Think you have a false positive on this rule?

Sid 1-28612

Message

EXPLOIT-KIT Multiple exploit kit Silverlight exploit download

Summary

This event is generated when there are multiple silverlight exploits downloaded that are associated with an exploit kit

Impact

A Network Trojan was detected

CVE-2013-0074:

CVSS base score 9.3

CVSS impact score 10.0

CVSS exploitability score 8.6

Confidentiality Impact COMPLETE

Integrity Impact COMPLETE

Availability Impact COMPLETE

CVE-2013-0634:

CVSS base score 9.3

CVSS impact score 10.0

CVSS exploitability score 8.6

Confidentiality Impact COMPLETE

Integrity Impact COMPLETE

Availability Impact COMPLETE

CVE-2013-3896:

CVSS base score 4.3

CVSS impact score 2.9

CVSS exploitability score 8.6

Confidentiality Impact PARTIAL

Integrity Impact NONE

Availability Impact NONE

Detailed information

CVE-2013-0074: Microsoft Silverlight 5, and 5 Developer Runtime, before 5.1.20125.0 does not properly validate pointers during HTML object rendering, which allows remote attackers to execute arbitrary code via a crafted Silverlight application, aka "Silverlight Double Dereference Vulnerability."

CVE-2013-0634: Adobe Flash Player before 10.3.183.51 and 11.x before 11.5.502.149 on Windows and Mac OS X, before 10.3.183.51 and 11.x before 11.2.202.262 on Linux, before 11.1.111.32 on Android 2.x and 3.x, and before 11.1.115.37 on Android 4.x allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via crafted SWF content, as exploited in the wild in February 2013.

CVE-2013-3896: Microsoft Silverlight 5 before 5.1.20913.0 does not properly validate pointers during access to Silverlight elements, which allows remote attackers to obtain sensitive information via a crafted Silverlight application, aka "Silverlight Vulnerability."

