SonicALERT
Search

Sonicwall Signatures

 

  All Categories


Category: BAD-FILES

BAD-FILES Category Description

This SonicWALL IPS signature category consists of a group of signatures that can detect and prevent files which exploit client-application vulnerabilities

  Malformed Word Document C
  Microsoft Excel String Copy Buffer Overflow (MS09-021)
  Adobe Acrobat/Reader Deflate Parameter Integer Overflow
  RARLAB WinRAR ZIP Out-Of-Bounds Read
  IBM Lotus Notes LZH Handling Integer Underflow
  Adobe Acrobat/Reader getIcon Method Buffer Overflow
  Malformed SMIL File 1
  Malformed ZIP File 2
  Malformed ZIP File 3
  Malformed ZIP File 4
  Malformed ZIP File 5
  Malformed ZIP File 6
  RARLAB WinRAR File Extension Spoofing 1
  RARLAB WinRAR File Extension Spoofing 2
  RARLAB WinRAR Recovery Volume Out-Of-Bounds Write 2
  RARLAB WinRAR Recovery Volume Out-Of-Bounds Write 3
  Microsoft Word RTF Handling Buffer Overflow (MS10-087)
  ESTsoft ALZip MIM Handling Buffer Overflow 1
  ESTsoft ALZip MIM Handling Buffer Overflow 2
  RealNetworks RealPlayer QCP Handling Buffer Overflow
  Nullsoft Winamp MIDI Handling Buffer Overflow
  Malformed PDF File 1
  Autodesk FBX Review Directory Traversal
  ImageMagick ReadGIFImage Function DoS
  Suspicious Executable File Download 8
  RARLAB UnRAR Directory Traversal
  ClamAV UPX Handling Heap Buffer Overflow
  RealNetworks RealPlayer SMIL Handling Buffer Overflow
  Malicious Java Class File 1 -c2
  zlib inflateGetHeader Heap Buffer Overflow 1
  zlib inflateGetHeader Heap Buffer Overflow 2
  Malformed PLS File 1
  Windows DirectShow JPEG Handling Memory Corruption 1
  Windows DirectShow JPEG Handling Memory Corruption 2
  libmagic PE Handling DoS
  Autodesk AutoCAD FAS File Remote Code Execution 1
  Malformed ZIP File 1
  Autodesk AutoCAD FAS File Remote Code Execution 2
  LibYAML yaml_parser_scan_uri_escapes Heap Buffer Overflow
  Adobe Reader Mobile JavaScript Interface Java Code Execution 1
  Adobe Reader Mobile JavaScript Interface Java Code Execution 2
  XMPlay ASX Handling Buffer Overflow
  RARLAB WinRAR File Extension Spoofing 3
  Windows Themes Remote Code Execution (CVE-2023-38146) 1
  Windows Themes Remote Code Execution (CVE-2023-38146) 2
  ERDAS ER Viewer Buffer Overflow
  RARLAB WinRAR Recovery Volume Out-Of-Bounds Write 1
  Suspicious Executable File Download 2
  PeaZip ZIP Handling Command Injection
  Suspicious Executable File Download 1
  Suspicious Video File 2
  Apple QuickTime dref Buffer Overflow
  libav LZO Handling Integer Overflow
  XnView PSP Handling Buffer Overflow
  SafeNet SoftRemote GROUPNAME Buffer Overflow
  Node.js JS-YAML Remote Code Execution
  Suspicious Video File 1
  Malicious Java Class File 3
  Malicious Java Class File 1
  Oracle Fusion Middleware Outside In Buffer Overflow
  Windows DirectShow SAMI Handling Buffer Overflow
  GIMP XWD Handling Buffer Overflow 3
  Malformed Excel Document C
  Malformed PowerPoint Document C
  Adobe Acrobat/Reader BMP Handling Integer Overflow 3
  RealNetworks RealPlayer RMP Handling Heap Buffer Overflow
  Adobe Acrobat/Reader Filename Buffer Overflow
