Deep Security Center

* indicates a new version of an existing rule

Deep Packet Inspection Rules:

Database Oracle
1004128* - Oracle Database Server DBMS_CDC_PUBLISH Multiple Procedure SQL Injection


Microsoft Office
1007736* - Microsoft Office Memory Corruption Vulnerability (CVE-2016-3284)


Web Application PHP Based
1007948* - Drupal RESTWS Module Page Callback Remote Code Execution Vulnerability


Web Client Common
1007954 - Adobe Flash Player Memory Corruption Vulnerability (APSB16-29)
1007953 - Adobe Flash Player Multiple Security Vulnerabilities (APSB16-29)
1007956 - Adobe Flash Player Security Bypass Vulnerability (APSB16-29)
1007952 - Adobe Flash Player Security Bypass Vulnerability (APSB16-29) - 1
1007757* - Adobe Flash Player Use After Free Vulnerability (CVE-2016-4226)


Web Client Internet Explorer/Edge
1007879* - Microsoft Internet Explorer And Edge Information Disclosure Vulnerability (CVE-2016-3327)


Web Server Apache
1006027* - Apache HTTP Server Denial Of Service Vulnerability (CVE-2014-0098)


Web Server Oracle
1005315* - Oracle Database Client System Analyzer Remote Code Execution Vulnerability


Integrity Monitoring Rules:

There are no new or updated Integrity Monitoring Rules in this Security Update.


Log Inspection Rules:

There are no new or updated Log Inspection Rules in this Security Update.
* indicates a new version of an existing rule

Deep Packet Inspection Rules:

Database MySQL
1007950 - Oracle MySQL Remote Code Execution Vulnerability (CVE-2016-6662)


Microsoft Office
1007939 - Microsoft Office Memory Corruption Vulnerability (CVE-2016-3357)
1007940 - Microsoft Office Memory Corruption Vulnerability (CVE-2016-3358)
1007941 - Microsoft Office Memory Corruption Vulnerability (CVE-2016-3359)
1007942 - Microsoft Office Memory Corruption Vulnerability (CVE-2016-3360)
1007943 - Microsoft Office Memory Corruption Vulnerability (CVE-2016-3362)
1007944 - Microsoft Office Memory Corruption Vulnerability (CVE-2016-3363)
1007945 - Microsoft Office Memory Corruption Vulnerability (CVE-2016-3364)
1007946 - Microsoft Office Memory Corruption Vulnerability (CVE-2016-3365)
1007947 - Microsoft Office Memory Corruption Vulnerability (CVE-2016-3381)


Web Application PHP Based
1007948 - Drupal RESTWS Module Page Callback Remote Code Execution Vulnerability
1006794* - PHP 'main/rfc1867.c' Remote Denial Of Service Vulnerability


Web Client Common
1007631* - Adobe Acrobat And Reader Multiple Security Vulnerabilities (APSB16-14) - 10
1007629* - Adobe Acrobat And Reader Multiple Security Vulnerabilities (APSB16-14) - 6
1007515* - Adobe Flash Player Heap Overflow Vulnerability (CVE-2016-1001)
1007938 - Microsoft GDI Elevation Of Privilege Vulnerability (CVE-2016-3355)
1007929 - Microsoft PDF Library Remote Code Execution Vulnerability (CVE-2016-3370)
1007930 - Microsoft PDF Library Remote Code Execution Vulnerability (CVE-2016-3374)
1007937 - Microsoft Win32k Elevation Of Privilege Vulnerability (CVE-2016-3348)
1007936 - Microsoft Windows Elevation Of Privilege Vulnerability (CVE-2016-3373)
1007931 - Microsoft Windows Information Disclosure Vulnerability (CVE-2016-3352)
1007935 - Microsoft Windows Kernel Elevation Of Privilege Vulnerability (CVE-2016-3371)
1007933 - Microsoft Windows Session Object Elevation Of Privilege Vulnerability (CVE-2016-3305)
1007934 - Microsoft Windows Session Object Elevation Of Privilege Vulnerability (CVE-2016-3306)


