[***] Summary: [***]
7 new OPEN, 33 new PRO (7 + 26) Luminosity Link, PseudoManuscrypt, XWorm,
Various Android Malware, and Various Phish
Thanks @0xToxin, @James_inthe_box, @bl4sty, @SLASH30Miata
We would like to inform Emerging Threats users that there will be a
scheduled maintenance window on February 1st, 2023 between 3 pm CST to 5 pm
CST. This will affect ET Pro and ET Intel customers.
During this window the ET Pro rules may be unavailable for download and
the ET Intel replist may also be unavailable.
This important maintenance window is focused on improving our services
and infrastructure. Thank you for your understanding.
The Emerging Threats mailing list is migrating to Discourse. Please visit
us at
https://community.emergingthreats.net/t/ruleset-update-summary-2023-01-…
We will announce the mailing list retirement date in the near future.
[+++] Added rules: [+++]
Open:
2043996 - ET INFO Suspected Impacket WMIExec Activity (info.rules)
2043997 - ET MALWARE PseudoManuscrypt Activity (POST) (malware.rules)
2043998 - ET INFO Observed DNS Over HTTPS Domain in TLS SNI
(opennameserver .org) (info.rules)
2043999 - ET INFO Observed DNS Over HTTPS Domain in TLS SNI (teradns
.org) (info.rules)
2044001 - ET MALWARE Luminosity Link Variant CnC Activity (get_failed)
(malware.rules)
2044002 - ET EXPLOIT Lexmark Malicious File Upload Detected
(exploit.rules)
2044003 - ET MALWARE Luminosity Link Variant Payload Retrieval Request
(malware.rules)
Pro:
2853147 - ETPRO MOBILE_MALWARE Android.Spy.989.origin CnC Domain in DNS
Lookup (mobile_malware.rules)
2853148 - ETPRO MOBILE_MALWARE Observed Android.Spy.989.origin Domain in
TLS SNI (mobile_malware.rules)
2853149 - ETPRO MOBILE_MALWARE Trojan-Spy.AndroidOS.SmsThief.ta CnC
Domain in DNS Lookup (mobile_malware.rules)
2853150 - ETPRO MOBILE_MALWARE Trojan-Dropper.AndroidOS.Hqwar.fk CnC
Domain in DNS Lookup (mobile_malware.rules)
2853151 - ETPRO MOBILE_MALWARE Trojan-Dropper.AndroidOS.Hqwar.fk CnC
Domain in DNS Lookup (mobile_malware.rules)
2853152 - ETPRO MOBILE_MALWARE Observed Trojan-Dropper.AndroidOS.Hqwar.fk
Domain in TLS SNI (mobile_malware.rules)
2853153 - ETPRO MOBILE_MALWARE Observed Trojan-Dropper.AndroidOS.Hqwar.fk
Domain in TLS SNI (mobile_malware.rules)
2853154 - ETPRO MOBILE_MALWARE Trojan.AndroidOS.Harly.ac CnC Domain in
DNS Lookup (mobile_malware.rules)
2853155 - ETPRO MOBILE_MALWARE Android.Joker.2000 CnC Domain in DNS
Lookup (mobile_malware.rules)
2853156 - ETPRO MOBILE_MALWARE Observed Android.Joker.2000 Domain in TLS
SNI (mobile_malware.rules)
2853157 - ETPRO MOBILE_MALWARE Android/Spy.Agent.BWK Checkin
(mobile_malware.rules)
2853158 - ETPRO MOBILE_MALWARE Android/Spy.Agent.BWK CnC Domain in DNS
Lookup (mobile_malware.rules)
2853159 - ETPRO MOBILE_MALWARE Trojan-Spy.AndroidOS.SmsThief.sw CnC
Domain in DNS Lookup (mobile_malware.rules)
2853160 - ETPRO MOBILE_MALWARE Trojan-Spy.AndroidOS.Femas.b CnC Domain in
DNS Lookup (mobile_malware.rules)
2853161 - ETPRO MOBILE_MALWARE Trojan-Banker.AndroidOS.Knobot.k CnC
Domain in DNS Lookup (mobile_malware.rules)
2853162 - ETPRO MOBILE_MALWARE Trojan-Banker.AndroidOS.Knobot.k CnC
Domain in DNS Lookup (mobile_malware.rules)
2853163 - ETPRO MOBILE_MALWARE Android/Spy.Agent.CLO CnC Domain in DNS
Lookup (mobile_malware.rules)
2853164 - ETPRO MOBILE_MALWARE Trojan-Spy.AndroidOS.SmsThief.ta CnC
Domain in DNS Lookup (mobile_malware.rules)
2853165 - ETPRO MOBILE_MALWARE Android/Spy.Banker.BSO CnC Domain in DNS
Lookup (mobile_malware.rules)
2853166 - ETPRO HUNTING Possible PowerShell Inbound - Github Integration
(hunting.rules)
2853167 - ETPRO MALWARE Win32/XWorm V3 CnC Command - PING Outbound
(malware.rules)
2853168 - ETPRO MALWARE Win32/XWorm CnC Command - PING Inbound
(malware.rules)
2853169 - ETPRO MALWARE Win32/XWorm V3 CnC Command - sendPlugin Outbound
(malware.rules)
2853170 - ETPRO MALWARE Win32/XWorm V3 CnC Command - savePlugin Inbound
(malware.rules)
2853171 - ETPRO MALWARE Win32/XWorm V2 CnC Command - PING Outbound
(malware.rules)
2853172 - ETPRO PHISHING Successful MyGov Phish 2023-01-25
(phishing.rules)
[///] Modified inactive rules: [///]
2007903 - ET ACTIVEX 4XEM VatDecoder VatCtrl Class ActiveX Control Url
Property Buffer Overflow Vulnerability (activex.rules)
2008683 - ET ACTIVEX Dart Communications PowerTCP FTP for ActiveX
DartFtp.dll Control Buffer Overflow (activex.rules)
2008790 - ET ACTIVEX DjVu DjVu_ActiveX_MSOffice.dll ActiveX Component
Heap Buffer Overflow (activex.rules)
2009857 - ET ACTIVEX Awingsoft Web3D Player Remote Buffer Overflow
(activex.rules)
2010245 - ET ACTIVEX Multiple Altiris Products AeXNSConsoleUtilities.dll
ActiveX Control BrowseAndSaveFile Method Buffer Overflow Attempt Function
Call (activex.rules)
2010495 - ET WEB_CLIENT Possible Adobe Multimedia Doc.media.newPlayer
Memory Corruption Attempt (web_client.rules)
2010657 - ET ACTIVEX EasyMail Object SMTP Component Buffer Overflow
Function call Attempt (activex.rules)
2010658 - ET ACTIVEX EasyMail Object IMAP4 Component Buffer Overflow
Function call Attempt (activex.rules)
2010699 - ET WEB_SPECIFIC_APPS Possible HP Power Manager Management Web
Server Login Remote Buffer Overflow Attempt (web_specific_apps.rules)
2010704 - ET WEB_SERVER Possible HP OpenView Network Node Manager
ovalarm.exe CGI Buffer Overflow Attempt (web_server.rules)
2010758 - ET WEB_CLIENT VLC Media Player .ass File Buffer Overflow
Attempt (web_client.rules)
2010799 - ET WEB_CLIENT Possible Internet Explorer srcElement Memory
Corruption Attempt (web_client.rules)
2010813 - ET WEB_CLIENT VLC Media Player smb URI Handling Remote Buffer
Overflow Attempt (web_client.rules)
2010864 - ET WEB_SERVER HP OpenView /OvCgi/Toolbar.exe Accept Language
Heap Buffer Overflow Attempt (web_server.rules)
2010921 - ET ACTIVEX Ask.com Toolbar askBar.dll ActiveX ShortFormat
Buffer Overflow Attempt (activex.rules)
2010944 - ET ACTIVEX Viscom Movie Player Pro SDK ActiveX DrawText method
Buffer Overflow Function Call (activex.rules)
2010976 - ET WEB_SPECIFIC_APPS JcomBand toolbar ActiveX Control
isRegistered Property Buffer Overflow Attempt (web_specific_apps.rules)
2011007 - ET ACTIVEX Microsoft Internet Explorer Tabular DataURL ActiveX
Control Memory Corruption Attempt (activex.rules)
2011200 - ET ACTIVEX AVTECH Software ActiveX SendCommand Method Buffer
Overflow Attempt (activex.rules)
2011202 - ET ACTIVEX AVTECH Software ActiveX Snapshot Method Buffer
Overflow Attempt (activex.rules)
2011203 - ET ACTIVEX AVTECH Software ActiveX _DownloadPBOpen Method
Buffer Overflow Attempt (activex.rules)
2011204 - ET ACTIVEX AVTECH Software ActiveX _DownloadPBClose Method
Buffer Overflow Attempt (activex.rules)
2011205 - ET ACTIVEX AVTECH Software ActiveX _DownloadPBControl Method
Buffer Overflow Attempt (activex.rules)
2011206 - ET ACTIVEX AVTECH Software ActiveX Buffer Overflow Function
Call (activex.rules)
2011207 - ET ACTIVEX SaschArt SasCam Webcam Server ActiveX Control Head
Method Buffer Overflow Attempt (activex.rules)
2011208 - ET WEB_SPECIFIC_APPS SaschArt SasCam Webcam Server ActiveX
Buffer Overflow Function Call (web_specific_apps.rules)
2011500 - ET WEB_CLIENT Possible Adobe Acrobat and Reader Pushstring
Memory Corruption Attempt (web_client.rules)
2011543 - ET WEB_CLIENT Adobe Shockwave Director tSAC Chunk memory
corruption Attempt (web_client.rules)
2011801 - ET ACTIVEX AoA Audio Extractor ActiveX Control Buffer Overflow
Attempt (activex.rules)
2011869 - ET ACTIVEX Softek Barcode Reader Toolkit ActiveX Control Buffer
Overflow Attempt (activex.rules)
2011892 - ET WEB_CLIENT Microsoft IE CSS Clip Attribute Memory Corruption
(POC SPECIFIC) (web_client.rules)
2011910 - ET WEB_CLIENT Possible Adobe Reader 9.4 this.printSeps Memory
Corruption Attempt (web_client.rules)
2011976 - ET SCADA RealWin SCADA System Buffer Overflow (scada.rules)
2012094 - ET NETBIOS SMB Trans2 Query_Fs_Attribute_Info
SrvSmbQueryFsInformation Pool Buffer Overflow (netbios.rules)
2012096 - ET SCADA DATAC RealWin SCADA Server Buffer Overflow
(scada.rules)
2012098 - ET ACTIVEX J-Integra ActiveX SetIdentity Buffer Overflow
(activex.rules)
2012100 - ET WEB_CLIENT Oracle Java 6 Object Tag launchjnlp docbase
Parameters Buffer Overflow (web_client.rules)
2012133 - ET ACTIVEX FathFTP 1.8 EnumFiles Method ActiveX Buffer Overflow
(activex.rules)
2012143 - ET WEB_CLIENT Microsoft Windows MPEG Layer-3 Audio Decoder
Buffer Overflow (web_client.rules)
2012148 - ET ACTIVEX dBpowerAMP Audio Player 2 FileExists Method ActiveX
Buffer Overflow (activex.rules)
2012157 - ET ACTIVEX Possible Microsoft WMI Administration Tools
WEBSingleView.ocx ActiveX Buffer Overflow Attempt Function Call
(activex.rules)
2012234 - ET ACTIVEX Oracle Document Capture File Overwrite or Buffer
Overflow Attempt (activex.rules)
2012509 - ET WEB_CLIENT Android Webkit removeChild Use-After-Free Remote
Code Execution Attempt (web_client.rules)
2012741 - ET ACTIVEX Gesytec ElonFmt ActiveX Component GetItem1 member
Buffer Overflow Attempt (activex.rules)
2012813 - ET WEB_CLIENT PDF With Adobe Audition Session File Handling
Buffer Overflow Flowbit Set (web_client.rules)
2012814 - ET WEB_CLIENT PDF With Adobe Audition Session File Handling
Memory Corruption Attempt (web_client.rules)
2012978 - ET WEB_CLIENT Adobe Audition Malformed Session File Buffer
Overflow Attempt (web_client.rules)
2013070 - ET WEB_CLIENT Adobe Shockwave Director tSAC Chunk memory
corruption Attempt (web_client.rules)
2013074 - ET SCADA DATAC RealWin SCADA Server 2 On_FC_CONNECT_FCS_a_FILE
Buffer Overflow Vulnerability (scada.rules)
2013120 - ET SCADA Siemens FactoryLink 8 CSService Logging Buffer
Overflow Vulnerability (scada.rules)
2013152 - ET WEB_CLIENT Adobe Acrobat Util.printf Buffer Overflow Attempt
(web_client.rules)
2013161 - ET ACTIVEX Ubisoft CoGSManager ActiveX Initialize method Buffer
Overflow Vulnerability (activex.rules)
2013162 - ET ACTIVEX Ubisoft CoGSManager ActiveX RunCore method Buffer
Overflow Vulnerability (activex.rules)
2013235 - ET SCADA Golden FTP Server PASS Command Remote Buffer Overflow
Attempt (scada.rules)
2013281 - ET WEB_CLIENT Adobe Authplay.dll NewClass Memory Corruption
Attempt (web_client.rules)
2013417 - ET WEB_CLIENT Mozilla Firefox mChannel Object Dangling Pointer
Use-After-Free Memory Corruption Attempt (web_client.rules)
2013566 - ET ACTIVEX Tom Sawyer Possible Memory Corruption Attempt Format
String Function Call (activex.rules)
2014325 - ET ACTIVEX ASUS Net4Switch ipswcom.dll ActiveX Stack Buffer
Overflow (activex.rules)
2014390 - ET ACTIVEX EdrawSoft Office Viewer Component ActiveX
FtpUploadFile Stack Buffer Overflow (activex.rules)
2014451 - ET ACTIVEX Dell Webcam CrazyTalk ActiveX Control BackImage
