*** NetKeeper 8.534 Release *** Total number of signatures: 3063 Signature update 8.534 is for NetKeeper series devices. NK6000 (NK6105, NK6210C/F/G) NK3500 (NK3520, NK3550) NK5500 NK5900 NK7210 Description ================================================================== In this signature, we addressed the exploits/vulnerabilities and applications as below: Different from the version 8.532 *** Modify 28 Rules: -------------------------------------------------------------------- 1050694 WEB SQL injection attempt -41 1056091 WEB PHP Arbitrary Code Injection -3.a 1056205 WEB PHP Arbitrary Code Injection -4.a 1133222 WEB Microsoft SQL RDBMS Engine UNC Path Injection Privilege Escalation -1 (CVE-2016-7250) 1133256 WEB-CLIENT Microsoft Edge Scripting Engine Memory Corruption Vulnerability -2 (CVE-2016-7202) 1133257 WEB-CLIENT Microsoft Edge Scripting Engine Memory Corruption Vulnerability -3 (CVE-2016-7202) 1133258 WEB-CLIENT Microsoft Edge Scripting Engine Memory Corruption Vulnerability -4 (CVE-2016-7202) 1133300 WEB-CLIENT Microsoft Edge CVE-2016-7286 Memory Corruption (CVE-2016-7286) 1133162 WEB Joomla! CMS Policy Bypass and Privilege Escalation Vulnerabilities -1 (CVE-2016-8869) 1055106 WEB PHP Arbitrary Code Injection -1.a 1131343 WEB Generic Remote Javascript Upload and Execution -1.a 1132120 WEB Generic Remote Javascript Upload and Execution -2.a 1132121 WEB Generic Remote Javascript Upload and Execution -3.a 1056047 WEB PHP Arbitrary Code Injection -2.a 1051723 VIRUS Eicar test string 1055189 WEB SQL injection attempt -10 1067691 FILE Dropbox login via SSL -2 1067722 FILE Dropbox access via SSL -1 1066535 MEDIA iTunes media via TCP -1 1066216 MEDIA iTunes media via TCP -2 1066217 MEDIA iTunes media via TCP -3 1066855 MEDIA iTunes media via TCP -4 1066219 MEDIA iTunes media via TCP -5 1066220 MEDIA iTunes media via TCP -6 1066221 MEDIA iTunes media via TCP -7 1067333 MEDIA iTunes media via TCP -10 1069598 MEDIA iTunes media via TCP -13 1069325 CA Yahoo Authentication via SSL -7 Add 124 Rules: -------------------------------------------------------------------- 1133370 WEB PHP Arbitrary Code Injection -1.x 1133372 WEB PHP Arbitrary Code Injection -3.x 1133328 WEB Generic Remote Javascript Upload and Execution -1.x 1133321 WEB Generic Remote Javascript Upload and Execution -2.x 1133320 WEB Generic Remote Javascript Upload and Execution -3.x 1133371 WEB PHP Arbitrary Code Injection -2.x 1133373 WEB PHP Arbitrary Code Injection -4.x 1133404 EXPLOIT Base64 Data and Content Type Mismatch -1 1133381 WEB PHPMailer Remote Code Execution (CVE-2016-10033) 1133385 WEB PHPMailer Remote Code Execution (CVE-2016-10045) 1133353 VIRUS Eicar test string -2 1133369 VIRUS Eicar test string -3 1133402 WEB Cisco Firepower Management Console 6.0 Post Authentication UserAdd Vulnerability (CVE-2016-6433) 1133351 EXPLOIT Netop Remote Control dws File Stack Buffer Overflow -3 1133396 FILE Adobe Flash Player Heap Overflow (CVE-2017-2933) 1133397 FILE Adobe Acrobat Reader Buffer Overflow (CVE-2017-2948) 1133398 FILE Adobe Acrobat Reader Heap Overflow (CVE-2017-2949) 1133399 FILE Adobe Reader and Acrobat Libtiff Heap Overflow (CVE-2017-2966) 1133332 WEB Microsoft SQL RDBMS Engine UNC Path Injection Privilege Escalation -2 (CVE-2016-7250) 1133394 WEB-CLIENT