Think you have a false positive on this rule?

Sid 1-28616

Message

EXPLOIT-KIT Angler exploit kit payload download attempt

Summary

Microsoft Silverlight 5, and 5 Developer Runtime, before 5.1.20125.0 does not properly validate pointers during HTML object rendering, which allows remote attackers to execute arbitrary code via a crafted Silverlight application, aka "Silverlight Double Dereference Vulnerability."

Impact

CVSS base score 9.3 CVSS impact score 10.0 CVSS exploitability score 8.6 confidentialityImpact COMPLETE integrityImpact COMPLETE availabilityImpact COMPLETE

CVE-2013-0074:

CVSS base score 9.3

CVSS impact score 10.0

CVSS exploitability score 8.6

Confidentiality Impact COMPLETE

Integrity Impact COMPLETE

Availability Impact COMPLETE

CVE-2013-0634:

CVSS base score 9.3

CVSS impact score 10.0

CVSS exploitability score 8.6

Confidentiality Impact COMPLETE

Integrity Impact COMPLETE

Availability Impact COMPLETE

CVE-2013-3896:

CVSS base score 4.3

CVSS impact score 2.9

CVSS exploitability score 8.6

Confidentiality Impact PARTIAL

Integrity Impact NONE

Availability Impact NONE

Detailed information

CVE-2013-0074: Microsoft Silverlight 5, and 5 Developer Runtime, before 5.1.20125.0 does not properly validate pointers during HTML object rendering, which allows remote attackers to execute arbitrary code via a crafted Silverlight application, aka "Silverlight Double Dereference Vulnerability."

CVE-2013-0634: Adobe Flash Player before 10.3.183.51 and 11.x before 11.5.502.149 on Windows and Mac OS X, before 10.3.183.51 and 11.x before 11.2.202.262 on Linux, before 11.1.111.32 on Android 2.x and 3.x, and before 11.1.115.37 on Android 4.x allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via crafted SWF content, as exploited in the wild in February 2013.

CVE-2013-3896: Microsoft Silverlight 5 before 5.1.20913.0 does not properly validate pointers during access to Silverlight elements, which allows remote attackers to obtain sensitive information via a crafted Silverlight application, aka "Silverlight Vulnerability."