Web Client Internet Explorer/Edge
1007926 - Microsoft Edge Memory Corruption Vulnerability (CVE-2016-3294)
1007923 - Microsoft Internet Explorer And Edge Information Disclosure Vulnerability (CVE-2016-3325)
1007924 - Microsoft Internet Explorer And Edge Information Disclosure Vulnerability (CVE-2016-3351)
1007920 - Microsoft Internet Explorer And Edge Memory Corruption Vulnerability (CVE-2016-3247)
1007921 - Microsoft Internet Explorer And Edge Memory Corruption Vulnerability (CVE-2016-3295)
1007922 - Microsoft Internet Explorer And Edge Memory Corruption Vulnerability (CVE-2016-3297)
1007928 - Microsoft Internet Explorer Memory Corruption Vulnerability (CVE-2016-3324)
1007657* - Microsoft Internet Explorer Scripting Engine Memory Corruption Vulnerability (CVE-2016-3210)
1007925 - Microsoft Scripting Engine Memory Corruption Vulnerability (CVE-2016-3375)
1007927 - Microsoft Scripting Engine Memory Corruption Vulnerability (CVE-2016-3377)


Web Client SSL
1007906 - Multiple Products FalseCONNECT Vulnerability


Web Server Common
1007914 - Symfony Security Component Denial Of Service Vulnerability


Integrity Monitoring Rules:

There are no new or updated Integrity Monitoring Rules in this Security Update.


Log Inspection Rules:

There are no new or updated Log Inspection Rules in this Security Update.
* indicates a new version of an existing rule

Deep Packet Inspection Rules:

RealNetworks Helix Server
1004120* - RealNetworks Helix Server NTLM Authentication Heap Buffer Overflow Vulnerability (CVE-2010-1318)


Suspicious Client Application Activity
1007907 - Cisco ASA Memory Corruption Vulnerability (CVE-2016-6366)


Web Application Ruby Based
1005331* - Ruby On Rails XML Processor YAML Deserialization DoS


Web Client Common
1007630* - Adobe Acrobat And Reader Multiple Security Vulnerabilities (APSB16-14) - 5
1007590* - Adobe Flash Player DLL Hijacking Vulnerability Over WebDAV (CVE-2016-1014)
1007676* - Adobe Flash Player Heap Overflow Vulnerability (CVE-2016-4136)
1007452 - Adobe Flash Player Use After Free Vulnerability (CVE-2016-0959)
1003742* - FFmpeg OGV File Format Double Free Memory Corruption
1003747* - FFmpeg vmd_read_header Integer Overflow
1007918 - Fortinet FortiGate Cookie Parser Buffer Overflow Vulnerability (CVE-2016-6909)
1006532* - Identified Malicious Adobe Flash SWF File - 1
1007919 - Microsoft .NET Framework And Silverlight Array Offset Vulnerability (CVE-2011-0664)
1007911 - Microsoft .NET Framework XAML Browser Applications Stack Corruption (CVE-2010-3958)
1007882* - Microsoft Windows Graphics Component Remote Code Execution Vulnerability (CVE-2016-3303)
1007558* - Microsoft Windows OLE Remote Code Execution Vulnerability (CVE-2016-0153)


Web Server Miscellaneous
1005516* - RedHat JBoss Enterprise Application Platform Block Access To Status Servlet


Windows Services RPC Client DCERPC
1007538* - Windows Client Port Mapper Decoder


Integrity Monitoring Rules:

There are no new or updated Integrity Monitoring Rules in this Security Update.


Log Inspection Rules:

There are no new or updated Log Inspection Rules in this Security Update.
* indicates a new version of an existing rule

Deep Packet Inspection Rules:

DCERPC Services
1003080* - Server Service Vulnerability (srvsvc)


Trend Micro OfficeScan NT Listener
1003177* - Trend Micro OfficeScan Directory Traversal Vulnerability


Web Application PHP Based
1007255* - PHP SplObjectStorage Use After Free Vulnerability


Web Client Common
1007631* - Adobe Acrobat And Reader Multiple Security Vulnerabilities (APSB16-14) - 10
1007819* - Adobe Acrobat And Reader Multiple Security Vulnerabilities (APSB16-14) - 4
1007818* - Adobe Acrobat And Reader Multiple Security Vulnerabilities (APSB16-14) - 7
1007817* - Adobe Acrobat And Reader Multiple Security Vulnerabilities (APSB16-14) - 8
1007857 - Adobe Acrobat And Reader Multiple Security Vulnerabilities (APSB16-14) - 9
1007632* - Adobe Acrobat And Reader Multiple Use After Free Vulnerabilities (APSB16-14) - 1
1007824* - Adobe Acrobat And Reader Multiple Use After Free Vulnerabilities (APSB16-14) - 2
1007825* - Adobe Acrobat And Reader Multiple Use After Free Vulnerabilities (APSB16-14) - 3
1007675 - Adobe Flash Player Heap Overflow Vulnerability (CVE-2016-4135)
1007904 - Microsoft Windows Graphics Use After Free Vulnerability (CVE-2016-3310)


Web Server Common
1002593* - Allow HTTP (Including WebDAV) Methods


Web Server Miscellaneous
1007646 - Apache Struts JRE URLDecoder Cross-Site Scripting Vulnerability (CVE-2016-4003)


Integrity Monitoring Rules:

There are no new or updated Integrity Monitoring Rules in this Security Update.


