ET EXPLOIT Potential Internet Explorer Use After Free CVE-2013-3163 Exploit URI Struct 1

SID: 2017131Rev: 80 viewsHistory

Sourceet/open

CreatedJuly 11, 2013

UpdatedNovember 26, 2024

Classificationattempted-user

alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"ET EXPLOIT Potential Internet Explorer Use After Free CVE-2013-3163 Exploit URI Struct 1"; flow:established,to_server; http.uri; content:"/vid.aspx?id="; nocase; fast_pattern; pcre:"/^[a-zA-Z0-9]+$/Ri"; http.header_names; content:!"Cookie|0d 0a|"; reference:url,blogs.technet.com/b/srd/archive/2013/07/10/running-in-the-wild-not-for-so-long.aspx; classtype:attempted-user; sid:2017131; rev:8; metadata:attack_target Client_and_Server, created_at 2013_07_11, deployment Perimeter, deployment Internal, confidence Low, signature_severity Major, tag CISA_KEV, updated_at 2024_11_26, mitre_tactic_id TA0001, mitre_tactic_name Initial_Access, mitre_technique_id T1189, mitre_technique_name Drive_by_Compromise; target:dest_ip;)

References

url	blogs.technet.com/b/srd/archive/2013/07/10/running-in-the-wild-not-for-so-long.aspx

Metadata

attack targetClient_and_Server

created at2013_07_11

deploymentInternal

confidenceLow

signature severityMajor

tagCISA_KEV

updated at2024_11_26

mitre tactic idTA0001

mitre tactic nameInitial_Access

mitre technique idT1189

mitre technique nameDrive_by_Compromise

Comments (0)

Please sign in to leave a comment.

No comments yet. Be the first to comment!