Rule Update

15-022 (July 14, 2015)


  DESCRIPTION

* indicates a new version of an existing rule

Deep Packet Inspection Rules:

Database Microsoft SQL
1006840 - Microsoft SQL Server Remote Code Execution Vulnerability (CVE-2015-1762)


Database MySQL
1006813 - Identified Oracle MySQL Database Operation


FTP Server ProFTPD
1006743* - ProFTPD Remote Command Execution Vulnerability (CVE-2015-3306)


Microsoft Office
1006873 - Microsoft Excel ASLR Bypass Vulnerability (CVE-2015-2375)
1006874 - Microsoft Office Memory Corruption Vulnerability (CVE-2015-2376)
1006875 - Microsoft Office Memory Corruption Vulnerability (CVE-2015-2377)
1006876 - Microsoft Office Memory Corruption Vulnerability (CVE-2015-2379)
1006877 - Microsoft Office Memory Corruption Vulnerability (CVE-2015-2380)
1006878 - Microsoft Office Memory Corruption Vulnerability (CVE-2015-2415)
1006769* - Microsoft Office Use After Free Vulnerability (CVE-2015-1759)
1006770* - Microsoft Office Use After Free Vulnerability (CVE-2015-1760)
1000764* - Microsoft Publisher Font Parsing Buffer Overflow
1005990* - Microsoft Word RTF Remote Code Execution Vulnerability (CVE-2014-1761)


OpenSSL
1006655* - OpenSSL ASN_TYPE_cmp Segmentation Fault Vulnerability (CVE-2015-0286)
1006855 - OpenSSL Alternative Chains Certificate Forgery Security Bypass Vulnerability (CVE-2015-1793)


OpenSSL Client
1006856 - OpenSSL Client Alternative Chains Certificate Forgery Security Bypass Vulnerability (CVE-2015-1793)
1006093* - OpenSSL Client SSL/TLS Man In The Middle Security Bypass Vulnerability
1006806 - OpenSSL Malformed ECParameters Infinite Loop Denial Of Service Vulnerability


SSL Client
1006485* - SSL RSA Downgrade Vulnerability


Unix CUPS
1006814 - CUPS Print Service Remote Privilege Escalation Vulnerability


Unix Samba
1003999* - Samba MS-RPC Remote Shell Command Execution Vulnerability


Web Application Common
1006823 - Identified Suspicious Command Injection Attack - 1
1005402* - Identified Suspicious User Agent In HTTP Request


Web Application PHP Based
1006794* - PHP 'main/rfc1867.c' Remote Denial Of Service Vulnerability
1006390* - WordPress Denial Of Service Vulnerability (CVE-2014-9034)


Web Application Tomcat
1001074* - Apache Tomcat Cookie Handling Session ID Disclosure


Web Client Common
1006824* - Adobe Flash ActionScript3 ByteArray Use After Free Vulnerability
1006860 - Adobe Flash Domain Policy Security Bypass Vulnerabilities
1006455* - Adobe Flash Player Heap Based Buffer Overflow Vulnerability (CVE-2015-0309)
1006812 - Adobe Flash Player Heap Buffer Overflow Vulnerability (CVE-2015-3113) -1
1006006* - Adobe Flash Player Information Disclosure Vulnerability (CVE-2014-0508)
1003891* - Adobe Flash Player JPEG Parsing Heap Overflow Vulnerability
1006399* - Adobe Flash Player Memory Corruption Vulnerability (CVE-2014-0574)
1006400* - Adobe Flash Player Memory Corruption Vulnerability (CVE-2014-0586)
1006461* - Adobe Flash Player Memory Corruption Vulnerability (CVE-2015-0310)
1006713* - Adobe Flash Player Memory Corruption Vulnerability (CVE-2015-3090)
1006861 - Adobe Flash Player Memory Corruption Vulnerability (CVE-2015-3117)
1006866 - Adobe Flash Player Multiple Use After Free Vulnerabilities
1006810* - Adobe Flash Player Nellymoser Heap Buffer Overflow Vulnerabilities
1006779* - Adobe Flash Player Out Of Bound Write Vulnerability (CVE-2015-3105)
1004229* - Adobe Flash Player Remote Code Execution Vulnerabilities - 2
1006464* - Adobe Flash Player Remote Code Execution Vulnerability (CVE-2015-0312)
1006526* - Adobe Flash Player Remote Code Execution Vulnerability (CVE-2015-0330)
1006138* - Adobe Flash Player Security Bypass Vulnerability (CVE-2014-4671)
1006865 - Adobe Flash Player SharedObject Use After Free Vulnerabilities
1006863 - Adobe Flash Player Type Confusion Vulnerability (CVE-2015-3119)
1006864 - Adobe Flash Player Type Confusion Vulnerability (CVE-2015-3121)
1006517* - Adobe Flash Player Use After Free Vulnerability (CVE-2015-0320)
1006862 - Adobe Flash Player Use After Free Vulnerability (CVE-2015-3118)
1006419* - Adobe Reader And Acrobat Memory Corruption Vulnerability (CVE-2014-8461)
1004042* - Google Chrome XML Denial Of Service
1006882 - Identified Suspicious Obfuscated JavaScript - 4
1006742 - Identified Suspicious User Agent In Outgoing HTTP Request
1006818 - Java SE Remote Security Vulnerability (CVE-2015-0459)
1006820 - Java SE Remote Security Vulnerability (CVE-2015-0491)
1006872 - Microsoft Windows DLL Planting Remote Code Execution Vulnerability (CVE-2015-2369)
1006879 - Microsoft Windows Graphics Component EOP Vulnerability (CVE-2015-2364)
1006880 - Microsoft Windows OLE Elevation Of Privilege Vulnerability (CVE-2015-2416)
1006881 - Microsoft Windows OLE Elevation Of Privilege Vulnerability (CVE-2015-2417)
1006291* - Microsoft Windows OLE Remote Code Execution Vulnerability - 1
1006572 - Multiple Browser libjpeg/libjpeg-turbo Library Memory Corruption Vulnerability


