Rule Update

16-007 (2016年3月22日)


  概要

* indicates a new version of an existing rule

Deep Packet Inspection Rules:

Backup Server IBM Tivoli Storage Manager FastBack Mount
1007271* - IBM Tivoli Storage Manager FastBack Buffer Overflow Vulnerability (CVE-2015-0120)
1007349* - IBM Tivoli Storage Manager FastBack Mount Stack Buffer Overflow Vulnerability (CVE-2015-0119)


Backup Server IBM Tivoli Storage Manager FastBack Server
1007351 - IBM Tivoli Storage Manager FastBack Command Execution Vulnerability (CVE-2015-1949)
1007357 - IBM Tivoli Storage Manager FastBack Server Buffer Overflow (CVE-2015-1929)
1007356 - IBM Tivoli Storage Manager FastBack Server Buffer Overflow Vulnerability (CVE-2015-1924)
1007355* - IBM Tivoli Storage Manager FastBack Server Command Injection Vulnerabilities
1007352 - IBM Tivoli Storage Manager FastBack Server Information Disclosure Vulnerability (CVE-2015-1941)
1007354 - IBM Tivoli Storage Manager FastBack Server Memory Corruption Vulnerability
1007464 - IBM Tivoli Storage Manager FastBack Stack Buffer Overflow Vulnerability (CVE-2015-4931)


Mail Server Miscellaneous
1006020* - Mercury Mail Transport System AUTH CRAM-MD5 Buffer Overflow Vulnerability


Microsoft Office
1007419* - Microsoft Office Memory Corruption Vulnerability (CVE-2016-0052)


Shellcode
1001183* - Identified Suspicious Usage Of Shellcode


Web Application Common
1007518 - Identified Reflected File Download Attack


Web Application PHP Based
1007272 - PHP SPL ArrayObject Use After Free Vulnerability
1007255 - PHP SplObjectStorage Use After Free Vulnerability
1007135* - WordPress XMLRPC 'system.multicall' Brute Force Amplification Attack


Web Application Tomcat
1005929* - Apache Tomcat Commons UploadFile Denial Of Service Vulnerability


Web Client Common
1007493 - Adobe Acrobat And Reader Memory Corruption Vulnerability (CVE-2016-1007)
1007495 - Adobe Acrobat And Reader Memory Corruption Vulnerability (CVE-2016-1009)
1007516 - Adobe Acrobat DLL Loading Arbitrary Code Execution Vulnerability Over WebDAV (CVE-2016-1008)
1007515 - Adobe Flash Player Heap Overflow Vulnerability (CVE-2016-1001)
1007496 - Adobe Flash Player Integer Overflow Vulnerability (CVE-2016-0963)
1007511 - Adobe Flash Player Integer Overflow Vulnerability (CVE-2016-0993)
1007519* - Adobe Flash Player Integer Overflow Vulnerability (CVE-2016-1010)
1007497* - Adobe Flash Player Memory Corruption Vulnerabilities
1007501 - Adobe Flash Player Memory Corruption Vulnerability (CVE-2016-0960)
1007500 - Adobe Flash Player Memory Corruption Vulnerability (CVE-2016-0961)
1007499 - Adobe Flash Player Memory Corruption Vulnerability (CVE-2016-0962)
1007505 - Adobe Flash Player Memory Corruption Vulnerability (CVE-2016-0986)
1007508 - Adobe Flash Player Memory Corruption Vulnerability (CVE-2016-0989)
1007506 - Adobe Flash Player Use After Free Vulnerability (CVE-2016-0987)
1007507 - Adobe Flash Player Use After Free Vulnerability (CVE-2016-0988)
1007509 - Adobe Flash Player Use After Free Vulnerability (CVE-2016-0990)
1007510 - Adobe Flash Player Use After Free Vulnerability (CVE-2016-0991)
1007512 - Adobe Flash Player Use After Free Vulnerability (CVE-2016-0994)
1007513 - Adobe Flash Player Use After Free Vulnerability (CVE-2016-0995)
1007514 - Adobe Flash Player Use After Free Vulnerability (CVE-2016-0996)
1007136 - Apple Quicktime 'stbl' Remote Code Execution Vulnerability
1007095 - Apple Quicktime Heap Overflow Vulnerability (CVE-2015-3668)
1007523 - Libxml2 Out Of Bound Read Multiple Information Disclosure Vulnerabilities (CVE-2015-7941)
1007368* - Microsoft DirectShow Heap Corruption Vulnerability (CVE-2016-0015)
1007223 - Microsoft GS Wavetable Synth Memory Corruption Vulnerability
1007366* - Microsoft Silverlight Runtime Remote Code Execution Vulnerability (CVE-2016-0034)
1007427* - Microsoft Windows DLL Loading Vulnerabilities Over WebDAV (MS16-014)
1003589* - Sun Java Runtime Environment And Java Development Kit Security Vulnerability


Web Client Internet Explorer/Edge
1007406* - Microsoft Internet Explorer And Edge Memory Corruption Vulnerability (CVE-2016-0061)
1007462 - Microsoft Internet Explorer GetCommonAncestorElement Denial Of Service Vulnerability
1007473* - Microsoft Internet Explorer Memory Corruption Vulnerability (CVE-2016-0108)
1007477* - Microsoft Internet Explorer Memory Corruption Vulnerability (CVE-2016-0113)


Web Server Common
1007222 - WordPress Ajax Load More Plugin File Upload Vulnerability


Web Server Oracle
1007204 - Oracle WebLogic Server Java Deserialization Objects Remote Code Execution Vulnerability


Windows Services RPC Client
1007494 - Adobe Acrobat DLL Loading Arbitrary Code Execution Vulnerability (CVE-2016-1008)
1007381* - Microsoft Windows DLL Loading Vulnerabilities Over Network Share (MS15-132)
1007426* - Microsoft Windows DLL Loading Vulnerabilities Over Network Share (MS16-014)


Integrity Monitoring Rules:

1005041* - Malware - Suspicious Microsoft Windows Files Detected
1005042* - Malware - Suspicious Microsoft Windows Registry Entries Detected


Log Inspection Rules:

There are no new or updated Log Inspection Rules in this Security Update.