Access Potential Buffer Overflow Attempt (activex.rules)
2014452 - ET ACTIVEX Dell Webcam CrazyTalk ActiveX Control BackImage
Access Potential Buffer Overflow Attempt 2 (activex.rules)
2014455 - ET ACTIVEX TRENDnet TV-IP121WN UltraMJCam ActiveX Control
OpenFileDlg Access Potential Remote Stack Buffer Overflow (activex.rules)
2014456 - ET ACTIVEX TRENDnet TV-IP121WN UltraMJCam ActiveX Control
OpenFileDlg Access Potential Remote Stack Buffer Overflow 2 (activex.rules)
2014463 - ET WEB_CLIENT Internet Explorer
CTableRowCellsCollectionCacheItem.GetNext Memory Use-After-Free Attempt
(web_client.rules)
2014585 - ET ACTIVEX Possible Edraw Diagram Component 5 ActiveX
LicenseName Access Potential buffer overflow DOS (activex.rules)
2014586 - ET ACTIVEX Possible Edraw Diagram Component 5 ActiveX
LicenseName Access Potential buffer overflow DOS 2 (activex.rules)
2014648 - ET ACTIVEX Tracker Software pdfSaver ActiveX StoreInRegistry
Method Access Potential Buffer Overflow (activex.rules)
2014649 - ET ACTIVEX Tracker Software pdfSaver ActiveX StoreInRegistry
Method Access Potential Buffer Overflow 2 (activex.rules)
2014650 - ET ACTIVEX Tracker Software pdfSaver ActiveX InitFromRegistry
Method Access Potential Buffer Overflow (activex.rules)
2014713 - ET ACTIVEX Possible WebEx UCF atucfobj.dll ActiveX NewObject
Method Buffer Overflow (activex.rules)
2014714 - ET ACTIVEX Possible WebEx UCF atucfobj.dll ActiveX NewObject
Method Buffer Overflow 2 (activex.rules)
2014737 - ET ACTIVEX Potential ThreeDify Designer ActiveX Control cmdSave
Method Access Buffer Overflow (activex.rules)
2014738 - ET ACTIVEX Potential ThreeDify Designer ActiveX Control cmdSave
Method Access Buffer Overflow 2 (activex.rules)
2014739 - ET ACTIVEX Potential ThreeDify Designer ActiveX Control
cmdExport Method Access Buffer Overflow (activex.rules)
2014740 - ET ACTIVEX Potential ThreeDify Designer ActiveX Control
cmdExport Method Access Buffer Overflow 2 (activex.rules)
2014741 - ET ACTIVEX Potential ThreeDify Designer ActiveX Control
cmdImport Method Access Buffer Overflow (activex.rules)
2014742 - ET ACTIVEX Potential ThreeDify Designer ActiveX Control
cmdImport Method Access Buffer Overflow 2 (activex.rules)
2014743 - ET ACTIVEX Potential ThreeDify Designer ActiveX Control cmdOpen
Method Access Buffer Overflow (activex.rules)
2014744 - ET ACTIVEX Potential ThreeDify Designer ActiveX Control cmdOpen
Method Access Buffer Overflow 2 (activex.rules)
2014806 - ET ACTIVEX Possible SkinCrafter ActiveX Control InitLicenKeys
Method Access Buffer Overflow (activex.rules)
2014807 - ET ACTIVEX Possible SkinCrafter ActiveX Control InitLicenKeys
Method Access Buffer Overflow 2 (activex.rules)
2014808 - ET ACTIVEX Possible IBM Lotus Quickr for Domino ActiveX control
Attachment_Times Method Access buffer overflow Attempt (activex.rules)
2014809 - ET ACTIVEX Possible IBM Lotus Quickr for Domino ActiveX control
Import_Times Method Access buffer overflow Attempt (activex.rules)
2014833 - ET ACTIVEX Possible LEADTOOLS ActiveX Raster Twain AppName
Method Access Buffer Overflow (activex.rules)
2014834 - ET ACTIVEX Possible LEADTOOLS ActiveX Raster Twain AppName
Method Access Buffer Overflow 2 (activex.rules)
2014835 - ET ACTIVEX Possible SonicWALL SSL-VPN End-Point
Interrogator/Installer ActiveX Control Install3rdPartyComponent Method
Buffer Overflow (activex.rules)
2014874 - ET ACTIVEX Possible NET-i viewer ActiveX Control BackupToAvi
Method Access Buffer Overflow (activex.rules)
2014875 - ET ACTIVEX Possible NET-i viewer ActiveX Control BackupToAvi
Method Access Buffer Overflow 2 (activex.rules)
2014896 - ET ACTIVEX Possible IBM Lotus iNotes Upload Module possible
ActiveX Control Attachment_Times Method Access Buffer Overflow Attempt
(activex.rules)
2014902 - ET ACTIVEX Possible Camera Stream Client Possible ActiveX
Control SetDirectory Method Access Buffer Overflow (activex.rules)
2014903 - ET ACTIVEX Possible Camera Stream Client Possible ActiveX
Control SetDirectory Method Access Buffer Overflow 2 (activex.rules)
2015491 - ET ACTIVEX Possible CA BrightStor ARCserve Backup ActiveX
AddColumn Method Access Buffer Overflow (activex.rules)
2015492 - ET ACTIVEX Possible CA BrightStor ARCserve Backup ActiveX
AddColumn Method Access Buffer Overflow 2 (activex.rules)
2015493 - ET ACTIVEX Possible CommuniCrypt Mail SMTP ActiveX
AddAttachments Method Access Stack Buffer Overflow (activex.rules)
2015538 - ET ACTIVEX Possible WinZip FileView ActiveX
CreateNewFolderFromName Method Access Buffer Overflow (activex.rules)
2015539 - ET ACTIVEX Possible WinZip FileView
(WZFILEVIEW.FileViewCtrl.61) ActiveX Buffer Overflow 2 (activex.rules)
2015557 - ET WEB_CLIENT Potential MSXML2.FreeThreadedDOMDocument
Uninitialized Memory Corruption Attempt (web_client.rules)
2015563 - ET ACTIVEX Possible BarCodeWiz BarcodeWiz.dll ActiveX Control
Barcode Method Remote Buffer Overflow Attempt (activex.rules)
2015564 - ET ACTIVEX Possible BarCodeWiz (BARCODEWIZLib.BarCodeWiz)
ActiveX Control Buffer Overflow (activex.rules)
2015608 - ET ACTIVEX Possible Kazaa Altnet Download Manager ActiveX
Control Install Method Access Buffer Overflow (activex.rules)
2015636 - ET ACTIVEX Possible CA eTrust PestPatrol ActiveX Control Buffer
Overflow (activex.rules)
2015643 - ET ACTIVEX Possible Electronic Arts SnoopyCtrl ActiveX Control
Buffer Overflow (activex.rules)
2015644 - ET ACTIVEX Possible Electronic Arts SnoopyCtrl ActiveX Control
Buffer Overflow 2 (activex.rules)
2016041 - ET ACTIVEX Possible NVIDIA Install Application ActiveX Control
AddPackages Unicode Buffer Overflow (activex.rules)
2016118 - ET ACTIVEX Possible Advantech Studio ISSymbol ActiveX Control
Multiple Buffer Overflow Attempt (activex.rules)
2016237 - ET ACTIVEX Possible Samsung Kies ActiveX PrepareSync method
Buffer overflow (activex.rules)
2016382 - ET ACTIVEX Possible Ecava IntegraXor save method Remote ActiveX
Buffer Overflow (activex.rules)
2018434 - ET WEB_CLIENT Microsoft Application Crash Report Indicates
Potential VGX Memory Corruption (web_client.rules)
2018436 - ET WEB_CLIENT Microsoft Application Crash Report Indicates
Potential VGX Memory Corruption 2 (web_client.rules)
2019686 - ET EXPLOIT Belkin N750 Buffer Overflow Attempt (exploit.rules)
2019730 - ET WEB_CLIENT GENERIC Possible IE Memory Corruption
CollectGarbage with DOM Reset (web_client.rules)
2020699 - ET WEB_CLIENT Microsoft Office RTF Stack Buffer Overflow
(web_client.rules)
2021644 - ET EXPLOIT Websense Content Gateway submit_net_debug.cgi
cmd_param Param Buffer Overflow Attempt (exploit.rules)
2021709 - ET WEB_CLIENT Internet Explorer Memory Corruption Vulnerability
(CVE-2015-2444) (web_client.rules)
2021713 - ET EXPLOIT Possible Internet Explorer Memory Corruption
Vulnerability (CVE-2015-2444) (exploit.rules)
2022523 - ET WEB_CLIENT Internet Explorer Memory Corruption Vulnerability
(CVE-2016-0063) (web_client.rules)
2022712 - ET EXPLOIT Dameware DMRC Buffer Overflow Attempt
(CVE-2016-2345) (exploit.rules)
2022923 - ET EXPLOIT Possible CVE-2016-2209 Symantec PowerPoint Parsing
Buffer Overflow M1 (exploit.rules)
2022924 - ET EXPLOIT Possible CVE-2016-2209 Symantec PowerPoint Parsing
Buffer Overflow M2 (exploit.rules)
2023086 - ET EXPLOIT CISCO FIREWALL SNMP Buffer Overflow Extrabacon
(CVE-2016-6366) (exploit.rules)
2023497 - ET DOS Microsoft Windows LSASS Remote Memory Corruption
(CVE-2017-0004) (dos.rules)
2024435 - ET EXPLOIT Possible WINS Server Remote Memory Corruption
Vulnerability (exploit.rules)
2025766 - ET EXPLOIT CloudMe Sync Buffer Overflow (exploit.rules)
2025779 - ET EXPLOIT FTPShell client Stack Buffer Overflow (exploit.rules)
2027721 - ET EXPLOIT IE Scripting Engine Memory Corruption Vulnerability
M1 (CVE-2019-0752) (exploit.rules)
2027884 - ET EXPLOIT FortiOS SSL VPN - Pre-Auth Messages Payload Buffer
Overflow (CVE-2018-13381) (exploit.rules)
2027972 - ET EXPLOIT HiSilicon DVR - Buffer Overflow in Builtin Web
Server (exploit.rules)
2030242 - ET EXPLOIT Possible Zephyr RTOS ICMPv4 Stack Buffer Overflow
(exploit.rules)
2030630 - ET EXPLOIT Attempted Netgear Buffer Overflow into RCE Inbound
M1 (exploit.rules)
2030631 - ET EXPLOIT Attempted Netgear Buffer Overflow into RCE Inbound
M2 (exploit.rules)
2030830 - ET EXPLOIT Apache2 Memory Corruption Inbound (CVE-2020-9490)
(exploit.rules)
2031057 - ET EXPLOIT Qualcomm QCMAP Stack-Based Buffer Overflow Attempt
Inbound (CVE-2020-3657) (exploit.rules)
2031938 - ET EXPLOIT Possible NSDP (Netgear) Unauthenticated Buffer
Overflow (CVE-2020-35232) (exploit.rules)
2031943 - ET EXPLOIT Possible NSDP (Netgear) Write Command Buffer
Overflow Attempt - 0x0003 (CVE-2020-35225) (exploit.rules)
2031944 - ET EXPLOIT Possible NSDP (Netgear) Write Command Buffer
Overflow Attempt - 0x0005 (CVE-2020-35225) (exploit.rules)
2031945 - ET EXPLOIT Possible NSDP (Netgear) Write Command Buffer
Overflow Attempt - 0x000a (CVE-2020-35225) (exploit.rules)
2032326 - ET EXPLOIT DD-WRT UPNP Unauthenticated Buffer Overflow
(CVE-2021-27137) (exploit.rules)
2033311 - ET EXPLOIT UDP Technology Firmware (IP Cam) - Possible Stack
Buffer Overflow Attempt Outbound (Multiple CVE IDs) (exploit.rules)
2033312 - ET EXPLOIT UDP Technology Firmware (IP Cam) - Possible Stack
Buffer Overflow Attempt Inbound (Multiple CVE IDs) (exploit.rules)
2033448 - ET EXPLOIT Possible CloudMe Sync Stack-based Buffer Overflow
Inbound (CVE-2018-6892) (exploit.rules)
2033775 - ET EXPLOIT Microsoft Edge Chakra - InjectJsBuiltInLibraryCode
Use-After-Free Inbound (CVE-2019-0568) (exploit.rules)
2033837 - ET EXPLOIT Possible Realtek SDK - formRebootCheck/formWsc Stack
Buffer Overflow Inbound (CVE-2021-35392) (exploit.rules)
2033838 - ET EXPLOIT Possible Realtek SDK - formWlSiteSurvey Stack Buffer
Overflow Inbound (CVE-2021-35393) (exploit.rules)
2033841 - ET EXPLOIT Possible Realtek SDK - formStaticDHCP Stack Buffer
Overflow Inbound (CVE-2021-35393) (exploit.rules)
2033842 - ET EXPLOIT Possible Realtek SDK - formWlanMultipleAP Stack
Buffer Overflow Inbound (CVE-2021-35393) (exploit.rules)
2033843 - ET EXPLOIT Possible Realtek SDK - Stack Buffer Overflow via
UPnP SUBSCRIBE Callback Header Inbound (CVE-2021-35393) (exploit.rules)
2034257 - ET EXPLOIT Amcrest Camera and NVR Buffer Overflow Attempt
(CVE-2020-5735) (exploit.rules)
2034578 - ET EXPLOIT IE Scripting Engine Memory Corruption Vulnerability
M2 (CVE-2019-0752) (exploit.rules)
2034970 - ET EXPLOIT Sonicwall Unauthenticated Stack-Based Buffer
Overflow (CVE-2021-20038) (exploit.rules)
2034984 - ET EXPLOIT SonicWall SMA Stack-Based Buffer Overflow
CVE-2021-20038 M1 (exploit.rules)
2034985 - ET EXPLOIT SonicWall SMA Stack-Based Buffer Overflow
