*** EX RELS 03349 Release ***
Total number of signatures: 6014

Description
==================================================================
In this signature, we addressed the exploits/vulnerabilities
and applications as below:


Added 8 rule(s):
---------------
1134099	EXPLOIT Arbitrary Code Injection -1.x
1134100	WEB Symantec Messaging Gateway Directory Traversal -1 (CVE-2012-4347)
1134104	FILE Adobe Flash Player BufferControlParameters Memory Corruption (CVE-2017-11292)
1134107	FILE dobe Flash Player APSB17-07 Multiple Use After Free Remote Code Execution (CVE-2017-3001)
1134112	FILE Windows LNK Shortcut File Code Execution (CVE-2017-8464)
1134114	FILE Windows NTFS File System MFT Malformed Path Denial of Service -2
1134115	WEB-CLIENT Google Chrome V8 Crankshaft Type Confusion -1 (CVE-2017-5070)
1134117	SMB Microsoft Windows Search Information Disclosure -1 (CVE-2017-8544)

Modified 13 rule(s):
---------------
1059981	SSL OpenSSL dtls1_process_out_of_seq_message Denial of Service -1 (CVE-2014-3507)
1061275	UDP port 3544 traffic (eg. Teredo)
1063437	MEDIA Sohu TV access via TCP -2.1
1065473	MEDIA Livestream media via TCP -2.1
1066100	MEDIA Sohu TV access via TCP -2.2
1066443	MEDIA Livestream media via TCP -2.2
1068002	MEDIA Netflix media via TCP -14
1133451	WEB Cross-site Scripting -36
1133858	SIP Digium Asterisk SIP CSeq Heap Buffer Overflow (CVE-2017-9372)
1133905	SMB Microsoft Windows Search Type Confusion -1 (CVE-2017-8620)
1133906	SMB Microsoft Windows Search Type Confusion -2.1 (CVE-2017-8620)
1133907	SMB Microsoft Windows Search Type Confusion -2.2 (CVE-2017-8620)
1134033	WEB Supervisor XML-RPC Authenticated Remote Code Execution -1 (CVE-2017-11610)

Deleted 3 rule(s):
---------------
1068003	MEDIA Netflix media via TCP -15 (old rule)
1132858	WEB-ACTIVEX Schneider Electric ProClima F1BookView Attach Memory Corruption -1 (CVE-2015-7918) (old rule)
1132859	WEB-ACTIVEX Schneider Electric ProClima F1BookView Attach Memory Corruption -2 (CVE-2015-7918) (old rule)