Snort Search


1-15177 - The Trend Micro HouseCall ActiveX control 6.51.0.1028 and 6.6.0.1278 in Housecall_ActiveX.dll allows remote attackers to download an arbitrary library file onto a client system via a "custom update server" argument. NOTE: this can be leveraged for code execution by writing to a Startup folder.

Rule

1-15179 - The Trend Micro HouseCall ActiveX control 6.51.0.1028 and 6.6.0.1278 in Housecall_ActiveX.dll allows remote attackers to download an arbitrary library file onto a client system via a "custom update server" argument. NOTE: this can be leveraged for code execution by writing to a Startup folder.

Rule

1-15180 - The Trend Micro HouseCall ActiveX control 6.51.0.1028 and 6.6.0.1278 in Housecall_ActiveX.dll allows remote attackers to download an arbitrary library file onto a client system via a "custom update server" argument. NOTE: this can be leveraged for code execution by writing to a Startup folder.

Rule

1-15178 - The Trend Micro HouseCall ActiveX control 6.51.0.1028 and 6.6.0.1278 in Housecall_ActiveX.dll allows remote attackers to download an arbitrary library file onto a client system via a "custom update server" argument. NOTE: this can be leveraged for code execution by writing to a Startup folder.

Rule

1-35491 - Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT Gold and 8.1, Windows 10, Office 2007 SP3 and 2010 SP2, Live Meeting 2007 Console, Lync 2010, Lync 2010 Attendee, Lync 2013 SP1, Lync Basic 2013 SP1, and Silverlight before 5.1.40728 allow remote attackers to execute arbitrary code via a crafted TrueType font, aka "TrueType Font Parsing Vulnerability."

Rule

1-35492 - Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT Gold and 8.1, Windows 10, Office 2007 SP3 and 2010 SP2, Live Meeting 2007 Console, Lync 2010, Lync 2010 Attendee, Lync 2013 SP1, Lync Basic 2013 SP1, and Silverlight before 5.1.40728 allow remote attackers to execute arbitrary code via a crafted TrueType font, aka "TrueType Font Parsing Vulnerability."

Rule

1-2435 - Buffer overflow in the rendering for (1) Windows Metafile (WMF) or (2) Enhanced Metafile (EMF) image formats in Microsoft Windows NT 4.0 SP6a, 2000 SP2 through SP4, and XP SP1 allows remote attackers to execute arbitrary code via a malformed WMF or EMF image.

Rule

1-20148 - Buffer overflow in Adobe Reader and Acrobat 8.x before 8.3.1, 9.x before 9.4.6, and 10.x before 10.1.1 allows attackers to execute arbitrary code via unspecified vectors.

Rule

1-39040 - This event is generated when activity relating to malware is detected.

Rule

1-48175 - This event is generated when client system tries to download GhostPuppet malicious document

Rule

1-48176 - This event is generated when client system tries to download GhostPuppet malicious document

Rule

1-40760 - The deref_parseCtrl function in servers/slapd/overlays/deref.c in OpenLDAP 2.4.13 through 2.4.40 allows remote attackers to cause a denial of service (NULL pointer dereference and crash) via an empty attribute list in a deref control in a search request.

Rule

3-13773 - The snmp_trap_decode function in the SNMP NAT helper for Linux kernel before 2.6.16.18 allows remote attackers to cause a denial of service (crash) via unspecified remote attack vectors that cause failures in snmp_trap_decode that trigger (1) frees of random memory or (2) frees of previously-freed memory (double-free) by snmp_trap_decode as well as its calling function, as demonstrated via certain test cases of the PROTOS SNMP test suite.

Rule

1-25314 - The igmp_heard_query function in net/ipv4/igmp.c in the Linux kernel before 3.2.1 allows remote attackers to cause a denial of service (divide-by-zero error and panic) via IGMP packets.

Rule

1-51328 - This event is generated when an x86 side-channel analysis information leak is detected.

Rule

1-51329 - This event is generated when an x86 side-channel analysis information leak is detected.

Rule

1-51330 - This event is generated when an x86 side-channel analysis information leak is detected.

Rule

1-51327 - This event is generated when an x86 side-channel analysis information leak is detected.

Rule

Talos Rules 2019-07-09 - Talos is aware of vulnerabilities affecting products from Microsoft Corporation.

Advisory

1-45357 - This event is generated when an x86 side-channel analysis information leak is detected.

Rule

1-45358 - This event is generated when an x86 side-channel analysis information leak is detected.

Rule

1-45359 - This event is generated when an x86 side-channel analysis information leak is detected.

Rule

1-45360 - This event is generated when an x86 side-channel analysis information leak is detected.

Rule

1-45361 - This event is generated when an x86 side-channel analysis information leak is detected.

Rule

1-45362 - This event is generated when an x86 side-channel analysis information leak is detected.

Rule

1-45363 - This event is generated when an x86 side-channel analysis information leak is detected.

Rule

1-45364 - This event is generated when an x86 side-channel analysis information leak is detected.

Rule

1-45365 - This event is generated when an x86 side-channel analysis information leak is detected.

Rule

1-45366 - This event is generated when an x86 side-channel analysis information leak is detected.

Rule

1-45367 - This event is generated when an x86 side-channel analysis information leak is detected.

Rule