  IBM Forms Viewer XFDL Handling Buffer Overflow
  Beetel Connection Manager Buffer Overflow
  Malformed PDF File 2
  Apple QuickTime SMIL URI Buffer Overflow
  Microsoft Office Remote Code Execution (MS14-069) 1
  Microsoft Office Remote Code Execution (MS14-069) 2
  Malicious Java Class File 2
  VideoLAN VLC Media Player AMV Handling Buffer Overflow
  AOL Desktop RTX Handling Buffer Overflow
  VeryTools Video Spirit Pro Buffer Overlow
  SPlayer Content-Type Header Buffer Overflow
  Adobe Acrobat/Reader Cross Document Script Execution
  Adobe Flash Player Arguments Indexing Memory Corruption 2
  Suspicious Video File (Flash) 4
  Suspicious Audio File 1
  Suspicious Executable File Download 3
  Suspicious Video File 3
  VisiWave VWR Handling Buffer Overflow
  RealNetworks RealPlayer MPG Width Integer Underflow
  Malformed M3U File 1
  Suspicious Executable File Download 9
  ImageMagick EXIF Handling Memory Corruption
  libpng png_decompress_chunk Integer Overflow
  libpng png_inflate Heap Buffer Overflow
  CyberLink Power2Go Buffer Overflow
  PAC-Designer PAC Handling Buffer Overflow
  Adobe Flash Player Key-Press Event Memory Corruption 1
  Diamond Programmer XCF Handling Buffer Overflow
  Apple QuickTime TeXML Handling Buffer Overflow 1
  Apple QuickTime TeXML Handling Buffer Overflow 2
  Apple QuickTime TeXML Handling Buffer Overflow 3
  Shadow Stream Recorder ASX Handling Buffer Overflow
  ClamAV Encrypted PDF DoS
  Cain & Abel RDP Handling Buffer Overflow
  Realtek Media Player PLA Handling Buffer Overflow
  ACDSee FotoSlate PLP Handling Buffer Overflow
  Adobe Acrobat/Reader WKT Object Buffer Overflow 1
  Adobe Acrobat/Reader WKT Object Buffer Overflow 2
  Microsoft Office Information Disclosure Vulnerability (JAN 19)
  Malformed PAC File
  Malformed M3U File 2
  Microsoft DirectX Heap Buffer Overflow (MS12-082) 1
  Microsoft DirectX Heap Buffer Overflow (MS12-082) 2
  Microsoft DirectX Heap Buffer Overflow (MS12-082) 3
  RealNetworks RealPlayer RAM Handling Buffer Overflow
  Adobe Flash Player Integer Overflow 3
  Malformed M3U File 3
  Malformed PDF File 3
  ClamAV UPX Handling Integer Underflow
  Eaton HMiSoft VU3 Handling Buffer Overflow
  Total Video Player Settings.ini Buffer Overflow
  Acunetix WVS Buffer Overflow
  Microsoft Office Remote Code Execution (MS14-069) 4
  i-FTP Schedule Buffer Overflow
  unzip Out-of-Bounds Read/Write DoS 1
  unzip Out-of-Bounds Read/Write DoS 2
  Malformed PDF File 4
  HCL Domino GIF Handling Heap Buffer Overflow
  Foxit Reader Heap Buffer Overflow
  HCL Domino BMP Handling Buffer Overflow 1
  Suspicious Executable File Download 6
  Suspicious Executable File Download 4
  SAP 3D Visual Enterprise Viewer Heap Buffer Overflow
  Malformed Excel Document 1
  SAP 3D Visual Enterprise Viewer Buffer Overflow 1
  Microsoft .NET ASLR Bypass 1
  Microsoft .NET ASLR Bypass 2
  HCL Domino BMP Handling Buffer Overflow 2
  Autodesk Design Review GIF Handling Buffer Overflow
  Windows DirectShow Remote Code Execution (MS16-007) 2
  Windows DirectShow Remote Code Execution (MS16-007) 3
