Ruleset Update Summary - 2024/09/13 - v10692

Summary:

0 new OPEN, 0 new PRO (0 + 0)


Modified inactive rules:

  • 2007576 - ET POLICY CCProxy in use remotely - Possibly Hostile/Malware (policy.rules)
  • 2008782 - ET POLICY Possible Trojan File Download bad rar file header (not a valid rar file) (policy.rules)
  • 2008925 - ET ACTIVEX Microsoft Windows Media Services nskey.dll ActiveX Control Possible Remote Buffer Overflow (activex.rules)
  • 2009858 - ET ACTIVEX Possible PPStream MList.ocx Buffer Overflow Attempt (activex.rules)
  • 2009869 - ET ACTIVEX Possible SmartVMD VideoMovement.dll Buffer Overflow Attempt (activex.rules)
  • 2009893 - ET ACTIVEX Possible HTTP ACTi SetText() nvUnifiedControl.dll Buffer Overflow Attempt (activex.rules)
  • 2009923 - ET ACTIVEX Possible Novell GroupWise Client ‘gxmim1.dll’ ActiveX Buffer Overflow Attempt (activex.rules)
  • 2010012 - ET ACTIVEX Possible EMC Captiva QuickScan Pro KeyWorks KeyHelp Module keyhelp.ocx ActiveX Control Remote Buffer Overflow Attempt (activex.rules)
  • 2010160 - ET ACTIVEX Possible AOL IWinAmp ActiveX ConvertFile Buffer Overflow Attempt (activex.rules)
  • 2010203 - ET ACTIVEX Possible Black Ice Printer Driver Resource Toolkit ActiveX Control EnableStartApplication/EnableStartBeforePrint/EnableKeepExistingFiles/EnablePassParameters Buffer Overflow Attempt (activex.rules)
  • 2010204 - ET ACTIVEX Possible Black Ice Printer Driver Resource Toolkit ActiveX Control SetApplicationPath/SetStartApplicationParamCode/SetCustomStartAppParameter Buffer Overflow Attempt (activex.rules)
  • 2010205 - ET ACTIVEX Possible Black Ice Printer Driver Resource Toolkit ActiveX Control SaveBlackIceDEVMODE Buffer Overflow Attempt (activex.rules)
  • 2010206 - ET ACTIVEX Possible Black Ice Printer Driver Resource Toolkit ActiveX Control ClearUserSettings Buffer Overflow Attempt (activex.rules)
  • 2010207 - ET ACTIVEX Possible Black Ice Printer Driver Resource Toolkit ActiveX Control ControlJob Buffer Overflow Attempt (activex.rules)
  • 2010690 - ET ACTIVEX Possible activePDF WebGrabber ActiveX Control Buffer Overflow Function Call Attempt (activex.rules)
  • 2010691 - ET ACTIVEX Possible activePDF WebGrabber ActiveX Control Buffer Overflow Attempt (activex.rules)
  • 2010693 - ET ACTIVEX Possible Novell iPrint Client ExecuteRequest ActiveX Control Buffer Overflow Attempt (activex.rules)
  • 2010694 - ET ACTIVEX Possible Novell iPrint Client GetDriverSettings ActiveX Control Buffer Overflow Attempt (activex.rules)
  • 2010702 - ET ACTIVEX Possible Windows Live Messenger ActiveX Control RichUploadControlContextData Buffer Overflow Attempt (activex.rules)
  • 2010703 - ET ACTIVEX Possible Windows Live Messenger ActiveX Control RichUploadControlContextData Buffer Overflow Function Call Attempt (activex.rules)