Log Inspection Rules:

There are no new or updated Log Inspection Rules in this Security Update.
* indicates a new version of an existing rule

Deep Packet Inspection Rules:

HP OpenView Network Node Manager Web
1003602* - HP OpenView Network Node Manager rping Stack Buffer Overflow


Microsoft Office
1007887 - Microsoft Graphics Component Memory Corruption Vulnerability (CVE-2016-3318)
1007884 - Microsoft Office Memory Corruption Vulnerability (CVE-2016-3313)
1007885 - Microsoft Office Memory Corruption Vulnerability (CVE-2016-3316)
1007886 - Microsoft Office Memory Corruption Vulnerability (CVE-2016-3317)


OpenSSL Client
1006546* - OpenSSL ECDHE Downgrade Vulnerability (CVE-2014-3572)


Suspicious Client Ransomware Activity
1007704 - Ransomware Bucbi
1007706 - Ransomware CRIPTODC
1007705 - Ransomware Crilock
1007707 - Ransomware Crypshed
1007708 - Ransomware Democry
1007709 - Ransomware MadLocker
1007710 - Ransomware SNSLocker
1007711 - Ransomware XORBAT
1007712 - Ransomware Zcrypt


Web Application PHP Based
1007459 - Drupal XRDS Document Denial Of Service Vulnerability (CVE-2014-5267)
1007252 - PHP jui_filter_rule Parsing Library Remote Code Execution Vulnerability


Web Application Ruby Based
1007530 - Ruby On Rails Action View Remote Code Execution Vulnerability (CVE-2016-0752)


Web Client Common
1007811 - Adobe Flash Player Use After Free Vulnerability (CVE-2016-4108)
1007880 - Microsoft PDF Remote Code Execution Vulnerability (CVE-2016-3319)
1007881 - Microsoft Windows Graphics Component Remote Code Execution Vulnerability (CVE-2016-3301)
1007882 - Microsoft Windows Graphics Component Remote Code Execution Vulnerability (CVE-2016-3303)
1007883 - Microsoft Windows Graphics Component Remote Code Execution Vulnerability (CVE-2016-3304)


Web Client Internet Explorer/Edge
1007726* - Microsoft Edge Security Feature Bypass Vulnerability (CVE-2016-3244)
1007878 - Microsoft Internet Explorer And Edge Information Disclosure Vulnerability (CVE-2016-3326)
1007879 - Microsoft Internet Explorer And Edge Information Disclosure Vulnerability (CVE-2016-3327)
1007874 - Microsoft Internet Explorer And Edge Memory Corruption Vulnerability (CVE-2016-3289)
1007876 - Microsoft Internet Explorer And Edge Memory Corruption Vulnerability (CVE-2016-3293)
1007877 - Microsoft Internet Explorer And Edge Memory Corruption Vulnerability (CVE-2016-3322)
1007896 - Microsoft Internet Explorer Information Disclosure Vulnerability Over WebDAV (CVE-2016-3321)
1007873 - Microsoft Internet Explorer Memory Corruption Vulnerability (CVE-2016-3288)
1007875 - Microsoft Internet Explorer Memory Corruption Vulnerability (CVE-2016-3290)


Web Server Common
1007872 - HTTP Proxy Header Injection Vulnerabilities


Web Server Miscellaneous
1007737 - Apache Struts Url Validator Denial Of Service Vulnerability (CVE-2016-4465)


Windows Services RPC Client
1007566* - Adobe Flash Player DLL Hijacking Vulnerability Over Network Share (CVE-2016-1014)
1007897 - Microsoft Internet Explorer Information Disclosure Vulnerability Over SMB (CVE-2016-3321)


Integrity Monitoring Rules:

There are no new or updated Integrity Monitoring Rules in this Security Update.


