FILE-IMAGE -- Snort detected suspicious traffic targeting vulnerabilities found inside images files, regardless of delivery method, targeted software, or image type. (Examples include: jpg, png, gif, bmp). These rules search for malformed images used to exploit system. Attackers alter image attributes, often to include shell code, so they are susceptible to vulnerabilities when they are parsed and send commands instead of loading the image.
FILE-IMAGE Adobe Acrobat Pro malformed JPEG APP1 segment out of bounds memory access attempt
This rule looks for nested Adobe XML XFA subforms that are used for exploiting use-after vulnerabilities in Adobe Acrobat and Reader products.
This rule fires on nested Adobe XML XFA subforms that are used for exploiting use-after vulnerabilities in Adobe Acrobat and Reader products.
No public information
No known false positives
Cisco Talos Intelligence Group
No rule groups
Use After Free
Use After Free (UAF) attacks target computer memory flaws to corrupt the memory execute code. The name refers to attempts to use memory after it has been freed, which can cause a program to crash under normal circumstances, or result in remote code execution in a successful attack.
CVE-2017-2960 |
Loading description
|
Tactic: Impact
Technique: Application or System Exploitation
For reference, see the MITRE ATT&CK vulnerability types here: https://attack.mitre.org
©2024 Cisco and/or its affiliates. Snort, the Snort and Pig logo are registered trademarks of Cisco. All rights reserved.
