A small set of new rules in today's release and a couple of modifications. Here are the highlights:
Adobe Flash Player Buffer Overflow (CVE-2009-0520):
Adobe Flash Player contains a programming error that may allow a remote attacker to execute code on a vulnerable system via a specially crafted flash file.
A rule to detect attacks targeting this vulnerability is included in this release and is identified with GID 1, SID 15478.
Oracle BEA WebLogic Buffer Overflow (CVE-2008-5457):
Oracle BEA WebLogic contains a programming error that may allow a remote attacker to execute code on a vulnerable system.
A rule to detect attacks targeting this vulnerability is included in this release and is identified with GID 1, SID 15477.
A previously released rule identified with GID 1, SID 15263 will also detect attacks targeting this vulnerability.
RealNetworks Helix Server Buffer Overflow (CVE-2008-5911):
RealNetworks Helix Server contains a programming error that may allow a remote attacker to execute code on a vulnerable system. The error occurs when the application fails to properly process RTSP header information.
A rule to detect attacks targeting this vulnerability is included in this release and is identified with GID 1, SID 15479.
The advisory is available here.
Subscribe to:
Post Comments (Atom)
Posts
Subscribe via Email
No comments:
Post a Comment
Note: Only a member of this blog may post a comment.