[Bleeding] / sigs / EXPLOIT / EXPLOIT_IE_Vulnerabilities
Project Root:

Bleeding: sigs/EXPLOIT/EXPLOIT_IE_Vulnerabilities

Default branch: MAIN
Bookmark a link to HEAD: (view) (download)
Revision 1.44 - (view) (download) (annotate) - [select for diffs]
Fri May 4 20:45:48 2007 UTC (14 months ago) by fknobbe
Branch: MAIN
CVS Tags: HEAD
Changes since 1.43: +4 -4 lines
Diff to previous 1.43 
SIDs 2002682 2002860 2002909 2003109: Changed or added EXPLOIT label.
Revision 1.43 - (view) (download) (annotate) - [select for diffs]
Tue Apr 10 14:15:44 2007 UTC (14 months, 3 weeks ago) by jonkman
Branch: MAIN
Changes since 1.42: +3 -0 lines
Diff to previous 1.42 
Moved from current events
Revision 1.42 - (view) (download) (annotate) - [select for diffs]
Mon Feb 5 17:35:45 2007 UTC (16 months, 3 weeks ago) by jonkman
Branch: MAIN
Changes since 1.41: +13 -11 lines
Diff to previous 1.41 
2003102 2003103 2003105 2003110 2003231 2003232 2003233 2003234: Major updates by Christian Siefert
Revision 1.41 - (view) (download) (annotate) - [select for diffs]
Fri Feb 2 13:21:31 2007 UTC (17 months ago) by jonkman
Branch: MAIN
Changes since 1.40: +3 -2 lines
Diff to previous 1.40 
Updates from Christian Siefert
Revision 1.40 - (view) (download) (annotate) - [select for diffs]
Sun Jan 28 00:26:33 2007 UTC (17 months ago) by jonkman
Branch: MAIN
Changes since 1.39: +2 -3 lines
Diff to previous 1.39 
Cleanup
Revision 1.39 - (view) (download) (annotate) - [select for diffs]
Wed Jan 17 21:14:45 2007 UTC (17 months, 2 weeks ago) by jonkman
Branch: MAIN
Changes since 1.38: +1 -1 lines
Diff to previous 1.38 
Removed a '
Revision 1.38 - (view) (download) (annotate) - [select for diffs]
Wed Jan 10 18:46:35 2007 UTC (17 months, 3 weeks ago) by jonkman
Branch: MAIN
Changes since 1.37: +2 -2 lines
Diff to previous 1.37 
Generalizing to avoid space evasion, and adding references to the most recent vml exploit. Thanks to christian Siefert
Revision 1.37 - (view) (download) (annotate) - [select for diffs]
Fri Dec 29 15:39:49 2006 UTC (18 months ago) by jonkman
Branch: MAIN
Changes since 1.36: +6 -6 lines
Diff to previous 1.36 
Commenting out by default a few. Prone to falses
Revision 1.36 - (view) (download) (annotate) - [select for diffs]
Wed Dec 27 20:15:41 2006 UTC (18 months ago) by jonkman
Branch: MAIN
Changes since 1.35: +1 -1 lines
Diff to previous 1.35 
One more
Revision 1.35 - (view) (download) (annotate) - [select for diffs]
Wed Dec 27 20:15:23 2006 UTC (18 months ago) by jonkman
Branch: MAIN
Changes since 1.34: +1 -0 lines
Diff to previous 1.34 
Added one more
Revision 1.34 - (view) (download) (annotate) - [select for diffs]
Wed Dec 27 20:02:00 2006 UTC (18 months ago) by jonkman
Branch: MAIN
Changes since 1.33: +18 -0 lines
Diff to previous 1.33 
Lots of new ones from Christian Siefert
Revision 1.33 - (view) (download) (annotate) - [select for diffs]
Thu Dec 14 16:48:20 2006 UTC (18 months, 2 weeks ago) by jonkman
Branch: MAIN
Changes since 1.32: +1 -1 lines
Diff to previous 1.32 
Been patched, thanks Shirk
Revision 1.32 - (view) (download) (annotate) - [select for diffs]
Sat Dec 9 14:41:07 2006 UTC (18 months, 3 weeks ago) by mjonkman
Branch: MAIN
Changes since 1.31: +9 -9 lines
Diff to previous 1.31 
CVE updates from Christian Siefert!
Revision 1.31 - (view) (download) (annotate) - [select for diffs]
Wed Nov 1 22:26:14 2006 UTC (20 months ago) by fknobbe
Branch: MAIN
Changes since 1.30: +3 -0 lines
Diff to previous 1.30 
Added 2003164 2003165 2003166: Missed a couple CSLIDS.
Revision 1.30 - (view) (download) (annotate) - [select for diffs]
Wed Nov 1 22:22:29 2006 UTC (20 months ago) by fknobbe
Branch: MAIN
Changes since 1.29: +8 -0 lines
Diff to previous 1.29 
Added SIDs 2003158 2003159 2003160 2003161 2003162 2003163: Various vulnerable CSLIDS, especially WMIScriptUtils.WMIObjectBroker which is currently making the rounds. Not tested, but hey, this is BleedingEdge!
