FILE-FLASH -- Snort has detected suspicious traffic via the Adobe Flash Player. Flash is a common target of code execution, overflow, DoS, and memory corruption attacks in particular, via swifs, action scripts, etc. Many networks block Flash altogether; the application will be deprecated in 2020.
FILE-FLASH Adobe Flash Player COM server BrokerCreateFile sandbox escape attempt
This event is generated when an attacker attempts to exploit a sandbox bypass vulnerability in Adobe Flash Player COM server. Impact: Attempted User Privilege Gain Details: Rule checks for attempts to exploit a sandbox bypass vulnerability in Adobe Flash Player COM server. Ease of Attack:
No information provided
No public information
No known false positives
Cisco Talos Intelligence Group
No rule groups