Trend Micro Security
  Rule Update

17-019 (2017年5月2日)


* indicates a new version of an existing rule

Deep Packet Inspection Rules:

DCERPC Services
1008327 - Identified Server Suspicious SMB Session
1008306* - Microsoft Windows SMB Remote Code Execution Vulnerability (MS17-010)

DCERPC Services - Client
1008328 - Identified Client Suspicious SMB Session

DNS Server
1008188* - PowerDNS Authoritative Server Dot Character Denial Of Service Vulnerability (CVE-2016-5427)

Directory Server LDAP
1008278* - Microsoft LDAP Elevation Of Privilege Vulnerability (CVE-2017-0166)

HP Intelligent Management Center (IMC)
1008299 - HP Intelligent Management Center 'accessMgrServlet' Insecure Deserialization Vulnerability

HP OpenView
1008256* - HP Data Protector EXEC_SETUP Remote Code Execution Vulnerability (CVE-2011-0922)

Web Application Common
1008205* - ImageMagick 'coders/rle.c' Remote Buffer Overflow Vulnerability (CVE-2016-10049)
1008190* - ImageMagick ImageFile MagickCore Buffer Overflow Vulnerability (CVE-2016-8677)

Web Application PHP Based
1008143* - Joomla Media Manager Privilege Escalation Vulnerability (CVE-2013-5576)
1008322 - SquirrelMail Remote Code Execution Vulnerability (CVE-2017-7692)
1008146* - WordPress UserPro Plugin Remote File Upload Vulnerability

Web Application Ruby Based
1008181* - Ruby On Rails Action Pack Remote Code Execution Vulnerability (CVE-2016-2098)

Web Client Common
1007965* - Adobe Acrobat And Reader FlateDecode Parsing Out-Of-Bounds Read Information Disclosure Vulnerability (APSB16-26) - 1
1008298 - Adobe Reader DC XObject stream Use After Free Remote Code Execution Vulnerability (CVE-2016-6938)
1008274* - Microsoft Windows Multiple Security Vulnerabilities (April-2017)

Web Client Internet Explorer/Edge
1008162 - Microsoft Edge Memory Corruption Vulnerability (CVE-2017-0046)

Web Server Miscellaneous
1008130* - Oracle Application Testing Suite Multiple Security Vulnerabilities
1008142* - Oracle Application Testing Suite UploadFileAction Servlet Remote Code Execution Vulnerability (CVE-2016-0491)

Web Server Oracle
1007968* - Oracle WebLogic Server Apache-Commons-FileUpload Library Insecure Deserialization Vulnerability (CVE-2013-2186)

Integrity Monitoring Rules:

There are no new or updated Integrity Monitoring Rules in this Security Update.

Log Inspection Rules:

There are no new or updated Log Inspection Rules in this Security Update.