Rule Update
17-009 (28 fevereiro 2017)
Data de publicação: 01 março 2017
Descrição
* indicates a new version of an existing rule
Deep Packet Inspection Rules:
Backup Server IBM Tivoli Storage Manager FastBack Server
1007356* - IBM Tivoli Storage Manager FastBack Server Buffer Overflow Vulnerability (CVE-2015-1924)
Database Oracle
1003340* - Oracle Database Trigger MDSYS.SDO_TOPO_DROP_FTBL SQL Injection
Microsoft Office
1004311* - Identified Suspicious Microsoft PowerPoint Document
VoIP Smart
1008087* - IBM WebSphere Application Server SIP Processing DoS Vulnerability (CVE-2016-2960)
Web Application Common
1000608* - Generic SQL Injection Prevention
Web Application PHP Based
1008144 - PHP Remote Code Execution Vulnerability (CVE-2017-5340)
Web Client Common
1004335* - Apple QuickTime 'QuickTimeStreaming.qtx' Remote Stack Buffer Overflow
1008185 - Identified Suspicious Obfuscated PDF Document
1008028 - Microsoft Windows File Manager Remote Code Execution Vulnerability (CVE-2016-7212)
1008147 - Microsoft Windows RPC Network Data Representation Engine Remote Code Execution Vulnerability (CVE-2016-0178)
Web Client Mozilla Firefox
1007061* - Mozilla Firefox Arbitrary JavaScript Code Execution
1007062* - Mozilla Firefox Arbitrary JavaScript Execution Vulnerability (CVE-2015-0802)
1008052* - Mozilla Firefox SVG Animation Use After Free Vulnerability (CVE-2016-9079)
Web Server Adobe ColdFusion
1008113 - Adobe ColdFusion OOXML XXE Information Disclosure Vulnerability (CVE-2016-4264)
Web Server Common
1005671* - PHP SSL Module "subjectAltNames" NULL Byte Handling Security Vulnerability
Integrity Monitoring Rules:
There are no new or updated Integrity Monitoring Rules in this Security Update.
Log Inspection Rules:
There are no new or updated Log Inspection Rules in this Security Update.
Deep Packet Inspection Rules:
Backup Server IBM Tivoli Storage Manager FastBack Server
1007356* - IBM Tivoli Storage Manager FastBack Server Buffer Overflow Vulnerability (CVE-2015-1924)
Database Oracle
1003340* - Oracle Database Trigger MDSYS.SDO_TOPO_DROP_FTBL SQL Injection
Microsoft Office
1004311* - Identified Suspicious Microsoft PowerPoint Document
VoIP Smart
1008087* - IBM WebSphere Application Server SIP Processing DoS Vulnerability (CVE-2016-2960)
Web Application Common
1000608* - Generic SQL Injection Prevention
Web Application PHP Based
1008144 - PHP Remote Code Execution Vulnerability (CVE-2017-5340)
Web Client Common
1004335* - Apple QuickTime 'QuickTimeStreaming.qtx' Remote Stack Buffer Overflow
1008185 - Identified Suspicious Obfuscated PDF Document
1008028 - Microsoft Windows File Manager Remote Code Execution Vulnerability (CVE-2016-7212)
1008147 - Microsoft Windows RPC Network Data Representation Engine Remote Code Execution Vulnerability (CVE-2016-0178)
Web Client Mozilla Firefox
1007061* - Mozilla Firefox Arbitrary JavaScript Code Execution
1007062* - Mozilla Firefox Arbitrary JavaScript Execution Vulnerability (CVE-2015-0802)
1008052* - Mozilla Firefox SVG Animation Use After Free Vulnerability (CVE-2016-9079)
Web Server Adobe ColdFusion
1008113 - Adobe ColdFusion OOXML XXE Information Disclosure Vulnerability (CVE-2016-4264)
Web Server Common
1005671* - PHP SSL Module "subjectAltNames" NULL Byte Handling Security Vulnerability
Integrity Monitoring Rules:
There are no new or updated Integrity Monitoring Rules in this Security Update.
Log Inspection Rules:
There are no new or updated Log Inspection Rules in this Security Update.