*** EX RELS 03456 Release ***
Total number of signatures: 6001

Description
==================================================================
In this signature, we addressed the exploits/vulnerabilities
and applications as below:


Added 11 rule(s):
---------------
1136046	WEB OpenEMR facility_admin.php Cross-Site Scripting (CVE-2019-8368)
1136309	WEB Zoho ManageEngine Applications Manager MASRequestProcessor serverID SQL Injection
1136313	WEB rConfig install Command Execution -1 (CVE-2019-16662)
1136314	WEB rConfig install Command Execution -2 (CVE-2019-16662)
1136315	WEB Atlassian Confluence Server PackageResourceManager Information Disclosure (CVE-2019-3394)
1136316	WEB-CLIENT Microsoft Internet Explorer Scripting Engine Memory Corruption Vulnerability (CVE-2019-1429)
1136317	WEB HPE Intelligent Management Center AMF3 Externalizable Deserialization -1.1 (CVE-2019-11944)
1136318	WEB HPE Intelligent Management Center AMF3 Externalizable Deserialization -2.1 (CVE-2019-11944)
1136319	WEB Elastic Kibana Timelion Prototype Pollution -1.1 (CVE-2019-7609)
1136332	WEB Technicolor TD5130.2 Remote Command Execution (CVE-2019-18396)
1136334	WEB FlexAir Access Control 2.4.9api3 Remote Command Execution (CVE-2019-9189)

Modified 1 rule(s):
---------------
1133420	SSH OpenSSH kex_input_kexinit Denial of Service (CVE-2016-8858)

