HTTP/2 200
date: Tue, 07 Oct 2025 05:56:56 GMT
content-type: text/html; charset=utf-8
content-encoding: gzip
cache-control: max-age=0, private, must-revalidate
nel: {"report_to":"heroku-nel","response_headers":["Via"],"max_age":3600,"success_fraction":0.01,"failure_fraction":0.1}
referrer-policy: strict-origin-when-cross-origin
report-to: {"group":"heroku-nel","endpoints":[{"url":"https://nel.heroku.com/reports?s=ByjmJ6V60Cg3x8fKEFFjNKWNTBwfyBwvzW2CZZ%2FMN5o%3D\u0026sid=1b10b0ff-8a76-4548-befa-353fc6c6c045\u0026ts=1759816616"}],"max_age":3600}
reporting-endpoints: heroku-nel="https://nel.heroku.com/reports?s=ByjmJ6V60Cg3x8fKEFFjNKWNTBwfyBwvzW2CZZ%2FMN5o%3D&sid=1b10b0ff-8a76-4548-befa-353fc6c6c045&ts=1759816616"
set-cookie: _snort-org_session=cXdubmJTcmU3d1ZBN1RHR0JEdkRDQVJFbWgrYWVPeFc5b3k2QnFyZ3E5OExwc2ZlRFJZMW82d3FPVmtKNEVId2hKRW9uOHZEYktISSs5a29jekNtRkh3d2toNEZ4a2VvbFRGMDBhK2RvUFNJNkF1MHNEYzRQNjBja1Z1NitTeG45cHd0KzRuenFYWWREWjQwbjlZMmJuUWpvUHV4ZHhrTHdJQ3pjN0xxV1A4MFZ1ZW8zVVFtRTJMaklxcE9xZzNJWUV1MzdvaTdHWWdjcndoK2s1S0o1RDNSZzA4RThJOFRXQTNhVERRRG1jdz0tLXpYdlJqRXAzOUhYZm5WU29sRmlTVnc9PQ%3D%3D--ffb4507b6ab89034e998ba64862ef8fb322fe52a; path=/; secure; httponly
set-cookie: __cf_bm=N0yObDe_PZ7c4bRLxP4.REH5bwZulJm_m6NrN8qOm00-1759816616-1.0.1.1-zzYD6N9ofP1E3zvw5A5LT_U.whSL2.nhHeiuYvrj2vzoYdD8TY2QqXAMz.5p860g1DYO3V73dXeA3LCeTmmpZmTkbMeCiLVtX640_8K7ies; path=/; expires=Tue, 07-Oct-25 06:26:56 GMT; domain=.snort.org; HttpOnly; Secure; SameSite=None
strict-transport-security: max-age=15552000
vary: Accept
via: 2.0 heroku-router
x-content-type-options: nosniff
x-download-options: noopen
x-frame-options: SAMEORIGIN
x-permitted-cross-domain-policies: none
x-request-id: 97b02404-e101-6921-df45-644b6bdbcc0b
x-runtime: 0.110943
x-xss-protection: 1; mode=block
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 98ab28770e6aa8b0-BLR
alt-svc: h3=":443"; ma=86400
Snort - Rule Docs 1:64453
Rule Category
OS-WINDOWS -- Snort has detected traffic targeting vulnerabilities in a Windows-based operating system. This does not include browser traffic or other software on the OS, but attacks against the OS itself. (such as?)
Alert Message
OS-WINDOWS Microsoft Windows MapUrlToZone security feature bypass attempt
Rule Explanation
This rule looks for a reference to an external resource known to bypass the MapUrlToZone security feature.
What To Look For
This rule fires on attempts to download a file containing a reference known to bypass the MapUrlToZone security feature.
Known Usage
No public information
False Positives
No known false positives
Contributors
Cisco Talos Intelligence Group
Rule Groups
No rule groups
Additional Links
Rule Vulnerability
N/A
Not Applicable
CVE Additional Information
This product uses data from the NVD API but is not endorsed or certified by the NVD.
CVE-2025-21269
Loading description
Severity Base Score
Impact Score Exploit Score
Confidentiality Impact Integrity Impact
Availability Impact
Authentication Ease of Access
