*** EX RELS 03334 Release *** Total number of signatures: 6002 Description ================================================================== In this signature, we addressed the exploits/vulnerabilities and applications as below: Added 18 rule(s): --------------- 1133795 WEB-CLIENT Mozilla Firefox createImageBitmap Integer Overflow -3 (CVE-2017-5428) 1133799 WEB-CLIENT Mozilla Firefox SVG Animation Use After Free (CVE-2016-9079) 1133801 WEB-CLIENT Microsoft Internet Explorer JoinToString Type Confusion -1 (CVE-2017-0130) 1133803 WEB-CLIENT Microsoft Internet Explorer JoinToString Type Confusion -2 (CVE-2017-0130) 1133805 LDAP OpenLDAP ldapsearch pagesize Double Free Denial of Service (CVE-2017-9287) 1133806 SMB Microsoft Windows SMB Server SMBv1 CVE-2017-0143 Memory Corruption (CVE-2017-0143) 1133807 FILE Vim modelines Remote Command Execution -3 (CVE-2016-1248) 1133808 FILE VideoLan VLC Media Player ParseJSS Heap Buffer Overflow (CVE-2017-8311) 1133815 FILE Microsoft Office EPS CVE-2017-0262 Type Confusion (CVE-2017-0262) 1133816 EXPLOIT Zabbix Server Active Proxy Trapper Command Injection (CVE-2017-2824) 1133817 WEB Red Hat JBoss BPM Suite BRMS Tasks List Cross-Site Scripting (CVE-2017-2674) 1133818 SMB Microsoft Windows SMB Server SMBv1 Out of Bounds Read (CVE-2017-0267) 1133819 WEB Mantis Bug Tracker verify.php confirm_hash Remote Password Reset -1 (CVE-2017-7615) 1133820 WEB Mantis Bug Tracker verify.php confirm_hash Remote Password Reset -2 (CVE-2017-7615) 1133821 SMB Microsoft Windows SMB Server SMBv1 Information Disclosure (CVE-2017-0271) 1133822 WEB IBM Informix Dynamic Server index.php testconn Heap Buffer Overflow (CVE-2017-1092) 1133823 FILE Adobe Acrobat and Reader JPEG2000 Parsing Heap-based Buffer Overflow (CVE-2017-3055) 1160502 IM Netcall access via UDP -1 Modified 1 rule(s): --------------- 1064775 SOCIAL WeHeartIt login via SSL -1 Deleted 45 rule(s): --------------- 1053319 FILE Rayfile transfer-upload via TCP -1 (old rule) 1053320 FILE Rayfile transfer-download via TCP -1 (old rule) 1053475 MEDIA KKBox login via TCP -1 (old rule) 1053883 FILE Rayfile login via TCP -1 (old rule) 1060249 FILE Mozy login via SSL -1 (old rule) 1061016 FILE IBackup login via SSL -1 (old rule) 1063299 TUNNEL Tor access via SSL -1 (old rule) 1063911 FILE Mozy access via TCP -1 (old rule) 1064007 VOIP Goober login via TCP -1 (old rule) 1064103 VOIP iCall login via SSL -1 (old rule) 1064414 TUNNEL Tor access via SSL -2 (old rule) 1064811 FILE IBackup login via TCP -2 (old rule) 1065319 FILE Copy.com access via SSL -1 (old rule) 1065519 VOIP Goober login via TCP -2 (old rule) 1065709 MEDIA KKBox login via TCP -2 (old rule) 1065829 MEDIA KKBox login via SSL -1 (old rule) 1065956 FILE Rayfile access via TCP -1 (old rule) 1066186 MEDIA KKBox media via TCP -1 (old rule) 1066187 MEDIA KKBox media via TCP -2 (old rule) 1066188 MEDIA KKBox access via TCP -1 (old rule) 1066189 MEDIA KKBox access via TCP -2 (old rule) 1066233 MEDIA KKBox media via TCP -3 (old rule) 1066315 MEDIA KKBox access via SSL -1 (old rule) 1067120 FILE Rayfile transfer-upload via TCP -2 (old rule) 1067135 FILE Mozy access via SSL -1 (old rule) 1067136 FILE Mozy access via SSL -2 (old rule) 1067442 MEDIA KKBox login via SSL -2 (old rule) 1068078 TUNNEL Tor access via SSL -3 (old rule) 1069837 TUNNEL Tor meek access via SSL -1 (f3) (old rule) 1069838 TUNNEL Tor meek access via SSL -2 (f3) (old rule) 1069839 TUNNEL Tor meek access via SSL -3 (f3) (old rule) 1069840 TUNNEL Tor meek access via SSL -4 (f3) (old rule) 1069842 TUNNEL Tor meek access via SSL -6 (f3) (old rule) 1069843 TUNNEL Tor meek access via SSL -7 (f2) (old rule) 1069844 TUNNEL Tor meek access via SSL -8 (f2) (old rule) 1069845 TUNNEL Tor meek access via SSL -9 (f2) (old rule) 1069846 TUNNEL Tor meek access via SSL -10 (f2) (old rule) 1069847 TUNNEL Tor meek access via SSL -11 (f2) (old rule) 1069848 TUNNEL Tor meek access via SSL -12 (f1) (old rule) 1069849 TUNNEL Tor meek access via SSL -13 (f1) (old rule) 1069850 TUNNEL Tor meek access via SSL -14 (f1) (old rule) 1069851 TUNNEL Tor fte access via TCP -1 (old rule) 1069916 TUNNEL Tor meek access via SSL -15 (f1) (old rule) 1069917 TUNNEL Tor meek access via SSL -16 (f2) (old rule) 1080006 SG - TUNNEL Tor connect via TCP (old rule)