Deep Security Center

RULE UPDATE: 15-024 (July 28, 2015)
* indicates a new version of an existing rule

Deep Packet Inspection Rules:

Microsoft Office
1006574* - Microsoft Office Local Zone Remote Code Execution Vulnerability (CVE-2015-0097)
1004099* - Microsoft Office Publisher File Conversion TextBox Processing Buffer Overflow Vulnerability


OpenSSL
1006855* - OpenSSL Alternative Chains Certificate Forgery Security Bypass Vulnerability (CVE-2015-1793)
1006854 - OpenSSL X509_cmp_time Denial Of Service Vulnerability (CVE-2015-1789)


OpenSSL Client
1006856* - OpenSSL Client Alternative Chains Certificate Forgery Security Bypass Vulnerability (CVE-2015-1793)
1006806* - OpenSSL Malformed ECParameters Infinite Loop Denial Of Service Vulnerability


Unix CUPS
1006814* - CUPS Print Service Remote Privilege Escalation Vulnerability


Web Application Common
1005936* - Identified Local File Inclusion (LFI) Over HTTP
1006823* - Identified Suspicious Command Injection Attack - 1


Web Application PHP Based
1006817 - PHP 'phar_parse_tarfile' Memory Corruption Vulnerability
1006819 - PHP DateTime Use After Free Vulnerability (CVE-2015-0273)
1006821 - PHP DateTimeZone Type Confusion Information Disclosure Vulnerability


Web Client Common
1006824* - Adobe Flash ActionScript3 ByteArray Use After Free Vulnerability
1006812* - Adobe Flash Player Heap Buffer Overflow Vulnerability (CVE-2015-3113) -1
1006701* - Adobe Flash Player Type Confusion Remote Code Execution Vulnerability (CVE-2015-3077)
1006905 - Adobe Flash Player Unspecified Memory Corruption Vulnerability (CVE-2015-3123)
1006903* - Adobe Font Driver Memory Corruption Vulnerability (CVE-2015-2426)
1006890 - Adobe Reader And Acrobat Buffer Overflow Vulnerability (CVE-2015-5093)
1006893 - Adobe Reader And Acrobat Integer Overflow Vulnerability (CVE-2015-5097)
1006889 - Adobe Reader And Acrobat Memory Corruption Vulnerability (CVE-2015-5087)
1006891 - Adobe Reader And Acrobat Memory Corruption Vulnerability (CVE-2015-5094)
1006894 - Adobe Reader And Acrobat Memory Corruption Vulnerability (CVE-2015-5098)
1006896 - Adobe Reader And Acrobat Memory Corruption Vulnerability (CVE-2015-5100)
1006897 - Adobe Reader And Acrobat Memory Corruption Vulnerability (CVE-2015-5101)
1006898 - Adobe Reader And Acrobat Memory Corruption Vulnerability (CVE-2015-5102)
1006899 - Adobe Reader And Acrobat Memory Corruption Vulnerability (CVE-2015-5103)
1006900 - Adobe Reader And Acrobat Memory Corruption Vulnerability (CVE-2015-5104)
1006886 - Adobe Reader And Acrobat Security Bypass Vulnerability (CVE-2015-4447)
1006888 - Adobe Reader And Acrobat Security Bypass Vulnerability (CVE-2015-5086)
1006887 - Adobe Reader And Acrobat Use After Free Vulnerability (CVE-2015-4448)
1006892 - Adobe Reader And Acrobat Use After Free Vulnerability (CVE-2015-5095)
1006895 - Adobe Reader And Acrobat Use After Free Vulnerability (CVE-2015-5099)
1006901 - Adobe Reader And Acrobat Use After Free Vulnerability (CVE-2015-5111)
1006902 - Adobe Reader And Acrobat Use After Free Vulnerability (CVE-2015-5113)
1006883 - Google Chrome Cross Site Scripting Filter Bypass Vulnerability
1006872* - Microsoft Windows DLL Planting Remote Code Execution Vulnerability (CVE-2015-2369)
1006857* - Oracle Java SE Remote Code Execution Vulnerability (CVE-2015-2590)


Web Client Internet Explorer
1006868* - Microsoft Internet Explorer JScript9 Memory Corruption Vulnerability (CVE-2015-2419)
1006832* - Microsoft Internet Explorer Memory Corruption Vulnerability (CVE-2015-2401)
1006869* - Microsoft Internet Explorer Memory Corruption Vulnerability (CVE-2015-2425)


Web Client Mozilla Firefox
1006825 - Mozilla Firefox XrayWrapper Privileged Javascript Injection Vulnerability (CVE-2014-8636)


Web Server IIS
1006434* - Microsoft IIS Directory Traversal Vulnerability


Web Server Miscellaneous
1003505* - Microsoft .Net Framework Null Byte Injection Vulnerability


Web Service HP SiteScope
1006816* - HP SiteScope Log Analyzer Privilege Escalation Vulnerability (CVE-2015-2120)


Windows Services RPC Server
1006906 - Identified Usage Of PsExec Command Line Tool


Integrity Monitoring Rules:

There are no new or updated Integrity Monitoring Rules in this Security Update.


Log Inspection Rules:

There are no new or updated Log Inspection Rules in this Security Update.
RULE UPDATE: 15-023 (July 20, 2015)
* indicates a new version of an existing rule

Deep Packet Inspection Rules:

Remote Desktop Protocol Server
1006870 - Microsoft Windows Remote Desktop Protocol (RDP) Remote Code Execution Vulnerability (CVE-2015-2373)


Web Client Common
1006858* - Adobe Flash ActionScript3 opaqueBackground Use After Free Vulnerability (CVE-2015-5122)
1006859* - Adobe Flash Player BitmapData Remote Code Execution Vulnerability (CVE-2015-5123)
1006530* - Adobe Flash Player Memory Corruption Vulnerability (CVE-2014-0582)
1006903 - Adobe Font Driver Memory Corruption Vulnerability (CVE-2015-2426)
1006904 - Microsoft Office Memory Corruption Vulnerability (CVE-2015-2424)


Integrity Monitoring Rules:

There are no new or updated Integrity Monitoring Rules in this Security Update.


