*** NK8 RELS 3343 Release *** Total number of signatures: 3210 Description ================================================================== In this signature, we addressed the exploits/vulnerabilities and applications as below: Added 6 rule(s): --------------- 1133945 DNS Systemd resolved dns_packet_new Heap Buffer Overflow (CVE-2017-9445) 1133952 WEB PHP gdImageCreateFromGifCtx Out of Bounds Read (CVE-2017-7890) 1133953 SMTP Microsoft Windows OLE CVE-2017-8487 Global Buffer Overflow -1 (CVE-2017-8487) 1133958 WEB Apache Struts Dynamic Method Invocation Remote Code Execution -4.1 1133960 DNS ISC BIND Query Response Missing RRSIG Denial of Service -1 (CVE-2016-9444) 1133964 WEB Apache Struts 2 REST plugin Remote Code Execution (CVE-2017-9805) Modified 7 rule(s): --------------- 1069353 IM WhatsApp login via TCP -3 1133296 WEB-CLIENT Microsoft Edge TypedArray.sort Use After Free -1 (CVE-2016-7288) 1133774 FILE Microsoft LNK Remote Code Execution Vulnerability -1 (CVE-2017-8464) 1133775 WEB-CLIENT Microsoft Edge CAttrArray Object PrivateFindInl Method Type Confusion (CVE-2017-8496) 1133905 SMB Microsoft Windows Search Type Confusion -1 (CVE-2017-8260) 1133906 SMB Microsoft Windows Search Type Confusion -2.1 (CVE-2017-8260) 1133907 SMB Microsoft Windows Search Type Confusion -2.2 (CVE-2017-8260) Deleted 12 rule(s): --------------- 1052174 WEB Remote File Inclusion - /system32/cmd.exe (old rule) 1054839 WEB SQL injection attempt -5 (old rule) 1054870 WEB SQL injection attempt -23 (old rule) 1054914 WEB-CLIENT Microsoft Internet Explorer CElement Memory Corruption (old rule) 1056078 WEB Hashtable Collisions (old rule) 1056923 EXPLOIT Citrix XenApp and XenDesktop XML Service Interface Stack Buffer Overflow (old rule) 1057015 SCADA 7T Interactive Graphical SCADA System File Operations Buffer Overflows -2 (CVE-2011-1567) (old rule) 1058253 WEB-ACTIVEX Microsoft Indexing Service ixsso.dll ActiveX Control Denial of Service (old rule) 1058279 WEB SQL injection attempt -14 (old rule) 1058284 WEB SQL injection attempt -16 (old rule) 1058459 WEB SQL injection attempt -15 (old rule) 1058470 WEB SQL injection attempt -17.a (old rule)