SID 1:25135

Report a false positive

Rule Category

DELETED --

Alert Message

DELETED EXPLOIT-KIT Styx Exploit Kit outbound connection

Rule Explanation

Multiple buffer overflows in Adobe Reader and Acrobat 8.1.1 and earlier allow remote attackers to execute arbitrary code via a PDF file with long arguments to unspecified JavaScript methods. NOTE: this issue might be subsumed by CVE-2008-0655. Impact: CVSS base score 9.3 CVSS impact score 10.0 CVSS exploitability score 8.6 confidentialityImpact COMPLETE integrityImpact COMPLETE availabilityImpact COMPLETE Details: Ease of Attack:

What To Look For

No information provided

Known Usage

No public information

False Positives

No known false positives

Contributors

Talos research team. This document was generated from data supplied by the national vulnerability database, a product of the national institute of standards and technology. For more information see [nvd].

Rule Groups

No rule groups

CVE

CVE-2007-5659 CVE-2008-0655 CVE-2011-3544 CVE-2012-0507 CVE-2012-1723 CVE-2012-4681 CVE-2012-4969 CVE-2013-0422 CVE-2013-2423

Additional Links

malwaresigs.com/2012/12/19/styx-exploit-kit/

Rule Vulnerability

CVE Additional Information

This product uses data from the NVD API but is not endorsed or certified by the NVD.
CVE-2007-5659
 Loading description
CVE-2008-0655
 Loading description
CVE-2011-3544
 Loading description
CVE-2012-0507
 Loading description
CVE-2012-1723
 Loading description
CVE-2012-4681
 Loading description
CVE-2012-4969
 Loading description
CVE-2013-0422
 Loading description
CVE-2013-2423
 Loading description