""ET WEB_CLIENT Microsoft Application Crash Report Indicates Potential VGX Memory Corruption 2""
SID: 2018436
Revision: 1
Class Type: attempted-user
Metadata: affected_product Web_Browsers, affected_product Web_Browser_Plugins, attack_target Client_Endpoint, created_at 2014_04_30, cve CVE_2014_1776, deployment Perimeter, confidence Medium, signature_severity Major, tag Web_Client_Attacks, updated_at 2014_04_30
Reference:
-
cve
-
2014-1776
Protocol: tcp
Source Network: $HOME_NET
Source Port: any
Destination Network: $EXTERNAL_NET
Destination Port: $HTTP_PORTS
Flow: established,to_server
Contents:
-
Value: "/StageOne/iexplore_exe/"
-
Value: "/vgx_dll/"
-
Value: "Host|3A| watson.microsoft.com"
Within:
PCRE:
Special Options:
-
http_uri
-
http_uri
-
fast_pattern
-
http_header