  • 2010760 - ET ACTIVEX Possible Gracenote CDDBControl ActiveX Control ViewProfile Method Heap Buffer Overflow Attempt (activex.rules)
  • 2010799 - ET WEB_CLIENT Possible Internet Explorer srcElement Memory Corruption Attempt (web_client.rules)
  • 2010839 - ET ACTIVEX Possible Rising Online Virus Scanner ActiveX Control Scan() Method Stack Buffer Overflow Attempt (activex.rules)
  • 2010931 - ET WEB_CLIENT Possible IE iepeers.dll Use-after-free Code Execution Attempt (web_client.rules)
  • 2010958 - ET ACTIVEX Possible Symantec Antivirus 10.0 Client Proxy ActiveX Control Buffer Overflow Attempt (activex.rules)
  • 2010959 - ET ACTIVEX Possible Symantec Antivirus 10.0 Client Proxy ActiveX Control Buffer Overflow Function Call Attempt (activex.rules)
  • 2011129 - ET ACTIVEX Possible Attachmate Reflection X ActiveX Control ‘ControlID’ Buffer Overflow Attempt (activex.rules)
  • 2011130 - ET ACTIVEX Possible Attachmate Reflection X ActiveX Control ‘ControlID’ Buffer Overflow Function Call Attempt (activex.rules)
  • 2011242 - ET EXPLOIT Possible VLC Media Player M3U File FTP URL Processing Stack Buffer Overflow Attempt (exploit.rules)
  • 2011366 - ET WEB_CLIENT Possible Apple Quicktime Invalid SMIL URI Buffer Overflow Attempt (web_client.rules)
  • 2011478 - ET EXPLOIT Possible Microsoft Office Word 2007 sprmCMajority Buffer Overflow Attempt (exploit.rules)
  • 2011501 - ET WEB_CLIENT Possible Adobe CoolType Smart INdependent Glyplets - SING - Table uniqueName Stack Buffer Overflow Attempt (web_client.rules)
  • 2011732 - ET DOS Possible VNC ClientCutText Message Denial of Service/Memory Corruption Attempt (dos.rules)
  • 2011864 - ET WEB_CLIENT Possible Oracle Java APPLET Tag Children Property Memory Corruption Attempt (web_client.rules)
  • 2012158 - ET ACTIVEX Possible Microsoft WMI Administration Tools WEBSingleView.ocx ActiveX Buffer Overflow Attempt (CVE-2010-3973) (activex.rules)
  • 2012218 - ET ACTIVEX Possible UserManager SelectServer method Buffer Overflow Attempt (activex.rules)
  • 2013565 - ET ACTIVEX Tom Sawyer Software Possible Memory Corruption Attempt (activex.rules)
  • 2014149 - ET INFO Possible URL List or Clickfraud URLs Delivered To Client (info.rules)
  • 2014831 - ET ACTIVEX Possible Wireless Manager Sony VAIO SetTmpProfileOption Method Access Buffer Overflow (activex.rules)
  • 2014832 - ET ACTIVEX Possible Wireless Manager Sony VAIO ConnectToNetwork Method Access Buffer Overflow (activex.rules)
  • 2016138 - ET EXPLOIT Possible Internet Explorer Use-After-Free Inbound (CVE-2012-4792) (exploit.rules)
  • 2016822 - ET WEB_CLIENT Possible Internet Explorer Use After Free Inbound (CVE-2013-1347) (web_client.rules)
  • 2017572 - ET WEB_CLIENT Possible Microsoft Internet Explorer Use-After-Free (CVE-2013-3897) (web_client.rules)
  • 2017684 - ET WEB_SERVER Possible SUPERMICRO IPMI login.cgi Name Parameter Buffer Overflow Attempt CVE-2013-3621 (web_server.rules)
