ET EXPLOIT Possible CVE-2016-2209 Symantec PowerPoint Parsing Buffer Overflow M2

SID: 2022924Rev: 20 views
History
Sourceet/open
CreatedJune 29, 2016
UpdatedJuly 26, 2019
Classificationtrojan-activity
alert http $EXTERNAL_NET any -> $HOME_NET any (msg:"ET EXPLOIT Possible CVE-2016-2209 Symantec PowerPoint Parsing Buffer Overflow M2"; flow:established,from_server; file_data; content:"|C8 6A CD E5 F1 2C B0 16 E6 F2 36 7B 41 2E 7F 4B C4 27 13 CF F3 1F FF 2B A8 2B 3A FE 09 77 BE CE 29 00 00 BA 0F A9 03 00 00|"; content:!"|00 00|"; distance:50; within:2; content:"|00 00 BA 0F 2E 01 00 00|"; distance:937; within:8; reference:url,bugs.chromium.org/p/project-zero/issues/detail?id=823&q=; classtype:trojan-activity; sid:2022924; rev:2; metadata:created_at 2016_06_29, cve CVE_2016_2209, confidence Low, signature_severity Major, updated_at 2019_07_26;)

References

urlbugs.chromium.org/p/project-zero/issues/detail?id=823&q=

Metadata

created at2016_06_29
confidenceLow
signature severityMajor
updated at2019_07_26

Comments (0)

Please sign in to leave a comment.
Sign in

No comments yet. Be the first to comment!