Versions (3)
Version DetailsCurrent
Rev: 6 • May 4, 2016, 12:00 PMET WEB_SERVER ImageMagick CVE-2016-3714 Inbound (mvg)
alert http $EXTERNAL_NET any -> $HTTP_SERVERS any (msg:"ET WEB_SERVER ImageMagick CVE-2016-3714 Inbound (mvg)"; flow:established,to_server; http.request_body; content:"viewbox|20|"; nocase; fast_pattern; pcre:"/https\x3a.+(?<!\x5c)(:[\x22\x27]|\\x2[27])\s*?[\x3b&\x7c><].*?(:[\x22\x27]|\\x2[27])/si"; classtype:web-application-attack; sid:2022789; rev:6; metadata:created_at 2016_05_04, cve CVE_2016_3714, signature_severity Major, tag CISA_KEV, updated_at 2020_10_06;)
May 4, 2016, 12:00 PM
Oct 6, 2020, 12:00 PM
Sep 21, 2024, 3:00 AM
May 30, 2025, 12:04 AM
rules/emerging-web_server.rules