  • 2017685 - ET WEB_SERVER Possible SUPERMICRO IPMI login.cgi PWD Parameter Buffer Overflow Attempt CVE-2013-3621 (web_server.rules)
  • 2017686 - ET WEB_SERVER Possible SUPERMICRO IPMI close_window.cgi sess_sid Parameter Buffer Overflow Attempt CVE-2013-3623 (web_server.rules)
  • 2017687 - ET WEB_SERVER Possible SUPERMICRO IPMI close_window.cgi ACT Parameter Buffer Overflow Attempt CVE-2013-3623 (web_server.rules)
  • 2018147 - ET WEB_CLIENT Possible IE10 Use After Free CVE-2014-0322 (web_client.rules)
  • 2018308 - ET EXPLOIT Possible CVE-2014-1761 Inbound SMTP 2 (exploit.rules)
  • 2018309 - ET EXPLOIT Possible CVE-2014-1761 Inbound SMTP 3 (exploit.rules)
  • 2018310 - ET EXPLOIT Possible CVE-2014-1761 Inbound SMTP 4 (exploit.rules)
  • 2018311 - ET EXPLOIT Possible CVE-2014-1761 Inbound SMTP 5 (exploit.rules)
  • 2018312 - ET EXPLOIT Possible CVE-2014-1761 Inbound SMTP 6 (exploit.rules)
  • 2018313 - ET WEB_CLIENT Possible Word RTF Memory Corruption Payload Inbound (CVE-2014-1761) (web_client.rules)
  • 2018314 - ET EXPLOIT Possible CVE-2014-1761 Inbound SMTP 1 (exploit.rules)
  • 2018559 - ET EXPLOIT SUSPICIOUS DTLS Pre 1.0 Fragmented Client Hello Possible CVE-2014-0195 (exploit.rules)
  • 2018561 - ET EXPLOIT SUSPICIOUS DTLS 1.2 Fragmented Client Hello Possible CVE-2014-0195 (exploit.rules)
  • 2019181 - ET MOBILE_MALWARE Possible Android CVE-2014-6041 (mobile_malware.rules)
  • 2019244 - ET WEB_SERVER Possible CVE-2014-6271 Attempt in HTTP URLENCODE Generic 1 (web_server.rules)
  • 2019245 - ET WEB_SERVER Possible CVE-2014-6271 Attempt in HTTP URLENCODE Generic 2 (web_server.rules)
  • 2019246 - ET WEB_SERVER Possible CVE-2014-6271 Attempt in HTTP URLENCODE Generic 3 (web_server.rules)
  • 2019247 - ET WEB_SERVER Possible CVE-2014-6271 Attempt in HTTP URLENCODE Generic 4 (web_server.rules)
  • 2019248 - ET WEB_SERVER Possible CVE-2014-6271 Attempt in HTTP URLENCODE Generic 5 (web_server.rules)
  • 2019249 - ET WEB_SERVER Possible CVE-2014-6271 Attempt in HTTP URLENCODE Generic 6 (web_server.rules)
  • 2019250 - ET WEB_SERVER Possible CVE-2014-6271 Attempt in HTTP URLENCODE Generic 7 (web_server.rules)
  • 2019251 - ET WEB_SERVER Possible CVE-2014-6271 Attempt in HTTP URLENCODE Generic 8 (web_server.rules)
  • 2019252 - ET WEB_SERVER Possible CVE-2014-6271 Attempt in HTTP URLENCODE Generic 9 (web_server.rules)
  • 2019253 - ET WEB_SERVER Possible CVE-2014-6271 Attempt in HTTP URLENCODE Generic 10 (web_server.rules)
  • 2019254 - ET WEB_SERVER Possible CVE-2014-6271 Attempt in HTTP URLENCODE Generic 11 (web_server.rules)
  • 2019255 - ET WEB_SERVER Possible CVE-2014-6271 Attempt in HTTP URLENCODE Generic 12 (web_server.rules)
  • 2019256 - ET WEB_SERVER Possible CVE-2014-6271 Attempt in HTTP URLENCODE Generic 13 (web_server.rules)
  • 2019257 - ET WEB_SERVER Possible CVE-2014-6271 Attempt in HTTP URLENCODE Generic 14 (web_server.rules)