Log Inspection Rules:

There are no new or updated Log Inspection Rules in this Security Update.
* indicates a new version of an existing rule

Deep Packet Inspection Rules:

DCERPC Services
1007699* - Oracle Job Scheduler Named Pipe Command Execution Vulnerability


Directory Server LDAP
1007460* - OpenLDAP ber_get_next Denial Of Service Vulnerability (CVE-2015-6908)


HP OpenView Network Node Manager Web
1003892* - Hewlett-Packard OpenView NNM Multiple Command Injection Vulnerabilities


Port Mapper Windows
1001033* - Windows Port Mapper Decoder


Web Application Common
1007715* - ImageMagick And GraphicsMagick Remote Code Execution Vulnerability (CVE-2016-5118)


Web Client Common
1007817 - Adobe Acrobat And Reader Memory Corruption Vulnerability (CVE-2016-1037)
1007768 - Adobe Acrobat And Reader Memory Corruption Vulnerability (CVE-2016-4191)
1007769 - Adobe Acrobat And Reader Memory Corruption Vulnerability (CVE-2016-4192)
1007770 - Adobe Acrobat And Reader Memory Corruption Vulnerability (CVE-2016-4195)
1007771 - Adobe Acrobat And Reader Memory Corruption Vulnerability (CVE-2016-4196)
1007772 - Adobe Acrobat And Reader Memory Corruption Vulnerability (CVE-2016-4197)
1007773 - Adobe Acrobat And Reader Memory Corruption Vulnerability (CVE-2016-4198)
1007774 - Adobe Acrobat And Reader Memory Corruption Vulnerability (CVE-2016-4199)
1007775 - Adobe Acrobat And Reader Memory Corruption Vulnerability (CVE-2016-4200)
1007776 - Adobe Acrobat And Reader Memory Corruption Vulnerability (CVE-2016-4201)
1007777 - Adobe Acrobat And Reader Memory Corruption Vulnerability (CVE-2016-4202)
1007778 - Adobe Acrobat And Reader Memory Corruption Vulnerability (CVE-2016-4203)
1007779 - Adobe Acrobat And Reader Memory Corruption Vulnerability (CVE-2016-4204)
1007780 - Adobe Acrobat And Reader Memory Corruption Vulnerability (CVE-2016-4205)
1007781 - Adobe Acrobat And Reader Memory Corruption Vulnerability (CVE-2016-4206)
1007782 - Adobe Acrobat And Reader Memory Corruption Vulnerability (CVE-2016-4207)
1007783 - Adobe Acrobat And Reader Memory Corruption Vulnerability (CVE-2016-4208)
1007784 - Adobe Acrobat And Reader Memory Corruption Vulnerability (CVE-2016-4251)
1007785 - Adobe Acrobat And Reader Memory Corruption Vulnerability (CVE-2016-4252)
1007818 - Adobe Acrobat And Reader Security Bypass Vulnerability (CVE-2016-1038)
1007819 - Adobe Acrobat And Reader Security Bypass Vulnerability (CVE-2016-1039)
1007824 - Adobe Acrobat And Reader Use After Free Vulnerability (CVE-2016-1045)
1007825 - Adobe Acrobat And Reader Use After Free Vulnerability (CVE-2016-1046)
1007766 - Adobe Acrobat And Reader Use After Free Vulnerability (CVE-2016-4254)
1007767 - Adobe Acrobat And Reader Use After Free Vulnerability (CVE-2016-4255)
1007765 - Adobe Flash Player Heap Overflow Vulnerability (CVE-2016-4249)
1007745 - Adobe Flash Player Memory Corruption Vulnerability (CVE-2016-4175)