Log Inspection Rules:

There are no new or updated Log Inspection Rules in this Security Update.
RULE UPDATE: 15-022 (July 14, 2015)
* indicates a new version of an existing rule

Deep Packet Inspection Rules:

Database Microsoft SQL
1006840 - Microsoft SQL Server Remote Code Execution Vulnerability (CVE-2015-1762)


Database MySQL
1006813 - Identified Oracle MySQL Database Operation


FTP Server ProFTPD
1006743* - ProFTPD Remote Command Execution Vulnerability (CVE-2015-3306)


Microsoft Office
1006873 - Microsoft Excel ASLR Bypass Vulnerability (CVE-2015-2375)
1006874 - Microsoft Office Memory Corruption Vulnerability (CVE-2015-2376)
1006875 - Microsoft Office Memory Corruption Vulnerability (CVE-2015-2377)
1006876 - Microsoft Office Memory Corruption Vulnerability (CVE-2015-2379)
1006877 - Microsoft Office Memory Corruption Vulnerability (CVE-2015-2380)
1006878 - Microsoft Office Memory Corruption Vulnerability (CVE-2015-2415)
1006769* - Microsoft Office Use After Free Vulnerability (CVE-2015-1759)
1006770* - Microsoft Office Use After Free Vulnerability (CVE-2015-1760)
1000764* - Microsoft Publisher Font Parsing Buffer Overflow
1005990* - Microsoft Word RTF Remote Code Execution Vulnerability (CVE-2014-1761)


OpenSSL
1006655* - OpenSSL ASN_TYPE_cmp Segmentation Fault Vulnerability (CVE-2015-0286)
1006855 - OpenSSL Alternative Chains Certificate Forgery Security Bypass Vulnerability (CVE-2015-1793)


OpenSSL Client
1006856 - OpenSSL Client Alternative Chains Certificate Forgery Security Bypass Vulnerability (CVE-2015-1793)
1006093* - OpenSSL Client SSL/TLS Man In The Middle Security Bypass Vulnerability
1006806 - OpenSSL Malformed ECParameters Infinite Loop Denial Of Service Vulnerability


SSL Client
1006485* - SSL RSA Downgrade Vulnerability


Unix CUPS
1006814 - CUPS Print Service Remote Privilege Escalation Vulnerability


Unix Samba
1003999* - Samba MS-RPC Remote Shell Command Execution Vulnerability


Web Application Common
1006823 - Identified Suspicious Command Injection Attack - 1
1005402* - Identified Suspicious User Agent In HTTP Request


Web Application PHP Based
1006794* - PHP 'main/rfc1867.c' Remote Denial Of Service Vulnerability
1006390* - WordPress Denial Of Service Vulnerability (CVE-2014-9034)


Web Application Tomcat
1001074* - Apache Tomcat Cookie Handling Session ID Disclosure


Web Client Common
1006824* - Adobe Flash ActionScript3 ByteArray Use After Free Vulnerability
1006860 - Adobe Flash Domain Policy Security Bypass Vulnerabilities
1006455* - Adobe Flash Player Heap Based Buffer Overflow Vulnerability (CVE-2015-0309)
1006812 - Adobe Flash Player Heap Buffer Overflow Vulnerability (CVE-2015-3113) -1
1006006* - Adobe Flash Player Information Disclosure Vulnerability (CVE-2014-0508)
1003891* - Adobe Flash Player JPEG Parsing Heap Overflow Vulnerability
1006399* - Adobe Flash Player Memory Corruption Vulnerability (CVE-2014-0574)
1006400* - Adobe Flash Player Memory Corruption Vulnerability (CVE-2014-0586)
1006461* - Adobe Flash Player Memory Corruption Vulnerability (CVE-2015-0310)
1006713* - Adobe Flash Player Memory Corruption Vulnerability (CVE-2015-3090)
1006861 - Adobe Flash Player Memory Corruption Vulnerability (CVE-2015-3117)
1006866 - Adobe Flash Player Multiple Use After Free Vulnerabilities
1006810* - Adobe Flash Player Nellymoser Heap Buffer Overflow Vulnerabilities
1006779* - Adobe Flash Player Out Of Bound Write Vulnerability (CVE-2015-3105)
1004229* - Adobe Flash Player Remote Code Execution Vulnerabilities - 2
1006464* - Adobe Flash Player Remote Code Execution Vulnerability (CVE-2015-0312)
1006526* - Adobe Flash Player Remote Code Execution Vulnerability (CVE-2015-0330)
1006138* - Adobe Flash Player Security Bypass Vulnerability (CVE-2014-4671)
1006865 - Adobe Flash Player SharedObject Use After Free Vulnerabilities
1006863 - Adobe Flash Player Type Confusion Vulnerability (CVE-2015-3119)
1006864 - Adobe Flash Player Type Confusion Vulnerability (CVE-2015-3121)
1006517* - Adobe Flash Player Use After Free Vulnerability (CVE-2015-0320)
1006862 - Adobe Flash Player Use After Free Vulnerability (CVE-2015-3118)
1006419* - Adobe Reader And Acrobat Memory Corruption Vulnerability (CVE-2014-8461)
1004042* - Google Chrome XML Denial Of Service
1006882 - Identified Suspicious Obfuscated JavaScript - 4
1006742 - Identified Suspicious User Agent In Outgoing HTTP Request
1006818 - Java SE Remote Security Vulnerability (CVE-2015-0459)
1006820 - Java SE Remote Security Vulnerability (CVE-2015-0491)
1006872 - Microsoft Windows DLL Planting Remote Code Execution Vulnerability (CVE-2015-2369)
1006879 - Microsoft Windows Graphics Component EOP Vulnerability (CVE-2015-2364)
1006880 - Microsoft Windows OLE Elevation Of Privilege Vulnerability (CVE-2015-2416)
1006881 - Microsoft Windows OLE Elevation Of Privilege Vulnerability (CVE-2015-2417)
1006291* - Microsoft Windows OLE Remote Code Execution Vulnerability - 1
1006572 - Multiple Browser libjpeg/libjpeg-turbo Library Memory Corruption Vulnerability


