FILE-EXECUTABLE -- Snort detected traffic targeting vulnerabilites that are found in or delivered through executable files, regardless of platform. In those instances, Snort is able to correct traffic that has been altered.
FILE-EXECUTABLE Microsoft Windows Desktop Window Manager use-after-free attempt
This rule looks for bytes unique to the executable.
This rule alerts on an executable attempting to exploit a use-after-free vulnerability in Microsoft Windows Desktop Window Manager.
No public information
No known false positives
Cisco Talos Intelligence Group
Rule Categories::File::Executable
MITRE::ATT&CK Framework::Enterprise::Execution::User Execution::Malicious File
Memory Corruption
Memory Corruption is any vulnerability that allows the modification of the content of memory locations in a way not intended by the developer. Memory corruption results are inconsistent; they could lead to fatal errors and system crashes or data leakage; some have no effect at all.
CVE-2024-30035 |
Loading description
|