Sourcefire VRT Certified Snort Rules Update
Synopsis:
The Sourcefire VRT is aware of vulnerabilities affecting Firebird SQL database
server and Microsoft Internet Explorer.
Details:
Firebird SQL Remote Buffer Overflow (CVE-2007-3181):
Firebird SQL suffers from a programming error that may allow remote attackers
to overflow a fixed length buffer and execute code on a vulnerable system.
A rule to detect attacks targeting this vulnerability is included in this
release and is identified as SID 12009.
Microsoft Internet Explorer CSS Code Execution (CVE-2007-1750):
Microsoft Internet Explorer suffers from poor programming that may allow remote
attackers to execute code by using a specially crafted Cascading Style Sheets
(CSS) tag.
A rule to detect attacks targeting this vulnerability is included in this
release and is identified as SID 11967.
Microsoft Internet Explorer URL Spoofing (CVE-2007-1499):
Microsoft Internet Explorer is vulnerable to phishing attacks when a URL is
passed as an argument via a res: URI.
A rule to detect attacks targeting this vulnerability is included in this
release and is identified as SID 12014.
For a complete list of new and modified rules please see:
http://www.snort.org/vrt/docs/ruleset_changelogs/changes-2007-06-26.html
snort-sigs.asc
Description: Text document
-------------------------------------------------------------------------
This SF.net email is sponsored by DB2 Express
Download DB2 Express C - the FREE version of DB2 express and take
control of your XML. No limits. Just data. Click to get it now.
http://sourceforge.net/powerbar/db2/
_______________________________________________
Snort-sigs mailing list
Snort-sigs@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/snort-sigs