Microsoft Edge Chakra Array.shift Type Confusion -1.1 (CVE-2016-7201) 1133395 WEB-CLIENT Microsoft Edge Chakra Array.shift Type Confusion -1.2 (CVE-2016-7201) 1132946 FILE Adobe Flash AS2 TextField gridFitType Use-After-Free Remote Code Execution (CVE-2015-7652) 1133344 FILE Adobe Flash Movieclip Setmask Use After Free -1 (CVE-2015-4428) 1133345 FILE Adobe Flash Movieclip Setmask Use After Free -2 (CVE-2015-4428) 1133346 FILE Adobe Flash Vector Memory Corruption -2 (CVE-2015-5125) 1133378 FILE Adobe Flash DisplacementMapFilter MapBitmap Use-After-Free Vulnerability -1 (CVE-2015-5127) 1133379 FILE Adobe Flash DisplacementMapFilter MapBitmap Use-After-Free Vulnerability -2 (CVE-2015-5127) 1133382 FILE Adobe Flash Player MovieClip Use-After-Free Vulnerability -2 (CVE-2015-5130) 1133383 FILE Adobe Flash Player XML Bad Write Memory Corruption Vulnerability -2 (CVE-2015-5549) 1133384 FILE Adobe Flash Player XML Bad Write Memory Corruption Vulnerability -3 (CVE-2015-5549) 1133386 FILE Adobe Flash MovieClip attachMovie Use-After-Free -1 (CVE-2015-5551) 1133387 FILE Adobe Flash MovieClip attachMovie Use-After-Free -2 (CVE-2015-5551) 1133347 FILE Adobe Photoshop Asset Elements Buffer Overflow -7 (CVE-2012-2052) 1133357 EXPLOIT Microsoft .NET Framework Heap Buffer Overflow -1 (CVE-2012-0163) 1133361 WEB-CLIENT Microsoft Internet Explorer Uninitialized memory corruption -3 (CVE-2012-1522) 1133366 FILE Microsoft Office Works File Converter Heap Overflow -3 (CVE-2012-0177) 1133368 WEB-CLIENT Microsoft Windows Object Packager Insecure Executable Loading -2 (CVE-2012-0009) 1133360 FILE Adobe Flash Player MP4 Sequence Parameter Set Parsing Buffer Overflow -2 (CVE-2011-2140) 1133365 WEB Microsoft ASP.NET Forms Authentication Insecure Redirect -2 (CVE-2011-3415) 1133311 WEB Teampass upload.files.php Arbitrary File Upload 1133319 WEB SugarCRM rest_data PHP Object Deserialization 1133322 WEB op5 Monitor command_test.php Command Injection -1 1133323 WEB op5 Monitor command_test.php Command Injection -2 1133324 WEB op5 Monitor command_test.php Command Injection -3 1133325 SSL OpenSSL SSL3_AL_WARNING Denial of Service (CVE-2016-8610) 1133327 WEB Joomla! CMS Policy Bypass and Privilege Escalation Vulnerabilities -2 (CVE-2016-8869) 1133329 WEB Alienvault Unified Security Management and OSSIM gauge.php SQL Injection -1 (CVE-2016-8582) 1133330 WEB Alienvault Unified Security Management and OSSIM gauge.php SQL Injection -2 (CVE-2016-8582) 1133331 WEB Alienvault Unified Security Management and OSSIM gauge.php SQL Injection -3 (CVE-2016-8582) 1133333 WEB Trend Micro Virtual Mobile Infrastructure apns_worker.py Command Injection -1 (CVE-2016-6270) 1133334 WEB Trend Micro Virtual Mobile Infrastructure apns_worker.py Command Injection -2 (CVE-2016-6270) 1133335 WEB Trend Micro Virtual Mobile Infrastructure apns_worker.py Command Injection -3 (CVE-2016-6270) 1133336 WEB Trend Micro Virtual Mobile Infrastructure apns_worker.py Command Injection -4 (CVE-2016-6270) 1133337 WEB Trend Micro Smart Protection Server admin_notification.php Command Injection -1 (CVE-2016-6267) 1133338 WEB Trend Micro Smart Protection Server admin_notification.php Command Injection -2 (CVE-2016-6267) 1133339 WEB Trend Micro Smart Protection Server admin_notification.php Command Injection -3 (CVE-2016-6267) 1133340 WEB Trend Micro Control Manager DeploymentPlan_Event_Handler Information Disclosure (CVE-2016-6220) 1133341 WEB Micro Focus GroupWise Admin Console index.jsp PoaCmd Cross Site Scripting -1 (CVE-2016-5760) 1133342 WEB Micro Focus GroupWise Admin Console index.jsp PoaCmd Cross Site Scripting -2 (CVE-2016-5760) 1133374 WEB Zyxel P660HN-T v1 Router Unauthenticated Remote Command Execution 1133375 WEB Zyxel P660HN-T v2 Router Unauthenticated Remote Command Execution 1133376 WEB Billion 5200W-T Router Unauthenticated Remote Command Execution 1133377 WEB Billion 5200W-T Router Authenticated Remote Command Execution 1133389 WEB Netgear WNR2000v5 Remote Code Execution Vulnerability 1133390 WEB 3CX Phone System VAD_Deploy.aspx Arbitrary File Upload 1133391 WEB FreePBX Framework hotelwakeup Module Directory Traversal 1133392 WEB FreePBX Framework remotemod Remote Command Execution 1133401 NTP ntp.org Network Time Protocol Windows Daemon getEndptFromIoCtx Denial of Service (CVE-2016-9312) 1133403 WEB Joomla! CMS Policy Bypass and Privilege Escalation Vulnerabilities (CVE-2016-8869) 1133318 WEB SQL injection attempt -75.x 1133326 WEB ManageEngine OpManager AgentDetailsUtil agentKey SQL Injection Remote Code Execution -1.x 1133343 WEB Wavelink Emulation License Server HTTP Header Processing Buffer Overflow -3 (CVE-2015-4059) 1133380 EXPLOIT MIT Kerberos 5 kadmind KADM5_POLICY Denial of Service (CVE-2015-8630) 1133400 WEB SearchBlox Multiple Authentication Bypass Vulnerabilities -4 (CVE-2015-7919) 1133348 EXPLOIT Oracle Java AtomicReferenceArray Sandbox Breach -2 (CVE-2012-0507) 1133349 WEB Apache HTTPD Error Code 400 httpOnly Cookie Handling Information Disclosure -3 (CVE-2012-0053) 1133350 WEB Apache HTTPD Error Code 400 httpOnly Cookie Handling Information Disclosure -4 (CVE-2012-0053) 1133352 FILE Apple QuickTime PICT File Processing Memory Corruption -2 (CVE-2012-0671) 1133354 WEB-ACTIVEX ASUS Net4Switch ipswcom.dll ActiveX Control Stack Buffer Overflow -3 (CVE-2012-4924) 1133355 WEB-ACTIVEX ASUS Net4Switch ipswcom.dll ActiveX Control Stack Buffer Overflow -4 (CVE-2012-4924) 1133356 WEB-ACTIVEX KeyHelp ActiveX LaunchTriPane Remote Code Execution Vulnerability -1 (CVE-2012-2516) 1133359 WEB IBM Tivoli Endpoint Manager Web Reports ScheduleParam Cross-site Scripting (CVE-2012-0719) 1133362 FILE Oracle Outside In OOXML Relationship Tag Parsing Stack Buffer Overflow (ZDI-12-017) 1133363 EXPLOIT Oracle Java Runtime Bytecode Verifier Cache Code Execution -4 (CVE-2012-1723) 1133364 WEB Oracle GlassFish Enterprise Server REST Interface Cross Site Request Forgery -2 (CVE-2012-0550) 1133367 Oracle GlassFish Enterprise Server Multiple Reflected Cross Site Scripting Vulnerabilities (CVE-2012-0551) 1133358 WEB-ACTIVEX IBM Rational Rhapsody BB FlashBack FBRecorder Multiple Vulnerabilities (CVE-2011-1388) 1133393 WEB WSO WEB Shell Activity 1110063 WEB Cross-site Scripting -35 1132769 FILE JSON Swagger CodeGen Parameter Injector -2 (CVE-2016-5641) 1132783 WEB Riverbed SteelCentral NetProfiler/NetExpress Remote Code Execution 1132791 WEB Apache Jetspeed Arbitrary File Upload (CVE-2016-0709) 1132793 WEB SQL injection select from attempt -5.a 1132801 WEB Meinberg NTP Time Server ELX800/GPS M4x V5.30p Remote Command Execution (CVE-2016-3962) 