CVE-2021-20038 M2 (exploit.rules)
2035446 - ET EXPLOIT Netgear R6260 Mini_httpd Buffer Overflow Attempt -
Possible RCE (CVE-2021-34979) (exploit.rules)
2035717 - ET EXPLOIT NetGear R6700v3 upnpd Buffer Overflow Inbound
(CVE-2022-27643) (exploit.rules)
2038669 - ET EXPLOIT Realtek eCos RSDK/MSDK Stack-based Buffer Overflow
Attempt Inbound (CVE-2022-27255) (exploit.rules)
2038736 - ET EXPLOIT NetGear WNR2000v5 Buffer Overflow Attempt Inbound
(CVE-2017-6862) (exploit.rules)
2039618 - ET EXPLOIT Possible OpenSSL Punycode Email Address Buffer
Overflow Attempt Inbound (CVE-2022-3602) (exploit.rules)
2039619 - ET EXPLOIT Possible OpenSSL Punycode Email Address Buffer
Overflow Attempt Outbound (CVE-2022-3602) (exploit.rules)
2041650 - ET EXPLOIT Xiongmai/HiSilicon DVR - RTSP Buffer Overflow
Attempt - CVE-2022-26259 (exploit.rules)
2043239 - ET MALWARE WasabiSeed Backdoor Payload Request (GET)
(malware.rules)
2100690 - GPL SQL xp_printstatements possible buffer overflow (sql.rules)
2100695 - GPL EXPLOIT xp_sprintf possible buffer overflow (exploit.rules)
2101842 - GPL IMAP login buffer overflow attempt (imap.rules)
2101894 - GPL EXPLOIT kadmind buffer overflow attempt (exploit.rules)
2101895 - GPL EXPLOIT kadmind buffer overflow attempt (exploit.rules)
2101896 - GPL EXPLOIT kadmind buffer overflow attempt (exploit.rules)
2101897 - GPL EXPLOIT kadmind buffer overflow attempt (exploit.rules)
2101907 - GPL RPC CMSD UDP CMSD_CREATE buffer overflow attempt (rpc.rules)
2101908 - GPL RPC CMSD TCP CMSD_CREATE buffer overflow attempt (rpc.rules)
2101909 - GPL RPC CMSD TCP CMSD_INSERT buffer overflow attempt (rpc.rules)
2102103 - GPL NETBIOS SMB trans2open buffer overflow attempt
(netbios.rules)
2102257 - GPL NETBIOS DCERPC Messenger Service buffer overflow attempt
(netbios.rules)
2102258 - GPL NETBIOS SMB-DS DCERPC Messenger Service buffer overflow
attempt (netbios.rules)
2102576 - GPL SQL dbms_repcat.generate_replication_support buffer
overflow attempt (sql.rules)
2102599 - GPL SQL dbms_repcat.add_grouped_column buffer overflow attempt
(sql.rules)
2102600 - GPL SQL add_grouped_column ordered sname/oname buffer overflow
attempt (sql.rules)
2102601 - GPL SQL dbms_repcat.drop_master_repgroup buffer overflow
attempt (sql.rules)
2102602 - GPL SQL drop_master_repgroup ordered gname buffer overflow
attempt (sql.rules)
2102603 - GPL SQL dbms_repcat.create_mview_repgroup buffer overflow
attempt (sql.rules)
2102604 - GPL SQL create_mview_repgroup ordered fname buffer overflow
attempt (sql.rules)
2102605 - GPL SQL dbms_repcat.compare_old_values buffer overflow attempt
(sql.rules)
2102606 - GPL SQL dbms_repcat.comment_on_repobject buffer overflow
attempt (sql.rules)
2102607 - GPL SQL comment_on_repobject ordered type buffer overflow
attempt (sql.rules)
2102609 - GPL SQL dbms_repcat.cancel_statistics buffer overflow attempt
(sql.rules)
2102610 - GPL SQL cancel_statistics ordered sname/oname buffer overflow
attempt (sql.rules)
2102614 - GPL SQL time_zone buffer overflow attempt (sql.rules)
2102616 - GPL SQL grant_surrogate_repcat ordered userid buffer overflow
attempt (sql.rules)
2102618 - GPL SQL alter_mview_propagation ordered gname buffer overflow
attempt (sql.rules)
2102619 - GPL SQL dbms_repcat.alter_master_repobject buffer overflow
attempt (sql.rules)
2102621 - GPL SQL dbms_repcat_sna_utl.register_flavor_change buffer
overflow attempt (sql.rules)
2102622 - GPL SQL dbms_repcat_utl.drop_an_object buffer overflow attempt
(sql.rules)
2102623 - GPL SQL dbms_repcat_sna_utl.create_snapshot_repgroup buffer
overflow attempt (sql.rules)
2102624 - GPL SQL dbms_repcat_admin.unregister_user_repgroup buffer
overflow attempt (sql.rules)
2102625 - GPL SQL unregister_user_repgroup ordered privilege_type buffer
overflow attempt (sql.rules)
2102626 - GPL SQL dbms_repcat.send_old_values buffer overflow attempt
(sql.rules)
2102627 - GPL SQL dbms_repcat.repcat_import_check buffer overflow attempt
(sql.rules)
2102628 - GPL SQL repcat_import_check ordered gowner/gname buffer
overflow attempt (sql.rules)
2102629 - GPL SQL dbms_repcat_admin.register_user_repgroup buffer
overflow attempt (sql.rules)
2102630 - GPL SQL register_user_repgroup ordered privilege_type buffer
overflow attempt (sql.rules)
2102631 - GPL SQL dbms_repcat.refresh_mview_repgroup buffer overflow
attempt (sql.rules)
2102632 - GPL SQL refresh_mview_repgroup ordered gowner buffer overflow
attempt (sql.rules)
2102634 - GPL SQL rectifier_diff ordered sname1 buffer overflow attempt
(sql.rules)
2102635 - GPL SQL dbms_offline_snapshot.end_load buffer overflow attempt
(sql.rules)
2102636 - GPL SQL snapshot.end_load ordered gname buffer overflow attempt
(sql.rules)
2102637 - GPL SQL dbms_repcat.drop_master_repobject buffer overflow
attempt (sql.rules)
2102638 - GPL SQL drop_master_repobject ordered type buffer overflow
attempt (sql.rules)
2102639 - GPL SQL dbms_repcat.drop_mview_repgroup buffer overflow attempt
(sql.rules)
2102640 - GPL SQL drop_mview_repgroup ordered gowner/gname buffer
overflow attempt (sql.rules)
2102641 - GPL SQL dbms_repcat_instantiate.drop_site_instantiation buffer
overflow attempt (sql.rules)
2102642 - GPL SQL drop_site_instantiate ordered refresh_template_name
buffer overflow attempt (sql.rules)
2102644 - GPL SQL from_tz buffer overflow attempt (sql.rules)
2102645 - GPL SQL dbms_repcat_instantiate.instantiate_offline buffer
overflow attempt (sql.rules)
2102646 - GPL SQL instantiate_offline ordered refresh_template_name
buffer overflow attempt (sql.rules)
2102647 - GPL SQL dbms_repcat_instantiate.instantiate_online buffer
overflow attempt (sql.rules)
2102648 - GPL SQL instantiate_online ordered refresh_template_name buffer
overflow attempt (sql.rules)
2102649 - GPL SQL service_name buffer overflow attempt (sql.rules)
2102650 - GPL SQL user name buffer overflow attempt (sql.rules)
2102652 - GPL SQL dbms_offline_og.begin_load buffer overflow attempt
(sql.rules)
2102653 - GPL SQL og.begin_load ordered gname buffer overflow attempt
(sql.rules)
2102674 - GPL SQL dbms_repcat.add_delete_resolution buffer overflow
attempt (sql.rules)
2102675 - GPL SQL dbms_repcat_rgt.instantiate_offline buffer overflow
attempt (sql.rules)
2102676 - GPL SQL dbms_repcat_rgt.drop_site_instantiation buffer overflow
attempt (sql.rules)
2102677 - GPL SQL dbms_repcat_rgt.instantiate_online buffer overflow
attempt (sql.rules)
2102678 - GPL SQL ctx_output.start_log buffer overflow attempt (sql.rules)
2102681 - GPL SQL mdsys.sdo_admin.sdo_code_size buffer overflow attempt
(sql.rules)
2102682 - GPL SQL mdsys.md2.validate_geom buffer overflow attempt
(sql.rules)
2102683 - GPL SQL mdsys.md2.sdo_code_size buffer overflow attempt
(sql.rules)
2102697 - GPL SQL alter file buffer overflow attempt (sql.rules)
2102698 - GPL SQL create file buffer overflow attempt (sql.rules)
2102699 - GPL SQL TO_CHAR buffer overflow attempt (sql.rules)
2102700 - GPL SQL numtoyminterval buffer overflow attempt (sql.rules)
2102708 - GPL SQL dbms_offline_og.begin_flavor_change buffer overflow
attempt (sql.rules)
2102709 - GPL SQL dbms_offline_og.begin_instantiation buffer overflow
attempt (sql.rules)
2102711 - GPL SQL dbms_offline_og.end_flavor_change buffer overflow
attempt (sql.rules)
2102712 - GPL SQL dbms_offline_og.end_instantiation buffer overflow
attempt (sql.rules)
2102713 - GPL SQL dbms_offline_og.end_load buffer overflow attempt
(sql.rules)
2102714 - GPL SQL dbms_offline_og.resume_subset_of_masters buffer
overflow attempt (sql.rules)
2102715 - GPL SQL dbms_offline_snapshot.begin_load buffer overflow
attempt (sql.rules)
2102717 - GPL SQL dbms_rectifier_diff.differences buffer overflow attempt
(sql.rules)
2102718 - GPL SQL dbms_rectifier_diff.rectify buffer overflow attempt
(sql.rules)
2102719 - GPL SQL dbms_repcat.abort_flavor_definition buffer overflow
attempt (sql.rules)
2102720 - GPL SQL dbms_repcat.add_column_group_to_flavor buffer overflow
attempt (sql.rules)
2102721 - GPL SQL dbms_repcat.add_columns_to_flavor buffer overflow
attempt (sql.rules)
2102722 - GPL SQL dbms_repcat.add_object_to_flavor buffer overflow
attempt (sql.rules)
2102723 - GPL SQL dbms_repcat.add_priority_char buffer overflow attempt
(sql.rules)
2102724 - GPL SQL dbms_repcat.add_priority_date buffer overflow attempt
(sql.rules)
2102725 - GPL SQL dbms_repcat.add_priority_nchar buffer overflow attempt
(sql.rules)
2102727 - GPL SQL dbms_repcat.add_priority_nvarchar2 buffer overflow
attempt (sql.rules)
2102728 - GPL SQL dbms_repcat.add_priority_raw buffer overflow attempt
(sql.rules)
2102729 - GPL SQL dbms_repcat.add_priority_varchar2 buffer overflow
attempt (sql.rules)
2102730 - GPL SQL dbms_repcat.add_site_priority_site buffer overflow
attempt (sql.rules)
2102731 - GPL SQL dbms_repcat.add_unique_resolution buffer overflow
attempt (sql.rules)
2102732 - GPL SQL dbms_repcat.add_update_resolution buffer overflow
attempt (sql.rules)
2102733 - GPL SQL dbms_repcat.alter_master_propagation buffer overflow
attempt (sql.rules)
2102734 - GPL SQL dbms_repcat.alter_mview_propagation buffer overflow
attempt (sql.rules)
2102735 - GPL SQL dbms_repcat.alter_priority_char buffer overflow attempt
(sql.rules)
2102736 - GPL SQL dbms_repcat.alter_priority_date buffer overflow attempt
(sql.rules)
2102737 - GPL SQL dbms_repcat.alter_priority_nchar buffer overflow
attempt (sql.rules)
2102738 - GPL SQL dbms_repcat.alter_priority_number buffer overflow
attempt (sql.rules)
2102739 - GPL SQL dbms_repcat.alter_priority_nvarchar2 buffer overflow
attempt (sql.rules)
2102740 - GPL SQL dbms_repcat.alter_priority_raw buffer overflow attempt
(sql.rules)
2102741 - GPL SQL dbms_repcat.alter_priority buffer overflow attempt
(sql.rules)
2102742 - GPL SQL dbms_repcat.alter_priority_varchar2 buffer overflow
attempt (sql.rules)
2102743 - GPL SQL dbms_repcat.alter_site_priority_site buffer overflow
attempt (sql.rules)
2102744 - GPL SQL dbms_repcat.alter_site_priority buffer overflow attempt
(sql.rules)
2102745 - GPL SQL dbms_repcat.alter_snapshot_propagation buffer overflow
attempt (sql.rules)
2102746 - GPL SQL dbms_repcat_auth.revoke_surrogate_repcat buffer
overflow attempt (sql.rules)
2102747 - GPL SQL dbms_repcat.begin_flavor_definition buffer overflow
attempt (sql.rules)
2102748 - GPL SQL dbms_repcat.comment_on_column_group buffer overflow
attempt (sql.rules)
2102749 - GPL SQL dbms_repcat.comment_on_delete_resolution buffer
overflow attempt (sql.rules)
2102750 - GPL SQL dbms_repcat.comment_on_mview_repsites buffer overflow
attempt (sql.rules)
2102751 - GPL SQL dbms_repcat.comment_on_priority_group buffer overflow
attempt (sql.rules)
2102752 - GPL SQL dbms_repcat.comment_on_repgroup buffer overflow attempt