Affected systems

  • microsoft silverlight 5.0.60401.0
  • microsoft silverlight 5.0.60818.0
  • microsoft silverlight 5.0.61118.0
  • adobe flash_player 10.0.0.584
  • adobe flash_player 10.0.2.54
  • adobe flash_player 10.0.12.10
  • adobe flash_player 10.0.12.36
  • adobe flash_player 10.0.15.3
  • adobe flash_player 10.0.22.87
  • adobe flash_player 10.0.32.18
  • adobe flash_player 10.0.42.34
  • adobe flash_player 10.0.45.2
  • adobe flash_player 10.1
  • adobe flash_player 10.1.52.14
  • adobe flash_player 10.1.52.14.1
  • adobe flash_player 10.1.52.15
  • adobe flash_player 10.1.53.64
  • adobe flash_player 10.1.82.76
  • adobe flash_player 10.1.85.3
  • adobe flash_player 10.1.92.8
  • adobe flash_player 10.1.92.10
  • adobe flash_player 10.1.95.1
  • adobe flash_player 10.1.95.2
  • adobe flash_player 10.1.102.64
  • adobe flash_player 10.1.105.6
  • adobe flash_player 10.1.106.16
  • adobe flash_player 10.1.106.17
  • adobe flash_player 10.2.152
  • adobe flash_player 10.2.152.26
  • adobe flash_player 10.2.152.32
  • adobe flash_player 10.2.152.33
  • adobe flash_player 10.2.153.1
  • adobe flash_player 10.2.154.13
  • adobe flash_player 10.2.154.25
  • adobe flash_player 10.2.156.12
  • adobe flash_player 10.2.157.51
  • adobe flash_player 10.2.159.1
  • adobe flash_player 10.3.181.14
  • adobe flash_player 10.3.181.16
  • adobe flash_player 10.3.181.22
  • adobe flash_player 10.3.181.23
  • adobe flash_player 10.3.181.26
  • adobe flash_player 10.3.181.34
  • adobe flash_player 10.3.183.5
  • adobe flash_player 10.3.183.7
  • adobe flash_player 10.3.183.10
  • adobe flash_player 10.3.183.11
  • adobe flash_player 10.3.183.15
  • adobe flash_player 10.3.183.16
  • adobe flash_player 10.3.183.18
  • adobe flash_player 10.3.183.19
  • adobe flash_player 10.3.183.20
  • adobe flash_player 10.3.183.23
  • adobe flash_player 10.3.183.25
  • adobe flash_player 10.3.183.29
  • adobe flash_player 10.3.183.43
  • adobe flash_player 10.3.183.48
  • adobe flash_player 10.3.183.50
  • adobe flash_player 10.3.185.22
  • adobe flash_player 10.3.185.24
  • adobe flash_player 10.3.186.3
  • adobe flash_player 10.3.186.6
  • adobe flash_player 10.3.186.7
  • adobe flash_player 11.0
  • adobe flash_player 11.0.1.152
  • adobe flash_player 11.0.1.153
  • adobe flash_player 11.1
  • adobe flash_player 11.1.102.55
  • adobe flash_player 11.1.102.59
  • adobe flash_player 11.1.102.62
  • adobe flash_player 11.1.102.63
  • adobe flash_player 11.1.111.8
  • adobe flash_player 11.1.115.7
  • adobe flash_player 11.1.115.34
  • adobe flash_player 11.2.202.223
  • adobe flash_player 11.2.202.228
  • adobe flash_player 11.2.202.233
  • adobe flash_player 11.2.202.235
  • adobe flash_player 11.2.202.236
  • adobe flash_player 11.2.202.238
  • adobe flash_player 11.2.202.243
  • adobe flash_player 11.2.202.251
  • adobe flash_player 11.2.202.258
  • adobe flash_player 11.2.202.261
  • adobe flash_player 11.2.202.262
  • adobe flash_player 11.3.300.257
  • adobe flash_player 11.3.300.262
  • adobe flash_player 11.3.300.265
  • adobe flash_player 11.3.300.268
  • adobe flash_player 11.3.300.270
  • adobe flash_player 11.3.300.271
  • adobe flash_player 11.3.300.273
  • adobe flash_player 11.4.402.265
  • adobe flash_player 11.4.402.278
  • adobe flash_player 11.4.402.287
  • adobe flash_player 11.5.502.110
  • adobe flash_player 11.5.502.135
  • adobe flash_player 11.5.502.136
  • adobe flash_player 11.5.502.146
  • adobe flashplayerfor_android 11.0.1.153
  • adobe flashplayerfor_android 11.1.102.59
  • adobe flashplayerfor_android 11.1.111.5
  • adobe flashplayerfor_android 11.1.111.6
  • adobe flashplayerfor_android 11.1.111.7
  • adobe flashplayerfor_android 11.1.111.8
  • adobe flashplayerfor_android 11.1.111.9
  • adobe flashplayerfor_android 11.1.111.10
  • adobe flashplayerfor_android 11.1.111.16
  • adobe flashplayerfor_android 11.1.111.19
  • adobe flashplayerfor_android 11.1.111.24
  • adobe flashplayerfor_android 11.1.111.29
  • adobe flashplayerfor_android 11.1.111.31
  • adobe flashplayerfor_android 11.1.112.60
  • adobe flashplayerfor_android 11.1.112.61
  • adobe flashplayerfor_android 11.1.115.6
  • adobe flashplayerfor_android 11.1.115.7
  • adobe flashplayerfor_android 11.1.115.8
  • adobe flashplayerfor_android 11.1.115.11
  • adobe flashplayerfor_android 11.1.115.12
  • adobe flashplayerfor_android 11.1.115.17
  • adobe flashplayerfor_android 11.1.115.20
  • adobe flashplayerfor_android 11.1.115.27
  • adobe flashplayerfor_android 11.1.115.34
  • adobe flashplayerfor_android 11.1.115.36
  • microsoft silverlight 5.1.10411.0
  • microsoft silverlight 5.1.20125.0
  • microsoft silverlight 5.1.20513.0

Ease of attack

CVE-2013-0074:

Access Vector NETWORK

Access Complexity MEDIUM

Authentication NONE

CVE-2013-0634:

Access Vector NETWORK

Access Complexity MEDIUM

Authentication NONE

CVE-2013-3896:

Access Vector NETWORK

Access Complexity MEDIUM

Authentication NONE

False positives

None known

False negatives

None known

Corrective action

Upgrade to the latest non-affected version of the software.

Apply the appropriate vendor supplied patches.

Contributors

  • Talos research team.
  • This document was generated from data supplied by the national vulnerability database, a product of the national institute of standards and technology.
  • For more information see nvd.

Additional References

  • malware.dontneedcoffee.com/2013/10/paunch-arrestationthe-end-of-era.html