Rule Category

BROWSER-IE -- Snort has detected traffic known to exploit vulnerabilities present in the Internet Explorer browser, or products that have the Trident or Tasman engines.

Alert Message

BROWSER-IE Internet Explorer URL file remote code execution attempt detected

Rule Explanation

This event is generated when an attempt to exploit CVE-2016-3353 is detected. Impact: Attempted User Privilege Gain Details: This is a vulnerability in Internet Explorer that can lead to remote code execution. An attacker may be able to create a crafted .url extension file that can trick Internet Explorer into downloading files for further execution. Ease of Attack:

What To Look For

No information provided

Known Usage

No public information

False Positives

No known false positives

Contributors

Cisco Talos Intelligence Group

Rule Groups

No rule groups

CVE

Additional Links

Rule Vulnerability

CVE Additional Information

This product uses data from the NVD API but is not endorsed or certified by the NVD.
CVE-2016-3353
Loading description