Versions (2)
Version DetailsCurrent
Rev: 3 • Jul 1, 2011, 12:00 PMET WEB_CLIENT Adobe Acrobat Util.printf Buffer Overflow Attempt
alert http $EXTERNAL_NET any -> $HOME_NET any (msg:"ET WEB_CLIENT Adobe Acrobat Util.printf Buffer Overflow Attempt"; flow:established,to_client; content:"util.printf|28 22 25|"; nocase; fast_pattern; pcre:"/util.printf\x28\x22\x25[^\x2C\x29]*f\x22\x2C/i"; reference:url,www.coresecurity.com/content/adobe-reader-buffer-overflow; reference:bid,30035; reference:cve,2008-2992; classtype:attempted-user; sid:2013152; rev:3; metadata:affected_product Web_Browsers, affected_product Web_Browser_Plugins, attack_target Client_Endpoint, created_at 2011_07_01, cve CVE_2008_2992, deployment Perimeter, confidence High, signature_severity Major, tag Web_Client_Attacks, updated_at 2019_10_08;)
Jul 1, 2011, 12:00 PM
Oct 8, 2019, 12:00 PM
Jul 1, 2011, 12:00 PM
May 31, 2024, 9:00 PM
rules/emerging-web_client.rules