Web Client Internet Explorer
1006839 - Microsoft Internet Explorer ASLR Bypass Vulnerability (CVE-2015-2421)
1006842 - Microsoft Internet Explorer Information Disclosure Vulnerability (CVE-2015-1729)
1006867 - Microsoft Internet Explorer Information Disclosure Vulnerability (CVE-2015-2413)
1006868 - Microsoft Internet Explorer JScript9 Memory Corruption Vulnerability (CVE-2015-2419)
1006750 - Microsoft Internet Explorer Memory Corruption Vulnerability (CVE-2015-1733)
1006752* - Microsoft Internet Explorer Memory Corruption Vulnerability (CVE-2015-1736)
1006754 - Microsoft Internet Explorer Memory Corruption Vulnerability (CVE-2015-1738)
1006764* - Microsoft Internet Explorer Memory Corruption Vulnerability (CVE-2015-1752)
1006850 - Microsoft Internet Explorer Memory Corruption Vulnerability (CVE-2015-1767)
1006843 - Microsoft Internet Explorer Memory Corruption Vulnerability (CVE-2015-2383)
1006845 - Microsoft Internet Explorer Memory Corruption Vulnerability (CVE-2015-2383) - 1
1006846 - Microsoft Internet Explorer Memory Corruption Vulnerability (CVE-2015-2388)
1006847 - Microsoft Internet Explorer Memory Corruption Vulnerability (CVE-2015-2389)
1006848 - Microsoft Internet Explorer Memory Corruption Vulnerability (CVE-2015-2390)
1006849 - Microsoft Internet Explorer Memory Corruption Vulnerability (CVE-2015-2391)
1006831 - Microsoft Internet Explorer Memory Corruption Vulnerability (CVE-2015-2397)
1006832 - Microsoft Internet Explorer Memory Corruption Vulnerability (CVE-2015-2401)
1006851 - Microsoft Internet Explorer Memory Corruption Vulnerability (CVE-2015-2403)
1006852 - Microsoft Internet Explorer Memory Corruption Vulnerability (CVE-2015-2404)
1006833 - Microsoft Internet Explorer Memory Corruption Vulnerability (CVE-2015-2406)
1006835 - Microsoft Internet Explorer Memory Corruption Vulnerability (CVE-2015-2408)
1006836 - Microsoft Internet Explorer Memory Corruption Vulnerability (CVE-2015-2409)
1006837 - Microsoft Internet Explorer Memory Corruption Vulnerability (CVE-2015-2411)
1006853 - Microsoft Internet Explorer Memory Corruption Vulnerability (CVE-2015-2422)
1006869 - Microsoft Internet Explorer Memory Corruption Vulnerability (CVE-2015-2425)
1006841 - Microsoft Windows VBScript Memory Corruption Vulnerability (CVE-2015-2372)


Web Server Common
1005839* - Identified XML External Entity Injection In HTTP Request


Web Server IIS
1006434 - Microsoft IIS Directory Traversal Vulnerability


Web Service HP SiteScope
1006816 - HP SiteScope Log Analyzer Privilege Escalation Vulnerability (CVE-2015-2120)


Integrity Monitoring Rules:

There are no new or updated Integrity Monitoring Rules in this Security Update.


Log Inspection Rules:

There are no new or updated Log Inspection Rules in this Security Update.
RULE UPDATE: 15-021 (July 12, 2015)
* indicates a new version of an existing rule

Deep Packet Inspection Rules:

Web Client Common
1006858 - Adobe Flash ActionScript3 opaqueBackground Use After Free Vulnerability (CVE-2015-5122)
1006859 - Adobe Flash Player BitmapData Remote Code Execution Vulnerability (CVE-2015-5123)
1006857 - Oracle Java SE Remote Code Execution Vulnerability


Integrity Monitoring Rules:

There are no new or updated Integrity Monitoring Rules in this Security Update.


Log Inspection Rules:

There are no new or updated Log Inspection Rules in this Security Update.
RULE UPDATE: 15-020 (July 7, 2015)
* indicates a new version of an existing rule

Deep Packet Inspection Rules:

Microsoft Office
1006370* - Microsoft Word Use After Free Remote Code Execution Vulnerability (CVE-2014-6357)