Deleted 50 rule(s):
---------------
1059595	SSL OpenSSL GnuTLS Server Hello Session ID Heap Buffer Overflow -1 (CVE-2014-3466) (old rule)
1059599	WEB-CLIENT Microsoft Direct2D SVG Path Memory Corruption -3 (CVE-2014-0263) (old rule)
1059600	WEB-CLIENT Microsoft Internet Explorer Memory Corruption Vulnerability (CVE-2014-1805) (old rule)
1059606	FILE Adobe Flash Player Security Bypass vulnerability (CVE-2014-0535) (old rule)
1059607	SIP Digium Asterisk Cookie Stack Overflow -3 (CVE-2014-2286) (old rule)
1059608	SSL OpenSSL dtls1_reassemble_fragment Invalid Fragment Buffer Overflow -1 (CVE-2014-0195) (old rule)
1059609	SSL OpenSSL dtls1_reassemble_fragment Invalid Fragment Buffer Overflow -2 (CVE-2014-0195) (old rule)
1059610	SSL OpenSSL ChangeCipherSpec MITM Security Bypass -1 (CVE-2014-0224) (old rule)
1059611	WEB PHP Libmagic Portable Executable Out Of Bounds Memory Access -2 (CVE-2014-2270) (old rule)
1059612	WEB-ACTIVEX Mitsubishi ActiveX Control EZPcAut280.dll KeywordSet Argument Buffer Overflow (CVE-2014-2074) (old rule)
1059613	SSL OpenSSL dtls1_reassemble_fragment Invalid Fragment Buffer Overflow -3 (CVE-2014-0195) (old rule)
1059615	FILE Adobe Flash Player SharedObject Use After Free -2 (CVE-2014-0502) (old rule)
1059616	FILE Adobe Reader Mobile JavaScript Interface Java Code Execution -3 (CVE-2014-0514) (old rule)
1059618	WEB FreePBX config.php Code Execution (CVE-2014-1903) (old rule)
1059619	WEB-CLIENT Microsoft Internet Explorer Could Allow Remote Code Execution -2 (CVE-2014-1776) (old rule)
1059620	WEB-CLIENT Google Chrome V8 JavaScript Engine Memory Corruption -2 (CVE-2014-1705) (old rule)
1059621	WEB SkyBlueCanvas CMS Remote Command Execution (CVE-2014-1683) (old rule)
1059623	DB PostgreSQL Database SET ROLE Security Bypass -2 (CVE-2014-0060) (old rule)
1059626	SSL OpenSSL DTLS Recursion Denial of Service (CVE-2014-0221) (old rule)
1059632	WEB PHP CDF File Handling Infinite Loop (CVE-2014-0238) (old rule)
1059636	WEB-ACTIVEX Oracle Data Quality DateTimeWrapper onchange Untrusted Pointer Dereference -1 (CVE-2014-2416) (old rule)
1059637	WEB-ACTIVEX Oracle Data Quality DateTimeWrapper onchange Untrusted Pointer Dereference -2 (CVE-2014-2416) (old rule)
1059644	WEB-ACTIVEX Oracle Data Quality DscXB onloadstatechange Untrusted Pointer Dereference -1 (CVE-2014-2417) (old rule)
1059645	WEB-ACTIVEX Oracle Data Quality DscXB onloadstatechange Untrusted Pointer Dereference -2 (CVE-2014-2417) (old rule)
1059652	DNS ISC BIND Recursive Nameservers Prefetch Denial of Service (CVE-2014-3214) (old rule)
1059654	NETBIOS Samba DNS Reply Flag Denial of Service -1 (CVE-2014-0239) (old rule)
1059657	WEB-ACTIVEX Adobe Acrobat Reader AdobePDF ActiveX Use After Free -2 (CVE-2014-0527) (old rule)
1059659	WEB SAP Sybase Event Stream Processor esp_parse ConnectionType Unsafe Pointer Dereference -1 (CVE-2014-3457) (old rule)
1059670	WEB D-Link HNAP Request Stack Buffer Overflow -1 (CVE-2014-3936) (old rule)
1059675	SSL OpenSSL GnuTLS Server Hello Session ID Heap Buffer Overflow -5 (CVE-2014-3466) (old rule)
1059687	WEB-ACTIVEX Mitsubishi EZPcAut260.dll ActiveX Control ESOpen Buffer Overflow (CVE-2014-1641) (old rule)
1059704	WEB Cogent DataHub Web Server GetPermissions.asp Command Injection -2 (CVE-2014-3789) (old rule)
1059720	WEB-CLIENT Microsoft Internet Explorer Use After Free -1 (CVE-2014-1765) (old rule)
1059721	WEB-CLIENT Microsoft Internet Explorer Memory Corruption Vulnerability (CVE-2014-2787) (old rule)
1059804	EXPLOIT HP Data Protector Opcode 28 and 11 Command Execution -1 (CVE-2014-2623) (old rule)
1059805	EXPLOIT HP Data Protector Opcode 28 and 11 Command Execution -2 (CVE-2014-2623) (old rule)
1059806	EXPLOIT HP Data Protector Opcode 28 and 11 Command Execution -3 (CVE-2014-2623) (old rule)
1059811	WEB-CLIENT SOAPUI Remote Code Execution -1 (CVE-2014-1202) (old rule)
1059812	WEB-CLIENT SOAPUI Remote Code Execution -2 (CVE-2014-1202) (old rule)
1059813	WEB Symantec Workspace Streaming Arbitrary File Upload -3 (CVE-2014-1649) (old rule)
1059816	SSL OpenSSL Anonymous TLS_ECDH_Anon_WITH_3DES_EDE_CBC_SHA Denial of Service -1.1 (CVE-2014-3470) (old rule)
1059817	SSL OpenSSL Anonymous TLS_ECDH_Anon_WITH_AES_128_CBC_SHA Denial of Service -1.1 (CVE-2014-3470) (old rule)
1059818	WEB-CLIENT Mozilla Firefox SharedWorker MessagePort Use After Free (CVE-2014-1548) (old rule)
1059819	WEB vtiger CRM Password Reset Security Bypass (CVE-2014-2269) (old rule)
1059820	WEB Symantec Web Gateway dbutils.php SQL Injection -1 (CVE-2014-1651) (old rule)
1059824	FILE Adobe Flash Player Cross-origin Security Policy Bypass (CVE-2014-0516) (old rule)
1059828	FILE Adobe Reader PRC Stream Null Dereference (CVE-2014-0522) (old rule)
1059829	FILE Adobe Flash Player Cross-origin Security Policy Bypass (CVE-2014-0537) (old rule)
1059840	WEB Oracle Business Intelligence Mobile App Designer Information Disclosure (CVE-2014-4249) (old rule)
1059845	SCTP Linux Kernel SCTP sk_ack_backlog Integer Underflow -1 (CVE-2014-4667) (old rule)