1007746 - Adobe Flash Player Memory Corruption Vulnerability (CVE-2016-4176)
1007747 - Adobe Flash Player Memory Corruption Vulnerability (CVE-2016-4177)
1007749 - Adobe Flash Player Memory Corruption Vulnerability (CVE-2016-4179)
1007750 - Adobe Flash Player Memory Corruption Vulnerability (CVE-2016-4182)
1007752 - Adobe Flash Player Memory Corruption Vulnerability (CVE-2016-4185)
1007751 - Adobe Flash Player Memory Corruption Vulnerability (CVE-2016-4188)
1007754 - Adobe Flash Player Memory Corruption Vulnerability (CVE-2016-4223)
1007755 - Adobe Flash Player Memory Corruption Vulnerability (CVE-2016-4224)
1007756 - Adobe Flash Player Memory Corruption Vulnerability (CVE-2016-4225)
1007748 - Adobe Flash Player Security Bypass Vulnerability (CVE-2016-4178)
1007763 - Adobe Flash Player Sensitive Data Exposure Vulnerability (CVE-2016-4232)
1007788 - Adobe Flash Player Use After Free Vulnerability (CVE-2015-8410)
1007789 - Adobe Flash Player Use After Free Vulnerability (CVE-2015-8411)
1007790 - Adobe Flash Player Use After Free Vulnerability (CVE-2015-8412)
1007797 - Adobe Flash Player Use After Free Vulnerability (CVE-2015-8413)
1007801 - Adobe Flash Player Use After Free Vulnerability (CVE-2015-8420)
1007800 - Adobe Flash Player Use After Free Vulnerability (CVE-2015-8421)
1007798 - Adobe Flash Player Use After Free Vulnerability (CVE-2015-8422)
1007796 - Adobe Flash Player Use After Free Vulnerability (CVE-2015-8423)
1007795 - Adobe Flash Player Use After Free Vulnerability (CVE-2015-8424)
1007786 - Adobe Flash Player Use After Free Vulnerability (CVE-2015-8425)
1007794 - Adobe Flash Player Use After Free Vulnerability (CVE-2015-8427)
1007793 - Adobe Flash Player Use After Free Vulnerability (CVE-2015-8428)
1007787 - Adobe Flash Player Use After Free Vulnerability (CVE-2015-8429)
1007791 - Adobe Flash Player Use After Free Vulnerability (CVE-2015-8430)
1007792 - Adobe Flash Player Use After Free Vulnerability (CVE-2015-8431)
1007743 - Adobe Flash Player Use After Free Vulnerability (CVE-2016-4173)
1007744 - Adobe Flash Player Use After Free Vulnerability (CVE-2016-4174)
1007753 - Adobe Flash Player Use After Free Vulnerability (CVE-2016-4222)
1007757 - Adobe Flash Player Use After Free Vulnerability (CVE-2016-4226)
1007758 - Adobe Flash Player Use After Free Vulnerability (CVE-2016-4227)
1007759 - Adobe Flash Player Use After Free Vulnerability (CVE-2016-4228)
1007760 - Adobe Flash Player Use After Free Vulnerability (CVE-2016-4229)
1007761 - Adobe Flash Player Use After Free Vulnerability (CVE-2016-4230)
1007762 - Adobe Flash Player Use After Free Vulnerability (CVE-2016-4231)
1007764 - Adobe Flash Player Use After Free Vulnerability (CVE-2016-4248)
1007799 - Adobe Flash Player Use-After-Free Vulnerability (CVE-2015-3107)
1007621* - Microsoft Windows Graphics Component Information Disclosure Vulnerability (CVE-2016-0169)


