47969 <-> DISABLED <-> FILE-PDF Adobe Acrobat Reader JPEG2000 out of bounds read attempt (file-pdf.rules) * 1:47970 <-> DISABLED <-> FILE-PDF Adobe Acrobat Reader JPEG2000 out of bounds read attempt (file-pdf.rules) * 1:47967 <-> DISABLED <-> FILE-PDF Adobe Acrobat Reader JPEG2000 out of bounds read attempt (file-pdf.rules) * 1:47968 <-> DISABLED <-> FILE-PDF Adobe Acrobat Reader JPEG2000 out of bounds read attempt (file-pdf.rules) * 1:47965 <-> DISABLED <-> FILE-PDF Adobe Reader getProps Javascript heap overflow attempt (file-pdf.rules) * 1:47966 <-> DISABLED <-> FILE-PDF Adobe Reader getProps Javascript heap overflow attempt (file-pdf.rules) * 1:47958 <-> DISABLED <-> FILE-OTHER Adobe Acrobat Pro EMF EmfPlusDrawDriverString malformed GlyphCount value integer overflow attempt (file-other.rules) * 1:47937 <-> DISABLED <-> FILE-PDF Adobe Acrobat Reader rendering engine use-after-free attempt (file-pdf.rules) * 1:47956 <-> ENABLED <-> FILE-IMAGE Adobe Acrobat Pro malformed TIF tag entry out of bounds read attempt (file-image.rules) * 1:47957 <-> DISABLED <-> FILE-OTHER Adobe Acrobat Pro EMF EmfPlusDrawDriverString malformed GlyphCount value integer overflow attempt (file-other.rules) * 1:47954 <-> ENABLED <-> FILE-IMAGE Adobe Acrobat Pro malformed TIF tag entry out of bounds read attempt (file-image.rules) * 1:47955 <-> ENABLED <-> FILE-IMAGE Adobe Acrobat Pro malformed TIF tag entry out of bounds read attempt (file-image.rules) * 1:47952 <-> DISABLED <-> FILE-OTHER Adobe Distiller PostScript conversion heap overflow attempt (file-other.rules) * 1:47953 <-> ENABLED <-> FILE-IMAGE Adobe Acrobat Pro malformed TIF tag entry out of bounds read attempt (file-image.rules) * 1:47950 <-> DISABLED <-> FILE-IMAGE Adobe Acrobat Pro EMF out of bounds read attempt (file-image.rules) * 1:47951 <-> DISABLED <-> FILE-OTHER Adobe Distiller PostScript conversion heap overflow attempt (file-other.rules) * 1:47948 <-> DISABLED <-> FILE-PDF Adobe Acrobat Reader JavaScript Engine use after free attempt (file-pdf.rules) * 1:47949 <-> DISABLED <-> FILE-IMAGE Adobe Acrobat Pro EMF out of bounds read attempt (file-image.rules) * 1:47924 <-> DISABLED <-> FILE-PDF Adobe Reader JavaScript annotation object rotation use-after-free attempt (file-pdf.rules)
* 1:44059 <-> DISABLED <-> FILE-IMAGE Adobe Acrobat Pro malformed TIFF memory corruption attempt (file-image.rules) * 1:44024 <-> DISABLED <-> FILE-IMAGE Adobe Acrobat Pro malformed TIFF memory corruption attempt (file-image.rules) * 1:44023 <-> DISABLED <-> FILE-IMAGE Adobe Acrobat Pro malformed TIFF memory corruption attempt (file-image.rules) * 1:47888 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Windows JET Database Engine ActiveX clsid access attempt (browser-plugins.rules) * 1:47886 <-> DISABLED <-> FILE-OTHER Microsoft Windows JET Database Engine out-of-bounds write attempt (file-other.rules) * 1:47887 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Windows JET Database Engine ActiveX clsid access attempt (browser-plugins.rules) * 1:47688 <-> DISABLED <-> FILE-PDF Adobe Acrobat Pro U3D SGI RGB information leak attempt (file-pdf.rules) * 1:47885 <-> DISABLED <-> FILE-OTHER Microsoft Windows JET Database Engine out-of-bounds write attempt (file-other.rules) * 1:47686 <-> DISABLED <-> FILE-PDF Adobe Acrobat Pro U3D IFF out of bounds read attempt (file-pdf.rules) * 1:47687 <-> DISABLED <-> FILE-PDF Adobe Acrobat Pro U3D SGI RGB information leak attempt (file-pdf.rules) * 1:47439 <-> ENABLED <-> FILE-PDF Adobe Acrobat Reader JBIG parsing out of bounds read attempt (file-pdf.rules) * 1:47685 <-> DISABLED <-> FILE-PDF Adobe Acrobat Pro U3D IFF out of bounds read attempt (file-pdf.rules) * 1:47368 <-> DISABLED <-> FILE-IMAGE Adobe Acrobat Pro PSD malformed image data out-of-bounds write attempt (file-image.rules) * 1:47438 <-> ENABLED <-> FILE-PDF Adobe Acrobat Reader JBIG parsing out of bounds read attempt (file-pdf.rules) * 1:47284 <-> DISABLED <-> FILE-OTHER Adobe Reader HTML to PDF conversion getMatchedCSSRules use-after-free attempt (file-other.rules) * 1:47367 <-> DISABLED <-> FILE-IMAGE Adobe Acrobat Pro PSD malformed image data out-of-bounds write attempt (file-image.rules) * 1:47271 <-> DISABLED <-> FILE-PDF Adobe Reader JavaScript XSL value-of select transformation out-of-bounds write attempt (file-pdf.rules) * 1:47283 <-> DISABLED <-> FILE-OTHER Adobe Reader HTML to PDF conversion getMatchedCSSRules use-after-free attempt (file-other.rules) * 1:46710 <-> ENABLED <-> FILE-OTHER Adobe Professional EMF embedded image heap overflow attempt (file-other.rules) * 1:47270 <-> DISABLED <-> FILE-PDF Adobe Reader JavaScript XSL value-of select transformation out-of-bounds write attempt (file-pdf.rules) * 1:44060 <-> DISABLED <-> FILE-IMAGE Adobe Acrobat Pro malformed TIFF memory corruption attempt (file-image.rules) * 1:46709 <-> ENABLED <-> FILE-OTHER Adobe Professional EMF embedded image heap overflow attempt (file-other.rules)
This is the complete list of rules modified and added in the Sourcefire VRT Certified rule pack for Snort version 2091101.
The format of the file is:
gid:sid <-> Default rule state <-> Message (rule group)
* 1:47920 <-> DISABLED <-> FILE-PDF Adobe Acrobat Reader PDF out of bounds read attempt (file-pdf.rules) * 1:47923 <-> DISABLED <-> FILE-PDF Adobe Acrobat Reader PDF out of bounds read attempt (file-pdf.rules) * 1:47922 <-> DISABLED <-> FILE-PDF Adobe Acrobat Reader PDF out of bounds read attempt (file-pdf.rules) * 1:47921 <-> DISABLED <-> FILE-PDF Adobe Acrobat Reader PDF out of bounds read attempt (file-pdf.rules) * 1:47926 <-> ENABLED <-> FILE-OTHER Adobe Acrobat Pro EMF ImageConversion out-of-bounds write attempt (file-other.rules) * 1:47925 <-> DISABLED <-> FILE-PDF Adobe Reader JavaScript annotation object rotation use-after-free attempt (file-pdf.rules) * 1:47924 <-> DISABLED <-> FILE-PDF Adobe Reader JavaScript annotation object rotation use-after-free attempt (file-pdf.rules) * 1:47928 <-> DISABLED <-> FILE-PDF Adobe Reader JavaScript endInitiatorMailOperation heap overflow attempt (file-pdf.rules) * 1:47927 <-> ENABLED <-> FILE-OTHER Adobe Acrobat Pro EMF ImageConversion out-of-bounds write attempt (file-other.rules) * 1:47931 <-> DISABLED <-> FILE-PDF Adobe Acrobat Reader JavaScript engine heap overflow attempt (file-pdf.rules) * 1:47930 <-> DISABLED <-> FILE-PDF Adobe Acrobat Reader JavaScript engine heap overflow attempt (file-pdf.rules) * 1:47929 <-> DISABLED <-> FILE-PDF Adobe Reader JavaScript endInitiatorMailOperation heap overflow attempt (file-pdf.rules) * 1:47933 <-> DISABLED <-> FILE-IMAGE Adobe Acrobat Pro Universal 3D Engine untrusted pointer dereference attempt (file-image.rules) * 1:47932 <-> DISABLED <-> FILE-IMAGE Adobe Acrobat Pro Universal 3D Engine