1056699 WEB HTTP Content-type Header Buffer Overflow 1057333 WEB Avaya IP Office Customer Call Reporter ImageUpload.ashx Unrestricted File Upload -1 (CVE-2012-3811) 1058862 EXPLOIT Apple Mac OS X Kernel IGMP Packet Handling Local DoS -2 (CVE-2013-1899) 1052275 WEB Microsoft IIS ISAPI FrontPage fp30reg.dll Chunked Overflow 1130585 EXPLOIT Apache Qpid Session.gap Denial of Service -1 (CVE-2015-0203) 1131398 WEB Cross-site Scripting -27 1058519 EXPLOIT HP Data Protector Opcode 42 Directory Traversal -1 (CVE-2013-6194) 1059669 WEB D-Link Multiple Routers HNAP Protocol Security Bypass Vulnerability (BID-37690) 1130407 WEB-ACTIVEX X360 VideoPlayer ActiveX Control 2.6 - Full ASLR and DEP Bypass 1130409 WEB Wordpress Pixabay Images PHP Code Upload (OSVDB-117145) 1130478 EXPLOIT HP Client Automation Command Injection -1 (CVE-2015-1497) 1130480 WEB-CLIENT Javascript Injection for Eval-based Unpackers 1130481 WEB Lenovo Superfish Adware Vulnerability (CVE-2015-2077) 1130536 WEB ElasticSearch Unauthenticated Remote Code Execution -1 (CVE-2015-1427) 1130687 EXPLOIT HP Client Automation Command Injection -3 (CVE-2015-1497) 1130690 WEB-ACTIVEX Oracle Data Quality LoaderWizard DataPreview Type Confusion -1 (ZDI-15-103) 1130691 WEB-ACTIVEX Oracle Data Quality LoaderWizard DataPreview Type Confusion -2 (ZDI-15-103) 1130702 WEB D-Link/TRENDnet NCC Service Command Injection -1 (CVE-2015-1187) 1130703 WEB D-Link/TRENDnet NCC Service Command Injection -2 (CVE-2015-1187) 1130704 WEB D-Link/TRENDnet NCC Service Command Injection -3 (CVE-2015-1187) 1130705 WEB D-Link/TRENDnet NCC Service Command Injection -4 (CVE-2015-1187) 1130858 WEB SixApart MovableType Storable Perl Code Execution (CVE-2015-1592) 1130859 EXPLOIT Apache Qpid Session.gap Denial of Service -2 (CVE-2015-0203) 1130860 EXPLOIT Apache Qpid Session.gap Denial of Service -3 (CVE-2015-0203) 1131194 FTP ProFTPD mod_copy Unauthenticated Remote File Copying -1 (CVE-2015-3306) 1160053 IM AliWW login via TCP -4 1160054 IM AliWW transfer via TCP -4 1160055 IM AliWW transfer via TCP -5 1160063 MEDIA iQIYI/PPS media via TCP -19 1160051 PRIPROTOCOL Thunder transfer via UDP -2 Delete 123 Rules: -------------------------------------------------------------------- 1132929 WEB ManageEngine EventLog Analyzer Remote Code Execution (CVE-2015-7387) 1132812 FILE Microsoft Office Memory Corruption Vulnerability -2 (CVE-2016-0022) 1132823 WEB-CLIENT Suspicious Adobe Flash File Loading -5 (Ransomware Attack Vector) 1132828 FILE Microsoft Word RTF Bitmap biWidth biHeight Heap Buffer Overflow -2 (CVE-2016-0010) 1132829 FILE Microsoft Office Memory Corruption Vulnerability -2 (CVE-2016-0052) 1132832 WEB-CLIENT Microsoft Internet Explorer Scripting Engine Memory Corruption Vulnerability -2 (CVE-2016-3210) 1132834 WEB-CLIENT Microsoft Edge Memory Corruption Vulnerability -2 (CVE-2016-3222) 1132835 FILE Microsoft Office CVE-2016-3284 Memory Corruption (CVE-2016-3284) 1132871 WEB-CLIENT Microsoft Internet Explorer CVE-2016-3288 Memory Corruption -1 (CVE-2016-3288) 1132872 FILE Microsoft Browser Information Disclosure Vulnerability -1 (CVE-2016-3327) 1132873 WEB-CLIENT Microsoft Browser Memory Corruption Vulnerability (CVE-2016-3289) 1132874 WEB-CLIENT Microsoft Internet Explorer Memory Corruption Vulnerability (CVE-2016-3290) 