Versions (5)
Version DetailsCurrent
Rev: 7 • Jul 30, 2010, 12:00 PMET ACTIVEX Microsoft XML Core Services DTD Cross Domain Information Disclosure clsid
alert http $EXTERNAL_NET $HTTP_PORTS -> $HOME_NET any (msg:"ET ACTIVEX Microsoft XML Core Services DTD Cross Domain Information Disclosure clsid"; flow:to_client,established; content:"f5078f32-c551-11d3-89b9-0000f81fe221"; nocase; content:"loadXML"; nocase; distance:0; content:"parseError.srcText"; nocase; distance:0; reference:bugtraq,32155; reference:url,milw0rm.com/exploits/7196; classtype:web-application-attack; sid:2008887; rev:7; metadata:created_at 2010_07_30, confidence Medium, signature_severity Unknown, tag Description_Generated_By_Proofpoint_Nexus, updated_at 2019_07_26, mitre_tactic_id TA0007, mitre_tactic_name Discovery, mitre_technique_id T1082, mitre_technique_name System_Information_Discovery;)
Jul 30, 2010, 12:00 PM
Jul 26, 2019, 12:00 PM
Sep 21, 2024, 3:00 AM
Oct 6, 2025, 4:34 PM
rules/emerging-activex.rules