Web Client Internet Explorer/Edge
1007729* - Microsoft Edge Scripting Engine Information Disclosure Vulnerability (CVE-2016-3271)
1007484* - Microsoft Internet Explorer And Edge Memory Corruption Vulnerability (CVE-2016-0111)
1007544* - Microsoft Internet Explorer And Edge Memory Corruption Vulnerability (CVE-2016-0154)
1007728 - Microsoft Internet Explorer And Edge Memory Corruption Vulnerability (CVE-2016-3264)
1007721* - Microsoft Internet Explorer And Edge Spoofing Vulnerability (CVE-2016-3276)


Web Server Miscellaneous
1007701* - Apache Struts XSLTResult Remote Code Execution Vulnerability (CVE-2016-3082)
1007522 - JBoss Seam Parameterized EL Expressions Remote Code Execution Vulnerability


Integrity Monitoring Rules:

There are no new or updated Integrity Monitoring Rules in this Security Update.


Log Inspection Rules:

There are no new or updated Log Inspection Rules in this Security Update.
* indicates a new version of an existing rule

Deep Packet Inspection Rules:

Application Control For Web Browser
1007376 - Application Control For Microsoft Edge Web Browser


DCERPC Services
1007699 - Oracle Job Scheduler Named Pipe Command Execution Vulnerability


Directory Server LDAP
1007460 - OpenLDAP ber_get_next Denial Of Service Vulnerability (CVE-2015-6908)


Mail Server Common
1000834* - SMTP Decoding


Microsoft Office
1007732 - Microsoft Office Memory Corruption Vulnerability (CVE-2016-3280)
1007733 - Microsoft Office Memory Corruption Vulnerability (CVE-2016-3281)
1007734 - Microsoft Office Memory Corruption Vulnerability (CVE-2016-3282)
1007735 - Microsoft Office Memory Corruption Vulnerability (CVE-2016-3283)
1007736 - Microsoft Office Memory Corruption Vulnerability (CVE-2016-3284)
1007731 - Microsoft Office Remote Code Execution Vulnerability (CVE-2016-3279)


Suspicious Client Ransomware Activity
1007534* - Ransomware Crydap
1007578* - Ransomware CryptFile
1007576* - Ransomware Cryptesla
1007579* - Ransomware HTTP Request
1007577* - Ransomware Hydra
1007581* - Ransomware Lectool
1007602* - Ransomware Locky
1007601* - Ransomware TCP Request


Suspicious Server Ransomware Activity
1007580* - Ransomware HTTP Request-1
1007582* - Ransomware Lectool-1
1007533* - Ransomware TCP Request-1


Web Application Common
1007715 - ImageMagick And GraphicsMagick Remote Code Execution Vulnerability (CVE-2016-5118)


Web Application PHP Based
1007298* - Joomla Core Remote Code Execution Vulnerability (CVE-2015-8562)
1007254 - PHP SplDoublyLinkedList Use After Free Vulnerability


Web Client Common
1007629* - Adobe Acrobat And Reader Integer Overflow Vulnerability (CVE-2016-1043)
1007519* - Adobe Flash Player Integer Overflow Vulnerability (CVE-2016-1010)
1006921* - Adobe Flash Player Null Pointer Dereference Vulnerability (CVE-2015-3126)
1006922* - Adobe Flash Player Null Pointer Dereference Vulnerability (CVE-2015-4429)
1006657* - Adobe Flash Player Remote Integer Overflow Vulnerability (CVE-2014-0569) - 2
1006979* - Adobe Flash Player Use After Free Vulnerability (CVE-2015-5559)
1006599* - Identified Suspicious Obfuscated JavaScript - 3
1007738 - ImageMagick And GraphicsMagick Remote Code Execution Vulnerability (CVE-2016-5118) - 1
1005403* - Libxml2 Entity Expansion Denial Of Service Vulnerability
1004091* - Oracle JRE Java Platform SE And Java Deployment Toolkit Plugins Code Execution Vulnerabilities


Web Client Internet Explorer/Edge
1007662* - Microsoft Edge Memory Corruption Vulnerability (CVE-2016-3222)
1007727 - Microsoft Edge Memory Corruption Vulnerability (CVE-2016-3246)
1007729 - Microsoft Edge Scripting Engine Information Disclosure Vulnerability (CVE-2016-3271)
1007647 - Microsoft Edge Scripting Engine Memory Corruption Vulnerability (CVE-2016-0186)
1007726 - Microsoft Edge Security Feature Bypass Vulnerability (CVE-2016-3244)
1007725 - Microsoft Internet Explorer And Edge Information Disclosure Vulnerability (CVE-2016-3277)
1007723 - Microsoft Internet Explorer And Edge Scripting Engine Memory Corruption Vulnerability (CVE-2016-3259)
1007722 - Microsoft Internet Explorer And Edge Spoofing Vulnerability (CVE-2016-3274)
1007721 - Microsoft Internet Explorer And Edge Spoofing Vulnerability (CVE-2016-3276)
1007720 - Microsoft Internet Explorer Information Disclosure Vulnerability (CVE-2016-3261)
1007716 - Microsoft Internet Explorer Memory Corruption Vulnerability (CVE-2016-3240)
1007717 - Microsoft Internet Explorer Memory Corruption Vulnerability (CVE-2016-3241)
1007724 - Microsoft Internet Explorer Memory Corruption Vulnerability (CVE-2016-3242)
1007718 - Microsoft Internet Explorer Memory Corruption Vulnerability (CVE-2016-3243)


Web Server Common
1000128* - HTTP Protocol Decoding


Web Server Miscellaneous
1007603* - Apache Struts Dynamic Method Invocation Remote Code Execution Vulnerability (CVE-2016-3081)
1007694* - Apache Struts REST Plugin DMI Remote Code Execution Vulnerability (CVE-2016-3087)
1007702* - Apache Struts REST Plugin Remote Code Execution Vulnerability (CVE-2016-4438)
1007058 - LANDesk Management Suite Multiple Remote File Inclusion Vulnerabilities


Web Server SAP
1005576* - SAP NetWeaver BW - XML External Entity Vulnerability


Integrity Monitoring Rules:

There are no new or updated Integrity Monitoring Rules in this Security Update.


