Rule Update
16-005 (February 23, 2016)
DESCRIPTION
* indicates a new version of an existing rule
Deep Packet Inspection Rules:
Backup Server IBM Tivoli Storage Manager FastBack Mount
1007329 - IBM Tivoli Storage Manager FastBack Stack Based Buffer Overflow Vulnerability (CVE-2015-1896)
Backup Server IBM Tivoli Storage Manager FastBack Server
1007350 - IBM Tivoli Storage Manager FastBack Server Opcode 1332 Buffer Overflow (CVE-2015-1925)
DNS Client
1007377* - ISC BIND DNSSEC Key Handler Denial Of Service Vulnerability (CVE-2015-5722)
1007424* - ISC BIND OPT Pseudo-RR Data And ECS Options Denial Of Service Vulnerability (CVE-2015-8705)
Elasticsearch
1007301* - Elasticsearch Remote Code Execution Vulnerability (CVE-2015-5377)
Mail Server Common
1005344* - POP3 Mail Server Possible Brute Force Attempt
Microsoft Office
1007418* - Microsoft Office Memory Corruption Vulnerability (CVE-2016-0022)
1006771* - Microsoft Office Uninitialized Memory Use Vulnerability (CVE-2015-1770)
RADIUS Server
1007455 - Microsoft Windows Network Policy Server RADIUS Implementation DOS Vulnerability (CVE-2016-0050)
Web Application PHP Based
1007404* - Drupal Core Denial Of Service Vulnerability (CVE-2014-9016)
1007403 - Drupal Core Host Header Handler Denial Of Service Vulnerability (CVE-2014-5019)
Web Client Common
1007440 - Adobe Flash Player Heap Overflow Vulnerability (CVE-2016-0971)
1007330* - Adobe Flash Player Integer Overflow Vulnerability (CVE-2015-8651)
1007445 - Adobe Flash Player Integer Overflow Vulnerability (CVE-2016-0976)
1007433 - Adobe Flash Player Memory Corruption Vulnerability (CVE-2016-0964)
1007434 - Adobe Flash Player Memory Corruption Vulnerability (CVE-2016-0965)
1007435 - Adobe Flash Player Memory Corruption Vulnerability (CVE-2016-0966)
1007436 - Adobe Flash Player Memory Corruption Vulnerability (CVE-2016-0967)
1007437 - Adobe Flash Player Memory Corruption Vulnerability (CVE-2016-0968)
1007438 - Adobe Flash Player Memory Corruption Vulnerability (CVE-2016-0969)
1007439 - Adobe Flash Player Memory Corruption Vulnerability (CVE-2016-0970)
1007441 - Adobe Flash Player Memory Corruption Vulnerability (CVE-2016-0972)
1007446 - Adobe Flash Player Memory Corruption Vulnerability (CVE-2016-0977)
1007447 - Adobe Flash Player Memory Corruption Vulnerability (CVE-2016-0978)
1007448 - Adobe Flash Player Memory Corruption Vulnerability (CVE-2016-0979)
1007449 - Adobe Flash Player Memory Corruption Vulnerability (CVE-2016-0981)
1007454 - Adobe Flash Player Type Confusion Vulnerability (CVE-2016-0985)
1006468* - Adobe Flash Player Unspecified Vulnerability (CVE-2015-0313)
1007442 - Adobe Flash Player Use After Free Vulnerability (CVE-2016-0973)
1007443 - Adobe Flash Player Use After Free Vulnerability (CVE-2016-0974)
1007444 - Adobe Flash Player Use After Free Vulnerability (CVE-2016-0975)
1007450 - Adobe Flash Player Use After Free Vulnerability (CVE-2016-0982)
1007451 - Adobe Flash Player Use After Free Vulnerability (CVE-2016-0983)
1007453 - Adobe Flash Player Use After Free Vulnerability (CVE-2016-0984)
1007359 - Adobe Reader And Acrobat PDF Parsing Memory Corruption Vulnerability (CVE-2015-7622)
1006532* - Identified Malicious Adobe Flash SWF File - 1
Web Client Internet Explorer/Edge
1007227* - Microsoft Internet Explorer And Edge Memory Corruption Vulnerability (CVE-2015-6140)
1007407* - Microsoft Internet Explorer Memory Corruption Vulnerability (CVE-2016-0063)
Integrity Monitoring Rules:
1005041* - Malware - Suspicious Microsoft Windows Files Detected
1006801* - TMTR-0004: Suspicious Files Detected In Operating System Directories
1007210* - TMTR-0018: Suspicious Files Detected In User Profile Directory
1003019* - Trend Micro Deep Security Agent / Relay
Log Inspection Rules:
There are no new or updated Log Inspection Rules in this Security Update.
