FILE-OTHER -- Snort detected traffic targeting vulnerabilities in a file type that does not require enough rule coverage to have its own category.
FILE-OTHER Multiple products dwmapi.dll dll-load exploit attempt
Vulnerabilities in multiple products allow local users, and possibly remote attackers, to execute arbitrary code and conduct DLL hijacking attacks via a Trojan horse dwmapi.dll. Impact: Potential user-access to the victim's machine. Details: Rule checks for an attempt to download a malicious dwmapi.dll file, used in dll-load exploit attempts. Ease of Attack: Simple
No information provided
No public information
No known false positives
Talos research team.
No rule groups
CVE-2010-3127 |
Loading description
|
CVE-2010-3131 |
Loading description
|
CVE-2010-3152 |
Loading description
|
CVE-2010-3191 |
Loading description
|
CVE-2010-3976 |
Loading description
|
CVE-2013-0733 |
Loading description
|
CVE-2013-3485 |
Loading description
|
CVE-2016-1090 |
Loading description
|
CVE-2017-17069 |
Loading description
|