FILE-PDF -- Snort has detected suspicious traffic related to a PDF file. PDFs are easily exploitable. They include many ways to encapsulate data and are often targeted by attackers, who use the PDF's household name status for social engineering. Therefore, Snort includes Many PDF-targeted rules.
FILE-PDF Adobe Reader custom JavaScript field use-after-free attempt
This rule is looking for a use-after-free condition within a malicious PDF file.
This rule is triggered by an attempt to exploit Adobe Reader via CVE-2020-3805.
No public information
No known false positives
Cisco Talos Intelligence Group
No rule groups
CVE-2020-3805 |
Loading description
|
Tactic: Execution
Technique: Exploitation for Client Execution
For reference, see the MITRE ATT&CK vulnerability types here: https://attack.mitre.org
©2025 Cisco and/or its affiliates. Snort, the Snort and Pig logo are registered trademarks of Cisco. All rights reserved.