1132875 FILE Microsoft Office Memory Corruption Vulnerability (CVE-2016-3316) 1132876 WEB-CLIENT Microsoft Browser Memory Corruption Vulnerability (CVE-2016-3293) 1132877 WEB-CLIENT Microsoft Internet Explorer Information Disclosure Vulnerability (CVE-2016-3321) 1132878 FILE Microsoft Office Memory Corruption Vulnerability (CVE-2016-3317) 1132879 WEB-CLIENT Microsoft Browser Information Disclosure Vulnerability (CVE-2016-3326) 1132880 WEB-CLIENT Microsoft Browser Memory Corruption Vulnerability (CVE-2016-3322) 1132892 SSL Microsoft HTTP.sys HTTP 2.0 Denial of Service -1 (CVE-2016-0150) 1132893 SSL Microsoft HTTP.sys HTTP 2.0 Denial of Service -2 (CVE-2016-0150) 1132921 WEB-CLIENT Microsoft Internet Explorer Memory Corruption Vulnerability -2 (CVE-2016-0199) 1132931 WEB Microsoft XML Core Services XML Content Parsing Memory Corruption (CVE-2014-4118) 1132958 FILE Microsoft Windows Graphics Component CVE-2016-3303 Code Execution (CVE-2016-3303) 1132868 WEB-CLIENT Microsoft Internet Explorer 11 Unspecified HTML File Handling Denial of Service -2 (OSVDB-122474) 1132869 WEB-CLIENT Microsoft Internet Explorer InitFromString Function Out of Bounds Memory Access-2 (CVE-2015-6086) 1132926 FILE Adobe Flash Player Use After Free (CVE-2015-8043) 1132927 FILE Adobe Flash Player Use After Free (CVE-2015-8044) 1132934 FILE Adobe Flash MP3 ID3 Heap Buffer Overflow (CVE-2015-8446) 1132937 FILE Adobe Flash iExternalizable Interface Type Confusion -5 (CVE-2015-7645) 1132819 FILE Symantec Antivirus Engine RAR Decompression Remote Code Execution -1 (CVE-2016-2207) 1132820 FILE Symantec Antivirus Engine RAR Decompression Remote Code Execution -2 (CVE-2016-2207) 1132821 WEB-CLIENT Suspicious HTML Iframe Tag -13 (Ransomware Attack Vector) 1132824 WEB-CLIENT WScript.Shell Remote Code Execution -4 (Ransomware Attack Vector) 1132825 WEB-CLIENT Javascript Obfuscation in Exploit Kits - 72 (Ransomware Attack Vector) 1132826 WEB-CLIENT Javascript Obfuscation in Exploit Kits - 73 (Ransomware Attack Vector) 1132827 WEB-CLIENT Javascript Obfuscation in Exploit Kits - 74 (Ransomware Attack Vector) 1132830 FILE Windows Media Center Remote Code Execution Vulnerability -2 (CVE-2016-0185) 1132831 FILE Windows Media Center Remote Code Execution Vulnerability -3 (CVE-2016-0185) 1132837 SCADA WECON LeviStudio PLC Type Heap Buffer Overflow (ZDI-16-390) 1132838 SCADA WECON LeviStudio HmiSet Style Stack Buffer Overflow (ZDI-16-378) 1132839 WEB Symantec Endpoint Protection Manager Cross-Site Scripting -1 (CVE-2016-3652) 1132840 WEB Symantec Endpoint Protection Manager Cross-Site Scripting -2 (CVE-2016-3652) 1132841 WEB Apache Struts URLValidator Denial of Service -1 (CVE-2016-4465) 1132842 WEB-ACTIVEX Micro Focus Rumba WallData.Macro PlayMacro Memory Corruption -1 1132843 WEB-ACTIVEX Micro Focus Rumba WallData.Macro PlayMacro Memory Corruption -2 1132844 WEB HAProxy reqdeny Denial of Service (CVE-2016-5360) 1132845 EXPLOIT Solarwinds Virtualization Manager Apache Commons Collections Insecure Deserialization -1 (CVE-2016-3642) 1132846 EXPLOIT Solarwinds Virtualization Manager Apache Commons Collections Insecure Deserialization -2 (CVE-2016-3642) 1132847 EXPLOIT Solarwinds Virtualization Manager Apache Commons Collections Insecure Deserialization -3 (CVE-2016-3642) 1132848 