Rule Update

19-047 (September 17, 2019)


  DESCRIPTION

* indicates a new version of an existing rule

Deep Packet Inspection Rules:

Mail Server Over SSL/TLS
1009977 - Exim Mail Server Remote Code Execution Vulnerability (CVE-2019-15846)


Microsoft Office
1009982 - Microsoft Excel Remote Code Execution Vulnerability (CVE-2019-1297)
1009848 - Microsoft Office Memory Corruption Vulnerability (CVE-2018-0798)


Web Application Common
1009979 - XStream Library ReflectionConverter Insecure Deserialization Remote Command Execution Vulnerability (CVE-2019-10173) - Server


Web Client Common
1009988 - Microsoft DirectWrite Information Disclosure Vulnerability (CVE-2019-1251)
1009984 - Microsoft Graphics Components Information Disclosure Vulnerability (CVE-2019-1283)
1009985 - Microsoft Jet Database Engine Remote Code Execution Vulnerability (CVE-2019-1241)
1009986 - Microsoft Jet Database Engine Remote Code Execution Vulnerability (CVE-2019-1243)
1009989 - Microsoft Jet Database Engine Remote Code Execution Vulnerability (CVE-2019-1246)
1009987 - Microsoft Jet Database Engine Remote Code Execution Vulnerability (CVE-2019-1249)
1009981 - Microsoft Windows GDI Information Disclosure Vulnerability (CVE-2019-1252)
1009980 - Microsoft Windows JET Database Engine Integer Underflow Remote Code Execution Vulnerability (CVE-2019-1248)
1009983 - Microsoft Windows Jet Database Engine Remote Code Execution Vulnerability (CVE-2019-1242)
1009990 - Microsoft Windows VBScript Remote Code Execution Vulnerability (CVE-2019-1208)
1009976 - XStream Library ReflectionConverter Insecure Deserialization Remote Command Execution Vulnerability (CVE-2019-10173)


Web Server Common
1003598* - Multiple HTTP Server Low Bandwidth Denial Of Service


Integrity Monitoring Rules:

1006802* - TMTR-0003: Suspicious Files Detected In Operating System Directories
1006801* - TMTR-0004: Suspicious Files Detected In Operating System Directories
1006658* - TMTR-0012: Suspicious Files Detected In Temporary Directories


Log Inspection Rules:

There are no new or updated Log Inspection Rules in this Security Update.