  Unitronics VisiLogic VLP Handling Heap Buffer Overflow
  LibreOffice/OpenOffice ODF Handling Integer Underflow
  Windows OLE Memory Remote Code Execution (MS16-030) 1
  Windows OLE Memory Remote Code Execution (MS16-030) 2
  PHP ZipArchive Extension Integer Overflow 1
  ImageMagick Local File Read
  PHP ZipArchive Extension Integer Overflow 2
  ImageMagick Ephemeral Arbitrary File Deletion
  Suspicious Executable File Download 5
  Malformed PDF File 5
  Symantec AntiVirus Decomposer Remote Code Execution 1
  Symantec AntiVirus Decomposer Remote Code Execution 2
  Foxit Reader GoToR Action Buffer Overflow
  Suspicious Video File (Flash) 1
  Suspicious Video File (Flash) 2
  libgd GD2 Handling Integer Overflow
  Suspicious Video File (Flash) 3
  Malformed PDF File 6
  Malformed PDF File 7
  OpenJPEG JPEG2000 Buffer Overflow
  Windows Image File Handling Information Disclosure (MS16-130)
  Vim modelines Remote Command Execution 1
  Vim modelines Remote Command Execution 2
  Microsoft Office Memory Corruption Vulnerability (MS16-148)
  Adobe Digital Editions Information Disclosure 1
  Adobe Digital Editions Information Disclosure 2
  Adobe Reader PCX Memory Corruption
  Microsoft Office Memory Corruption Vulnerability (SEP 17)
  Omron CX-One File Parsing Heap Buffer Overflow
  Microsoft Office Information Disclosure Vulnerability (APR 18)
  Microsoft Office Remote Code Execution (MAY 18) 1
  7-Zip RAR Solid Compression Code Execution
  Microsoft Office Remote Code Execution (MAY 18) 2
  Microsoft Office Remote Code Execution (SEP 17)
  Microsoft Excel Remote Code Execution (AUG 18)
  LNK File Remote Code Execution (JUN 17) 1
  LNK File Remote Code Execution (JUN 17) 2
  Foxit Reader BMP Handling Information Disclosure
  Foxit Reader Annotation Delay Use-After-Free
  Microsoft Office Remote Code Execution (APR 19) 1
  Microsoft Office Remote Code Execution (APR 19) 2
  Microsoft Office Security Feature Bypass (FEB 19)
  Adobe Acrobat/Reader Out-of-Bounds Read
  Adobe Acrobat/Reader Out-of-Bounds Write
  Corel PDF Fusion Privilege Escalation
  Corel PDF Fusion Privilege Escalation 2
  Suspicious Audio File 2
  LNK File Remote Code Execution (CVE-2020-0729)
  Windows Media Foundation Memory Corruption Vulnerability (CVE-2020-16915)
  PHP Archive_Tar Extension Remote Code Execution 1
  PHP Archive_Tar Extension Remote Code Execution 2
  ImageMagick SVG File Command Injection
  Adobe Acrobat/Reader Information Disclosure
  Suspicious Executable File Download 7
  Windows Security Remote Code Execution (CVE-2021-1647)
  Microsoft Visual Studio Remote Code Execution (CVE-2021-27083)
  ExifTool DjVu Handling Command Injection 1
  Microsoft Visual Studio Remote Code Execution (CVE-2021-27068)
  Microsoft Visual Studio Remote Code Execution (CVE-2021-31213)
  ExifTool DjVu Handling Command Injection 2
  Adobe Flash Player Object Confusion Code Execution
  libsndfile PAF Handling Integer Overflow 1
  libsndfile PAF Handling Integer Overflow 2
  Windows CDFS Remote Code Execution (CVE-2022-38044)
  Adobe Acrobat/Reader util.printf Function Buffer Overflow


Relevant Information