Log Inspection Rules:

1002831* - Unix - Syslog
* indicates a new version of an existing rule

Deep Packet Inspection Rules:

DCERPC Services
1007596* - Identified Possible Ransomware File Extension Rename Activity Over Network Share
1007598* - Identified Possible Ransomware File Rename Activity Over Network Share
1006906* - Identified Usage Of PsExec Command Line Tool


NetBIOS Name Service
1007658 - Identified Too Many NBNS Response
1007700 - Identified WPAD NBNS Response From Suspicious Host


ODBC Server CitectSCADA
1002855* - CitectSCADA ODBC Server Remote Stack Buffer Overflow


Suspicious Client Application Activity
1007578* - Ransomware CryptFile


Unix CVS
1000511* - CVS Annotate Command Long Revision String Buffer Overflow


Web Client Common
1007678 - Adobe Flash Player Buffer Overflow Vulnerability (CVE-2016-4138)
1007697 - Adobe Flash Player DLL Hijacking Vulnerability Over WebDAV (CVE-2016-4140)
1007676 - Adobe Flash Player Heap Overflow Vulnerability (CVE-2016-4136)
1007673 - Adobe Flash Player Memory Corruption Vulnerability (CVE-2016-4132)
1007674 - Adobe Flash Player Memory Corruption Vulnerability (CVE-2016-4133)
1007679 - Adobe Flash Player Memory Corruption Vulnerability (CVE-2016-4141)
1007687 - Adobe Flash Player Memory Corruption Vulnerability (CVE-2016-4150)
1007688 - Adobe Flash Player Memory Corruption Vulnerability (CVE-2016-4151)
1007689 - Adobe Flash Player Memory Corruption Vulnerability (CVE-2016-4152)
1007690 - Adobe Flash Player Memory Corruption Vulnerability (CVE-2016-4153)
1007691 - Adobe Flash Player Memory Corruption Vulnerability (CVE-2016-4154)
1007692 - Adobe Flash Player Memory Corruption Vulnerability (CVE-2016-4155)
1007693 - Adobe Flash Player Memory Corruption Vulnerability (CVE-2016-4156)
1007682 - Adobe Flash Player Type Confusion Vulnerability (CVE-2016-4144)
1007686 - Adobe Flash Player Type Confusion Vulnerability (CVE-2016-4149)
1007672 - Adobe Flash Player Use After Free Vulnerability (CVE-2016-4121)
1007680 - Adobe Flash Player Use After Free Vulnerability (CVE-2016-4142)
1007681 - Adobe Flash Player Use After Free Vulnerability (CVE-2016-4143)
1007683 - Adobe Flash Player Use After Free Vulnerability (CVE-2016-4146)
1007684 - Adobe Flash Player Use After Free Vulnerability (CVE-2016-4147)
1007685 - Adobe Flash Player Use After Free Vulnerability (CVE-2016-4148)
1007489* - Microsoft Windows OLE Memory Remote Code Execution Vulnerability (CVE-2016-0091)
1007490* - Microsoft Windows OLE Memory Remote Code Execution Vulnerability (CVE-2016-0092)


Web Client Internet Explorer/Edge
1007652* - Microsoft Internet Explorer Memory Corruption Vulnerability (CVE-2016-0199)


Web Server Miscellaneous
1004007* - Adobe BlazeDS XML Injection And XML External Entity Injection Vulnerabilities
1007694 - Apache Struts REST Plugin DMI Remote Code Execution Vulnerability (CVE-2016-3087)
1007702 - Apache Struts REST Plugin Remote Code Execution Vulnerability (CVE-2016-4438)
1007701 - Apache Struts XSLTResult Remote Code Execution Vulnerability (CVE-2016-3082)


Windows Services RPC Client
1007695 - Adobe Flash Player DLL Hijacking Vulnerability Over Network Share (CVE-2016-4140)


Integrity Monitoring Rules:

There are no new or updated Integrity Monitoring Rules in this Security Update.