Web Client Common
1004079* - Adobe Acrobat And Reader CFF Encodings Handling Heap Overflow Vulnerability
1003916* - Adobe Acrobat And Reader JpxDecode Memory Corruption
1003291* - Adobe Acrobat And Reader PDF File Handling Remote Code Execution Vulnerability
1003405* - Adobe Acrobat JavaScript getIcon Method Buffer Overflow
1003056* - Adobe Acrobat PDF Javascript getCosObj Memory Corruption
1003848* - Adobe Acrobat Reader U3D CLODMeshContinuation Code Execution
1006824 - Adobe Flash ActionScript3 ByteArray Use After Free Vulnerability
1003186* - Adobe Flash Player For Linux ActionScript ASnative Command Execution
1006810* - Adobe Flash Player Heap Buffer Overflow Vulnerability (CVE-2015-3113)
1006451* - Adobe Flash Player Memory Corruption Vulnerability (CVE-2014-8438)
1002445* - Adobe Multiple Products BMP Image Header Handling Buffer Overflow
1004191* - Adobe Photoshop Remote Code Execution
1003803* - Adobe Reader And Acrobat U3D 'CLODMeshDeclaration' Buffer Overflow Vulnerability
1004857* - Adobe Reader And Acrobat U3D TIFF Resource Buffer Overflow Vulnerability (CVE-2011-2432)
1004506* - Adobe Reader Doc.printSeps() Memory Corruption Vulnerability
1004167* - Adobe Shockwave Director PAMI Chunk Remote Code Execution Vulnerability
1004422* - Adobe Shockwave Director tSAC Chunk Memory Corruption
1004448* - Adobe Shockwave Director tSAC Chunk Remote Code Execution Vulnerability
1004494* - Adobe Shockwave Player 'dirapi.dll' Memory Corruption Vulnerability
1004517* - Adobe Shockwave Player 'dirapi.dll' Stack Overflow Vulnerability
1004287* - Adobe Shockwave Player 3D Parsing Memory Corruption Vulnerability
1003596* - Adobe Shockwave Player Director File Parsing Remote Code Execution Vulnerability
1004713* - Adobe Shockwave Player Memory Corruption (CVE-2011-2111)
1004552* - Adobe TIFF File Vulnerability - 3
1004335* - Apple QuickTime 'QuickTimeStreaming.qtx' Remote Stack Buffer Overflow
1002533* - Apple QuickTime Embedded Pascal Style Remote Integer Overflow
1003722* - Apple QuickTime FlashPix Sector Size Overflow Vulnerability
1002532* - Apple QuickTime Image Descriptor (IDSC) Atom Remote Memory Corruption Vulnerability
1003543* - Apple QuickTime Movie File Clipping Region Handling Heap Buffer Overflow
1003551* - Apple QuickTime PICT Image paintPoly Parsing Heap Buffer Overflow
1005251* - Apple QuickTime Targa Image Parsing Buffer Overflow Vulnerability
1003394* - BitDefender Internet Security Script Code Execution
1001009* - CA Product AV Engine CAB Header Parsing Stack Overflow
1004356* - Cinepak Codec Decompression Vulnerability
1004872* - Cisco WebEx Player ATAS32.DLL linesProcessed Remote Code Execution Vulnerability
1003163* - ClamAV 'get_unicode_name()' Off-By-One Heap Based Buffer Overflow
1002867* - ClamAV CHM Processing Denial Of Service
1003981* - DirectShow Heap Overflow Vulnerability
1003747* - FFmpeg vmd_read_header Integer Overflow
1004375* - Flash Movie Player File Magic Denial Of Service Vulnerability
1003114* - GDI Integer Overflow Vulnerability
1004651* - GDI+ Integer Overflow Vulnerability (CVE-2011-0041)
1003773* - GDI+ PNG Integer Overflow Vulnerability
1003775* - GDI+ TIFF Buffer Overflow Vulnerability
1002683* - GNOME Project libxslt Library RC4 Key String Buffer Overflow
1003749* - Google Apps 'googleapps.url.mailto' Handler Command Injection Vulnerability
1004080* - Google Chrome Invalid FTP Server Response Remote Denial Of Service Vulnerability Helper
1004278* - LibTIFF 'td_stripbytecount' NULL Pointer Dereference Remote Denial Of Service Vulnerability
1004329* - Libpng Memory Corruption And Memory Leak Vulnerability
1005403* - Libxml2 Entity Expansion Denial Of Service Vulnerability
1003431* - MJPEG Decompression Vulnerability
1004217* - MJPEG Media Decompression Vulnerability
1004354* - MPEG Layer-3 Audio Decoder Buffer Overflow Vulnerability
1004093* - MPEG Layer-3 Audio Decoder Stack Overflow Vulnerability
1004397* - MPEG-4 Codec Vulnerability
1003675* - Malformed AVI Header Vulnerability
1004223* - Media Decompression Vulnerability
1004319* - Media Player Classic DoS Vulnerability
1000849* - Microsoft Agent Memory Corruption Vulnerability
1000947* - Microsoft Antivirus Engine PDF File Remote Code Execution
1002590* - Microsoft DirectX Crafted MJPEG Stream Handling Code Execution
1003529* - Microsoft DirectX DirectShow QuickTime Video Remote Code Execution Vulnerability
1001249* - Microsoft DirectX Parsing SAMI File Code Execution Vulnerability
1001129* - Microsoft DirectX RLE Compressed Targa Image Processing Buffer Overflow
1001246* - Microsoft DirectX WAV File Parsing Code Execution Vulnerability
1003406* - Microsoft GDI+ EMF 'GpFont.SetData()' Buffer Overflow
1005016* - Microsoft GDI+ Record Type Vulnerability (CVE-2012-0165)
1000936* - Microsoft Help Workshop HPJ File Handling Buffer Overflow
1000948* - Microsoft OLE Dialog Code Execution Vulnerability
1002627* - Microsoft SQL Server Memory Corruption Vulnerability
1001007* - Microsoft Visio Version Validation Remote Code Execution
1000206* - Microsoft Visual Studio "dbp/sln" File Handling Buffer Overflow
1001096* - Microsoft Visual Studio Crystal Reports RPT Processing Buffer Overflow
1004038* - Microsoft Windows '.ani' File 'tagBITMAPINFOHEADER' Denial Of Service Vulnerability
1004562* - Microsoft Windows 'CreateSizedDIBSECTION()' Thumbnail View Stack Buffer Overflow Vulnerability
1000976* - Microsoft Windows ANI File Remote Code Execution
1004582* - Microsoft Windows Fax Cover Page Editor Memory Corruption
1004555* - Microsoft Windows Fax Cover Page Editor Remote Code Execution
1002757* - Microsoft Windows GDI+ BMP Integer Overflow Vulnerability
1002372* - Microsoft Windows GDI+ EMF Remote Code Execution
1001045* - Microsoft Windows GDI+ ICO File DoS
1002762* - Microsoft Windows GDI+ WMF Buffer Overrun Vulnerability
1001066* - Microsoft Windows Graphics Rendering Engine Image Handling Vulnerability
1001248* - Microsoft Windows Media Format ASF Parsing Remote Code Execution
1001252* - Microsoft Windows Media Player MP4 File Stack Overflow
1001068* - Microsoft Windows Media Player Remote Code Execution
1000182* - Microsoft Windows Metafile Integer Overflow Vulnerability
1002622* - Microsoft Windows Saved Search Remote Code Execution
1004302* - Microsoft Windows Shortcut Remote Code Execution
1001032* - Microsoft Windows URI Handler Registration Vulnerability
1001069* - Microsoft Windows Vista Feed Headlines Gadget Code Execution
1001137* - Microsoft vCard URL Handling Vulnerability
1004349* - Movie Maker Memory Corruption Vulnerability
1004928* - Msvcrt.dll Buffer Overflow Vulnerability (CVE-2012-0150)
1003541* - Multiple Products libxml2 XML File Processing Long Entity Name Buffer Overflow
1003703* - OpenOffice Word Document Table Parsing Heap Overflow
1004024* - OpenOffice.org Microsoft Word File sprmTSetBrc Processing Buffer Overflow
1004541* - OpenType Font File CFF table Code Execution Vulnerability
1004538* - OpenType Font File CMAP Table Paring Vulnerability
1004485* - OpenType Font Parsing Vulnerability
1004621* - Oracle Java 'Applet2ClassLoader' Class Unsigned Applet Remote Code Execution Vulnerability
1004932* - Oracle Java SE Deployment Component Unspecified Remote Code Execution
1004614* - Real Networks RealPlayer '.AVI' File Parsing Buffer Overflow
1004868* - RealNetwork RealPlayer MPG Width Integer Underflow Remote Code Execution Vulnerability
1002746* - RealNetworks Multiple Products SMIL Wallclock Stack Overflow
1002750* - RealNetworks RealPlayer Invalid Chunk Size Heap Overflow Vulnerability
1002745* - RealNetworks RealPlayer Multiple Products RA File Processing Heap Overflow
1005849* - RealNetworks RealPlayer Stack Based Buffer Overflow Vulnerability
1004781* - RealNetworks Realplayer QCP Parsing Remote Code Execution Vulnerability
1002571* - SAMI Format Parsing Vulnerability
1002291* - Sun Java Web Start Charset Encoding Stack Buffer Overflow
1002653* - Sun Java Web Start JNLP java-vm-args Heap Buffer Overflow
1002649* - Sun Java Web Start JNLP vm args Stack Overflow
1004543* - TIFF Image Converter Buffer Overflow Vulnerability
1004546* - TIFF Image Converter Heap Overflow Vulnerability
1003603* - VLC Media Player 'smb://' URI Handling Remote Buffer Overflow Vulnerability
1002630* - VideoLAN VLC Media Player WAV Processing Integer Overflow
1003201* - VideoLAN VLC real.c ReadRealIndex Real Demuxer Integer Overflow
1001637* - WebDAV Mini-Redirector Remote Code Execution
1003825* - Win32k EOT Parsing Vulnerability
1003823* - Win32k TTF Parsing Vulnerability
1004844* - Winamp AMF File Handling Overflow
1004845* - Winamp Midi File Handling Overflow
1003710* - Windows Media Playback Memory Corruption Vulnerability
1003760* - Windows Media Runtime Voice Sample Rate Vulnerability
1003116* - Windows Saved Search Vulnerability
1003115* - Windows Search Parsing Vulnerability
1003785* - Xpdf Splash DrawImage Integer Overflow
1004753* - libsndfile PAF File Processing Integer Overflow