(sql.rules)
2102753 - GPL SQL dbms_repcat.comment_on_repsites buffer overflow attempt
(sql.rules)
2102754 - GPL SQL dbms_repcat.comment_on_site_priority buffer overflow
attempt (sql.rules)
2102755 - GPL SQL dbms_repcat.comment_on_unique_resolution buffer
overflow attempt (sql.rules)
2102756 - GPL SQL dbms_repcat.comment_on_update_resolution buffer
overflow attempt (sql.rules)
2102757 - GPL SQL dbms_repcat.create_master_repgroup buffer overflow
attempt (sql.rules)
2102758 - GPL SQL dbms_repcat.create_master_repobject buffer overflow
attempt (sql.rules)
2102759 - GPL SQL dbms_repcat.create_snapshot_repgroup buffer overflow
attempt (sql.rules)
2102760 - GPL SQL dbms_repcat.define_column_group buffer overflow attempt
(sql.rules)
2102761 - GPL SQL dbms_repcat.define_priority_group buffer overflow
attempt (sql.rules)
2102762 - GPL SQL dbms_repcat.define_site_priority buffer overflow
attempt (sql.rules)
2102763 - GPL SQL dbms_repcat.do_deferred_repcat_admin buffer overflow
attempt (sql.rules)
2102764 - GPL SQL dbms_repcat.drop_column_group_from_flavor buffer
overflow attempt (sql.rules)
2102765 - GPL SQL dbms_repcat.drop_column_group buffer overflow attempt
(sql.rules)
2102766 - GPL SQL dbms_repcat.drop_columns_from_flavor buffer overflow
attempt (sql.rules)
2102767 - GPL SQL dbms_repcat.drop_delete_resolution buffer overflow
attempt (sql.rules)
2102769 - GPL SQL dbms_repcat.drop_mview_repobject buffer overflow
attempt (sql.rules)
2102770 - GPL SQL dbms_repcat.drop_object_from_flavor buffer overflow
attempt (sql.rules)
2102771 - GPL SQL dbms_repcat.drop_priority_char buffer overflow attempt
(sql.rules)
2102772 - GPL SQL dbms_repcat.drop_priority_date buffer overflow attempt
(sql.rules)
2102773 - GPL SQL dbms_repcat.drop_priority_nchar buffer overflow attempt
(sql.rules)
2102774 - GPL SQL dbms_repcat.drop_priority_number buffer overflow
attempt (sql.rules)
2102775 - GPL SQL dbms_repcat.drop_priority_nvarchar2 buffer overflow
attempt (sql.rules)
2102776 - GPL SQL dbms_repcat.drop_priority_raw buffer overflow attempt
(sql.rules)
2102777 - GPL SQL dbms_repcat.drop_priority buffer overflow attempt
(sql.rules)
2102778 - GPL SQL dbms_repcat.drop_priority_varchar2 buffer overflow
attempt (sql.rules)
2102779 - GPL SQL dbms_repcat.drop_site_priority_site buffer overflow
attempt (sql.rules)
2102780 - GPL SQL dbms_repcat.drop_site_priority buffer overflow attempt
(sql.rules)
2102781 - GPL SQL dbms_repcat.drop_snapshot_repgroup buffer overflow
attempt (sql.rules)
2102782 - GPL SQL dbms_repcat.drop_snapshot_repobject buffer overflow
attempt (sql.rules)
2102783 - GPL SQL dbms_repcat.drop_unique_resolution buffer overflow
attempt (sql.rules)
2102784 - GPL SQL dbms_repcat.drop_update_resolution buffer overflow
attempt (sql.rules)
2102785 - GPL SQL dbms_repcat.execute_ddl buffer overflow attempt
(sql.rules)
2102786 - GPL SQL dbms_repcat.generate_replication_package buffer
overflow attempt (sql.rules)
2102788 - GPL SQL dbms_repcat.make_column_group buffer overflow attempt
(sql.rules)
2102789 - GPL SQL dbms_repcat.obsolete_flavor_definition buffer overflow
attempt (sql.rules)
2102790 - GPL SQL dbms_repcat.publish_flavor_definition buffer overflow
attempt (sql.rules)
2102791 - GPL SQL dbms_repcat.purge_flavor_definition buffer overflow
attempt (sql.rules)
2102792 - GPL SQL dbms_repcat.purge_master_log buffer overflow attempt
(sql.rules)
2102793 - GPL SQL dbms_repcat.purge_statistics buffer overflow attempt
(sql.rules)
2102795 - GPL SQL dbms_repcat.refresh_snapshot_repgroup buffer overflow
attempt (sql.rules)
2102796 - GPL SQL dbms_repcat.register_mview_repgroup buffer overflow
attempt (sql.rules)
2102797 - GPL SQL dbms_repcat.register_snapshot_repgroup buffer overflow
attempt (sql.rules)
2102798 - GPL SQL dbms_repcat.register_statistics buffer overflow attempt
(sql.rules)
2102799 - GPL SQL dbms_repcat.relocate_masterdef buffer overflow attempt
(sql.rules)
2102800 - GPL SQL dbms_repcat.rename_shadow_column_group buffer overflow
attempt (sql.rules)
2102801 - GPL SQL dbms_repcat.resume_master_activity buffer overflow
attempt (sql.rules)
2102802 - GPL SQL dbms_repcat_rgt.check_ddl_text buffer overflow attempt
(sql.rules)
2102804 - GPL SQL dbms_repcat.send_and_compare_old_values buffer overflow
attempt (sql.rules)
2102805 - GPL SQL dbms_repcat.set_columns buffer overflow attempt
(sql.rules)
2102806 - GPL SQL dbms_repcat.set_local_flavor buffer overflow attempt
(sql.rules)
2102807 - GPL SQL dbms_repcat.specify_new_masters buffer overflow attempt
(sql.rules)
2102808 - GPL SQL dbms_repcat.suspend_master_activity buffer overflow
attempt (sql.rules)
2102809 - GPL SQL dbms_repcat.unregister_mview_repgroup buffer overflow
attempt (sql.rules)
2102810 - GPL SQL dbms_repcat.unregister_snapshot_repgroup buffer
overflow attempt (sql.rules)
2102811 - GPL SQL dbms_repcat.validate_flavor_definition buffer overflow
attempt (sql.rules)
2102812 - GPL SQL dbms_repcat.validate_for_local_flavor buffer overflow
attempt (sql.rules)
2102822 - GPL SQL sys.dbms_repcat_fla_mas.publish_flavor_definition
buffer overflow attempt (sql.rules)
2102830 - GPL SQL sys.dbms_repcat_mas.create_master_repgroup buffer
overflow attempt (sql.rules)
2102850 - GPL SQL dbms_repcat.create_mview_repobject buffer overflow
attempt (sql.rules)
2102851 - GPL SQL dbms_repcat.create_snapshot_repobject buffer overflow
attempt (sql.rules)
2102852 - GPL SQL dbms_repcat.generate_mview_support buffer overflow
attempt (sql.rules)
2102853 - GPL SQL dbms_repcat.generate_replication_trigger buffer
overflow attempt (sql.rules)
2102854 - GPL SQL dbms_repcat.generate_snapshot_support buffer overflow
attempt (sql.rules)
2102855 - GPL SQL dbms_repcat.remove_master_databases buffer overflow
attempt (sql.rules)
2102856 - GPL SQL dbms_repcat.switch_mview_master buffer overflow attempt
(sql.rules)
2102857 - GPL SQL dbms_repcat.switch_snapshot_master buffer overflow
attempt (sql.rules)
2102859 - GPL SQL sys.dbms_repcat_conf.add_priority_char buffer overflow
attempt (sql.rules)
2102877 - GPL SQL sys.dbms_repcat_conf.alter_site_priority_site buffer
overflow attempt (sql.rules)
2102893 - GPL SQL sys.dbms_repcat_conf.drop_priority_raw buffer overflow
attempt (sql.rules)
2102895 - GPL SQL sys.dbms_repcat_conf.drop_priority_varchar2 buffer
overflow attempt (sql.rules)
2800225 - ETPRO WEB_CLIENT FLAC Project libFLAC Picture Metadata
MIME-Type Size Buffer Overflow 4 (web_client.rules)
2800352 - ETPRO WEB_CLIENT Microsoft Windows Graphics Rendering Engine
WMF Parsing Buffer Overflow (web_client.rules)
2800355 - ETPRO WEB_CLIENT Multiple Products libxml2 XML File Processing
Long Entity Name Buffer Overflow (web_client.rules)
2800424 - ETPRO ACTIVEX Research In Motion BlackBerry Application Web
Loader ActiveX Control Buffer Overflow 1 (activex.rules)
2800492 - ETPRO WEB_CLIENT Microsoft Windows AVI File Header Processing
Memory Corruption (web_client.rules)
2800544 - ETPRO NETBIOS Microsoft Windows SMB Pathname Buffer Overflow 1
(netbios.rules)
2800545 - ETPRO NETBIOS Microsoft Windows SMB Pathname Buffer Overflow 2
(netbios.rules)
2800547 - ETPRO WEB_CLIENT Microsoft Windows DirectShow Heap Buffer
Overflow (web_client.rules)
2800605 - ETPRO EXPLOIT RealNetworks RealPlayer AVI Parsing Buffer
Overflow (exploit.rules)
2800623 - ETPRO EXPLOIT Novell eDirectory Server iMonitor Buffer Overflow
(exploit.rules)
2800640 - ETPRO ACTIVEX McAfee ePolicy Orchestrator SiteManager ActiveX
Control ExportSiteList Buffer Overflow (activex.rules)
2800641 - ETPRO ACTIVEX McAfee ePolicy Orchestrator SiteManager ActiveX
Control ExportSiteList Buffer Overflow(UCS-16) (activex.rules)
2800696 - ETPRO EXPLOIT Microsoft Word mso.dll LsCreateLine Memory
Corruption (Published Exploit) DOC DOWNLOAD (exploit.rules)
2800783 - ETPRO WEB_CLIENT Apple QuickTime PictureViewer Buffer Overflow
(Published Exploit) (web_client.rules)
2800804 - ETPRO ACTIVEX Novell iPrint Client ExecuteRequest debug
Parameter Buffer Overflow CLSID Flowbit set (activex.rules)
2800805 - ETPRO ACTIVEX Novell iPrint Client ExecuteRequest debug
Parameter Buffer Overflow CLSID Flowbit 2 (activex.rules)
2800806 - ETPRO ACTIVEX Novell iPrint Client ExecuteRequest debug
Parameter Buffer Overflow - 3 (activex.rules)
2800826 - ETPRO WEB_CLIENT Adobe Acrobat and Reader CoolType.dll Stack
Buffer Overflow 1 (web_client.rules)
2800827 - ETPRO WEB_CLIENT Adobe Acrobat and Reader CoolType.dll Stack
Buffer Overflow 2 (web_client.rules)
2800828 - ETPRO WEB_CLIENT Adobe Acrobat and Reader CoolType.dll Stack
Buffer Overflow 3 (web_client.rules)
2800829 - ETPRO WEB_CLIENT Adobe Acrobat and Reader CoolType.dll Stack
Buffer Overflow 4 (web_client.rules)
2800837 - ETPRO WEB_CLIENT Adobe Shockwave Director tSAC Chunk Parsing
Memory Corruption (web_client.rules)
2800863 - ETPRO SCADA RealFlex RealWin SCADA SCPC_INITIALIZE and
SCPC_INITIALIZE_RF Buffer Overflow 1 (scada.rules)
2800864 - ETPRO SCADA RealFlex RealWin SCADA SCPC_INITIALIZE and
SCPC_INITIALIZE_RF Buffer Overflow 2 (scada.rules)
2800872 - ETPRO WEB_CLIENT Microsoft Office RTF Stack Buffer Overflow
Trigger (web_client.rules)
2800921 - ETPRO SCADA RealFlex RealWin SCADA SCPC_INITIALIZE and
SCPC_INITIALIZE_RF Buffer Overflow header 1 (scada.rules)
2800922 - ETPRO SCADA RealFlex RealWin SCADA SCPC_INITIALIZE and
SCPC_INITIALIZE_RF Buffer Overflow header 2 (scada.rules)
2801181 - ETPRO ACTIVEX SAP Crystal Reports PrintControl.dll ActiveX
Control Buffer Overflow (activex.rules)
2801182 - ETPRO ACTIVEX SAP Crystal Reports PrintControl.dll ActiveX
Control Buffer Overflow 2 (activex.rules)
2801217 - ETPRO WEB_CLIENT Microsoft Windows Fax Services Cover Page
Editor Heap Buffer Overflow (Published Exploit) (web_client.rules)
2801225 - ETPRO ACTIVEX HP Photo Creative audio.Record ActiveX Stack
Buffer Overflow 1 (activex.rules)
2801227 - ETPRO ACTIVEX HP Photo Creative audio.Record ActiveX Stack
Buffer Overflow 2 (activex.rules)
2801229 - ETPRO WEB_CLIENT Microsoft Graphics Rendering Engine Thumbnail
Image Stack Buffer Overflow (web_client.rules)
2801355 - ETPRO EXPLOIT IBM DB2 Universal Database receiveDASMessage
Buffer Overflow 1 (exploit.rules)
2801356 - ETPRO EXPLOIT IBM DB2 Universal Database receiveDASMessage
Buffer Overflow 2 (exploit.rules)
2801357 - ETPRO EXPLOIT IBM DB2 Universal Database receiveDASMessage
Buffer Overflow 3 (exploit.rules)
2801358 - ETPRO EXPLOIT IBM DB2 Universal Database receiveDASMessage
Buffer Overflow 4 (exploit.rules)
2801359 - ETPRO EXPLOIT IBM DB2 Universal Database receiveDASMessage
Buffer Overflow 5 (exploit.rules)
2801360 - ETPRO EXPLOIT IBM DB2 Universal Database receiveDASMessage
Buffer Overflow 6 (exploit.rules)