untrusted pointer dereference attempt (file-image.rules) * 1:47934 <-> ENABLED <-> MALWARE-CNC Win.Trojan.MSDownloader variant outbound connection (malware-cnc.rules) * 1:47955 <-> ENABLED <-> FILE-IMAGE Adobe Acrobat Pro malformed TIF tag entry out of bounds read attempt (file-image.rules) * 1:47954 <-> ENABLED <-> FILE-IMAGE Adobe Acrobat Pro malformed TIF tag entry out of bounds read attempt (file-image.rules) * 1:47953 <-> ENABLED <-> FILE-IMAGE Adobe Acrobat Pro malformed TIF tag entry out of bounds read attempt (file-image.rules) * 1:47952 <-> DISABLED <-> FILE-OTHER Adobe Distiller PostScript conversion heap overflow attempt (file-other.rules) * 1:47951 <-> DISABLED <-> FILE-OTHER Adobe Distiller PostScript conversion heap overflow attempt (file-other.rules) * 1:47950 <-> DISABLED <-> FILE-IMAGE Adobe Acrobat Pro EMF out of bounds read attempt (file-image.rules) * 1:47949 <-> DISABLED <-> FILE-IMAGE Adobe Acrobat Pro EMF out of bounds read attempt (file-image.rules) * 1:47948 <-> DISABLED <-> FILE-PDF Adobe Acrobat Reader JavaScript Engine use after free attempt (file-pdf.rules) * 1:47947 <-> DISABLED <-> FILE-PDF Adobe Acrobat Reader JavaScript Engine use after free attempt (file-pdf.rules) * 1:47946 <-> DISABLED <-> FILE-PDF Adobe Acrobat Distiller invalid Keywords tag double free attempt (file-pdf.rules) * 1:47945 <-> DISABLED <-> FILE-PDF Adobe Acrobat Distiller invalid Keywords tag double free attempt (file-pdf.rules) * 1:47944 <-> DISABLED <-> FILE-IMAGE Adobe Acrobat Distiller PostScript stack overflow attempt (file-image.rules) * 1:47943 <-> DISABLED <-> FILE-IMAGE Adobe Acrobat Distiller PostScript stack overflow attempt (file-image.rules) * 1:47942 <-> ENABLED <-> FILE-IMAGE Adobe Acrobat XPS heap overflow attempt (file-image.rules) * 1:47941 <-> ENABLED <-> FILE-IMAGE Adobe Acrobat XPS heap overflow attempt (file-image.rules) * 1:47940 <-> DISABLED <-> FILE-IMAGE Adobe Acrobat Pro EMF+ GIF parsing out of bounds read attempt (file-image.rules) * 1:47939 <-> DISABLED <-> FILE-IMAGE Adobe Acrobat Pro EMF+ GIF parsing out of bounds read attempt (file-image.rules) * 1:47938 <-> DISABLED <-> FILE-PDF Adobe Acrobat Reader rendering engine use-after-free attempt (file-pdf.rules) * 1:47937 <-> DISABLED <-> FILE-PDF Adobe Acrobat Reader rendering engine use-after-free attempt (file-pdf.rules) * 1:47936 <-> ENABLED <-> MALWARE-CNC Win.Trojan.MSDownloader variant download (malware-cnc.rules) * 1:47935 <-> ENABLED <-> MALWARE-CNC Win.Trojan.MSDownloader variant download (malware-cnc.rules) * 1:47971 <-> DISABLED <-> FILE-IMAGE Adobe Acrobat Pro EMF out of bounds read attempt (file-image.rules) * 1:47970 <-> DISABLED <-> FILE-PDF Adobe Acrobat Reader JPEG2000 out of bounds read attempt (file-pdf.rules) * 1:47969 <-> DISABLED <-> FILE-PDF Adobe Acrobat Reader JPEG2000 out of bounds read attempt (file-pdf.rules) * 1:47968 <-> DISABLED <-> FILE-PDF Adobe Acrobat Reader JPEG2000 out of bounds read attempt (file-pdf.rules) * 1:47967 <-> DISABLED <-> FILE-PDF Adobe Acrobat Reader JPEG2000 out of bounds read attempt (file-pdf.rules) * 1:47966 <-> DISABLED <-> FILE-PDF Adobe Reader getProps Javascript heap overflow attempt (file-pdf.rules) * 1:47965 <-> DISABLED <-> FILE-PDF Adobe Reader getProps Javascript heap overflow attempt (file-pdf.rules) * 1:47964 <-> DISABLED <-> FILE-OTHER Adobe Acrobat Pro WebCapture JavaScript manipulation