BROWSER-OTHER -- Snort has detected suspicious traffic known to exploit vulnerabilities present in an Internet browser other than Firefox, Internet Explorer, or Chrome, or which is present in multiple browsers. This rule should be enabled for systems that use any mainstream browser, to offer complete coverage. (ie, If a vulnerability affects both Chrome and Firefox, but is covered by a rule under the Chrome category, Firefox users might have Chrome coverage turned off and miss the vulnerability.)
BROWSER-OTHER Electron nodeIntegration bypass exploit attempt
This event is generated when an attempt to exploit CVE-2018-1000136, an Electron nodeIntegration bypass, over SMTP is detected. Impact: An attacker who successfully exploits CVE-2018-1000136 could achieve arbitrary code execution in the context of the current user where the Electron-based application is being run. Details: CVE-2018-1000136 manifests in how Electron improperly enforces application settings. If the Electron application is executing JavaScript from a remote host, an attacker could exploit this vulnerability to also execute arbitrary code on the local host running the Electron application. Ease of Attack: A proof-of-concept exploit for this vulnerability has been published.
No information provided
No public information
No known false positives
Cisco Talos Intelligence Group
No rule groups
CVE-2018-1000136 |
Loading description
|