Sourcefire VRT Rules Update
Date: 2011-03-08
This is the complete list of rules modified and added in the Sourcefire VRT Certified rule pack for Snort version 2.9.0.4.
The format of the file is:
sid - Message (rule group, priority)
New rules: 18537 <-> WEB-CLIENT OpenOffice.org XPM file processing integer overflow attempt (web-client.rules, High) 18538 <-> SPECIFIC-THREATS Microsoft Excel PtgName invalid index exploit attempt (specific-threats.rules, High) 18539 <-> EXPLOIT Microsoft Internet Explorer event handling remote code execution attempt (exploit.rules, High) 18540 <-> SPECIFIC-THREATS Internet Explorer invalid pointer memory corruption attempt (specific-threats.rules, High) 18541 <-> SPECIFIC-THREATS Microsoft Excel 2007 invalid comments.xml uninitialized pointer access attempt 3 (specific-threats.rules, High) 18542 <-> SPECIFIC-THREATS Windows Media Player ActiveX unknow compression algorithm use arbitrary code execution attempt (specific-threats.rules, High)