type confusion attempt (file-other.rules) * 1:47963 <-> DISABLED <-> FILE-OTHER Adobe Acrobat Pro WebCapture JavaScript manipulation type confusion attempt (file-other.rules) * 1:47962 <-> DISABLED <-> FILE-OTHER Adobe Acrobat Pro EmfPlusDrawBeziers out of bounds write attempt (file-other.rules) * 1:47961 <-> DISABLED <-> FILE-OTHER Adobe Acrobat Pro EmfPlusDrawBeziers out of bounds write attempt (file-other.rules) * 1:47960 <-> ENABLED <-> FILE-OTHER Adobe Acrobat Pro EMF file out-of-bounds write attempt (file-other.rules) * 1:47959 <-> ENABLED <-> FILE-OTHER Adobe Acrobat Pro EMF file out-of-bounds write attempt (file-other.rules) * 1:47958 <-> DISABLED <-> FILE-OTHER Adobe Acrobat Pro EMF EmfPlusDrawDriverString malformed GlyphCount value integer overflow attempt (file-other.rules) * 1:47957 <-> DISABLED <-> FILE-OTHER Adobe Acrobat Pro EMF EmfPlusDrawDriverString malformed GlyphCount value integer overflow attempt (file-other.rules) * 1:47956 <-> ENABLED <-> FILE-IMAGE Adobe Acrobat Pro malformed TIF tag entry out of bounds read attempt (file-image.rules) * 1:47992 <-> DISABLED <-> FILE-IMAGE Adobe Acrobat Pro EMF engine type confusion attempt (file-image.rules) * 1:47991 <-> DISABLED <-> FILE-IMAGE Adobe Acrobat Pro EMF engine type confusion attempt (file-image.rules) * 1:47990 <-> DISABLED <-> FILE-OTHER Adobe Acrobat Pro EMF out of bounds write attempt (file-other.rules) * 1:47989 <-> DISABLED <-> FILE-OTHER Adobe Acrobat Pro EMF out of bounds write attempt (file-other.rules) * 1:47988 <-> ENABLED <-> FILE-OTHER Adobe Acrobat Pro XPS file out-of-bounds read attempt (file-other.rules) * 1:47987 <-> ENABLED <-> FILE-OTHER Adobe Acrobat Pro XPS file out-of-bounds read attempt (file-other.rules) * 1:47986 <-> ENABLED <-> FILE-OTHER Adobe Acrobat Pro XPS out-of-bounds write attempt (file-other.rules) * 1:47985 <-> ENABLED <-> FILE-OTHER Adobe Acrobat Pro XPS out-of-bounds write attempt (file-other.rules) * 1:47984 <-> ENABLED <-> FILE-OTHER Adobe Acrobat Pro EMF out-of-bounds read attempt (file-other.rules) * 1:47983 <-> ENABLED <-> FILE-OTHER Adobe Acrobat Pro EMF out-of-bounds read attempt (file-other.rules) * 1:47982 <-> ENABLED <-> FILE-IMAGE Adobe Acrobat Pro EMF out of bounds read attempt (file-image.rules) * 1:47981 <-> ENABLED <-> FILE-IMAGE Adobe Acrobat Pro EMF out of bounds read attempt (file-image.rules) * 1:47980 <-> ENABLED <-> FILE-IMAGE Adobe Acrobat Pro EMF out of bounds read attempt (file-image.rules) * 1:47979 <-> ENABLED <-> FILE-IMAGE Adobe Acrobat Pro EMF out of bounds read attempt (file-image.rules) * 1:47978 <-> DISABLED <-> FILE-PDF Adobe Acrobat Pro heap overflow attempt (file-pdf.rules) * 1:47977 <-> DISABLED <-> FILE-PDF Adobe Acrobat Pro heap overflow attempt (file-pdf.rules) * 1:47976 <-> ENABLED <-> FILE-OTHER Adobe Acrobat Pro EMF memory corruption attempt (file-other.rules) * 1:47975 <-> ENABLED <-> FILE-OTHER Adobe Acrobat Pro EMF memory corruption attempt (file-other.rules) * 1:47974 <-> DISABLED <-> FILE-PDF Adobe Acrobat Reader JavaScript engine use after free attempt (file-pdf.rules) * 1:47973 <-> DISABLED <-> FILE-PDF Adobe Acrobat Reader JavaScript engine use after free attempt (file-pdf.rules) * 1:47972 <-> DISABLED <-> FILE-IMAGE Adobe Acrobat Pro EMF out of bounds read attempt (file-image.rules) * 1:47998 <-> ENABLED <-> FILE-IMAGE Adobe Acrobat Pro EMF pointer out of bounds