Log Inspection Rules:

1002831* - Unix - Syslog
RULE UPDATE: 16-019 (June 15, 2016)
* indicates a new version of an existing rule

Deep Packet Inspection Rules:

Web Client Common
1007696 - Adobe Flash Player Memory Corruption Vulnerability (CVE-2016-4171)


Integrity Monitoring Rules:

There are no new or updated Integrity Monitoring Rules in this Security Update.


Log Inspection Rules:

There are no new or updated Log Inspection Rules in this Security Update.
RULE UPDATE: 16-018 (June 14, 2016)
* indicates a new version of an existing rule

Deep Packet Inspection Rules:

DCERPC Services
1007596* - Identified Possible Ransomware File Extension Rename Activity Over Network Share
1007598* - Identified Possible Ransomware File Rename Activity Over Network Share
1007070* - Remote PWDUMP Through SMBv1 Protocol Detected


Microsoft Office
1007667 - Microsoft Office Information Disclosure Vulnerability (CVE-2016-3234)
1007663 - Microsoft Office Memory Corruption Vulnerability (CVE-2016-0025)
1007666 - Microsoft Office Memory Corruption Vulnerability (CVE-2016-3233)
1007059* - Microsoft Office Remote Code Execution Vulnerability (CVE-2015-2545)


Suspicious Client Application Activity
1007534 - Ransomware Crydap
1007578* - Ransomware CryptFile
1007579* - Ransomware HTTP Request
1007581* - Ransomware Lectool


Suspicious Server Application Activity
1007580* - Ransomware HTTP Request-1
1007582* - Ransomware Lectool-1


Symantec Alert Management System
1003488* - Multiple Symantec Products Intel Common Base Agent Remote Command Execution Vulnerability


Web Application PHP Based
1007272* - PHP SPL ArrayObject Use After Free Vulnerability


Web Client Common
1007638* - Adobe Flash Player Type Confusion Overflow Vulnerability (CVE-2016-4117)
1007563* - Adobe Flash Player Use After Free Vulnerability (CVE-2016-1011)
1005753* - IBM Java Multiple Vulnerabilities
1007644 - Identified Download Of Suspicious SCT File Over HTTP
1007698 - Microsoft Windows ATMFD.DLL Elevation Of Privilege Vulnerability (CVE-2016-3220)
1007668 - Microsoft Windows Graphics Component Information Disclosure Vulnerability (CVE-2016-3216)
1007664 - Microsoft Windows PDF Information Disclosure Vulnerability (CVE-2016-3201)
1007659 - Microsoft Windows PDF Information Disclosure Vulnerability (CVE-2016-3215)
1007486* - Microsoft Windows PDF Library Remote Code Execution Vulnerability (CVE-2016-0117)
1007665 - Microsoft Windows PDF Remote Code Execution Vulnerability (CVE-2016-3203)
1007296 - Oracle Data Quality Trillium Based Set Basic Preview Data Type Remote Code Execution Vulnerability (CVE-2015-4759)


Web Client Internet Explorer/Edge
1007662 - Microsoft Edge Memory Corruption Vulnerability (CVE-2016-3222)
1007661 - Microsoft Edge Scripting Engine Memory Corruption Vulnerability (CVE-2016-3199)
1007660 - Microsoft Edge Security Feature Bypass Vulnerability (CVE-2016-3198)
1007652 - Microsoft Internet Explorer Memory Corruption Vulnerability (CVE-2016-0199)
1007653 - Microsoft Internet Explorer Memory Corruption Vulnerability (CVE-2016-0200)
1007654 - Microsoft Internet Explorer Scripting Engine Memory Corruption Vulnerability (CVE-2016-3205)
1007655 - Microsoft Internet Explorer Scripting Engine Memory Corruption Vulnerability (CVE-2016-3206)
1007656 - Microsoft Internet Explorer Scripting Engine Memory Corruption Vulnerability (CVE-2016-3207)
1007657 - Microsoft Internet Explorer Scripting Engine Memory Corruption Vulnerability (CVE-2016-3210)


Web Server Common
1000128* - HTTP Protocol Decoding
1007651 - Identified Absence Of Configured CDN/Reverse Proxy HTTP Header


Web Server IIS
1000389* - Microsoft IIS 5.0 .printer ISAPI Extension Buffer Overflow Vulnerability


Windows Services RPC Server DCERPC
1007054* - Remote Schedule Task 'Create' Through SMBv2 Protocol Detected


Integrity Monitoring Rules:

There are no new or updated Integrity Monitoring Rules in this Security Update.


Log Inspection Rules:

1003447* - Web Server - Apache