  • 2019258 - ET WEB_SERVER Possible CVE-2014-6271 Attempt in HTTP URLENCODE Generic 15 (web_server.rules)
  • 2019259 - ET WEB_SERVER Possible CVE-2014-6271 Attempt in HTTP URLENCODE Generic 16 (web_server.rules)
  • 2019260 - ET WEB_SERVER Possible CVE-2014-6271 Attempt in HTTP URLENCODE Generic 17 (web_server.rules)
  • 2019261 - ET WEB_SERVER Possible CVE-2014-6271 Attempt in HTTP URLENCODE Generic 18 (web_server.rules)
  • 2019262 - ET WEB_SERVER Possible CVE-2014-6271 Attempt in HTTP URLENCODE Generic 19 (web_server.rules)
  • 2019263 - ET WEB_SERVER Possible CVE-2014-6271 Attempt in HTTP URLENCODE Generic 20 (web_server.rules)
  • 2019264 - ET WEB_SERVER Possible CVE-2014-6271 Attempt in HTTP URLENCODE Generic 21 (web_server.rules)
  • 2019265 - ET WEB_SERVER Possible CVE-2014-6271 Attempt in HTTP URLENCODE Generic 22 (web_server.rules)
  • 2019266 - ET WEB_SERVER Possible CVE-2014-6271 Attempt in HTTP URLENCODE Generic 23 (web_server.rules)
  • 2019267 - ET WEB_SERVER Possible CVE-2014-6271 Attempt in HTTP URLENCODE Generic 24 (web_server.rules)
  • 2019268 - ET WEB_SERVER Possible CVE-2014-6271 Attempt in HTTP URLENCODE Generic 25 (web_server.rules)
  • 2019269 - ET WEB_SERVER Possible CVE-2014-6271 Attempt in HTTP URLENCODE Generic 26 (web_server.rules)
  • 2019270 - ET WEB_SERVER Possible CVE-2014-6271 Attempt in HTTP URLENCODE Generic 27 (web_server.rules)
  • 2019271 - ET WEB_SERVER Possible CVE-2014-6271 Attempt in HTTP URLENCODE Generic 28 (web_server.rules)
  • 2019272 - ET WEB_SERVER Possible CVE-2014-6271 Attempt in HTTP URLENCODE Generic 29 (web_server.rules)
  • 2019273 - ET WEB_SERVER Possible CVE-2014-6271 Attempt in HTTP URLENCODE Generic 30 (web_server.rules)
  • 2019418 - ET EXPLOIT SSL excessive fatal alerts (possible POODLE attack against server) (exploit.rules)
  • 2019420 - ET WEB_CLIENT Possible CVE-2014-4113 Exploit Download (web_client.rules)
  • 2019732 - ET WEB_CLIENT Possible Internet Explorer VBscript failure to handle error case information disclosure CVE-2014-6332 Percent Hex Encode (web_client.rules)
  • 2019897 - ET EXPLOIT Possible PYKEK Priv Esc in-use (exploit.rules)
  • 2022930 - ET EXPLOIT Possible CVE-2016-2211 Symantec Cab Parsing Buffer Overflow (exploit.rules)
  • 2025019 - ET MALWARE Possible NanoCore C2 60B (malware.rules)
  • 2033218 - ET PHISHING Observed Possible Phishing 2021-06-29 (phishing.rules)
  • 2048241 - ET MALWARE Possible ToneShell CnC Checkin M1 (malware.rules)
  • 2048264 - ET MALWARE Possible ToneShell CnC Checkin M2 (malware.rules)
  • 2048739 - ET EXPLOIT Possible Cisco IOS XE Web Server Implant 404 Response (CVE-2023-20198) (Outbound) M1 (exploit.rules)
  • 2048740 - ET EXPLOIT Possible Cisco IOS XE Web Server Implant 404 Response (CVE-2023-20198) (Inbound) M1 (exploit.rules)
