Versions (4)
Version DetailsCurrent
Rev: 11 • Jul 30, 2010, 12:00 PMET ACTIVEX Apple QuickTime <= 7.4.1 QTPlugin.ocx Multiple Remote Stack Overflow
alert http $EXTERNAL_NET $HTTP_PORTS -> $HOME_NET any (msg:"ET ACTIVEX Apple QuickTime <= 7.4.1 QTPlugin.ocx Multiple Remote Stack Overflow"; flow:to_client,established; content:"02BF25D5-8C17-4B23-BC80-D3488ABDDC6B"; nocase; content:"String("; nocase; distance:0; pcre:"/^\s*?[0-9]{4}/R"; pcre:"/(SetBgColor|SetMovieName|SetTarget|SetMatrix|SetHREF)/Ri"; reference:bugtraq,27769; reference:cve,CVE-2008-0778; reference:url,www.milw0rm.com/exploits/5110; classtype:web-application-attack; sid:2007878; rev:11; metadata:created_at 2010_07_30, confidence High, signature_severity Major, tag Description_Generated_By_Proofpoint_Nexus, updated_at 2019_07_26;)
Jul 30, 2010, 12:00 PM
Jul 26, 2019, 12:00 PM
Sep 21, 2024, 3:00 AM
Oct 16, 2025, 8:36 PM
rules/emerging-activex.rules