*** EX RELS 03353 Release *** Total number of signatures: 6012 Description ================================================================== In this signature, we addressed the exploits/vulnerabilities and applications as below: Added 12 rule(s): --------------- 1134194 SNMP Squid snmpHandleUdp Off-by-one Buffer Overflow (CVE-2014-6270) 1134222 WEB D-LINK DIR-850L (Un)authenticated OS Command Exec 1134224 WEB-CLIENT Microsoft Internet Explorer CWigglyShape Information Disclosure -1.4 (CVE-2016-7283) 1134226 WEB Apache httpd mod_auth_digest Memory Access Denial of Service (CVE-2017-9788) 1134230 SMB Microsoft Windows Search CVE-2017-11771 Heap Buffer Overflow -1 (CVE-2017-11771) 1134231 SMB Microsoft Windows Search CVE-2017-11771 Heap Buffer Overflow -2 (CVE-2017-11771) 1134232 WEB Apache Solr xmlparser XML External Entity Expansion Remote Code Execution -1.u (CVE-2017-12629) 1134233 WEB Apache Solr xmlparser XML External Entity Expansion Remote Code Execution -1.b (CVE-2017-12629) 1134235 SMB Microsoft Windows Search Information Disclosure -2 (CVE-2017-11772) 1134236 SMB Microsoft Windows Search Information Disclosure -1 (CVE-2017-11772) 1134239 MALWARE HIDDEN COBRA (FALLCHILL) Activity -1 1134243 MALWARE HIDDEN COBRA (Volgmer) Activity Modified 13 rule(s): --------------- 1057374 EXPLOIT Novell File Reporter VOL Tag Buffer Overflow (CVE-2012-4956) 1057375 EXPLOIT Novell File Reporter VOL Tag Stack Buffer Overflow 1133061 FILE Microsoft Office CVE-2016-3318 Remote Code Execution -1 (CVE-2016-4324) 1133153 EXPLOIT HPE Network Automation RMI Registry Insecure Deserialization -1 (CVE-2016-4385) 1133173 DNS ISC BIND buffer.c Assertion Failure Denial of Service (CVE-2016-2776) 1133295 WEB-CLIENT Microsoft Internet Explorer CWigglyShape Information Disclosure -1.1 (CVE-2016-7283) 1133471 WEB-CLIENT Google Chrome Blink ImageBitmap Integer Overflow -1 (CVE-2016-5182) 1133661 SSL OpenSSL DHE and ECDHE Parameters NULL Pointer Dereference -1 (CVE-2017-3730) 1133799 WEB-CLIENT Mozilla Firefox SVG Animation Use After Free (CVE-2016-9079) 1133844 WEB-CLIENT Microsoft Internet Explorer CWigglyShape Information Disclosure -1.2 (CVE-2016-7283) 1133960 DNS ISC BIND Query Response Missing RRSIG Denial of Service -1 (CVE-2016-9444) 1134208 EXPLOIT Elastic Elasticsearch ThrowableObjectInputStream Insecure Deserialization (CVE-2015-5377) 1160111 MEDIA Hulu media via SSL -1 Deleted 2 rule(s): --------------- 1057920 VULN Corel PDF Fusion wintab32.dll Insecure Library Loading -1 (CVE-2013-0742) (old rule) 1068664 MEDIA YouTube access via UDP -2 (old rule)