*** EX RELS 03402 Release ***
Total number of signatures: 6011

Description
==================================================================
In this signature, we addressed the exploits/vulnerabilities
and applications as below:


Added 5 rule(s):
---------------
1135080	WEB-CLIENT Microsoft Windows Windows Script Host Command Injection -1 (CVE-2018-8495)
1135082	SCADA Advantech WebAccess SCADA notify2 Stack-based Buffer Overflow (CVE-2018-7499)
1135092	FILE Microsoft Windows Theme API Code Execution (CVE-2018-8413)
1135098	SCADA Advantech WebAccess SCADA BwPSLinkZip Stack-based Buffer Overflow (CVE-2018-7499)
1161333	MEDIA Pandora access via SSL -2

Modified 23 rule(s):
---------------
1049856	WEB http directory traversal -1
1134232	WEB Apache Solr xmlparser XML External Entity Expansion Remote Code Execution -1.u (CVE-2017-12629)
1134233	WEB Apache Solr xmlparser XML External Entity Expansion Remote Code Execution -1.b (CVE-2017-12629)
1134573	WEB Apache Solr xmlparser XML External Entity Expansion Remote Code Execution -2 (CVE-2017-12629)
1134583	FILE Adobe Acrobat XPS TIFF Tag Count Integer Overflow (CVE-2018-4904)
1134594	FILE Adobe Acrobat ImageConversion EMF EMR_STRETCHBLT Out of Bounds Read (CVE-2018-4886)
1134598	WEB Apache httpd mod_cache_socache Denial of Service (CVE-2018-1303)
1134602	WEB Drupal Core drupalgeddon3 Authenticated Remote Code Execution -1 (CVE-2018-7602)
1134605	WEB Drupal Core drupalgeddon3 Authenticated Remote Code Execution -3 (CVE-2018-7602)
1134606	WEB Drupal Core drupalgeddon3 Authenticated Remote Code Execution -4 (CVE-2018-7602)
1134610	WEB Dasan GPON Routers Command Injection -1.1 (CVE-2018-10561)
1134611	WEB Dasan GPON Routers Command Injection -1.2 (CVE-2018-10561)
1134641	WEB Multi Vendor DVR Credentials Leak (CVE-2018-9995)
1134644	WEB Apache ActiveMQ File Upload Remote Code Execution (CVE-2016-3088)
1134652	WEB Drupal Core drupalgeddon3 Authenticated Remote Code Execution -5 (CVE-2018-7602)
1134675	WEB Apache Tika Chmparser Denial Of Service (CVE-2018-1339)
1134784	WEB Apache httpd FilesMatch Directive Security Restriction Bypass (CVE-2018-1303)
1134790	WEB Drupal Core drupalgeddon3 Authenticated Remote Code Execution -2 (CVE-2018-7602)
1134891	WEB Dasan GPON Routers Command Injection -1.3 (CVE-2018-10561)
1134892	WEB Dasan GPON Routers Command Injection -1.4 (CVE-2018-10561)
1135037	SCADA Advantech WebAccess SCADA bwmakdir Stack-based Buffer Overflow (CVE-2018-7499)
1135065	WEB-ACTIVEX G DATA Total Security Activex Buffer Overflow (CVE-2018-10018)
1135068	LDAP Red Hat 389 Directory Server vslapd_log_emergency_error Denial of Service (CVE-2018-14624)

Deleted 1 rule(s):
---------------
1052289	TUNNEL LogMeIn login via UDP -1 (old rule)