FILE-PDF -- Snort has detected suspicious traffic related to a PDF file. PDFs are easily exploitable. They include many ways to encapsulate data and are often targeted by attackers, who use the PDF's household name status for social engineering. Therefore, Snort includes Many PDF-targeted rules.
FILE-PDF Adobe Professional JPEG ICC profile heap overflow attempt
This event is generated when a malicious JPEG attempting to exploit CVE-2017-11211 is detected. Impact: Attempted User Privilege Gain Details: Recommendation: Ensure your systems have the latest OS, application and plugin security updates. Ensure your anti-malware software has up-to-date signatures. The internal host should be checked for compromise, and if an infection is found the host should be re-imaged. Ease of Attack:
No information provided
No public information
No known false positives
Cisco Talos Intelligence Group
No rule groups
CVE-2017-11211 |
Loading description
|