Web Client Internet Explorer
1003267* - Microsoft Internet Explorer Uninitialized Memory Corruption


Web Server Common
1004859* - Disallowed HTTP header


Web Server Miscellaneous
1006744* - Jetty Httpd HttpParser Memory Information Disclosure Vulnerability (CVE-2015-2080)


Windows Services RPC Client
1006558* - Microsoft Windows Task Scheduler Remote Buffer Overflow Vulnerability - 1


Windows Services RPC Server
1000735* - Microsoft Windows Server Service Remote Code Execution


Integrity Monitoring Rules:

There are no new or updated Integrity Monitoring Rules in this Security Update.


Log Inspection Rules:

There are no new or updated Log Inspection Rules in this Security Update.
RULE UPDATE: 15-019 (June 24, 2015)
* indicates a new version of an existing rule

Deep Packet Inspection Rules:

Web Client Common
1006810 - Adobe Flash Player Heap Buffer Overflow Vulnerability (CVE-2015-3113)
1006654* - Adobe Flash Player Memory Corruption Vulnerability (CVE-2015-3043)


Integrity Monitoring Rules:

There are no new or updated Integrity Monitoring Rules in this Security Update.


Log Inspection Rules:

There are no new or updated Log Inspection Rules in this Security Update.
RULE UPDATE: 15-018 (June 23, 2015)
* indicates a new version of an existing rule

Deep Packet Inspection Rules:

Application Control For File Sharing
1004707* - Application Control For Dropbox


Application Control For Web Media
1002451* - Application Control For YouTube


Elasticsearch
1006793 - Elasticsearch Groovy Search Sandbox Bypass Vulnerability


FTP Server ProFTPD
1006743 - ProFTPD Remote Command Execution Vulnerability (CVE-2015-3306)


LDAP Client
1006785 - Identified LDAP BindRequest Using NTLM Authentication Mechanism


Microsoft Office
1006370* - Microsoft Word Use After Free Remote Code Execution Vulnerability (CVE-2014-6357)


OpenSSL
1006655 - OpenSSL ASN_TYPE_cmp Segmentation Fault Vulnerability (CVE-2015-0286)


OpenSSL Client
1006546* - OpenSSL ECDHE Downgrade Vulnerability (CVE-2014-3572)


Suspicious Server Application Activity
1006560 - Identified Microsoft SQL Server Resolution Service Distributed Denial Of Service Attack


Universal Plug And Play Service
1006746 - Detected Too Many SSDP Traffic Amplification Requests


Web Application Common
1000552* - Generic Cross Site Scripting(XSS) Prevention
1000608* - Generic SQL Injection Prevention


Web Application PHP Based
1006794 - PHP 'main/rfc1867.c' Remote Denial Of Service Vulnerability


Web Application Tomcat
1001074* - Apache Tomcat Cookie Handling Session ID Disclosure


Web Client Common
1006299* - Adobe Flash Player Memory Corruption Vulnerability (CVE-2014-0558)
1006530* - Adobe Flash Player Memory Corruption Vulnerability (CVE-2014-0582)
1006353* - Adobe Flash Player Memory Corruption Vulnerability (CVE-2014-0584)
1006398* - Adobe Flash Player Memory Corruption Vulnerability (CVE-2014-0585)
1006449* - Adobe Flash Player Memory Corruption Vulnerability (CVE-2014-0590)
1006365* - Adobe Flash Player Memory Corruption Vulnerability (CVE-2014-8440)
1006646* - Adobe Flash Player Memory Corruption Vulnerability (CVE-2015-0359)
1006657* - Adobe Flash Player Remote Integer Overflow Vulnerability (CVE-2014-0569) - 2
1006468* - Adobe Flash Player Unspecified Vulnerability (CVE-2015-0313)
1006512* - Adobe Flash Player Use After Free Remote Code Execution Vulnerability (CVE-2015-0315)
1006787 - Adobe Font Driver Denial Of Service Vulnerability (CVE-2015-0074)
1006550* - Adobe Font Driver Remote Code Execution Vulnerability (CVE-2015-0090)
1006421* - Adobe Reader And Acrobat Memory Corruption Vulnerability (CVE-2014-8457)
1006418* - Adobe Reader And Acrobat Memory Corruption Vulnerability (CVE-2014-8458)
1006420* - Adobe Reader And Acrobat Memory Corruption Vulnerability (CVE-2014-9159)
1006598* - Microsoft Windows DLL Planting Remote Code Execution Vulnerability Over HTTP (CVE-2015-0096)
1006549* - OpenType Font Parsing Vulnerabilities


