*** EX RELS 03361 Release *** Total number of signatures: 6016 Description ================================================================== In this signature, we addressed the exploits/vulnerabilities and applications as below: Added 11 rule(s): --------------- 1134349 WEB-CLIENT Multiple CPU Meltdown/Spectre Attacks Detection -1 1134352 WEB-CLIENT Microsoft Edge Chakra OP_Memset Type Confusion -1 (CVE-2017-11873) 1134354 WEB D-LINK DNS-320L ShareCenter mydlinkBRionyg Backdoor 1134356 FILE Adobe Flash Player Memory Corruption (CVE-2018-4871) 1134357 WEB-CLIENT Multiple CPU Meltdown/Spectre Attacks Detection -2 1134359 WEB Oracle WebLogic wls-wsat Deserialization -1 (CVE-2017-10271) 1134360 DNS Dnsmasq Lack of Free Denial of Service -1.3 (CVE-2017-14495) 1134361 WEB Oracle WebLogic wls-wsat Deserialization -2 (CVE-2017-10271) 1160794 IM Whoshere access via TCP -1 1160795 GAME QQ/QQFO access via TCP -5 1160799 UPDATE Norton access via TCP -1 Modified 7 rule(s): --------------- 1055106 WEB PHP Arbitrary Code Injection -1.b 1057463 SCADA ScadaTEC ScadaPhone Stack Buffer Overflow -2 (CVE-2011-4535) 1064462 IM Whoshere communicate via SSL-1 1066989 SOCIAL Weibo login via SSL -1 1130667 WEB-CLIENT Generic Javascript Obfuscation -25 1133370 WEB PHP Arbitrary Code Injection -1.u 1134321 WEB HTTP Insecure Deserialization Remote Code Execution -1 Deleted 31 rule(s): --------------- 1054789 WEB Netgear DGN1000B setup.cgi Remote Command Execution -1 (BID-57836) (old rule) 1056773 WEB Web Server Connection Header Buffer Overflow (old rule) 1057097 FILE Adobe Flash Player Regular Expression Heap Buffer Overflow -1 (CVE-2013-0634) (old rule) 1057098 FILE Adobe Flash Player Regular Expression Heap Buffer Overflow -2 (CVE-2013-0634) (old rule) 1057100 EXPLOIT Microsoft Windows OLE Automation Integer Overflow -1 (CVE-2013-1313) (old rule) 1057101 WEB Microsoft IE Shift JIS Character Encoding Vulnerability (CVE-2013-0015) (old rule) 1057102 WEB Microsoft IE SetCapture Use After Free Vulnerability (CVE-2013-0018) (old rule) 1057104 WEB Microsoft IE COmWindowProxy Use After Free Vulnerability (CVE-2013-0019) (old rule) 1057105 WEB Microsoft IE CMarkup Use After Free Vulnerability (CVE-2013-0020) (old rule) 1057108 WEB Microsoft IE LsGetTrailInfo Use After Free Vulnerability (CVE-2013-0022) (old rule) 1057111 WEB Microsoft IE CDispNode Use After Free Vulnerability -1 (CVE-2013-0023) (old rule) 1057113 WEB Microsoft IE pasteHTML Use After Free Vulnerability (CVE-2013-0024) (old rule) 1057116 EXPLOIT Foxit Reader Plugin URL Processing Buffer Overflow (BID:57174) (old rule) 1057124 EXPLOIT Citrix Provisioning Services Opcode 40020017 Stack Buffer Overflow (old rule) 1057125 WEB Sybase M-Business Anywhere agSoap.exe Closing Tag Buffer Overflow -2 (old rule) 1057126 DB Oracle MySQL Database yaSSL SSL Certificate Remote Buffer Overflow (old rule) 1057129 WEB Sun Java System Web Server Digest Authorization Buffer Overflow -1 (BID-37896) (old rule) 1057130 WEB Sun Java System Web Server Digest Authorization Buffer Overflow -2 (BID-37896) (old rule) 1057132 WEB-ACTIVEX Java Deployment Toolkit Performs InsufficientValidation of Parameters (old rule) 1057133 EXPLOIT GTUBE (Generic Test for Unsolicited Bulk Email) Anti-Spam Test Message (old rule) 1057139 WEB-CLIENT Google Chrome 4.1.249.1042 FTP PWD Zero Length OOB Array Index DoS (old rule) 1057141 FTP ProFTPd Help Command Backdoor (old rule) 1057151 EXPLOIT Xftp client 3.0 PWD Remote Exploit (old rule) 1057208 WEB Long Unicode DoS (old rule) 1057217 WEB-CLIENT Microsoft Internet Explorer onBeforeCopy Use After Free Vulnerability (CVE-2013-0093) (old rule) 1057390 EXPLOIT SAP NetWeaver Message Server Memory Corruption -3 (CVE-2013-1592) (old rule) 1057391 WEB Microsoft Multiple Products HTML Sanitization Cross-site Scripting -1 (CVE-2013-1289) (old rule) 1057393 EXPLOIT SAP NetWeaver Exportability Check Service Information Disclosure -1 (OSVDB:62853) (old rule) 1057394 EXPLOIT SAP NetWeaver Exportability Check Service Information Disclosure -2 (OSVDB:62853) (old rule) 1059766 WEB Referer Handler Buffer Overflow (old rule) 1120193 WEB URI Handler Buffer Overflow - POST -1 (old rule)