Affected systems

  • microsoft silverlight 5.0.60401.0
  • microsoft silverlight 5.0.60818.0
  • microsoft silverlight 5.0.61118.0
  • adobe flash_player 10.0.0.584
  • adobe flash_player 10.0.2.54
  • adobe flash_player 10.0.12.10
  • adobe flash_player 10.0.12.36
  • adobe flash_player 10.0.15.3
  • adobe flash_player 10.0.22.87
  • adobe flash_player 10.0.32.18
  • adobe flash_player 10.0.42.34
  • adobe flash_player 10.0.45.2
  • adobe flash_player 10.1
  • adobe flash_player 10.1.52.14
  • adobe flash_player 10.1.52.14.1
  • adobe flash_player 10.1.52.15
  • adobe flash_player 10.1.53.64
  • adobe flash_player 10.1.82.76
  • adobe flash_player 10.1.85.3
  • adobe flash_player 10.1.92.8
  • adobe flash_player 10.1.92.10
  • adobe flash_player 10.1.95.1
  • adobe flash_player 10.1.95.2
  • adobe flash_player 10.1.102.64
  • adobe flash_player 10.1.105.6
  • adobe flash_player 10.1.106.16
  • adobe flash_player 10.1.106.17
  • adobe flash_player 10.2.152
  • adobe flash_player 10.2.152.26
  • adobe flash_player 10.2.152.32
  • adobe flash_player 10.2.152.33
  • adobe flash_player 10.2.153.1
  • adobe flash_player 10.2.154.13
  • adobe flash_player 10.2.154.25
  • adobe flash_player 10.2.156.12
  • adobe flash_player 10.2.157.51
  • adobe flash_player 10.2.159.1
  • adobe flash_player 10.3.181.14
  • adobe flash_player 10.3.181.16
  • adobe flash_player 10.3.181.22
  • adobe flash_player 10.3.181.23
  • adobe flash_player 10.3.181.26
  • adobe flash_player 10.3.181.34
  • adobe flash_player 10.3.183.5
  • adobe flash_player 10.3.183.7
  • adobe flash_player 10.3.183.10
  • adobe flash_player 10.3.183.11
  • adobe flash_player 10.3.183.15
  • adobe flash_player 10.3.183.16
  • adobe flash_player 10.3.183.18
  • adobe flash_player 10.3.183.19
  • adobe flash_player 10.3.183.20
  • adobe flash_player 10.3.183.23
  • adobe flash_player 10.3.183.25
  • adobe flash_player 10.3.183.29
  • adobe flash_player 10.3.183.43
  • adobe flash_player 10.3.183.48
  • adobe flash_player 10.3.183.50
  • adobe flash_player 10.3.185.22
  • adobe flash_player 10.3.185.24
  • adobe flash_player 10.3.186.3
  • adobe flash_player 10.3.186.6
  • adobe flash_player 10.3.186.7
  • adobe flash_player 11.0
  • adobe flash_player 11.0.1.152
  • adobe flash_player 11.0.1.153
  • adobe flash_player 11.1
  • adobe flash_player 11.1.102.55
  • adobe flash_player 11.1.102.59
  • adobe flash_player 11.1.102.62
  • adobe flash_player 11.1.102.63
  • adobe flash_player 11.1.111.8
  • adobe flash_player 11.1.115.7
  • adobe flash_player 11.1.115.34
  • adobe flash_player 11.2.202.223
  • adobe flash_player 11.2.202.228
  • adobe flash_player 11.2.202.233
  • adobe flash_player 11.2.202.235
  • adobe flash_player 11.2.202.236
  • adobe flash_player 11.2.202.238
  • adobe flash_player 11.2.202.243
  • adobe flash_player 11.2.202.251
  • adobe flash_player 11.2.202.258
  • adobe flash_player 11.2.202.261
  • adobe flash_player 11.2.202.262
  • adobe flash_player 11.3.300.257
  • adobe flash_player 11.3.300.262
  • adobe flash_player 11.3.300.265
  • adobe flash_player 11.3.300.268
  • adobe flash_player 11.3.300.270
  • adobe flash_player 11.3.300.271
  • adobe flash_player 11.3.300.273
  • adobe flash_player 11.4.402.265
  • adobe flash_player 11.4.402.278
  • adobe flash_player 11.4.402.287
  • adobe flash_player 11.5.502.110
  • adobe flash_player 11.5.502.135
  • adobe flash_player 11.5.502.136
  • adobe flash_player 11.5.502.146
  • adobe flashplayerfor_android 11.0.1.153
  • adobe flashplayerfor_android 11.1.102.59
  • adobe flashplayerfor_android 11.1.111.5
  • adobe flashplayerfor_android 11.1.111.6
  • adobe flashplayerfor_android 11.1.111.7
  • adobe flashplayerfor_android 11.1.111.8
  • adobe flashplayerfor_android 11.1.111.9
  • adobe flashplayerfor_android 11.1.111.10
  • adobe flashplayerfor_android 11.1.111.16
  • adobe flashplayerfor_android 11.1.111.19
  • adobe flashplayerfor_android 11.1.111.24
  • adobe flashplayerfor_android 11.1.111.29
  • adobe flashplayerfor_android 11.1.111.31
  • adobe flashplayerfor_android 11.1.112.60
  • adobe flashplayerfor_android 11.1.112.61
  • adobe flashplayerfor_android 11.1.115.6
  • adobe flashplayerfor_android 11.1.115.7
  • adobe flashplayerfor_android 11.1.115.8
  • adobe flashplayerfor_android 11.1.115.11
  • adobe flashplayerfor_android 11.1.115.12
  • adobe flashplayerfor_android 11.1.115.17
  • adobe flashplayerfor_android 11.1.115.20
  • adobe flashplayerfor_android 11.1.115.27
  • adobe flashplayerfor_android 11.1.115.34
  • adobe flashplayerfor_android 11.1.115.36
  • microsoft silverlight 5.1.10411.0
  • microsoft silverlight 5.1.20125.0
  • microsoft silverlight 5.1.20513.0

Ease of attack

CVE-2013-0074:

Access Vector NETWORK

Access Complexity MEDIUM

Authentication NONE

CVE-2013-0634:

Access Vector NETWORK

Access Complexity MEDIUM

Authentication NONE

CVE-2013-3896:

Access Vector NETWORK

Access Complexity MEDIUM

Authentication NONE

False positives

None Known

False negatives

None Known

Corrective action

Contributors

  • Cisco's Talos Intelligence Group

Additional References

  • malware.dontneedcoffee.com/2013/10/paunch-arrestationthe-end-of-era.html