Web Client Internet Explorer
1006807 - Microsoft Internet Explorer ASLR Bypass Using MemoryProtection Vulnerability
1006790 - Microsoft Internet Explorer Memory Access Violation Vulnerability
1006758* - Microsoft Internet Explorer Memory Corruption Vulnerability (CVE-2015-1744)
1006759* - Microsoft Internet Explorer Memory Corruption Vulnerability (CVE-2015-1745)
1006760* - Microsoft Internet Explorer Memory Corruption Vulnerability (CVE-2015-1747)
1006789 - Microsoft Internet Explorer MemoryProtector ASLR Bypass Vulnerability
1006783 - Microsoft Internet Explorer Null Pointer Denial Of Service Vulnerability
1006809 - Microsoft Internet Explorer Type Confusion Using Isolated Heap Vulnerability
1006665* - Microsoft Internet Explorer VBScript ASLR Bypass (CVE-2015-1686)


Web Client Mozilla Firefox
1003324* - Mozilla Firefox URI Invisible Control Characters Incorrect Decoding


Web Client SSL
1005040* - Identified Revoked Certificate Authority In SSL Traffic


Web Server Common
1005839* - Identified XML External Entity Injection In HTTP Request
1006386 - PHP 'unserialize()' Integer Overflow Vulnerability (CVE-2014-3669)


Web Server Miscellaneous
1006744 - Jetty Httpd HttpParser Memory Information Disclosure Vulnerability (CVE-2015-2080)


Windows Services RPC Client
1006784 - Identified Windows Group Policy Files Downloaded From Untrusted Sources
1003980* - SMB Client Race Condition Vulnerability


Integrity Monitoring Rules:

There are no new or updated Integrity Monitoring Rules in this Security Update.


Log Inspection Rules:

There are no new or updated Log Inspection Rules in this Security Update.
RULE UPDATE: 15-017 (June 9, 2015)
* indicates a new version of an existing rule

Deep Packet Inspection Rules:

Application Control For Remote Login
1002508* - Application Control For RDP


HP Intelligent Management Center (IMC)
1005476* - HP Intelligent Management Center Multiple Information Disclosure Vulnerabilities


Microsoft Office
1006771 - Microsoft Office Uninitialized Memory Use Vulnerability (CVE-2015-1770)
1006769 - Microsoft Office Use After Free Vulnerability (CVE-2015-1759)
1006770 - Microsoft Office Use After Free Vulnerability (CVE-2015-1760)


OpenSSL Client
1006318* - Multiple Browser Wildcard Certificate Spoofing Vulnerability
1006546* - OpenSSL ECDHE Downgrade Vulnerability (CVE-2014-3572)


Suspicious Server Application Activity
1001164* - Detected Terminal Services (RDP) Server Traffic


VoIP Soft Phones
1006537* - Asterisk Open Source SIP SUBSCRIBE Request Denial Of Service Vulnerability


Web Application Common
1000552* - Generic Cross Site Scripting(XSS) Prevention
1005402* - Identified Suspicious User Agent In HTTP Request


Web Client Apple Safari
1004362* - Apple Safari For Windows Long Link DoS


Web Client Common
1006533* - Adobe Flash Player Buffer Overflow Vulnerability (CVE-2015-0311) - 1
1006772 - Adobe Flash Player Cross Domain Policy Bypass Vulnerability (CVE-2015-3096)
1006773 - Adobe Flash Player Cross Domain Policy Bypass Vulnerability (CVE-2015-3098)
1006774 - Adobe Flash Player Cross Domain Policy Bypass Vulnerability (CVE-2015-3099)
1006776 - Adobe Flash Player Cross Domain Policy Bypass Vulnerability (CVE-2015-3102)
1006286* - Adobe Flash Player Heap Buffer Overflow Vulnerability (CVE-2014-0556)
1006778 - Adobe Flash Player Integer Overflow Vulnerability (CVE-2015-3104)
1006365* - Adobe Flash Player Memory Corruption Vulnerability (CVE-2014-8440)
1006781 - Adobe Flash Player Memory Corruption Vulnerability (CVE-2015-3108)
1006779 - Adobe Flash Player Out Of Bound Write Vulnerability (CVE-2015-3105)
1006589* - Adobe Flash Player Remote Code Execution Vulnerability (CVE-2015-0336)
1006775 - Adobe Flash Player Remote Code Execution Vulnerability (CVE-2015-3100)
1006657 - Adobe Flash Player Remote Integer Overflow Vulnerability (CVE-2014-0569) - 2
1006701* - Adobe Flash Player Type Confusion Remote Code Execution Vulnerability (CVE-2015-3077)
1006707* - Adobe Flash Player Type Confusion Remote Code Execution Vulnerability (CVE-2015-3084)
1006468* - Adobe Flash Player Unspecified Vulnerability (CVE-2015-0313)
1006777 - Adobe Flash Player Use After Free Vulnerability (CVE-2015-3103)
1006780 - Adobe Flash Player Use After Free Vulnerability (CVE-2015-3106)
1004715* - HTTP Web Client Decoding
1006598* - Microsoft Windows DLL Planting Remote Code Execution Vulnerability Over HTTP (CVE-2015-0096)
1006619* - Microsoft Windows EMF Processing Remote Code Execution Vulnerability (CVE-2015-1645)
1006782 - Microsoft Windows HTML Application Denial Of Service Vulnerability