read attempt (file-image.rules) * 1:47997 <-> ENABLED <-> FILE-IMAGE Adobe Acrobat Pro EMF pointer out of bounds read attempt (file-image.rules) * 1:47996 <-> ENABLED <-> FILE-IMAGE Adobe Acrobat Pro EMF pointer out of bounds write attempt (file-image.rules) * 1:47995 <-> ENABLED <-> FILE-IMAGE Adobe Acrobat Pro EMF pointer out of bounds write attempt (file-image.rules) * 1:47994 <-> ENABLED <-> FILE-OTHER Acrobat Adobe Pro XPS out-of-bounds read attempt (file-other.rules) * 1:47993 <-> ENABLED <-> FILE-OTHER Acrobat Adobe Pro XPS out-of-bounds read attempt (file-other.rules)
* 1:44023 <-> DISABLED <-> FILE-IMAGE Adobe Acrobat Pro malformed TIFF memory corruption attempt (file-image.rules) * 1:47270 <-> DISABLED <-> FILE-PDF Adobe Reader JavaScript XSL value-of select transformation out-of-bounds write attempt (file-pdf.rules) * 1:44059 <-> DISABLED <-> FILE-IMAGE Adobe Acrobat Pro malformed TIFF memory corruption attempt (file-image.rules) * 1:46709 <-> ENABLED <-> FILE-OTHER Adobe Professional EMF embedded image heap overflow attempt (file-other.rules) * 1:46710 <-> ENABLED <-> FILE-OTHER Adobe Professional EMF embedded image heap overflow attempt (file-other.rules) * 1:44024 <-> DISABLED <-> FILE-IMAGE Adobe Acrobat Pro malformed TIFF memory corruption attempt (file-image.rules) * 1:47271 <-> DISABLED <-> FILE-PDF Adobe Reader JavaScript XSL value-of select transformation out-of-bounds write attempt (file-pdf.rules) * 1:44060 <-> DISABLED <-> FILE-IMAGE Adobe Acrobat Pro malformed TIFF memory corruption attempt (file-image.rules) * 1:47367 <-> DISABLED <-> FILE-IMAGE Adobe Acrobat Pro PSD malformed image data out-of-bounds write attempt (file-image.rules) * 1:47368 <-> DISABLED <-> FILE-IMAGE Adobe Acrobat Pro PSD malformed image data out-of-bounds write attempt (file-image.rules) * 1:47438 <-> ENABLED <-> FILE-PDF Adobe Acrobat Reader JBIG parsing out of bounds read attempt (file-pdf.rules) * 1:47439 <-> ENABLED <-> FILE-PDF Adobe Acrobat Reader JBIG parsing out of bounds read attempt (file-pdf.rules) * 1:47685 <-> DISABLED <-> FILE-PDF Adobe Acrobat Pro U3D IFF out of bounds read attempt (file-pdf.rules) * 1:47686 <-> DISABLED <-> FILE-PDF Adobe Acrobat Pro U3D IFF out of bounds read attempt (file-pdf.rules) * 1:47687 <-> DISABLED <-> FILE-PDF Adobe Acrobat Pro U3D SGI RGB information leak attempt (file-pdf.rules) * 1:47688 <-> DISABLED <-> FILE-PDF Adobe Acrobat Pro U3D SGI RGB information leak attempt (file-pdf.rules) * 1:47885 <-> DISABLED <-> FILE-OTHER Microsoft Windows JET Database Engine out-of-bounds write attempt (file-other.rules) * 1:47886 <-> DISABLED <-> FILE-OTHER Microsoft Windows JET Database Engine out-of-bounds write attempt (file-other.rules) * 1:47887 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Windows JET Database Engine ActiveX clsid access attempt (browser-plugins.rules) * 1:47888 <-> DISABLED <-> BROWSER-PLUGINS Microsoft Windows JET Database Engine ActiveX clsid access attempt (browser-plugins.rules) * 1:47283 <-> DISABLED <-> FILE-OTHER Adobe Reader HTML to PDF conversion getMatchedCSSRules use-after-free attempt (file-other.rules) * 1:47284 <-> DISABLED <-> FILE-OTHER Adobe Reader HTML to PDF conversion getMatchedCSSRules use-after-free attempt (file-other.rules)
©2024 Cisco and/or its affiliates. Snort, the Snort and Pig logo are registered trademarks of Cisco. All rights reserved.
