SID 1:48052

Report a false positive

Rule Category

BROWSER-IE -- Snort has detected traffic known to exploit vulnerabilities present in the Internet Explorer browser, or products that have the Trident or Tasman engines.

Alert Message

BROWSER-IE Multiple browsers memory corruption attempt

Rule Explanation

This event is generated when malicious JavaScript targeted against Microsoft Edge or Mozilla Firefox is detected on the network. Impact: Attempted User Privilege Gain Details: A memory corruption vulnerability is identified in Microsoft Edge and Mozilla Firefox. This vulnerability can be used to achieve remote code execution. Ease of Attack:

What To Look For

No information provided

Known Usage

No public information

False Positives

No known false positives

Contributors

Cisco Talos Intelligence Group

Rule Groups

No rule groups

CVE

CVE-2018-8505 CVE-2019-0771 CVE-2019-1052 CVE-2019-1139 CVE-2019-1197 CVE-2019-9810

Additional Links

portal.msrc.microsoft.com/en-us/security-guidance/advisory/CVE-2018-8505
portal.msrc.microsoft.com/en-us/security-guidance/advisory/CVE-2019-0771
portal.msrc.microsoft.com/en-us/security-guidance/advisory/CVE-2019-1052
portal.msrc.microsoft.com/en-us/security-guidance/advisory/CVE-2019-1139
portal.msrc.microsoft.com/en-us/security-guidance/advisory/CVE-2019-1197
www.mozilla.org/en-US/security/advisories/mfsa2019-09/

Rule Vulnerability

CVE Additional Information

This product uses data from the NVD API but is not endorsed or certified by the NVD.
CVE-2018-8505
 Loading description
CVE-2019-0771
 Loading description
CVE-2019-1052
 Loading description
CVE-2019-1139
 Loading description
CVE-2019-1197
 Loading description
CVE-2019-9810
 Loading description