Web Client Internet Explorer
1006839 - Microsoft Internet Explorer ASLR Bypass Vulnerability (CVE-2015-2421)
1006842 - Microsoft Internet Explorer Information Disclosure Vulnerability (CVE-2015-1729)
1006867 - Microsoft Internet Explorer Information Disclosure Vulnerability (CVE-2015-2413)
1006868 - Microsoft Internet Explorer JScript9 Memory Corruption Vulnerability (CVE-2015-2419)
1006750 - Microsoft Internet Explorer Memory Corruption Vulnerability (CVE-2015-1733)
1006752* - Microsoft Internet Explorer Memory Corruption Vulnerability (CVE-2015-1736)
1006754 - Microsoft Internet Explorer Memory Corruption Vulnerability (CVE-2015-1738)
1006764* - Microsoft Internet Explorer Memory Corruption Vulnerability (CVE-2015-1752)
1006850 - Microsoft Internet Explorer Memory Corruption Vulnerability (CVE-2015-1767)
1006843 - Microsoft Internet Explorer Memory Corruption Vulnerability (CVE-2015-2383)
1006845 - Microsoft Internet Explorer Memory Corruption Vulnerability (CVE-2015-2383) - 1
1006846 - Microsoft Internet Explorer Memory Corruption Vulnerability (CVE-2015-2388)
1006847 - Microsoft Internet Explorer Memory Corruption Vulnerability (CVE-2015-2389)
1006848 - Microsoft Internet Explorer Memory Corruption Vulnerability (CVE-2015-2390)
1006849 - Microsoft Internet Explorer Memory Corruption Vulnerability (CVE-2015-2391)
1006831 - Microsoft Internet Explorer Memory Corruption Vulnerability (CVE-2015-2397)
1006832 - Microsoft Internet Explorer Memory Corruption Vulnerability (CVE-2015-2401)
1006851 - Microsoft Internet Explorer Memory Corruption Vulnerability (CVE-2015-2403)
1006852 - Microsoft Internet Explorer Memory Corruption Vulnerability (CVE-2015-2404)
1006833 - Microsoft Internet Explorer Memory Corruption Vulnerability (CVE-2015-2406)
1006835 - Microsoft Internet Explorer Memory Corruption Vulnerability (CVE-2015-2408)
1006836 - Microsoft Internet Explorer Memory Corruption Vulnerability (CVE-2015-2409)
1006837 - Microsoft Internet Explorer Memory Corruption Vulnerability (CVE-2015-2411)
1006853 - Microsoft Internet Explorer Memory Corruption Vulnerability (CVE-2015-2422)
1006869 - Microsoft Internet Explorer Memory Corruption Vulnerability (CVE-2015-2425)
1006841 - Microsoft Windows VBScript Memory Corruption Vulnerability (CVE-2015-2372)


Web Server Common
1005839* - Identified XML External Entity Injection In HTTP Request


Web Server IIS
1006434 - Microsoft IIS Directory Traversal Vulnerability


Web Service HP SiteScope
1006816 - HP SiteScope Log Analyzer Privilege Escalation Vulnerability (CVE-2015-2120)


Integrity Monitoring Rules:

There are no new or updated Integrity Monitoring Rules in this Security Update.


Log Inspection Rules:

There are no new or updated Log Inspection Rules in this Security Update.