Rule History

alert http $EXTERNAL_NET any -> $HOME_NET any (msg:"ET EXPLOIT Java Atomic Reference Exploit Attempt Metasploit Specific (CVE-2012-0507)"; flow:established,from_server; file_data; content:"|3c|applet archive=|22|"; distance:0; content:".jar|22|"; within:14; content:"code=|22|msf.x.Exploit.class|22|"; distance:0; fast_pattern; reference:cve,CVE-2012-0507; reference:url,www.metasploit.com/modules/exploit/multi/browser/java_atomicreferencearray; classtype:bad-unknown; sid:2014461; rev:11; metadata:affected_product Any, attack_target Client_and_Server, created_at 2012_04_04, deployment Perimeter, deployment Internet, deployment Internal, deployment Datacenter, signature_severity Critical, tag Metasploit, tag CISA_KEV, updated_at 2022_06_10;)