Revision 1.29 - (view) (download) (annotate) - [select for diffs]
Thu Sep 28 00:27:05 2006 UTC (21 months ago) by bhartstein
Branch: MAIN
Changes since 1.28: +1 -1 lines
Diff to previous 1.28 
sid 2003109 tweaks Thanks to Nathan
Revision 1.28 - (view) (download) (annotate) - [select for diffs]
Wed Sep 27 18:11:31 2006 UTC (21 months ago) by jonkman
Branch: MAIN
Changes since 1.27: +1 -1 lines
Diff to previous 1.27 
: Adjusted credit
Revision 1.27 - (view) (download) (annotate) - [select for diffs]
Wed Sep 27 18:02:46 2006 UTC (21 months ago) by jonkman
Branch: MAIN
Changes since 1.26: +4 -1 lines
Diff to previous 1.26 
2003109 2003110: New from cbyrd01
Revision 1.26 - (view) (download) (annotate) - [select for diffs]
Wed Sep 27 17:40:59 2006 UTC (21 months ago) by jonkman
Branch: MAIN
Changes since 1.25: +1 -1 lines
Diff to previous 1.25 
2003109: Nate updated his VML Sig
Revision 1.25 - (view) (download) (annotate) - [select for diffs]
Mon Sep 25 08:50:16 2006 UTC (21 months, 1 week ago) by fknobbe
Branch: MAIN
Changes since 1.24: +3 -0 lines
Diff to previous 1.24 
SID 2003109: Another IE VML sig, from Nate Bolam.
Revision 1.24 - (view) (download) (annotate) - [select for diffs]
Wed Sep 20 07:46:34 2006 UTC (21 months, 1 week ago) by fknobbe
Branch: MAIN
Changes since 1.23: +9 -0 lines
Diff to previous 1.23 
Added new signatures 2003102 2003103 2003104 2003105 2003106 for IE exploits.
Revision 1.23 - (view) (download) (annotate) - [select for diffs]
Tue Jul 11 20:53:58 2006 UTC (23 months, 3 weeks ago) by bhartstein
Branch: MAIN
Changes since 1.22: +3 -2 lines
Diff to previous 1.22 
sid:2003023 changed classtype, 2003024 off by default
Revision 1.22 - (view) (download) (annotate) - [select for diffs]
Thu Jul 6 15:51:34 2006 UTC (23 months, 4 weeks ago) by jonkman
Branch: MAIN
Changes since 1.21: +2 -2 lines
Diff to previous 1.21 
2003023 2003024: typo fix
Revision 1.21 - (view) (download) (annotate) - [select for diffs]
Thu Jul 6 15:50:37 2006 UTC (23 months, 4 weeks ago) by jonkman
Branch: MAIN
Changes since 1.20: +4 -0 lines
Diff to previous 1.20 
2003023 2003024: Nre IE bugs, sigs by Andre Ludwig
Revision 1.20 - (view) (download) (annotate) - [select for diffs]
Wed Jul 5 13:53:58 2006 UTC (23 months, 4 weeks ago) by jonkman
Branch: MAIN
Changes since 1.19: +3 -0 lines
Diff to previous 1.19 
2002682: moving from current
Revision 1.19 - (view) (download) (annotate) - [select for diffs]
Wed May 10 22:58:59 2006 UTC (2 years, 1 month ago) by bhartstein
Branch: MAIN
Changes since 1.18: +4 -1 lines
Diff to previous 1.18 
sid: 2001095 added anchor to reduce fps, sid:2002909 new rule for Cryptomathic ActiveX
Revision 1.18 - (view) (download) (annotate) - [select for diffs]
Fri Mar 24 20:03:26 2006 UTC (2 years, 3 months ago) by bhartstein
Branch: MAIN
Changes since 1.17: +2 -1 lines
Diff to previous 1.17 
createTextRange tweaks for false positives
Revision 1.17 - (view) (download) (annotate) - [select for diffs]
Fri Mar 24 17:01:11 2006 UTC (2 years, 3 months ago) by bhartstein
Branch: MAIN
Changes since 1.16: +2 -0 lines
Diff to previous 1.16 
added sid:2002860 for createTextRange() ie rule
Revision 1.16 - (view) (download) (annotate) - [select for diffs]
Sat Feb 4 16:08:54 2006 UTC (2 years, 4 months ago) by fknobbe
Branch: MAIN
Changes since 1.15: +8 -8 lines
Diff to previous 1.15 
SIDs 2001093 2001094 2001095 2001097 2001105 2001106 2001181 2001813: Removed space behind reference to avoid duplicate reference_system entries.
Revision 1.15 - (view) (download) (annotate) - [select for diffs]
Fri Jul 29 16:15:45 2005 UTC (2 years, 11 months ago) by fknobbe
Branch: MAIN
Changes since 1.14: +3 -3 lines
Diff to previous 1.14 
SIDs: 2001090, 2001091, 2001092, 2001101, 2001102, 2001103: Added content match back in since pure NOT-content matches are not allowed. However, content:'='; has been moved behind the pcre in hopes to retain good performance by avoiding unnecessary recursion on the single =.