2801361 - ETPRO EXPLOIT IBM DB2 Universal Database receiveDASMessage
Buffer Overflow 7 (exploit.rules)
2801362 - ETPRO EXPLOIT IBM DB2 Universal Database receiveDASMessage
Buffer Overflow 8 (exploit.rules)
2801789 - ETPRO SCADA IGSS SCADA ListAll Function Buffer Overflow
(scada.rules)
2801790 - ETPRO SCADA IGSS SCADA Write File Function Buffer Overflow
(scada.rules)
2801791 - ETPRO SCADA IGSS SCADA ReadFile Function Buffer Overflow
(scada.rules)
2801792 - ETPRO SCADA IGSS SCADA Delete Function Buffer Overflow
(scada.rules)
2801793 - ETPRO SCADA IGSS SCADA RenameFile Function Buffer Overflow
(scada.rules)
2801794 - ETPRO SCADA IGSS SCADA FileInfo Function Buffer Overflow
(scada.rules)
2801795 - ETPRO SCADA IGSS SCADA RMS Report Add Command Buffer Overflow
(scada.rules)
2801796 - ETPRO SCADA IGSS SCADA RMS Report Template ReadFile Command
Buffer Overflow (scada.rules)
2801797 - ETPRO SCADA IGSS SCADA RMS Report Template WriteFile Command
Buffer Overflow (scada.rules)
2801798 - ETPRO SCADA IGSS SCADA RMS Report Template Add Command Buffer
Overflow (scada.rules)
2801799 - ETPRO SCADA IGSS SCADA RMS Report Template Rename Command
Buffer Overflow (scada.rules)
2801800 - ETPRO SCADA IGSS SCADA RMS Report Template Delete Command
Buffer Overflow (scada.rules)
2801801 - ETPRO SCADA IGSS SCADA STDREP Request Buffer Overflow
(scada.rules)
2801804 - ETPRO SCADA RealFlex RealWin SCADA SCPC_TXTEVENT strcpy()
Buffer Overflow (scada.rules)
2801805 - ETPRO SCADA RealFlex RealWin SCADA On_FC_CONNECT_FCS_LOGIN
Buffer Overflow (scada.rules)
2801806 - ETPRO SCADA RealFlex RealWin SCADA On_FC_CTAGLIST_FCS_CADDTAG
Buffer Overflow (scada.rules)
2801807 - ETPRO SCADA RealFlex RealWin SCADA On_FC_CTAGLIST_FCS_CDELTAG
Buffer Overflow (scada.rules)
2801808 - ETPRO SCADA RealFlex RealWin SCADA On_FC_CTAGLIST_FCS_ADDTAGMS
Buffer Overflow (scada.rules)
2801809 - ETPRO SCADA RealFlex RealWin SCADA On_FC_RFUSER_FCS_LOGIN
Buffer Overflow (scada.rules)
2801810 - ETPRO SCADA RealFlex RealWin SCADA On_FC_BINFILE_FCS_*FILE
Buffer Overflow 1 (scada.rules)
2801811 - ETPRO SCADA RealFlex RealWin SCADA On_FC_BINFILE_FCS_*FILE
Buffer Overflow 2 (scada.rules)
2801812 - ETPRO SCADA RealFlex RealWin SCADA On_FC_BINFILE_FCS_*FILE
Buffer Overflow 3 (scada.rules)
2801813 - ETPRO SCADA RealFlex RealWin SCADA On_FC_BINFILE_FCS_*FILE
Buffer Overflow 4 (scada.rules)
2801814 - ETPRO SCADA RealFlex RealWin SCADA On_FC_BINFILE_FCS_*FILE
Buffer Overflow 5 (scada.rules)
2801815 - ETPRO SCADA RealFlex RealWin SCADA On_FC_BINFILE_FCS_*FILE
Buffer Overflow 6 (scada.rules)
2801816 - ETPRO SCADA RealFlex RealWin SCADA On_FC_MISC_FCS_MSGBROADCAST
Buffer Overflow (scada.rules)
2801817 - ETPRO SCADA RealFlex RealWin SCADA On_FC_MISC_FCS_MSGSEND
Buffer Overflow (scada.rules)
2801818 - ETPRO SCADA RealFlex RealWin SCADA
On_FC_CGETTAG_FCS_GETTELEMETRY Buffer Overflow (scada.rules)
2801819 - ETPRO SCADA RealFlex RealWin SCADA
On_FC_CGETTAG_FCS_GETCHANNELTELEMETRY Buffer Overflow (scada.rules)
2801820 - ETPRO SCADA RealFlex RealWin SCADA
On_FC_CGETTAG_FCS_SETTELEMETRY Buffer Overflow (scada.rules)
2801821 - ETPRO SCADA RealFlex RealWin SCADA
On_FC_CGETTAG_FCS_SETCHANNELTELEMETRY Buffer Overflow (scada.rules)
2801822 - ETPRO SCADA RealFlex RealWin SCADA On_FC_SCRIPT_FCS_STARTPROG
Buffer Overflow (scada.rules)
2801868 - ETPRO SCADA Siemens Tecnomatix FactoryLink CSService CSMSG path
Buffer Overflow (scada.rules)
2801869 - ETPRO SCADA Siemens Tecnomatix FactoryLink CSService CSMSG
filter Buffer Overflow (scada.rules)
2801870 - ETPRO SCADA Siemens Tecnomatix FactoryLink CSService GetFile
path Buffer Overflow (scada.rules)
2801871 - ETPRO SCADA Siemens Tecnomatix FactoryLink CSService
GetFileInfo path Buffer Overflow (scada.rules)
2801880 - ETPRO NETBIOS Microsoft Windows SMB-DS Client Transaction
Buffer Overflow (Published Exploit) (netbios.rules)
2801881 - ETPRO NETBIOS Microsoft Windows SMB Client Transaction Buffer
Overflow (Published Exploit) (netbios.rules)
2801885 - ETPRO WEB_CLIENT RealNetworks RealPlayer IVR Handling Heap
Buffer Overflow (Published Exploit) (web_client.rules)
2801907 - ETPRO SCADA Siemens Tecnomatix FactoryLink vrn.exe opcode 10
buffer overflow (scada.rules)
2801908 - ETPRO SCADA Siemens Tecnomatix FactoryLink vrn.exe opcode 10
buffer overflow 2 (scada.rules)
2801909 - ETPRO SCADA Siemens Tecnomatix FactoryLink vrn.exe opcode 9
buffer overflow (scada.rules)
2801910 - ETPRO SCADA Siemens Tecnomatix FactoryLink vrn.exe opcode 9
buffer overflow 2 (scada.rules)
2801929 - ETPRO WEB_CLIENT Microsoft Office Excel Pivot Item Index
Boundary Error Memory Corruption 1 (web_client.rules)
2801933 - ETPRO WEB_CLIENT Microsoft Office Word RTF Document Control
Word Parsing Memory Corruption (web_client.rules)
2801967 - ETPRO WEB_CLIENT AOL Desktop .rtx File Parsing Buffer Overflow
(web_client.rules)
2802068 - ETPRO WEB_CLIENT Microsoft Internet Explorer Object Management
Memory Corruption 2 (web_client.rules)
2802069 - ETPRO WEB_CLIENT Microsoft Internet Explorer Object Management
Memory Corruption (web_client.rules)
2802081 - ETPRO EXPLOIT Microsoft Windows LLMNR Request Stack Memory
Corruption (exploit.rules)
2802107 - ETPRO WEB_CLIENT Microsoft Windows Fax Services Cover Page
Editor Double Free Memory Corruption (Published Exploit) Flowbit Set
(web_client.rules)
2802122 - ETPRO WEB_CLIENT Microsoft Internet Explorer Potential
Use-After-Free Heap Overflow attempt (Exploit Specific) (web_client.rules)
2802128 - ETPRO WEB_CLIENT Microsoft Internet Explorer Word Document
Uninitialized Memory Corruption (web_client.rules)
2802129 - ETPRO WEB_CLIENT Microsoft Internet Explorer Word Document
Uninitialized Memory Corruption via docx (web_client.rules)
2802130 - ETPRO WEB_CLIENT Microsoft Internet Explorer Word Document
Uninitialized Memory Corruption via xls (web_client.rules)
2802131 - ETPRO WEB_CLIENT Microsoft Internet Explorer Word Document
Uninitialized Memory Corruption via xlsx (web_client.rules)
2802132 - ETPRO WEB_CLIENT Microsoft Internet Explorer Word Document
Uninitialized Memory Corruption via rtf (web_client.rules)
2802133 - ETPRO WEB_CLIENT Microsoft Internet Explorer Word Document
Uninitialized Memory Corruption via xlt (web_client.rules)
2802134 - ETPRO WEB_CLIENT Microsoft Internet Explorer Word Document
Uninitialized Memory Corruption via doc 2 (web_client.rules)
2802135 - ETPRO WEB_CLIENT Microsoft Internet Explorer Word Document
Uninitialized Memory Corruption via docx 2 (web_client.rules)
2802136 - ETPRO WEB_CLIENT Microsoft Internet Explorer Word Document
Uninitialized Memory Corruption via xls 2 (web_client.rules)
2802137 - ETPRO WEB_CLIENT Microsoft Internet Explorer Word Document
Uninitialized Memory Corruption via xlsx 2 (web_client.rules)
2802138 - ETPRO WEB_CLIENT Microsoft Internet Explorer Word Document
Uninitialized Memory Corruption via xlt 2 (web_client.rules)
2802139 - ETPRO WEB_CLIENT Microsoft Internet Explorer Word Document
Uninitialized Memory Corruption via rtf 2 (web_client.rules)
2802586 - ETPRO WEB_CLIENT Adobe Audition Session File TRKM Stack Buffer
Overflow (web_client.rules)
2802820 - ETPRO WEB_CLIENT Adobe Audition Session File Stack Buffer
Overflow 1 (web_client.rules)
2802821 - ETPRO WEB_CLIENT Adobe Audition Session File Stack Buffer
Overflow 2 (web_client.rules)
2802832 - ETPRO SCADA RealFlex RealWin FC_RFUSER_FCS_LOGIN Buffer
Overflow (scada.rules)
2802833 - ETPRO SCADA RealFlex RealWin FC_RFUSER_FCS_LOGIN Buffer
Overflow (scada.rules)
2802921 - ETPRO WEB_CLIENT Adobe Audition Session File Stack Buffer
Overflow 1 (web_client.rules)
2802922 - ETPRO WEB_CLIENT Adobe Audition Session File Stack Buffer
Overflow 2 (web_client.rules)
2803028 - ETPRO WEB_CLIENT Microsoft HTML Time Entity Memory Corruption
Exploit Attempt (web_client.rules)
2803056 - ETPRO WEB_CLIENT MSIE Layout Memory Corruption Attack 2
(web_client.rules)
2803067 - ETPRO WEB_CLIENT Adobe Shockwave Director File KEY Chunk
Parsing Buffer Overflow (web_client.rules)
2803523 - ETPRO ACTIVEX F-Secure Multiple Products fsresh.dll ActiveX
Stack Buffer Overflow (activex.rules)
2803601 - ETPRO SCADA BroadWin WebAccess Client Bwocxrun ActiveX
arbitrary memory corruption 1 (scada.rules)
2803602 - ETPRO SCADA BroadWin WebAccess Client Bwocxrun ActiveX
arbitrary memory corruption 2 (scada.rules)
2803661 - ETPRO WEB_CLIENT Adobe PDF PICT Image Stream Memory Corruption
Attempt (web_client.rules)
2803669 - ETPRO SCADA Progea Movicon PowerHMI Memory Corruption Negative
Content Length (scada.rules)
2803774 - ETPRO SCADA Sunway ForceControl SNMP NetDBServer Integer
Signedness Buffer Overflow 1 (scada.rules)
2803775 - ETPRO SCADA Sunway ForceControl SNMP NetDBServer Integer
Signedness Buffer Overflow 2 (scada.rules)
2803801 - ETPRO ACTIVEX PIPI Player PIPIWebPlayer ActiveX Control Buffer
Overflow (activex.rules)
2804511 - ETPRO WEB_CLIENT Microsoft Internet Explorer style.position
use-after-free (web_client.rules)
2804515 - ETPRO WEB_CLIENT C Run-Time Library of Windows (mscvrt.dll)
memory corruption (web_client.rules)
2804641 - ETPRO SCADA MOXA Device Manager Tool 2.1 Buffer Overflow
(scada.rules)
2804645 - ETPRO SCADA ScadaTEC ScadaPhone <= v5.3.11.1230 Stack Buffer
Overflow (scada.rules)
2804795 - ETPRO WEB_CLIENT Potential Microsoft Internet Explorer Vector
Graphics Rendering user-after-free (web_client.rules)
2804886 - ETPRO ACTIVEX VLC MMS Stream Handling access to vulnerable
function potential Buffer Overflow attempt (activex.rules)
2805061 - ETPRO WEB_CLIENT Microsoft Internet Explorer Use-After-Free via
console object (web_client.rules)
2805130 - ETPRO SCADA Sielco Sistemi Winlog TCP/IP server buffer overflow
(scada.rules)
2805320 - ETPRO WEB_CLIENT Adobe Reader PDF Widget RichMedia Memory
Corruption (web_client.rules)
2805324 - ETPRO WEB_CLIENT Microsoft Visio Viewer DFW Buffer Overflow
Attempt (web_client.rules)
2805835 - ETPRO WEB_CLIENT Apple QuickTime 7.7.2 TeXML Style Element
font-table Field Stack Buffer Overflow (web_client.rules)
2805872 - ETPRO WEB_CLIENT RealPlayer RealMedia File Handling Buffer
Overflow (web_client.rules)
2805894 - ETPRO SCADA Possible Siemens SIMATIC RF Manager ActiveX Control
Buffer Overflow 1 (scada.rules)
2805895 - ETPRO SCADA Possible Siemens SIMATIC RF Manager ActiveX Control
Buffer Overflow 2 (scada.rules)
2806364 - ETPRO WEB_CLIENT Microsoft Internet Explorer Use-After-Free
(web_client.rules)
2806482 - ETPRO WEB_CLIENT Microsoft Internet Explorer Use-After-Free
(web_client.rules)
2806483 - ETPRO WEB_CLIENT Microsoft Internet Explorer Use-After-Free
(web_client.rules)
2806484 - ETPRO WEB_CLIENT Microsoft Internet Explorer Use-After-Free
(web_client.rules)