  • 2048741 - ET EXPLOIT Possible Cisco IOS XE Web Server Implant 404 Response (CVE-2023-20198) (Outbound) M2 (exploit.rules)
  • 2048742 - ET EXPLOIT Possible Cisco IOS XE Web Server Implant 404 Response (CVE-2023-20198) (Inbound) M2 (exploit.rules)
  • 2048950 - ET MALWARE Possible Konni RAT Domain in DNS Lookup (documentoffice .club) (malware.rules)
  • 2049178 - ET PHISHING Possible Generic Credential Phish with Obfuscated Javascript (phishing.rules)
  • 2053328 - ET HUNTING Generic POST with Commmon Control/Escape Character in Filename Parameter - Possible Command Injection Attempt (hunting.rules)
  • 2053705 - ET EXPLOIT [TW] Possible MSXMLHTTP Request (exploit.rules)
  • 2053706 - ET EXPLOIT [TW] EXPLOIT Possible MMC Remote Command Execution (exploit.rules)
  • 2800928 - ETPRO IMAP Possible Novell GroupWise Internet Agent RRULE Parsing Buffer Overflow Attempt (imap.rules)
  • 2806358 - ETPRO WEB_CLIENT Possible Microsoft Internet Explorer VML Use After Free 2 (CVE-2013-2551) (web_client.rules)
  • 2806359 - ETPRO WEB_CLIENT Possible Microsoft Internet Explorer VML Use After Free 1 (CVE-2013-2551) (web_client.rules)
  • 2807660 - ETPRO WEB_CLIENT Possible Microsoft Internet Explorer Use After free (CVE-2014-0289) (web_client.rules)
  • 2807806 - ETPRO WEB_CLIENT Possible User-After-Free CVE-2014-0309 (web_client.rules)
  • 2807807 - ETPRO WEB_CLIENT Possible User-After-Free CVE-2014-0312 (web_client.rules)
  • 2807808 - ETPRO WEB_CLIENT Possible IE10 Memory Corruption Vulnerability CVE-2014-0313 1 (web_client.rules)
  • 2807809 - ETPRO WEB_CLIENT Possible IE10 Memory Corruption Vulnerability CVE-2014-0313 2 (web_client.rules)
  • 2807811 - ETPRO WEB_CLIENT Possible IE8 Memory Corruption Vulnerability CVE-2014-0324 (web_client.rules)
  • 2807985 - ETPRO WEB_CLIENT Possible Internet Explorer RCE CVE-2014-1776 (web_client.rules)
  • 2807998 - ETPRO EXPLOIT Possible CVE-2014-0515 Flash Buffer Overflow (exploit.rules)
  • 2808081 - ETPRO WEB_CLIENT Acrobat Reader Possible CVE-2014-0527 Use After Free (web_client.rules)
  • 2808082 - ETPRO WEB_CLIENT Acrobat Reader Possible CVE-2014-0527 Use After Free (web_client.rules)
  • 2808116 - ETPRO MALWARE Win32/Jukbot.B Checkin 13 (malware.rules)
  • 2808184 - ETPRO MALWARE Win32/Agent.QJH Checkin (malware.rules)
  • 2808231 - ETPRO WEB_CLIENT Possible Acrobat Reader Privilaged API Acess CVE-2014-0521 (web_client.rules)
  • 2808263 - ETPRO WEB_CLIENT Possible Adobe Flash CVE-2014-0536 (web_client.rules)
  • 2808310 - ETPRO MALWARE Win32/Tesyong.A CnC (OUTBOUND) (malware.rules)
  • 2808312 - ETPRO MALWARE Win32/Meac.A CnC (OUTBOUND) (malware.rules)
  • 2808320 - ETPRO MALWARE Win32/Expone.A Uploading information FTP (malware.rules)
  • 2808545 - ETPRO WEB_CLIENT Possible Internet Explorer Use-After-Free CVE-2014-4063 (web_client.rules)
  • 2808710 - ETPRO MALWARE Win32/BrowserPassview sending passwords via SMTP (malware.rules)
