-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
Sourcefire VRT Certified Snort Rules Update
Synopsis:
The Sourcefire VRT is aware of vulnerabilities affecting Microsoft Windows
Media Player and Adobe Flash Player. This release also contains rules to
address CVE entries CVE-2008-0236, CVE-2008-0237,
CVE-2007-3847 and CVE-2008-0248.
Details:
Microsoft Windows Media Player Buffer Overflow (CVE-2007-6401):
A buffer overflow condition in Microsoft Windows Media Player may be used by an
attacker to execute code of their choosing on an affected system via a
malicious .mp4 file.
Rules to detect attacks targeting this vulnerability are included in this
release and are identified as SIDs 13316 through 13320.
Adobe Flash Player Input Validation Error (CVE-2007-6242):
Adobe Flash Player does not correctly validate user input when processing flash
animation files. A remote attacker may use these vulnerabilities to execute
code on an affected system.
Rules to detect attacks targeting this vulnerability are included in this
release and are identified as SIDs 13300 and 13301.
Multiple other rule additions have been made to address vulnerabilities
described in CVE entries CVE-2008-0236, CVE-2008-0237, CVE-2007-3847 and
CVE-2008-0248.
For a complete list of new and modified rules please see:
http://www.snort.org/vrt/docs/ruleset_changelogs/changes-2008-01-23.html
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.5 (Cygwin)
iD8DBQFHl60ZoFlcG+k7cPwRAmxdAKCgivzeoKIlZfgSi3ajXo5AcFAQ6QCgs+N8
WBtBmY1dCPGF5csHv0TEpKQ=
=MUdX
-----END PGP SIGNATURE-----
-------------------------------------------------------------------------
This SF.net email is sponsored by: Microsoft
Defy all challenges. Microsoft(R) Visual Studio 2008.
http://clk.atdmt.com/MRT/go/vse0120000070mrt/direct/01/
_______________________________________________
Snort-sigs mailing list
Snort-sigs@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/snort-sigs