2806486 - ETPRO WEB_CLIENT Microsoft Internet Explorer Use-After-Free
(web_client.rules)
2806488 - ETPRO WEB_CLIENT Microsoft Internet Explorer Use-After-Free
(web_client.rules)
2806500 - ETPRO WEB_CLIENT Microsoft Internet Explorer Use-After-Free
(web_client.rules)
2806816 - ETPRO WEB_CLIENT Potential Microsoft Internet Explorer
Use-After-Free CVE-2013-3199 (web_client.rules)
2807491 - ETPRO SCADA IntegraXor Stack Buffer Overflow (scada.rules)
2808156 - ETPRO WEB_CLIENT Internet Explorer Use-After-Free CVE-2014-1805
(web_client.rules)
2808298 - ETPRO WEB_CLIENT Possible Internet Explorer Use-After-Free
CVE-2014-1765 (web_client.rules)
2808299 - ETPRO WEB_CLIENT Possible Internet Explorer Use-After-Free
CVE-2014-2795 (web_client.rules)
2808305 - ETPRO EXPLOIT Yokogawa CENTUM CS 3000 BKFSim_vhfd.exe Buffer
Overflow (exploit.rules)
2808539 - ETPRO WEB_CLIENT Possible Internet Explorer Use-After-Free
CVE-2014-2820 1 (web_client.rules)
2808540 - ETPRO WEB_CLIENT Possible Internet Explorer Use-After-Free
CVE-2014-2820 2 (web_client.rules)
2808541 - ETPRO WEB_CLIENT Possible Internet Explorer Use-After-Free
CVE-2014-2823 (web_client.rules)
2808542 - ETPRO WEB_CLIENT Possible Internet Explorer Use-After-Free
CVE-2014-4050 (web_client.rules)
2808543 - ETPRO WEB_CLIENT Possible Internet Explorer Use-After-Free
CVE-2014-4057 1 (web_client.rules)
2808544 - ETPRO WEB_CLIENT Possible Internet Explorer Use-After-Free
CVE-2014-4057 2 (web_client.rules)
2808755 - ETPRO WEB_CLIENT Possible Internet Explorer Use-After-Free
CVE-2014-2799 (web_client.rules)
2808756 - ETPRO WEB_CLIENT Possible Internet Explorer Use-After-Free
CVE-2014-4065 (web_client.rules)
2808760 - ETPRO WEB_CLIENT Possible Internet Explorer Use-After-Free
CVE-2014-4087 (web_client.rules)
2808761 - ETPRO WEB_CLIENT Possible Internet Explorer Use-After-Free
CVE-2014-4088 (web_client.rules)
2808763 - ETPRO WEB_CLIENT Possible Internet Explorer Use-After-Free
CVE-2014-4092 (web_client.rules)
2808765 - ETPRO WEB_CLIENT Possible Internet Explorer Use-After-Free
CVE-2014-4095 (web_client.rules)
2808989 - ETPRO WEB_CLIENT Possible Internet Explorer Buffer overflow
CVE-2014-4128 (web_client.rules)
2808991 - ETPRO WEB_CLIENT Possible Internet Explorer Use-After-Free
CVE-2014-4130 (web_client.rules)
2808992 - ETPRO WEB_CLIENT Possible Internet Explorer Use-After-Free
CVE-2014-4132 (web_client.rules)
2808993 - ETPRO WEB_CLIENT Possible Internet Explorer Use-After-Free
CVE-2014-4133 (web_client.rules)
2808994 - ETPRO WEB_CLIENT Possible Internet Explorer Use-After-Free
CVE-2014-4134 (web_client.rules)
2809145 - ETPRO WEB_CLIENT Possible Internet Explorer clipboardData
Use-After-Free CVE-2014-6323 (web_client.rules)
2809155 - ETPRO WEB_CLIENT Possible Internet Explorer CStyleSheet
Use-After-Free CVE-2014-6341 (web_client.rules)
2809162 - ETPRO WEB_CLIENT IE Memory Corruption Vulnerability
CVE-2014-6353 (web_client.rules)
2809228 - ETPRO WEB_CLIENT IE Memory Corruption Vulnerability
CVE-2014-6348 (web_client.rules)
2809718 - ETPRO WEB_CLIENT Internet Explorer Use-After-Free CVE-2015-0017
(web_client.rules)
2809723 - ETPRO WEB_CLIENT Internet Explorer Use-After-Free CVE-2015-0023
(web_client.rules)
2809729 - ETPRO WEB_CLIENT Internet Explorer Use-After-Free CVE-2015-0040
(web_client.rules)
2809735 - ETPRO WEB_CLIENT Internet Explorer Use-After-Free CVE-2015-0041
6 (web_client.rules)
2809737 - ETPRO WEB_CLIENT Internet Explorer Use-After-Free CVE-2015-0043
(web_client.rules)
2810021 - ETPRO WEB_CLIENT VBScript Memory Corruption Vulnerability
CVE-2015-0032 (web_client.rules)
2810026 - ETPRO WEB_CLIENT Internet Explorer Memory Corruption
Vulnerability (CVE-2015-0100) (web_client.rules)
2810029 - ETPRO WEB_CLIENT Possible IE User-After-Free Vulnerability
(CVE-2015-1624) (web_client.rules)
2810030 - ETPRO WEB_CLIENT IE Memory Corruption Vulnerability M1
(CVE-2015-1625) (web_client.rules)
2810031 - ETPRO WEB_CLIENT IE Memory Corruption Vulnerability M2
(CVE-2015-1625) (web_client.rules)
2810036 - ETPRO WEB_CLIENT Internet Explorer Memory Corruption
Vulnerability (CVE-2015-1634) (web_client.rules)
2810616 - ETPRO WEB_CLIENT Internet Explorer Possible Use-After-Free
CVE-2015-1652 (web_client.rules)
2810617 - ETPRO WEB_CLIENT Internet Explorer Memory Corruption
Vulnerability (CVE-2015-1657) (web_client.rules)
2810618 - ETPRO WEB_CLIENT Internet Explorer Memory Corruption
Vulnerability (CVE-2015-1660) (web_client.rules)
2810619 - ETPRO WEB_CLIENT Internet Explorer Memory Corruption
Vulnerability (CVE-2015-1661) (web_client.rules)
2810620 - ETPRO WEB_CLIENT Internet Explorer Memory Corruption
Vulnerability (CVE-2015-1665) (web_client.rules)
2810621 - ETPRO WEB_CLIENT Possible Internet Explorer Use-After-Free
CVE-2015-1666 (web_client.rules)
2810622 - ETPRO WEB_CLIENT Internet Explorer Memory Corruption
Vulnerability (CVE-2015-1667) (web_client.rules)
2810623 - ETPRO WEB_CLIENT Internet Explorer Memory Corruption
Vulnerability (CVE-2015-1668) (web_client.rules)
2810960 - ETPRO WEB_CLIENT Internet Explorer Memory Corruption
Vulnerability (CVE-2015-1658) (web_client.rules)
2810961 - ETPRO WEB_CLIENT Internet Explorer Memory Corruption
Vulnerability (CVE-2015-1689) (web_client.rules)
2810965 - ETPRO WEB_CLIENT Internet Explorer Memory Corruption
Vulnerability (CVE-2015-1708) (web_client.rules)
2810966 - ETPRO WEB_CLIENT Possible Internet Explorer Use-After-Free
Vulnerability (CVE-2015-1710) (web_client.rules)
2810967 - ETPRO WEB_CLIENT Internet Explorer Memory Corruption
Vulnerability (CVE-2015-1711) (web_client.rules)
2810968 - ETPRO WEB_CLIENT Possible Internet Explorer Memory Corruption
Vulnerability (CVE-2015-1712) (web_client.rules)
2810970 - ETPRO WEB_CLIENT Internet Explorer Memory Corruption
Vulnerability (CVE-2015-1718) (web_client.rules)
2811344 - ETPRO WEB_CLIENT Internet Explorer Memory Corruption
Vulnerability (CVE-2015-1687) (web_client.rules)
2811345 - ETPRO WEB_CLIENT Internet Explorer Memory Corruption
Vulnerability (CVE-2015-1730) (web_client.rules)
2811346 - ETPRO WEB_CLIENT Internet Explorer Memory Corruption
Vulnerability (CVE-2015-1731) (web_client.rules)
2811347 - ETPRO WEB_CLIENT Internet Explorer Memory Corruption
Vulnerability (CVE-2015-1732) (web_client.rules)
2811349 - ETPRO WEB_CLIENT Internet Explorer Memory Corruption
Vulnerability (CVE-2015-1736) (web_client.rules)
2811350 - ETPRO WEB_CLIENT Internet Explorer Memory Corruption
Vulnerability (CVE-2015-1737) (web_client.rules)
2811351 - ETPRO WEB_CLIENT Internet Explorer Memory Corruption
Vulnerability (CVE-2015-1740) set (web_client.rules)
2811352 - ETPRO WEB_CLIENT Internet Explorer Memory Corruption
Vulnerability (CVE-2015-1740) (web_client.rules)
2811353 - ETPRO WEB_CLIENT Possible Internet Explorer Memory Corruption
Vulnerability (CVE-2015-1741) (web_client.rules)
2811354 - ETPRO WEB_CLIENT Possible Internet Explorer Memory Corruption
Vulnerability (CVE-2015-1742) (web_client.rules)
2811355 - ETPRO WEB_CLIENT Internet Explorer Memory Corruption
Vulnerability (CVE-2015-1744) (web_client.rules)
2811357 - ETPRO WEB_CLIENT Internet Explorer Memory Corruption
Vulnerability (CVE-2015-1748) (web_client.rules)
2811359 - ETPRO WEB_CLIENT Internet Explorer Memory Corruption
Vulnerability (CVE-2015-1750) (web_client.rules)
2811360 - ETPRO WEB_CLIENT Internet Explorer Memory Corruption
Vulnerability (CVE-2015-1752) (web_client.rules)
2811363 - ETPRO WEB_CLIENT Possible Internet Explorer Memory Corruption
Vulnerability (CVE-2015-1766) (web_client.rules)
2811938 - ETPRO WEB_CLIENT Internet Explorer Memory Corruption
Vulnerability (CVE-2015-1733) (web_client.rules)
2811939 - ETPRO WEB_CLIENT Internet Explorer Memory Corruption
Vulnerability (CVE-2015-1738) (web_client.rules)
2811940 - ETPRO WEB_CLIENT Internet Explorer Memory Corruption
Vulnerability (CVE-2015-1767) (web_client.rules)
2811941 - ETPRO WEB_CLIENT Internet Explorer VBScript Memory Corruption
Vulnerability (CVE-2015-2372) (web_client.rules)
2811942 - ETPRO WEB_CLIENT Internet Explorer Memory Corruption
Vulnerability (CVE-2015-2383) (web_client.rules)
2811944 - ETPRO WEB_CLIENT Internet Explorer Memory Corruption
Vulnerability (CVE-2015-2388) (web_client.rules)
2811945 - ETPRO WEB_CLIENT Internet Explorer Memory Corruption
Vulnerability (CVE-2015-2389) (web_client.rules)
2811946 - ETPRO WEB_CLIENT Internet Explorer Memory Corruption
Vulnerability (CVE-2015-2390) (web_client.rules)
2811948 - ETPRO WEB_CLIENT Internet Explorer Memory Corruption
Vulnerability (CVE-2015-2391) 2 (web_client.rules)
2811950 - ETPRO WEB_CLIENT Internet Explorer Memory Corruption
Vulnerability (CVE-2015-2391) 4 (web_client.rules)
2811951 - ETPRO WEB_CLIENT Internet Explorer Memory Corruption
Vulnerability (CVE-2015-2397) (web_client.rules)
2811952 - ETPRO WEB_CLIENT Internet Explorer Memory Corruption
Vulnerability (CVE-2015-2401) (web_client.rules)
2811953 - ETPRO WEB_CLIENT Internet Explorer Memory Corruption
Vulnerability (CVE-2015-2403) (web_client.rules)
2811954 - ETPRO WEB_CLIENT Internet Explorer Memory Corruption
Vulnerability (CVE-2015-2404) 1 (web_client.rules)
2811955 - ETPRO WEB_CLIENT Internet Explorer Memory Corruption
Vulnerability (CVE-2015-2404) 2 (web_client.rules)
2811956 - ETPRO WEB_CLIENT Internet Explorer Memory Corruption
Vulnerability (CVE-2015-2406) (web_client.rules)
2811957 - ETPRO WEB_CLIENT Internet Explorer Memory Corruption
Vulnerability (CVE-2015-2408) (web_client.rules)
2811958 - ETPRO WEB_CLIENT Internet Explorer Memory Corruption
Vulnerability (CVE-2015-2411) (web_client.rules)
2811961 - ETPRO WEB_CLIENT Internet Explorer Memory Corruption
Vulnerability (CVE-2015-2422) (web_client.rules)
2812122 - ETPRO WEB_CLIENT Internet Explorer JScript9 Memory Corruption
Vulnerability (CVE-2015-2425) (web_client.rules)
2812338 - ETPRO WEB_CLIENT Internet Explorer Memory Corruption
Vulnerability (CVE-2015-2442) (web_client.rules)
2812339 - ETPRO WEB_CLIENT Internet Explorer Memory Corruption
Vulnerability (CVE-2015-2443) (web_client.rules)
2812341 - ETPRO WEB_CLIENT Internet Explorer Memory Corruption
Vulnerability (CVE-2015-2446) (web_client.rules)
2812342 - ETPRO WEB_CLIENT Internet Explorer Memory Corruption
Vulnerability (CVE-2015-2448) (web_client.rules)
2812343 - ETPRO WEB_CLIENT Internet Explorer Memory Corruption
Vulnerability (CVE-2015-2450) (web_client.rules)
2812344 - ETPRO WEB_CLIENT Possible Internet Explorer Memory Corruption
Vulnerability (CVE-2015-2452) (web_client.rules)
2812506 - ETPRO WEB_CLIENT CVE-2015-2502 IE Memory Corruption
Vulnerability (web_client.rules)
2812514 - ETPRO WEB_CLIENT Possible CVE-2015-2502 IE Memory Corruption
Vulnerability (web_client.rules)
