Rule Update

16-006 (2016年3月8日)


  概要

* indicates a new version of an existing rule

Deep Packet Inspection Rules:

Application Control For File Sharing
1007463 - Application Control For Microsoft OneDrive


Backup Server IBM Tivoli Storage Manager FastBack Mount
1007271 - IBM Tivoli Storage Manager FastBack Buffer Overflow Vulnerability (CVE-2015-0120)
1007349 - IBM Tivoli Storage Manager FastBack Mount Stack Buffer Overflow Vulnerability (CVE-2015-0119)
1007329* - IBM Tivoli Storage Manager FastBack Stack Based Buffer Overflow Vulnerability (CVE-2015-1896)


Backup Server IBM Tivoli Storage Manager FastBack Server
1007355 - IBM Tivoli Storage Manager FastBack Server Command Injection Vulnerabilities
1007350* - IBM Tivoli Storage Manager FastBack Server Opcode 1332 Buffer Overflow (CVE-2015-1925)


Database Oracle
1002839* - Oracle Database Server SQL Injection In DBMS_DEFER_SYS.DELETE_TRAN Package
1003223* - Oracle SYS.LT.COMPRESSWORKSPACETREE SQL Injection


Microsoft Office
1007488 - Microsoft Office Memory Corruption Vulnerability (CVE-2016-0021)
1007517 - Microsoft Office Memory Corruption Vulnerability (CVE-2016-0134)


OpenSSL Client
1006920* - OpenSSL Client X509_cmp_time Denial Of Service Vulnerability (CVE-2015-1789)


RADIUS Server
1007455* - Microsoft Windows Network Policy Server RADIUS Implementation DOS Vulnerability (CVE-2016-0050)


Web Application PHP Based
1007403* - Drupal Core Host Header Handler Denial Of Service Vulnerability (CVE-2014-5019)


Web Client Common
1007519 - Adobe Flash Player Integer Overflow Vulnerability
1007497 - Adobe Flash Player Memory Corruption Vulnerabilities
1007504 - Adobe Flash Player Multiple Memory Corruption Vulnerabilities
1007483 - Microsoft Windows Media Player Parsing Remote Code Execution Vulnerability (CVE-2016-0098)
1007485 - Microsoft Windows Media Player Parsing Remote Code Execution Vulnerability (CVE-2016-0101)
1007489 - Microsoft Windows OLE Memory Remote Code Execution Vulnerability (CVE-2016-0091)
1007490 - Microsoft Windows OLE Memory Remote Code Execution Vulnerability (CVE-2016-0092)
1007482 - Microsoft Windows OpenType Font Parsing Vulnerability (CVE-2016-0121)
1007486 - Microsoft Windows PDF Library Remote Code Execution Vulnerability (CVE-2016-0117)
1007487 - Microsoft Windows PDF Library Remote Code Execution Vulnerability (CVE-2016-0118)


Web Client Internet Explorer/Edge
1007481 - Microsoft Edge Memory Corruption Vulnerability (CVE-2016-0123)
1007492 - Microsoft Edge Memory Corruption Vulnerability (CVE-2016-0124)
1007467 - Microsoft Internet Explorer And Edge Memory Corruption Vulnerability (CVE-2016-0102)
1007470 - Microsoft Internet Explorer And Edge Memory Corruption Vulnerability (CVE-2016-0105)
1007474 - Microsoft Internet Explorer And Edge Memory Corruption Vulnerability (CVE-2016-0109)
1007475 - Microsoft Internet Explorer And Edge Memory Corruption Vulnerability (CVE-2016-0110)
1007484 - Microsoft Internet Explorer And Edge Memory Corruption Vulnerability (CVE-2016-0111)
1007144* - Microsoft Internet Explorer Memory Corruption Vulnerability (CVE-2015-6071)
1007468 - Microsoft Internet Explorer Memory Corruption Vulnerability (CVE-2016-0103)
1007469 - Microsoft Internet Explorer Memory Corruption Vulnerability (CVE-2016-0104)
1007471 - Microsoft Internet Explorer Memory Corruption Vulnerability (CVE-2016-0106)
1007472 - Microsoft Internet Explorer Memory Corruption Vulnerability (CVE-2016-0107)
1007473 - Microsoft Internet Explorer Memory Corruption Vulnerability (CVE-2016-0108)
1007476 - Microsoft Internet Explorer Memory Corruption Vulnerability (CVE-2016-0112)
1007477 - Microsoft Internet Explorer Memory Corruption Vulnerability (CVE-2016-0113)
1007478 - Microsoft Internet Explorer Memory Corruption Vulnerability (CVE-2016-0114)
1007366* - Microsoft Silverlight Runtime Remote Code Execution Vulnerability (CVE-2016-0034)


Web Server Common
1000128* - HTTP Protocol Decoding


Web Server HTTPS
1007491 - Identified Usage Of EXPORT Cipher Suite In SSLv2 Connection


Integrity Monitoring Rules:

There are no new or updated Integrity Monitoring Rules in this Security Update.


Log Inspection Rules:

There are no new or updated Log Inspection Rules in this Security Update.