2024-02-05 06:12:47 -08:00
|
|
|
|
|
|
|
rule Exploit_WinNT_CVE-2012-0507_AY{
|
|
|
|
meta:
|
2024-07-06 23:13:08 -07:00
|
|
|
description = "Exploit:WinNT/CVE-2012-0507.AY,SIGNATURE_TYPE_JAVAHSTR_EXT,01 00 01 00 01 00 00 "
|
2024-02-05 06:12:47 -08:00
|
|
|
|
|
|
|
strings :
|
2024-07-06 23:13:08 -07:00
|
|
|
$a_00_0 = {51 45 0d 7b 17 40 44 14 3c 15 1a 6a 0d 3a 1b 5d 48 2b 30 10 51 59 1c 3b 15 51 6a 0b 27 17 4d } //1
|
2024-02-05 06:12:47 -08:00
|
|
|
condition:
|
2024-07-06 23:13:08 -07:00
|
|
|
((#a_00_0 & 1)*1) >=1
|
2024-02-05 06:12:47 -08:00
|
|
|
|
|
|
|
}
|