2812907 - ETPRO WEB_CLIENT Microsoft Internet Explorer Memory Corruption
(CVE-2015-2483) (web_client.rules)
2812908 - ETPRO WEB_CLIENT Internet Explorer Memory Corruption
Vulnerability (CVE-2015-2485) (web_client.rules)
2812910 - ETPRO WEB_CLIENT Internet Explorer Memory Corruption
Vulnerability (CVE-2015-2491) (web_client.rules)
2812911 - ETPRO WEB_CLIENT Internet Explorer Memory Corruption
Vulnerability (CVE-2015-2490) (web_client.rules)
2812912 - ETPRO WEB_CLIENT Internet Explorer Memory Corruption
Vulnerability (CVE-2015-2499) (web_client.rules)
2812913 - ETPRO WEB_CLIENT Internet Explorer Memory Corruption
Vulnerability (CVE-2015-2501) (web_client.rules)
2814343 - ETPRO WEB_CLIENT Internet Explorer Memory Corruption
Vulnerability (CVE-2015-2515) (web_client.rules)
2814345 - ETPRO WEB_CLIENT Internet Explorer Memory Corruption
Vulnerability (CVE-2015-6042) (web_client.rules)
2814346 - ETPRO WEB_CLIENT Internet Explorer Memory Corruption
Vulnerability (CVE-2015-6048) (web_client.rules)
2814347 - ETPRO WEB_CLIENT Internet Explorer Memory Corruption
Vulnerability (CVE-2015-6049) (web_client.rules)
2814348 - ETPRO WEB_CLIENT Internet Explorer Memory Corruption
Vulnerability (CVE-2015-6050) (web_client.rules)
2814828 - ETPRO WEB_CLIENT Internet Explorer Memory Corruption
Vulnerability (CVE-2015-6066) (web_client.rules)
2814829 - ETPRO WEB_CLIENT Internet Explorer Memory Corruption
Vulnerability (CVE-2015-6070) (web_client.rules)
2814831 - ETPRO WEB_CLIENT Internet Explorer Memory Corruption
Vulnerability (CVE-2015-6075) (web_client.rules)
2814832 - ETPRO WEB_CLIENT Internet Explorer Memory Corruption
Vulnerability (CVE-2015-6076) (web_client.rules)
2814833 - ETPRO WEB_CLIENT Internet Explorer Memory Corruption
Vulnerability (CVE-2015-6077) (web_client.rules)
2814834 - ETPRO WEB_CLIENT Internet Explorer Memory Corruption
Vulnerability (CVE-2015-6078) (web_client.rules)
2814835 - ETPRO WEB_CLIENT Internet Explorer Memory Corruption
Vulnerability (CVE-2015-6081) (web_client.rules)
2814836 - ETPRO WEB_CLIENT Internet Explorer Memory Corruption
Vulnerability (CVE-2015-6084) (web_client.rules)
2814837 - ETPRO WEB_CLIENT Internet Explorer Memory Corruption
Vulnerability (CVE-2015-6085) (web_client.rules)
2815256 - ETPRO WEB_CLIENT MS15-124 Internet Explorer Memory Corruption
Vulnerability (CVE-2015-6083) (web_client.rules)
2815262 - ETPRO WEB_CLIENT MS15-124 Internet Explorer Memory Corruption
Vulnerability (CVE-2015-6134) (web_client.rules)
2815263 - ETPRO WEB_CLIENT Possible Scripting Engine Memory Corruption
Vulnerability (CVE-2015-6135) (web_client.rules)
2815264 - ETPRO WEB_CLIENT Possible Internet Explorer Memory Corruption
Vulnerability (CVE-2015-6140) (web_client.rules)
2815265 - ETPRO WEB_CLIENT Possible Microsoft Browser Memory Corruption
Vulnerability (CVE-2015-6142) M1 (web_client.rules)
2815266 - ETPRO WEB_CLIENT Possible Microsoft Browser Memory Corruption
Vulnerability (CVE-2015-6142) M2 (web_client.rules)
2815267 - ETPRO WEB_CLIENT Possible Microsoft Browser Memory Corruption
Vulnerability (CVE-2015-6143) M1 (web_client.rules)
2815268 - ETPRO WEB_CLIENT Possible Microsoft Browser Memory Corruption
Vulnerability (CVE-2015-6143) M2 (web_client.rules)
2815269 - ETPRO WEB_CLIENT Possible Internet Explorer Memory Corruption
Vulnerability (CVE-2015-6147) (web_client.rules)
2815270 - ETPRO WEB_CLIENT Possible Internet Explorer Memory Corruption
Vulnerability (CVE-2015-6149) (web_client.rules)
2815271 - ETPRO WEB_CLIENT Possible Internet Explorer Memory Corruption
Vulnerability (CVE-2015-6150) (web_client.rules)
2815272 - ETPRO WEB_CLIENT Possible Internet Explorer Memory Corruption
Vulnerability (CVE-2015-6152) (web_client.rules)
2815273 - ETPRO WEB_CLIENT Possible Microsoft Browser Memory Corruption
Vulnerability (CVE-2015-6153) (web_client.rules)
2815274 - ETPRO WEB_CLIENT Possible Microsoft Browser Memory Corruption
Vulnerability (CVE-2015-6154) (web_client.rules)
2815275 - ETPRO WEB_CLIENT Possible Internet Explorer Memory Corruption
Vulnerability (CVE-2015-6156) (web_client.rules)
2815276 - ETPRO WEB_CLIENT Possible Internet Explorer Memory Corruption
Vulnerability (CVE-2015-6160) (web_client.rules)
2815277 - ETPRO WEB_CLIENT Possible Internet Explorer Memory Corruption
Vulnerability (CVE-2015-6170) (web_client.rules)
2815292 - ETPRO WEB_CLIENT MS15-134 Internet Explorer Memory Corruption
Vulnerability (CVE-2015-6127) (web_client.rules)
2815339 - ETPRO MALWARE Bison FTP Buffer Overflow Attempt (malware.rules)
2815527 - ETPRO EXPLOIT MS15-131 Microsoft Office Memory Corruption
Vulnerability M1 (CVE-2015-6172) (exploit.rules)
2816139 - ETPRO EXPLOIT Microsoft Office Memory Corruption Vulnerability
(CVE-2016-0053) (exploit.rules)
2816140 - ETPRO WEB_CLIENT Internet Explorer Memory Corruption
Vulnerability (CVE-2016-0060) (web_client.rules)
2816142 - ETPRO WEB_CLIENT Possible Internet Explorer Memory Corruption
Vulnerability CVE-2016-0067 (web_client.rules)
2816143 - ETPRO WEB_CLIENT Possible Internet Explorer Memory Corruption
Vulnerability CVE-2016-0072 (web_client.rules)
2816543 - ETPRO EXPLOIT Microsoft Office Memory Corruption Vulnerability
Pointer Reuse 1 (CVE-2016-0021) (exploit.rules)
2816544 - ETPRO EXPLOIT Microsoft Office Memory Corruption Vulnerability
Pointer Reuse 2 (CVE-2016-0021) (exploit.rules)
2816545 - ETPRO EXPLOIT Microsoft Office Memory Corruption Vulnerability
Pointer Reuse 3 (CVE-2016-0021) (exploit.rules)
2816546 - ETPRO EXPLOIT Microsoft Office Memory Corruption Vulnerability
Pointer Reuse 4 (CVE-2016-0021) (exploit.rules)
2816548 - ETPRO EXPLOIT Windows Media Player Use-After-Free
(CVE-2016-0098) (exploit.rules)
2816549 - ETPRO WEB_CLIENT Microsoft Browser Memory Corruption
Vulnerability (CVE-2016-0105) (web_client.rules)
2816552 - ETPRO WEB_CLIENT Microsoft Internet Explorer Memory Corruption
Vulnerability (CVE-2016-0108) (web_client.rules)
2816553 - ETPRO WEB_CLIENT Microsoft Browser Memory Corruption
Vulnerability (CVE-2016-0109) (web_client.rules)
2816554 - ETPRO WEB_CLIENT Microsoft Internet Explorer CSVGHelpers
Use-After-Free (CVE-2016-0111) (web_client.rules)
2816557 - ETPRO WEB_CLIENT Microsoft Internet Explorer Memory Corruption
Vulnerability (CVE-2016-0114) (web_client.rules)
2819683 - ETPRO WEB_CLIENT Microsoft Browser Memory Corruption
Vulnerability (CVE-2016-0154) (web_client.rules)
2819684 - ETPRO WEB_CLIENT MS Edge Memory Corruption (CVE-2016-0155)
(web_client.rules)
2819686 - ETPRO WEB_CLIENT Microsoft Edge Memory Corruption Vulnerability
(CVE-2016-0157) (web_client.rules)
2819690 - ETPRO WEB_CLIENT Internet Explorer Memory Corruption
Vulnerability (CVE-2016-0164) (web_client.rules)
2820117 - ETPRO WEB_CLIENT Internet Explorer Memory Corruption
Vulnerability (CVE-2016-0189) (web_client.rules)
2820595 - ETPRO WEB_CLIENT Possible Internet Explorer Memory Corruption
Vulnerability (CVE-2016-0199) (web_client.rules)
2820596 - ETPRO WEB_CLIENT Internet Explorer Memory Corruption
Vulnerability (CVE-2016-0200) (web_client.rules)
2820597 - ETPRO WEB_CLIENT Possible Scripting Engine Memory Corruption
Vulnerability (CVE-2016-3199) (web_client.rules)
2820598 - ETPRO WEB_CLIENT Possible Scripting Engine Memory Corruption
Vulnerability (CVE-2016-3205) (web_client.rules)
2820599 - ETPRO WEB_CLIENT Possible Internet Explorer Memory Corruption
Vulnerability (CVE-2016-3206) (web_client.rules)
2820600 - ETPRO WEB_CLIENT Possible Internet Explorer Memory Corruption
Vulnerability (CVE-2016-3210) (web_client.rules)
2820601 - ETPRO EXPLOIT Internet Explorer Memory Corruption Vulnerability
(CVE-2016-3211) (exploit.rules)
2820602 - ETPRO EXPLOIT Internet Explorer Memory Corruption Vulnerability
(CVE-2016-3211) (exploit.rules)
2820608 - ETPRO WEB_CLIENT Microsoft Edge Memory Corruption Vulnerability
(CVE-2016-3222) (web_client.rules)
2821058 - ETPRO WEB_CLIENT Possible Adobe Reader Memory Corruption
(CVE-2016-4191) (web_client.rules)
2821059 - ETPRO WEB_CLIENT Possible Adobe Reader Memory Corruption
(CVE-2016-4192) (web_client.rules)
2821060 - ETPRO WEB_CLIENT Possible Adobe Reader Memory Corruption
(CVE-2016-4195) (web_client.rules)
2821061 - ETPRO WEB_CLIENT Possible Adobe Reader Memory Corruption
(CVE-2016-4196) (web_client.rules)
2821062 - ETPRO WEB_CLIENT Possible Adobe Reader Memory Corruption
(CVE-2016-4197) (web_client.rules)
2821063 - ETPRO WEB_CLIENT Possible Adobe Reader Memory Corruption
(CVE-2016-4198) (web_client.rules)
2821064 - ETPRO WEB_CLIENT Possible Adobe Reader Memory Corruption
(CVE-2016-4199) (web_client.rules)
2821065 - ETPRO WEB_CLIENT Possible Adobe Reader Memory Corruption
(CVE-2016-4200) (web_client.rules)
2821066 - ETPRO WEB_CLIENT Possible Adobe Reader Memory Corruption
(CVE-2016-4202) (web_client.rules)
2821073 - ETPRO WEB_CLIENT Internet Explorer Memory Corruption
Vulnerability (CVE-2016-3240) (web_client.rules)
2821075 - ETPRO WEB_CLIENT Internet Explorer Memory Corruption
Vulnerability (CVE-2016-3242) (web_client.rules)
2821077 - ETPRO WEB_CLIENT Microsoft Edge Memory Corruption Vulnerability
(CVE-2016-3246) (web_client.rules)
2821570 - ETPRO WEB_CLIENT Microsoft Internet Explorer Possible Memory
Corruption Vulnerability (CVE-2016-3288) SET (web_client.rules)
2821571 - ETPRO WEB_CLIENT Microsoft Internet Explorer Possible Memory
Corruption Vulnerability (CVE-2016-3288) (web_client.rules)
2821572 - ETPRO WEB_CLIENT Microsoft Internet Explorer Possible Memory
Corruption Vulnerability (CVE-2016-3289) (web_client.rules)
2821573 - ETPRO WEB_CLIENT Microsoft Internet Explorer Possible Memory
Corruption Vulnerability (CVE-2016-3290) (web_client.rules)
2822093 - ETPRO WEB_CLIENT Possible Microsoft Edge Browser Memory
Corruption Vulnerability (CVE-2016-3247) (web_client.rules)
2822094 - ETPRO WEB_CLIENT Possible Microsoft Edge Memory Corruption
Vulnerability (CVE-2016-3294) (web_client.rules)
2822095 - ETPRO WEB_CLIENT Possible Microsoft Edge Memory Corruption
Vulnerability (CVE-2016-3295) (web_client.rules)
2822096 - ETPRO WEB_CLIENT Possible Microsoft Internet Explorer Memory
Corruption Vulnerability (CVE-2016-3297) (web_client.rules)
2822098 - ETPRO WEB_CLIENT Possible Microsoft Internet Explorer Memory
Corruption Vulnerability (CVE-2016-3324) (web_client.rules)
2822105 - ETPRO WEB_CLIENT Possible Microsoft Internet Explorer Scripting
Engine Memory Corruption Vulnerability (CVE-2016-3375) (web_client.rules)
2822106 - ETPRO WEB_CLIENT Possible Microsoft Edge Browser Scripting
Engine Memory Corruption Vulnerability (CVE-2016-3377) (web_client.rules)
2822530 - ETPRO WEB_CLIENT Microsoft Edge Memory Corruption Vulnerability
(CVE-2016-3331) (web_client.rules)
