AlienVault R&D Labs Portal. Get the latest news from our research.
Header

Infocon raised to yellow for Excel Activex vulnerability

July 14th, 2009 | Posted by jaime.blasco in Alienvault OSSIM | Attacks | Exploits | Vulnerability Management - (Comments Off)

Microsoft has released an advisory related to Office Web Components Activex. The ISC has raised the Infocon to yellow due to the active exploitation of the vulnerability
from several .cn domains.

Alienvault’s feed customers are protected and covered with these directives:

  • 45050: AV Possible Malicious Server exploiting Excel ActiveX Client against DST_IP (CVE-2009-1136)
  • 45051: AV Possible Excel ActiveX Client side attack detected against SRC_IP (CVE-2009-1136)
  • 45052: AV Possible Excel ActiveX Client Side Attack against DST_IP from a compromised host (CVE-2009-1136)

    • http://isc.sans.org/diary.html?storyid=6778

    http://www.microsoft.com/technet/security/advisory/973472.mspx

    jaime.blasco

    At AlienVault Jaime manages the Lab and runs the Vulnerability Research Team. Prior to working in the AlienVault lab he founded a couple of startups (Eazel, Aitsec) working on web application security, source code analysis and incident response. His background stems from a number of years working in vulnerability management, malware analysis and security researching.

    More Posts - Website

    Follow Me:
    TwitterLinkedIn

    , , , , ,

    Plugin GPG signature verification script

    August 6th, 2008 | Posted by DK in Feed - (Comments Off)



    Just had to write a quick script in order to regularly check the repository, wanted to share it.

    for i in *.asc; do gpg –verify $i 2>/dev/null; if [ $? == 1 ]; then echo; echo “Bad Sig: $i”; read; else echo -n “.”; fi; done

    DK

    Mr Wolf Wannabe.

    More Posts - Website

    , , ,