  • 2808757 - ETPRO WEB_CLIENT Possible Internet Explorer Remote Code Execution (CVE-2014-4080) (web_client.rules)
  • 2808758 - ETPRO WEB_CLIENT Possible Internet Explorer Remote Code Execution (CVE-2014-4081) (web_client.rules)
  • 2808759 - ETPRO WEB_CLIENT Possible Internet Explorer Use-After-Free (CVE-2014-4084) (web_client.rules)
  • 2808762 - ETPRO WEB_CLIENT Possible Internet Explorer Use-After-Free (CVE-2014-4089) (web_client.rules)
  • 2808764 - ETPRO WEB_CLIENT Possible Internet Explorer Use-After-Free (CVE-2014-4094) (web_client.rules)
  • 2808986 - ETPRO WEB_CLIENT Possible malformed disk image transfer (CVE-2014-4115) (web_client.rules)
  • 2808987 - ETPRO WEB_CLIENT Possible Internet Explorer Use-After-Free CVE-2014-4126 (web_client.rules)
  • 2808990 - ETPRO WEB_CLIENT Possible Internet Explorer Use-After-Free CVE-2014-4129 (web_client.rules)
  • 2808998 - ETPRO WEB_CLIENT Possible Internet Explorer Memory Corruption Vulnerability CVE-2014-4137 (web_client.rules)
  • 2809000 - ETPRO WEB_CLIENT Possible Internet Explorer Memory Corruption Vulnerability CVE-2014-4141 (web_client.rules)
  • 2809143 - ETPRO WEB_CLIENT Possible Internet Explorer CSecurityContext Use-After-Free CVE-2014-4143 (web_client.rules)
  • 2809154 - ETPRO WEB_CLIENT Possible Internet Explorer Cross-domain Information Disclosure CVE-2014-6340 (web_client.rules)
  • 2809161 - ETPRO WEB_CLIENT Possible IE Memory Corruption Vulnerability CVE-2014-6351 (web_client.rules)
  • 2809255 - ETPRO EXPLOIT SChannel Possible Heap Overflow CVE-2014-6321 SSLv3 (exploit.rules)
  • 2809256 - ETPRO EXPLOIT SChannel Possible Heap Overflow CVE-2014-6321 TLSv1.0 (exploit.rules)
  • 2809258 - ETPRO EXPLOIT SChannel Possible Heap Overflow CVE-2014-6321 TLSv1.2 (exploit.rules)
  • 2809302 - ETPRO WEB_CLIENT Possible Internet Explorerer Use After Free CVE-2014-6330 (web_client.rules)
  • 2809310 - ETPRO WEB_CLIENT Possible Internet Explorer Use After Free CVE-2014-6366 (web_client.rules)
  • 2809311 - ETPRO WEB_CLIENT Possible Internet Explorer Use After Free CVE-2014-6369 (web_client.rules)
  • 2809379 - ETPRO MALWARE Win32/Laimfin.A Checkin (malware.rules)
  • 2809380 - ETPRO EXPLOIT Possible CVE-2014-6324 Priv escalation attempt (exploit.rules)
  • 2809430 - ETPRO MALWARE Win32/Taskman Checkin Via IRC (malware.rules)
  • 2809633 - ETPRO MALWARE Win32/ProxyChanger.EO Receiving Proxy.pac (malware.rules)
  • 2810097 - ETPRO MALWARE Win32/Spy.Banker.ZMO Variant Checkin via SQL (malware.rules)
  • 2810100 - ETPRO MALWARE Win32/Injector Variant Checkin via SQL (malware.rules)
  • 2811174 - ETPRO MALWARE MSIL/Injector.JWA CnC Client Details (malware.rules)
  • 2811688 - ETPRO MALWARE Win32/Zegost.DG CnC traffic (OUTBOUND) (malware.rules)
  • 2811890 - ETPRO MALWARE Win32/Beaugrit.gen!AAA Checkin (malware.rules)
  • 2811891 - ETPRO MALWARE Win32/Beaugrit.gen!AAA Checkin (malware.rules)
