This attack could pose a serious security threat. You should take immediate action to stop any damage or prevent further damage from happening.
This signature detects an attempt to exploit a remote code execution vulnerability in Quest Intrust.
Quest InTrust is an event log management software for security and compliance.
Quest InTrust is prone to a remote code-execution vulnerability due to an error in handling an uninitialized pointer. Specifically, the issue affects the 'AnnotateX.dll' component.
An attacker can exploit this issue by invoking 'Add()' method.
- Quest InTrust 10.4.X and earlier is vulnerable