Revision 1.14 - (view) (download) (annotate) - [select for diffs]
Thu Jul 28 22:23:28 2005 UTC (2 years, 11 months ago) by fknobbe
Branch: MAIN
Changes since 1.13: +3 -3 lines
Diff to previous 1.13 
SIDs 2001090, 2001091, 2001092, 2001101, 2001102, 2001103: Reordered options -- moved not-content match to end of rule
Revision 1.13 - (view) (download) (annotate) - [select for diffs]
Fri Jun 24 03:51:54 2005 UTC (3 years ago) by fknobbe
Branch: MAIN
Changes since 1.12: +15 -15 lines
Diff to previous 1.12 
Added reference which got dropped during the optimization.
Revision 1.12 - (view) (download) (annotate) - [select for diffs]
Fri Jun 24 02:09:29 2005 UTC (3 years ago) by fknobbe
Branch: MAIN
Changes since 1.11: +15 -16 lines
Diff to previous 1.11 
Implemented Joel Ebrahimi's rule optimizations (re-ordering of options for performance)
Revision 1.11 - (view) (download) (annotate) - [select for diffs]
Thu Apr 14 02:35:22 2005 UTC (3 years, 2 months ago) by jonkman
Branch: MAIN
Changes since 1.10: +15 -15 lines
Diff to previous 1.10 
Standardizing names only. No sig changes
Revision 1.10 - (view) (download) (annotate) - [select for diffs]
Thu Mar 31 06:18:08 2005 UTC (3 years, 3 months ago) by fknobbe
Branch: MAIN
Changes since 1.9: +1 -1 lines
Diff to previous 1.9 
Reverted Phishing rule from HTTP_PORTS to match on ANY port.
Revision 1.9 - (view) (download) (annotate) - [select for diffs]
Thu Mar 31 06:04:25 2005 UTC (3 years, 3 months ago) by fknobbe
Branch: MAIN
Changes since 1.8: +1 -1 lines
Diff to previous 1.8 
As I said, I can't spell tonight. Changed to proper Bleeding-Edge label
Revision 1.8 - (view) (download) (annotate) - [select for diffs]
Thu Mar 31 05:59:11 2005 UTC (3 years, 3 months ago) by fknobbe
Branch: MAIN
Changes since 1.7: +1 -1 lines
Diff to previous 1.7 
Oops... cant speel tonight ;)
Revision 1.7 - (view) (download) (annotate) - [select for diffs]
Thu Mar 31 05:57:54 2005 UTC (3 years, 3 months ago) by fknobbe
Branch: MAIN
Changes since 1.6: +5 -0 lines
Diff to previous 1.6 
Added submitted 'Hidden Address Bar' rule by Chris Keladis
Revision 1.6 - (view) (download) (annotate) - [select for diffs]
Thu Mar 17 22:14:49 2005 UTC (3 years, 3 months ago) by fknobbe
Branch: MAIN
Changes since 1.5: +1 -1 lines
Diff to previous 1.5 
Fixed typo
Revision 1.5 - (view) (download) (annotate) - [select for diffs]
Thu Mar 17 20:30:34 2005 UTC (3 years, 3 months ago) by fknobbe
Branch: MAIN
Changes since 1.4: +4 -4 lines
Diff to previous 1.4 
Added 'content' in order to speed up rules with pure 'pcre' matches.
Revision 1.4 - (view) (download) (annotate) - [select for diffs]
Tue Feb 1 13:00:33 2005 UTC (3 years, 5 months ago) by mwarren
Branch: MAIN
Changes since 1.3: +1 -1 lines
Diff to previous 1.3 
Added classtype.
Revision 1.3 - (view) (download) (annotate) - [select for diffs]
Tue Jan 18 18:05:50 2005 UTC (3 years, 5 months ago) by jonkman
Branch: MAIN
Changes since 1.2: +1 -1 lines
Diff to previous 1.2 
Dropped nocase since content is gone
Revision 1.2 - (view) (download) (annotate) - [select for diffs]
Tue Jan 18 18:04:51 2005 UTC (3 years, 5 months ago) by jonkman
Branch: MAIN
Changes since 1.1: +1 -1 lines
Diff to previous 1.1 
Simplifying the iframe sig
Revision 1.1 - (view) (download) (annotate) - [select for diffs]
Wed Dec 29 21:04:02 2004 UTC (3 years, 6 months ago) by jonkman
Branch: MAIN 
Moved from root. No rule changes
This form allows you to request diffs between any two revisions of a file. You may select a symbolic revision name using the selection box or you may type in a numeric name using the type-in text box.

  Diffs between and
  Type of Diff should be a
View only Branch:
Sort log by:
CVS Admin

Powered by ViewCVS 1.0-dev 		(Powered by ViewCVS)

ViewCVS and CVS Help