Web Client Internet Explorer
1003268* - CSS Memory Corruption Vulnerability (CVE-2009-0076)
1006761 - Microsoft Internet Explorer Elevation Of Privilege Vulnerability (CVE-2015-1748)
1006745 - Microsoft Internet Explorer Memory Corruption Vulnerability (CVE-2015-1687)
1006747 - Microsoft Internet Explorer Memory Corruption Vulnerability (CVE-2015-1730)
1006748 - Microsoft Internet Explorer Memory Corruption Vulnerability (CVE-2015-1731)
1006749 - Microsoft Internet Explorer Memory Corruption Vulnerability (CVE-2015-1732)
1006751 - Microsoft Internet Explorer Memory Corruption Vulnerability (CVE-2015-1735)
1006752 - Microsoft Internet Explorer Memory Corruption Vulnerability (CVE-2015-1736)
1006753 - Microsoft Internet Explorer Memory Corruption Vulnerability (CVE-2015-1737)
1006755 - Microsoft Internet Explorer Memory Corruption Vulnerability (CVE-2015-1740)
1006756 - Microsoft Internet Explorer Memory Corruption Vulnerability (CVE-2015-1741)
1006757 - Microsoft Internet Explorer Memory Corruption Vulnerability (CVE-2015-1742)
1006758 - Microsoft Internet Explorer Memory Corruption Vulnerability (CVE-2015-1744)
1006759 - Microsoft Internet Explorer Memory Corruption Vulnerability (CVE-2015-1745)
1006760 - Microsoft Internet Explorer Memory Corruption Vulnerability (CVE-2015-1747)
1006762 - Microsoft Internet Explorer Memory Corruption Vulnerability (CVE-2015-1750)
1006763 - Microsoft Internet Explorer Memory Corruption Vulnerability (CVE-2015-1751)
1006764 - Microsoft Internet Explorer Memory Corruption Vulnerability (CVE-2015-1752)
1006765 - Microsoft Internet Explorer Memory Corruption Vulnerability (CVE-2015-1753)
1006766 - Microsoft Internet Explorer Memory Corruption Vulnerability (CVE-2015-1755)
1006767 - Microsoft Internet Explorer Memory Corruption Vulnerability (CVE-2015-1766)
1005110* - Novell iPrint Client 'nipplib.dll' GetDriverSettings Realm Remote Code Execution Vulnerability


Web Client SSL
1006606* - Identified Fraudulent Digital Certificate - 1


Web Server Miscellaneous
1004189* - RedHat JBoss Enterprise Application Platform JMX Console Authentication Bypass


Web Server SharePoint
1003815* - Microsoft SharePoint Team Services Download Feature Source Code Information Disclosure Vulnerability


Windows Services RPC Client
1003293* - Block Conficker.B++ Worm Outgoing Named Pipe Connection
1006554* - Microsoft Windows DLL Planting Remote Code Execution Vulnerability (CVE-2015-0096)


Integrity Monitoring Rules:

1005041* - Malware - Suspicious Microsoft Windows Files Detected
1005042* - Malware - Suspicious Microsoft Windows Registry Entries Detected
1006677 - Suspicious Files Detected In Operating System Directories
1006658 - Suspicious Files Detected In Temporary Directories
1006683* - Suspicious Running Processes Detected
1003002* - Web Browser - Internet Explorer


Log Inspection Rules:

There are no new or updated Log Inspection Rules in this Security Update.
RULE UPDATE: 15-016 (May 26, 2015)
* indicates a new version of an existing rule

Deep Packet Inspection Rules:

DHCP Server
1001840* - Restrict DHCP Option Length


Database Oracle
1001141* - Oracle Database Server Core RDBMS Component Denial Of Service


SSL Client
1006740 - Identified SSL/TLS Diffie-Hellman Key Exchange Using Weak Parameters Client


Suspicious Server Application Activity
1003594* - Detected SSL/TLS Server Traffic


Unix Samba
1003999* - Samba MS-RPC Remote Shell Command Execution Vulnerability


Web Application PHP Based
1006656* - Magento Admin Authentication Bypass Vulnerability


Web Application Tomcat
1001074* - Apache Tomcat Cookie Handling Session ID Disclosure


Web Client Common
1006732 - Adobe Acrobat And Reader Multiple JavaScript API Execution Remote Security Bypass Vulnerabilities
1006735 - Adobe Acrobat And Reader Multiple Remote Security Bypass Vulnerabilities
1006719 - Adobe Acrobat And Reader Null Pointer Deference Remote Denial Of Service Vulnerability (CVE-2015-3047)
1006731 - Adobe Acrobat And Reader Remote Security Bypass On JavaScript API Execution
1006736 - Adobe Acrobat And Reader Remote Security Bypass On JavaScript API Execution (CVE-2015-3074)
1006733 - Adobe Acrobat And Reader Remote Security Bypass On JavaScript API Execution Vulnerability (CVE-2015-3069)
1006711 - Adobe Flash Player Heap Overflow Vulnerability (CVE-2015-3088)
1006714 - Adobe Flash Player Information Disclosure Vulnerability (CVE-2015-3091)
1006715 - Adobe Flash Player Information Disclosure Vulnerability (CVE-2015-3092)
1006710 - Adobe Flash Player Integer Overflow Vulnerability (CVE-2015-3087)
1006365* - Adobe Flash Player Memory Corruption Vulnerability (CVE-2014-8440)
1006646* - Adobe Flash Player Memory Corruption Vulnerability (CVE-2015-0359)
1006702 - Adobe Flash Player Memory Corruption Vulnerability (CVE-2015-3078)
1006712 - Adobe Flash Player Memory Corruption Vulnerability (CVE-2015-3089)
1006713 - Adobe Flash Player Memory Corruption Vulnerability (CVE-2015-3090)
1006589* - Adobe Flash Player Remote Code Execution Vulnerability (CVE-2015-0336)
1006301* - Adobe Flash Player Remote Integer Overflow Vulnerability (CVE-2014-0569)
1006701 - Adobe Flash Player Type Confusion Remote Code Execution Vulnerability (CVE-2015-3077)
1006707 - Adobe Flash Player Type Confusion Remote Code Execution Vulnerability (CVE-2015-3084)
1006709 - Adobe Flash Player Type Confusion Remote Code Execution Vulnerability (CVE-2015-3086)
1006468* - Adobe Flash Player Unspecified Vulnerability (CVE-2015-0313)
1006704 - Adobe Flash Player Use After Free Vulnerability (CVE-2015-3080)
1006718 - Adobe Reader And Acrobat Memory Corruption Vulnerability (CVE-2015-3046)
1006721 - Adobe Reader And Acrobat Memory Corruption Vulnerability (CVE-2015-3050)
1006722 - Adobe Reader And Acrobat Memory Corruption Vulnerability (CVE-2015-3051)
1006723 - Adobe Reader And Acrobat Memory Corruption Vulnerability (CVE-2015-3052)
1006727 - Adobe Reader And Acrobat Memory Corruption Vulnerability (CVE-2015-3056)
1006728 - Adobe Reader And Acrobat Memory Corruption Vulnerability (CVE-2015-3057)
1006730 - Adobe Reader And Acrobat Memory Corruption Vulnerability (CVE-2015-3059)
1006734 - Adobe Reader And Acrobat Memory Corruption Vulnerability (CVE-2015-3070)
1006738 - Adobe Reader And Acrobat Memory Corruption Vulnerability (CVE-2015-3076)
1006724 - Adobe Reader And Acrobat Remote Code Execution Vulnerability (CVE-2015-3053)
1006725 - Adobe Reader And Acrobat Remote Code Execution Vulnerability (CVE-2015-3054)
1006726 - Adobe Reader And Acrobat Remote Code Execution Vulnerability (CVE-2015-3055)
1006737 - Adobe Reader And Acrobat Remote Code Execution Vulnerability (CVE-2015-3075)
1005170* - Java Applet Remote Code Execution Vulnerability
1005178* - Java Applet Remote Code Execution Vulnerability - 2
1006739 - Java Applet Remote Code Execution Vulnerability - 3
1001129* - Microsoft DirectX RLE Compressed Targa Image Processing Buffer Overflow
1006443* - Sun Java Runtime Environment Web Start JNLP File Stack Buffer Overflow Vulnerability