EXPLOIT Solarwinds Virtualization Manager Apache Commons Collections Insecure Deserialization -4 (CVE-2016-3642) 1132849 EXPLOIT Solarwinds Virtualization Manager Apache Commons Collections Insecure Deserialization -5 (CVE-2016-3642) 1132850 EXPLOIT Solarwinds Virtualization Manager Apache Commons Collections Insecure Deserialization -6 (CVE-2016-3642) 1132851 EXPLOIT Solarwinds Virtualization Manager Apache Commons Collections Insecure Deserialization -7 (CVE-2016-3642) 1132852 EXPLOIT Solarwinds Virtualization Manager Apache Commons Collections Insecure Deserialization -8 (CVE-2016-3642) 1132853 WEB-CLIENT Javascript Obfuscation in Exploit Kits - 75 (Ransomware Attack Vector) 1132854 WEB-CLIENT Javascript Obfuscation in Exploit Kits - 76 (Ransomware Attack Vector) 1132855 WEB-CLIENT Javascript Obfuscation in Exploit Kits - 77 (Ransomware Attack Vector) 1132856 NTP Network Time Protocol Daemon crypto-NAK Denial of Service -1 (CVE-2016-4957) 1132857 WEB-CLIENT Javascript Obfuscation in Exploit Kits - 78 (Ransomware Attack Vector) 1132881 WEB Squid Long String Header Processing Assertion Failure -1.1022 (CVE-2016-2569) 1132882 WEB Squid Long String Header Processing Assertion Failure -2 (CVE-2016-2569) 1132887 WEB ESF pfSense status_rrd_graph_img.php Command Injection -3 1132890 WEB-CLIENT Remsec CnC Backdoor Hardcoded HTTP Headers Exploit Kits 1132891 WEB PHP ZipArchive getFromIndex and getFromName Integer Overflow (CVE-2016-3078) 1132894 WEB-CLIENT Suspicious HTML Iframe Tag -14 (Ransomware Attack Vector) 1132901 WEB-CLIENT Javascript Obfuscation in Exploit Kits - 78 (Ransomware Attack Vector) 1132903 WEB-CLIENT Suspicious HTML Iframe Tag -16 (Ransomware Attack Vector) 1132904 WEB Apache Jetspeed User Manager Services REST API Unauthorized Access (CVE-2016-2171) 1132905 FILE ImageMagick Delegate Command Injection -10 (CVE-2016-3714) 1132907 FILE ImageMagick Ephemeral Protocol Arbitrary File Deletion -1 (CVE-2016-3716) 1132908 WEB-CLIENT GNU wget HTTP Redirect Arbitrary File Overwrite -1 (CVE-2016-4971) 1132909 WEB-CLIENT GNU wget HTTP Redirect Arbitrary File Overwrite -2 (CVE-2016-4971) 1132910 WEB-CLIENT GNU wget HTTP Redirect Arbitrary File Overwrite -3 (CVE-2016-4971) 1132911 WEB-CLIENT GNU wget HTTP Redirect Arbitrary File Overwrite -4 (CVE-2016-4971) 1132913 NTP Network Time Protocol Daemon crypto-NAK Denial of Service -2 (CVE-2016-4957) 1132914 FILE ImageMagick Ephemeral Protocol Arbitrary File Deletion (CVE-2016-3717) 1132915 FILE ImageMagick Ephemeral Protocol Arbitrary File Deletion (CVE-2016-3718) 1132916 FILE ImageMagick Command Injection (CVE-2016-5118) 1132918 WEB Apache Struts URLValidator Denial of Service -2 (CVE-2016-4465) 1132919 FILE Symantec Antivirus Engine PE Header Heap Buffer Overflow -3 (CVE-2016-2208) 1132920 WEB CMS Made Simple Web Server Cache Poisoning (CVE-2016-2784) 1132924 FILE LibreOffice RTF parser Use After Free (CVE-2016-4324) 1132925 WEB PHP TAR File Parsing Uninitialized Reference (CVE-2016-4343) 1132930 WEB Apache Struts URLValidator Denial of Service (CVE-2016-4465) 1132933 WEB Cisco Prime Infrastructure and EPNM Deserialization Code Execution -1 (CVE-2016-1291) 1132935 WEB Cisco Prime Infrastructure and EPNM Deserialization Code Execution -2 (CVE-2016-1291) 1132936 WEB Cisco Prime Infrastructure