  • 2811893 - ETPRO MALWARE Win32/Beaugrit.gen!AAA Checkin (malware.rules)
  • 2812121 - ETPRO MALWARE MSIL/Zaviso.A Checkin via SQL (malware.rules)
  • 2812170 - ETPRO MALWARE MSIL/Nitwil.A FTP wallet.dat Exfil (malware.rules)
  • 2812442 - ETPRO MALWARE Win32/Beaugrit.gen!AAA Checkin (malware.rules)
  • 2812445 - ETPRO MALWARE Win32/Beaugrit.gen!AAA Checkin (malware.rules)
  • 2812446 - ETPRO MALWARE Win32/Beaugrit.gen!AAA Checkin (malware.rules)
  • 2812448 - ETPRO MALWARE Win64/Wedex.A SSL Cert (malware.rules)
  • 2812981 - ETPRO MALWARE Win32/Skeeyah Checkin 3 (malware.rules)
  • 2815063 - ETPRO MALWARE Win32/Kitkiot.A CnC Inbound (malware.rules)
  • 2815101 - ETPRO MALWARE Win32/Spy.Autoit.BV Checkin (malware.rules)
  • 2815576 - ETPRO MALWARE Win32/Comroki SSL Cert (malware.rules)
  • 2820660 - ETPRO EXPLOIT Possible SVN Date Parsing Buffer Overflow (exploit.rules)
  • 2820661 - ETPRO EXPLOIT Possible SVN Date Parsing Buffer Overflow (exploit.rules)
  • 2820663 - ETPRO EXPLOIT Possible IIS ISAPI IDQ Extension Buffer Overflow (exploit.rules)
  • 2820664 - ETPRO EXPLOIT Possible IIS ISAPI IDA Extension Buffer Overflow (exploit.rules)
  • 2822532 - ETPRO WEB_CLIENT Possible Microsoft Internet Explorer Memory Corruption Vulnerability (CVE-2016-3385) (web_client.rules)
  • 2822535 - ETPRO WEB_CLIENT Possible Microsoft Edge Memory Corruption Vulnerability M1 (CVE-2016-7190) (web_client.rules)
  • 2822536 - ETPRO WEB_CLIENT Possible Microsoft Edge Memory Corruption Vulnerability M2 (CVE-2016-7190) (web_client.rules)
  • 2823145 - ETPRO WEB_CLIENT Possible Microsoft Edge Buffer Overflow M1 (CVE-2016-7202) (web_client.rules)
  • 2823828 - ETPRO WEB_CLIENT Possible Microsoft Edge Buffer Overflow M2 (CVE-2016-7202) (web_client.rules)
  • 2823829 - ETPRO WEB_CLIENT Possible Microsoft Edge Buffer Overflow M3 (CVE-2016-7202) (web_client.rules)
  • 2823830 - ETPRO WEB_CLIENT Possible Microsoft Edge Buffer Overflow M4 (CVE-2016-7202) (web_client.rules)
  • 2824320 - ETPRO WEB_CLIENT Possible Acrobat Reader JS Use After Free (CVE-2017-2958) (web_client.rules)
  • 2824321 - ETPRO WEB_CLIENT Possible Adobe Reader Memory Corruption Attempt (CVE-2017-2960) (web_client.rules)
  • 2825376 - ETPRO WEB_CLIENT Possible Scripting Engine Memory Corruption Vulnerability (CVE-2017-0010) (web_client.rules)
  • 2829653 - ETPRO WEB_CLIENT Possible Adobe Reader TIFF Memory Corruption (CVE-2018-4903) (web_client.rules)
  • 2829654 - ETPRO WEB_CLIENT Possible Adobe Reader EMF Memory Corruption M1 (CVE-2018-4906) (web_client.rules)
  • 2829655 - ETPRO WEB_CLIENT Possible Adobe Reader EMF Memory Corruption M2 (CVE-2018-4906) (web_client.rules)
  • 2857471 - ETPRO INFO Server Responding to Microsoft Office HTTP Request for .html - Possible Windows MSHTML Platform Security Feature Bypass (CVE-2024-30040) (info.rules)