Web Client Internet Explorer
1004717* - Identified Suspicious AllowScriptAccess Parameter Of Shockwave Flash Player ActiveX Control
1006668* - Microsoft Internet Explorer Clipboard Information Disclosure Vulnerability (CVE-2015-1692)
1006618* - Microsoft Internet Explorer Memory Corruption Vulnerability (CVE-2015-1668)
1006674* - Microsoft Internet Explorer Memory Corruption Vulnerability (CVE-2015-1705)
1004339* - Microsoft Internet Explorer Uninitialized Memory Corruption Vulnerability


Web Server Apache
1006316 - Apache HTTP Server mod_proxy Reverse Proxy Mode Security Bypass Vulnerability (CVE-2011-4317)


Web Server Common
1005434* - Disallow Upload Of A File (Php/Class/Archive)


Web Server HTTPS
1006741 - Identified SSL/TLS Diffie-Hellman Key Exchange Using Weak Parameters Server


Integrity Monitoring Rules:

There are no new or updated Integrity Monitoring Rules in this Security Update.


Log Inspection Rules:

There are no new or updated Log Inspection Rules in this Security Update.
* indicates a new version of an existing rule

Deep Packet Inspection Rules:

Database MySQL
1006262* - MySQL yaSSL Pre-authentication Code Execution Vulnerability


HP OpenView
1006250* - HP Data Protector Unspecified Arbitrary Code Execution Vulnerability (CVE-2014-2623)


HP System Management Homepage
1006447 - HP System Management Homepage Cross Site Scripting Vulnerability (CVE-2014-2640)


Microsoft Office
1006625 - Microsoft Office Component Use After Free Vulnerability (CVE-2015-1649)
1006626 - Microsoft Office Component Use After Free Vulnerability (CVE-2015-1650)
1006627 - Microsoft Office Component Use After Free Vulnerability (CVE-2015-1651)
1006623 - Microsoft Office Memory Corruption Vulnerability (CVE-2015-1641)


OpenSSL
1006621 - OpenSSL Client Authentication Handler ClientKeyExchange Message Denial Of Service Vulnerability (CVE-2015-1787)


OpenSSL Client
1006318 - Multiple Browser Wildcard Certificate Spoofing Vulnerability


Web Application PHP Based
1004998* - PHP-CGI Query String Parameter Vulnerability


Web Client Common
1006631 - Identified File Protocol Handler In HTTP Location Header
1006619 - Microsoft Windows EMF Processing Remote Code Execution Vulnerability (CVE-2015-1645)


Web Client Internet Explorer
1006628 - MSXML Same Origin Policy Security Bypass Vulnerability (CVE-2015-1646)
1005591* - Microsoft Internet Explorer Memory Corruption Vulnerability (CVE-2013-3163)
1006609 - Microsoft Internet Explorer Memory Corruption Vulnerability (CVE-2015-1652)
1006610 - Microsoft Internet Explorer Memory Corruption Vulnerability (CVE-2015-1657)
1006611 - Microsoft Internet Explorer Memory Corruption Vulnerability (CVE-2015-1659)
1006612 - Microsoft Internet Explorer Memory Corruption Vulnerability (CVE-2015-1660)
1006613 - Microsoft Internet Explorer Memory Corruption Vulnerability (CVE-2015-1661)
1006614 - Microsoft Internet Explorer Memory Corruption Vulnerability (CVE-2015-1662)
1006615 - Microsoft Internet Explorer Memory Corruption Vulnerability (CVE-2015-1665)
1006616 - Microsoft Internet Explorer Memory Corruption Vulnerability (CVE-2015-1666)
1006617 - Microsoft Internet Explorer Memory Corruption Vulnerability (CVE-2015-1667)
1006618 - Microsoft Internet Explorer Memory Corruption Vulnerability (CVE-2015-1668)


Web Server IIS
1006629 - Microsoft Windows ASP.NET Information Disclosure Vulnerability (CVE-2015-1648)
1006620 - Microsoft Windows HTTP.sys Remote Code Execution Vulnerability (CVE-2015-1635)


Windows Services RPC Server
1003015* - Microsoft SMB Credential Reflection Vulnerability
1006579* - Microsoft Windows NETLOGON Spoofing Vulnerability (CVE-2015-0005)
1000391* - Microsoft Windows Plug And Play Registry Key Access Buffer Overflow
1000817* - Microsoft Windows Workstation RPC Stack Overflow


Integrity Monitoring Rules:

1003375* - Application - Postfix
1005041* - Malware - Suspicious Microsoft Windows Files Detected


Log Inspection Rules:

There are no new or updated Log Inspection Rules in this Security Update.