and EPNM Deserialization Code Execution -3 (CVE-2016-1291) 1132939 EXPLOIT HPE Data Protector EXEC_BAR domain Buffer Overflow -1 (CVE-2016-2006) 1132941 EXPLOIT HPE Data Protector EXEC_BAR domain Buffer Overflow -2 (CVE-2016-2006) 1132945 EXPLOIT HPE Data Protector EXEC_BAR domain Buffer Overflow -3 (CVE-2016-2006) 1132953 FILE Symantec Antivirus Engine Decomposer MSPACK Denial of Service -1 (CVE-2016-2211) 1132954 FILE Symantec Antivirus Engine Decomposer MSPACK Denial of Service -2 (CVE-2016-2211) 1132955 DNS ISC BIND lwresd Query Name Denial of Service (CVE-2016-2775) 1132956 WEB Symantec Endpoint Protection Manager Cross Site Request Forgery -1 (CVE-2016-3653) 1132957 WEB Drupal Coder Module coder_upgrade.run.php Remote Code Execution 1132959 WEB Symantec Endpoint Protection Manager Cross Site Request Forgery -2 (CVE-2016-3653) 1132960 SCADA Schneider Electric SoMachine HVAC AxEditGrid ActiveX Untrusted Pointer Dereference -1 (CVE-2016-4529) 1132961 SCADA Schneider Electric SoMachine HVAC AxEditGrid ActiveX Untrusted Pointer Dereference -2 (CVE-2016-4529) 1132962 WEB Drupal RESTWS Module Page Callback Remote Code Execution 1132964 FILE WECON LeviStudio String Content Heap Buffer Overflow (ZDI-16-386) 1132858 WEB-ACTIVEX Schneider Electric ProClima F1BookView Attach Memory Corruption -1 (CVE-2015-7918) 1132859 WEB-ACTIVEX Schneider Electric ProClima F1BookView Attach Memory Corruption -2 (CVE-2015-7918) 1132860 SCADA Schneider Electric ProClima F1BookView SetValidationRule Memory Corruption -1 (CVE-2015-7918) 1132862 SCADA Unitronics VisiLogic OPLC IDE TeePreviewer ChartLink Memory Corruption -1 (CVE-2015-6478) 1132863 SCADA Unitronics VisiLogic OPLC IDE TeePreviewer ChartLink Memory Corruption -2 (CVE-2015-6478) 1132865 SCADA Schneider Electric ProClima F1BookView SetValidationRule Memory Corruption -2 (CVE-2015-7918) 1132883 EXPLOIT Flexera FlexNet Publisher License Server Buffer Overflow -1 (CVE-2015-8277) 1132886 EXPLOIT Flexera FlexNet Publisher License Server Buffer Overflow -2 (CVE-2015-8277) 1132912 WEB FireEye Appliance Unauthorized File Disclosure 1132922 WEB-ACTIVEX Samsung SmartViewer CNC_Ctrl ActiveX Control rtsp_getdlsendtime Remote Code Execution -1.1 (CVE-2015-8040) 1132923 WEB-ACTIVEX Samsung SmartViewer CNC_Ctrl ActiveX Control rtsp_getdlsendtime Remote Code Execution -1.2 (CVE-2015-8040) 1132932 DNS ISC BIND buffer.c REQUIRE Assertion Failure Denial of Service -2 (CVE-2015-8705) 1132938 EXPLOIT IBM Tivoli Storage Manager FastBack Server Opcode 1796 Buffer Overflow (CVE-2015-8519) 1132940 EXPLOIT IBM Tivoli Storage Manager FastBack Server Opcode 4176 Buffer Overflow (CVE-2015-8523) 1132942 EXPLOIT IBM Tivoli Storage Manager FastBack Server Opcode 1799 Buffer Overflow (CVE-2015-8522) 1132943 EXPLOIT IBM Tivoli Storage Manager FastBack Server Opcode 1798 Buffer Overflow (CVE-2015-8521) 1132944 EXPLOIT IBM Tivoli Storage Manager FastBack Server Opcode 4754 Buffer Overflow (CVE-2015-8520) 1132947 WEB SearchBlox Multiple Authentication Bypass Vulnerabilities -3 (CVE-2015-7919) 1132866 SSL SSLv3 Logjam with CBC Cipher TLS_DHE-DSS-DES40-CBC-SHA (CVE-2015-4000) 1066597 MEDIA iTunes media via TCP -8 1066598 MEDIA iTunes media via TCP -9 1067859 MEDIA iTunes media via TCP -11 1068380 MEDIA iTunes media via TCP -12