2822531 - ETPRO WEB_CLIENT Possible Microsoft Internet Explorer and Edge
Memory Corruption Vulnerability (CVE-2016-3382) (web_client.rules)
2822533 - ETPRO WEB_CLIENT Possible Microsoft Edge Memory Corruption
(CVE-2016-3386) (web_client.rules)
2822538 - ETPRO WEB_CLIENT Possible Microsoft Edge Scripting Engine
Memory Corruption Vulnerability (CVE-2016-7194) (web_client.rules)
2822542 - ETPRO EXPLOIT Adobe Acrobat Reader XSLT parsing engine Memory
Corruption (CVE-2016-6960) (exploit.rules)
2823142 - ETPRO WEB_CLIENT Possible Microsoft Edge edgehtml Memory
Corruption (CVE-2016-7198) (web_client.rules)
2823150 - ETPRO WEB_CLIENT Possible Microsoft Edge Buffer Overflow
(CVE-2016-7217) M1 (web_client.rules)
2823151 - ETPRO WEB_CLIENT Possible Microsoft Edge Buffer Overflow
(CVE-2016-7217) M2 (web_client.rules)
2823836 - ETPRO EXPLOIT Microsoft Internet Explorer Memory Corruption
Vulnerability in DrawMultiple Payloads (CVE-2016-7283) (exploit.rules)
2823838 - ETPRO WEB_CLIENT Possible Microsoft Edge Scripting Engine
Memory Corruption Vulnerability (CVE-2016-7287) (web_client.rules)
2823839 - ETPRO WEB_CLIENT Possible Microsoft Edge Memory Corruption
Vulnerability (CVE-2016-7288) (web_client.rules)
2824323 - ETPRO WEB_CLIENT Possible Adobe Reader TIFF Memory Corruption
(CVE-2017-2963) (web_client.rules)
2824324 - ETPRO WEB_CLIENT Possible Adobe Reader Memory Corruption
Attempt (CVE-2017-2964) (web_client.rules)
2824326 - ETPRO WEB_CLIENT Possible Adobe Reader TIFF Memory Corruption
(CVE-2017-2966) (web_client.rules)
2824940 - ETPRO EXPLOIT Flash Player Memory Corruption (CVE-2017-2991)
(exploit.rules)
2825438 - ETPRO WEB_CLIENT Possible Flash Memory Corruption Vulnerability
(CVE-2017-2998) (web_client.rules)
2825439 - ETPRO WEB_CLIENT Possible Flash Memory Corruption Vulnerability
(CVE-2017-2997) (web_client.rules)
2825440 - ETPRO WEB_CLIENT Possible Flash Memory Corruption Vulnerability
(CVE-2017-2999) (web_client.rules)
2825441 - ETPRO WEB_CLIENT Possible Flash Memory Corruption Vulnerability
(CVE-2017-3002) (web_client.rules)
2825442 - ETPRO WEB_CLIENT Possible Flash Memory Corruption Vulnerability
(CVE-2017-3003) (web_client.rules)
2825860 - ETPRO WEB_CLIENT Possible Adobe Reader Memory Corruption
CVE-2017-3017 (web_client.rules)
2825861 - ETPRO WEB_CLIENT Possible Adobe Reader Memory Corruption
CVE-2017-3019 (web_client.rules)
2825864 - ETPRO WEB_CLIENT Possible Adobe Reader Memory Corruption
CVE-2017-3024 (web_client.rules)
2825868 - ETPRO WEB_CLIENT Possible Adobe Reader Memory Corruption
CVE-2017-3030 (web_client.rules)
2825873 - ETPRO WEB_CLIENT Possible Adobe Reader Memory Corruption
CVE-2017-3039 (web_client.rules)
2825880 - ETPRO WEB_CLIENT Possible Adobe Reader Memory Corruption
CVE-2017-3056 (web_client.rules)
2826330 - ETPRO WEB_CLIENT Microsoft Edge Memory Corruption Vulnerability
(CVE-2017-0221) (web_client.rules)
2826333 - ETPRO WEB_CLIENT Scripting Engine Memory Corruption
Vulnerability (CVE-2017-0234) (web_client.rules)
2826334 - ETPRO WEB_CLIENT Microsoft Edge Scripting Engine Memory
Corruption (CVE-2017-0236) (web_client.rules)
2826731 - ETPRO EXPLOIT Adobe ATF Memory Corruption (CVE-2017-3078)
(exploit.rules)
2827090 - ETPRO EXPLOIT MS Word Memory Corruption Vuln (CVE-2017-0243)
(exploit.rules)
2827096 - ETPRO WEB_CLIENT MS Edge Use-After-Free Vuln (CVE-2017-8605)
(web_client.rules)
2827448 - ETPRO WEB_CLIENT Adobe Reader Memory Corruption (CVE-2017-3122,
CVE-2018-4965) (web_client.rules)
2828863 - ETPRO WEB_CLIENT MS Edge Scripting Engine Memory Corruption
Vuln (CVE-2017-11894) (web_client.rules)
2828965 - ETPRO WEB_CLIENT MS Edge Memory Corruption Vulnerability
(CVE-2017-11845) (web_client.rules)
2829384 - ETPRO EXPLOIT Possible CVE-2017-11882 MS Equation 3.0 OLE
Component Buffer Overflow Attempt M1 (exploit.rules)
2829385 - ETPRO EXPLOIT Possible CVE-2017-11882 MS Equation 3.0 OLE
Component Buffer Overflow Attempt M2 (exploit.rules)
2829386 - ETPRO EXPLOIT Possible CVE-2017-11882 MS Equation 3.0 OLE
Component Buffer Overflow Attempt M3 (exploit.rules)
2829387 - ETPRO EXPLOIT Possible CVE-2017-11882 MS Equation 3.0 OLE
Component Buffer Overflow Attempt M4 (exploit.rules)
2833811 - ETPRO EXPLOIT Konica Minolta FTP Buffer Overflow Attempt
(CVE-2015-7768) (exploit.rules)
2833848 - ETPRO EXPLOIT Possible Adobe Flash Use-After-Free FWS Inbound
(CVE-2018-15982) (exploit.rules)
2834049 - ETPRO EXPLOIT Scripting Engine Memory Corruption RCE Attempt
Inbound M1 (CVE-2018-8653) (exploit.rules)
2834050 - ETPRO EXPLOIT Scripting Engine Memory Corruption RCE Attempt
Inbound M2 (CVE-2018-8653) (exploit.rules)
2834051 - ETPRO EXPLOIT Scripting Engine Memory Corruption RCE Attempt
Inbound M3 (CVE-2018-8653) (exploit.rules)
2847502 - ETPRO EXPLOIT Possible Internet Explorer Memory Corruption/UAF
(CVE-2021-26411) (exploit.rules)
2849259 - ETPRO EXPLOIT Adobe Acrobat/Acrobat Reader DC AcroForm
Use-After-Free Inbound (CVE-2021-28635) (exploit.rules)
2849260 - ETPRO EXPLOIT Adobe Acrobat Reader EScript.api Use-After-Free
Inbound (CVE-2021-28640) (exploit.rules)
2849411 - ETPRO WEB_CLIENT IE JScript Use-After-Free Inbound
(CVE-2019-1429) (web_client.rules)
2849482 - ETPRO HUNTING Generic HTTP Header Buffer Overflow Check -
http.host (hunting.rules)
2849686 - ETPRO EXPLOIT PostgreSQL Database Password Change Stack Buffer
Overflow M1 (CVE-2019-10164) (exploit.rules)
2849687 - ETPRO EXPLOIT PostgreSQL Database Password Change Stack Buffer
Overflow M2 (CVE-2019-10164) (exploit.rules)
2852921 - ETPRO MALWARE WasabiSeed Downloader Activity (GET)
(malware.rules)
2852922 - ETPRO MALWARE Screenshotter Backdoor Sending Screenshot (POST)
(malware.rules)
[---] Disabled and modified rules: [---]
2020325 - ET EXPLOIT CVE-2015-0235 Exim Buffer Overflow Attempt (HELO)
(exploit.rules)
2020326 - ET EXPLOIT CVE-2015-0235 Exim Buffer Overflow Attempt (EHLO)
(exploit.rules)
2035896 - ET MALWARE Observed SocGholish Domain in TLS SNI (malware.rules)
2038954 - ET MALWARE SocGholish Domain in DNS Lookup (hair .2topost .com)
(malware.rules)
2038956 - ET MALWARE SocGholish CnC Domain in DNS Lookup (moments
.abledity .com) (malware.rules)
2038957 - ET MALWARE SocGholish Domain in DNS Lookup (notes
.fumcpittsburg .org) (malware.rules)
2039001 - ET MALWARE SocGholish CnC Domain in DNS Lookup (jobs
.registermegod .online) (malware.rules)
2039026 - ET MALWARE SocGholish Domain in DNS Lookup (soendorg .top)
(malware.rules)
2039078 - ET MALWARE SocGholish Domain in DNS Lookup (premiere
.4tosocialbeginners .com) (malware.rules)
2039119 - ET MALWARE SocGholish CnC Domain in DNS Lookup (internal
.blessedfoodshalalmeat .com) (malware.rules)
2039136 - ET MALWARE SocGholish Domain in DNS Lookup (repo
.allgoodsnservices .com) (malware.rules)
2039137 - ET MALWARE SocGholish Domain in DNS Lookup (family
.1ablecommunity .com) (malware.rules)
2039138 - ET MALWARE SocGholish Domain in DNS Lookup (resort
.reliablecommunityservices .com) (malware.rules)
2039416 - ET MALWARE SocGholish CnC Domain in DNS Lookup (offerings
.love4lifewellness .com) (malware.rules)
2039443 - ET MALWARE SocGholish Domain in DNS Lookup (malware.rules)
2039444 - ET MALWARE SocGholish CnC Domain in DNS Lookup (malware.rules)
2039484 - ET MALWARE SocGholish CnC Domain in DNS Lookup (discover
.jsfconnections .com) (malware.rules)
2039585 - ET MALWARE SocGholish Domain in DNS Lookup (shipwrecks
.ggentile .com) (malware.rules)
2039597 - ET MALWARE SocGholish CnC Domain in DNS Lookup (portraits
.studio-94-photography .com) (malware.rules)
2039617 - ET MALWARE SocGholish Domain in DNS Lookup (squad .incumetrics
.com) (malware.rules)
2039620 - ET MALWARE SocGholish Domain in DNS Lookup (myfood
.silverspringfoodproject .org) (malware.rules)
2039623 - ET MALWARE SocGholish Domain in DNS Lookup (podcasts
.momsgrabcoffee .com) (malware.rules)
2039789 - ET MALWARE SocGholish Domain in DNS Lookup (collapse
.tradingiswar .com) (malware.rules)
2039790 - ET MALWARE SocGholish Domain in DNS Lookup (founder .carflower
.pics) (malware.rules)
2039791 - ET MALWARE SocGholish Domain in DNS Lookup (travel .dianatokaji
.com) (malware.rules)
2039831 - ET MALWARE SocGholish Domain in DNS Lookup (montage
.travelguidediva .com) (malware.rules)
2040144 - ET MALWARE SocGholish Domain in DNS Lookup (pastor .cntcog
.org) (malware.rules)
2041784 - ET MALWARE SocGholish CnC Domain in DNS Lookup (* .fate
.truelance .com) (malware.rules)
2043000 - ET MALWARE SocGholish Domain in DNS Lookup (navyseal .digijump
.online) (malware.rules)
2043001 - ET MALWARE SocGholish CnC Domain in DNS Lookup (* .shrubs
.emptyisland .pics) (malware.rules)
2043024 - ET MALWARE SocGholish Domain in DNS Lookup (people .fl2wealth
.com) (malware.rules)
2043159 - ET MALWARE SocGholish Domain in DNS Lookup (kinematics
.starmidwest .com) (malware.rules)
2043160 - ET MALWARE SocGholish Domain in DNS Lookup (passphrase
.singinganewsong .com) (malware.rules)
2807656 - ETPRO WEB_CLIENT Microsoft Internet Explorer Use After free
(CVE-2014-0285) (web_client.rules)
2807657 - ETPRO WEB_CLIENT Microsoft Internet Explorer Use After free
(CVE-2014-0286) (web_client.rules)
2807806 - ETPRO WEB_CLIENT Possible User-After-Free CVE-2014-0309
(web_client.rules)
2807807 - ETPRO WEB_CLIENT Possible User-After-Free CVE-2014-0312
(web_client.rules)
2807811 - ETPRO WEB_CLIENT Possible IE8 Memory Corruption Vulnerability
CVE-2014-0324 (web_client.rules)
2807934 - ETPRO WEB_CLIENT Microsoft Internet Explorer Use After free
(CVE-2014-1752) (web_client.rules)
2807985 - ETPRO WEB_CLIENT Possible Internet Explorer RCE CVE-2014-1776
(web_client.rules)
2808040 - ETPRO WEB_CLIENT Microsoft Internet Explorer Use After free
(CVE-2014-1815) (web_client.rules)
2808041 - ETPRO WEB_CLIENT Microsoft Internet Explorer Use After free
(CVE-2014-1815) (web_client.rules)
2808081 - ETPRO WEB_CLIENT Acrobat Reader Possible CVE-2014-0527 Use
After Free (web_client.rules)
2808082 - ETPRO WEB_CLIENT Acrobat Reader Possible CVE-2014-0527 Use
After Free (web_client.rules)
2808142 - ETPRO WEB_CLIENT Microsoft Internet Explorer Use After free
(CVE-2014-0282) (web_client.rules)
2808143 - ETPRO WEB_CLIENT Microsoft Internet Explorer Use After free
(CVE-2014-1762) (web_client.rules)
2808147 - ETPRO WEB_CLIENT Microsoft Internet Explorer Use After free
(CVE-2014-1789) (web_client.rules)
2808149 - ETPRO WEB_CLIENT Microsoft Internet Explorer Use After free
(CVE-2014-1795) (web_client.rules)
2808150 - ETPRO WEB_CLIENT Microsoft Internet Explorer Use After free
(CVE-2014-1797) (web_client.rules)
[---] Removed rules: [---]
2018262 - ET EXPLOIT_KIT DRIVEBY Nuclear EK IE Exploit CVE-2013-2551
March 12 2014 (exploit_kit.rules)