*** NK8 RELS 3320 Release *** Total number of signatures: 3190 Description ================================================================== In this signature, we addressed the exploits/vulnerabilities and applications as below: Added 8 rule(s): --------------- 1133548 WEB Microsoft IIS WebDAV ScStoragePathFromUrl Buffer Overflow (CVE-2017-7269) 1133552 FILE Adobe Acrobat ImageConversion JPEG Out-of-Bounds Read (CVE-2017-2960) 1133553 WEB-CLIENT Microsoft Internet Explorer CVE-2017-0008 Information Disclosure (CVE-2017-0008) 1133554 EXPLOIT Oracle WebLogic Server UnicastRef Insecure Deserialization (CVE-2017-3248) 1133567 FILE Microsoft Graphics Component CVE-2017-0014 Memory Corruption (CVE-2017-0014) 1133568 FILE Adobe Digital Editions Epub XXE Information Disclosure (CVE-2016-7889) 1133569 WEB-CLIENT Microsoft MSXML CVE-2017-0022 Information Disclosure (CVE-2017-0022) 1160186 GAME WOW transfer via TCP -2 Modified 16 rule(s): --------------- 1058077 WEB SQL injection attempt -1.b 1060043 GAME Pokemon Go access via SSL -1 1068889 GAME WOW transfer via TCP -1 1133310 WEB Netgear R7000 Command Injection -1.1 (CVE-2016-6277) 1133407 WEB Brute Force Login -1 1133458 WEB-CLIENT JavaScript Heap Exploitation -3 1133463 SSDP Simple Service Discovery Protocol Reflection Denial of Service Vulnerability 1133503 WEB-CLIENT Microsoft Edge CVE-2017-0010 Memory Corruption (CVE-2017-0010) 1133509 WEB-CLIENT JavaScript Heap Exploitation -4.1 1133510 WEB-CLIENT JavaScript Heap Exploitation -5.1 1133511 WEB-CLIENT JavaScript Heap Exploitation -6.1 1133512 WEB-CLIENT JavaScript Heap Exploitation -13 1133520 SMB Microsoft Windows LSASS Authentication Denial of Service -1.1 (CVE-2017-0004) 1133528 WEB Apache Struts 2 Remote Code Execution -1.1 (CVE-2017-5638) 1133529 WEB Apache Struts 2 Remote Code Execution -1.2 (CVE-2017-5638) 1133530 WEB Apache Struts 2 Remote Code Execution -2.1 (CVE-2017-5638) Deleted 20 rule(s): --------------- 1057960 EXPLOIT HP Data Protector CRS Opcode 215 and 263 Stack Buffer Overflow -2 (CVE-2013-2328) (old rule) 1057961 EXPLOIT HP Data Protector CRS Opcode 260 Stack Buffer Overflow -1 (CVE-2013-2332) (old rule) 1057964 WEB Apache HTTP Server mod_dav MERGE Request Denial of Service (CVE-2013-1896) (old rule) 1057965 EXPLOIT HP Data Protector CRS Opcode 227 Stack Buffer Overflow -1 (CVE-2013-2335) (old rule) 1057972 WEB Windows Powershell Remote Command Injection -1 (CVE-2013-3763) (old rule) 1057975 EXPLOIT HP Data Protector CRS Opcode 207 Stack Buffer Overflow (CVE-2013-2324) (old rule) 1057976 EXPLOIT HP Data Protector CRS Opcode 210 Stack Buffer Overflow (CVE-2013-2324) (old rule) 1057977 EXPLOIT HP Data Protector CRS Opcode 236 Stack Buffer Overflow (CVE-2013-2324) (old rule) 1057981 EXPLOIT Oracle Java SE XML Digital Signature Spoofing (CVE-2013-2461) (old rule) 1057983 WEB Apache Struts Wildcard Matching OGNL Code Execution -3 (CVE-2013-2134) (old rule) 1057992 EXPLOIT Oracle Java Runtime Environment storeImageArray Buffer Overflow -1 (CVE-2013-2465) (old rule) 1057993 WEB HP SiteScope SOAP Call runOMAgentCommand Command Injection (CVE-2013-2367) (old rule) 1058016 WEB Sophos Web Protection Appliance sblistpack Arbitrary Command Execution (CVE-2013-4983) (old rule) 1058017 WEB HP System Management Homepage iprange Stack Buffer Overflow -1 (CVE-2013-2362) (old rule) 1058026 NETBIOS Samba smbd read_nttrans_ea_list Infinite Allocation Loop Denial of Service (CVE-2013-4124) (old rule) 1058027 WEB PHP SdnToJewish Function Integer Overflow (CVE-2013-4635) (old rule) 1058029 WEB HP ProCurve Manager SNAC UpdateDomainControllerServlet File Upload -1 (CVE-2013-4811) (old rule) 1058030 WEB HP SiteScope issueSiebelCmd SOAP Request Code Execution (CVE-2013-4835) (old rule) 1058036 DNS ISC BIND RDATA Handling Assertion Failure Denial of Service (CVE-2013-4854) (old rule) 1058051 EXPLOIT Nodejs js-yaml load() Code Execution (CVE-2013-4660) (old rule)