Deep Packet Inspection Rules:
Backup Server IBM Tivoli Storage Manager FastBack Mount
1007329 - IBM Tivoli Storage Manager FastBack Stack Based Buffer Overflow Vulnerability (CVE-2015-1896)
Backup Server IBM Tivoli Storage Manager FastBack Server
1007350 - IBM Tivoli Storage Manager FastBack Server Opcode 1332 Buffer Overflow (CVE-2015-1925)
DNS Client
1007377* - ISC BIND DNSSEC Key Handler Denial Of Service Vulnerability (CVE-2015-5722)
1007424* - ISC BIND OPT Pseudo-RR Data And ECS Options Denial Of Service Vulnerability (CVE-2015-8705)
Elasticsearch
1007301* - Elasticsearch Remote Code Execution Vulnerability (CVE-2015-5377)
Mail Server Common
1005344* - POP3 Mail Server Possible Brute Force Attempt
Microsoft Office
1007418* - Microsoft Office Memory Corruption Vulnerability (CVE-2016-0022)
1006771* - Microsoft Office Uninitialized Memory Use Vulnerability (CVE-2015-1770)
RADIUS Server
1007455 - Microsoft Windows Network Policy Server RADIUS Implementation DOS Vulnerability (CVE-2016-0050)
Web Application PHP Based
1007404* - Drupal Core Denial Of Service Vulnerability (CVE-2014-9016)
1007403 - Drupal Core Host Header Handler Denial Of Service Vulnerability (CVE-2014-5019)
Web Client Common
1007440 - Adobe Flash Player Heap Overflow Vulnerability (CVE-2016-0971)
1007330* - Adobe Flash Player Integer Overflow Vulnerability (CVE-2015-8651)
1007445 - Adobe Flash Player Integer Overflow Vulnerability (CVE-2016-0976)
1007433 - Adobe Flash Player Memory Corruption Vulnerability (CVE-2016-0964)
1007434 - Adobe Flash Player Memory Corruption Vulnerability (CVE-2016-0965)
1007435 - Adobe Flash Player Memory Corruption Vulnerability (CVE-2016-0966)
1007436 - Adobe Flash Player Memory Corruption Vulnerability (CVE-2016-0967)
1007437 - Adobe Flash Player Memory Corruption Vulnerability (CVE-2016-0968)
1007438 - Adobe Flash Player Memory Corruption Vulnerability (CVE-2016-0969)
1007439 - Adobe Flash Player Memory Corruption Vulnerability (CVE-2016-0970)
1007441 - Adobe Flash Player Memory Corruption Vulnerability (CVE-2016-0972)
1007446 - Adobe Flash Player Memory Corruption Vulnerability (CVE-2016-0977)
1007447 - Adobe Flash Player Memory Corruption Vulnerability (CVE-2016-0978)
1007448 - Adobe Flash Player Memory Corruption Vulnerability (CVE-2016-0979)
1007449 - Adobe Flash Player Memory Corruption Vulnerability (CVE-2016-0981)
1007454 - Adobe Flash Player Type Confusion Vulnerability (CVE-2016-0985)
1006468* - Adobe Flash Player Unspecified Vulnerability (CVE-2015-0313)
1007442 - Adobe Flash Player Use After Free Vulnerability (CVE-2016-0973)
1007443 - Adobe Flash Player Use After Free Vulnerability (CVE-2016-0974)
1007444 - Adobe Flash Player Use After Free Vulnerability (CVE-2016-0975)
1007450 - Adobe Flash Player Use After Free Vulnerability (CVE-2016-0982)
1007451 - Adobe Flash Player Use After Free Vulnerability (CVE-2016-0983)
1007453 - Adobe Flash Player Use After Free Vulnerability (CVE-2016-0984)
1007359 - Adobe Reader And Acrobat PDF Parsing Memory Corruption Vulnerability (CVE-2015-7622)
1006532* - Identified Malicious Adobe Flash SWF File - 1
Web Client Internet Explorer/Edge
1007227* - Microsoft Internet Explorer And Edge Memory Corruption Vulnerability (CVE-2015-6140)
1007407* - Microsoft Internet Explorer Memory Corruption Vulnerability (CVE-2016-0063)
Integrity Monitoring Rules:
1005041* - Malware - Suspicious Microsoft Windows Files Detected
1006801* - TMTR-0004: Suspicious Files Detected In Operating System Directories
1007210* - TMTR-0018: Suspicious Files Detected In User Profile Directory
1003019* - Trend Micro Deep Security Agent / Relay
Log Inspection Rules:
There are no new or updated Log Inspection Rules in this Security Update.