概要

* は既存ルールの新バージョンを示します。

DPI(Deep Packet Inspection) ルール:

DNSサーバ
1009474 - PowerDNS Recursor Out Of Bounds Read Denial Of Service Vulnerability (CVE-2018-16855)


IBM WebSphere Application Server
1009803* - IBM Websphere Application Server Remote Code Execution Vulnerability (CVE-2019-4279)


Jenkins Remoting
1009436* - Jenkins Remote Code Execution Vulnerability (CVE-2015-8103)


メールサーバ Exim
1009747* - MailCarrier Remote Code Execution Vulnerability (CVE-2004-1638)


Webアプリケーション 共通
1009630 - DotNetNuke Remote Code Execution Vulnerability (CVE-2017-9822)
1009687* - Ghostscript Remote Code Execution Vulnerability (CVE-2016-10218) - 1
1009531* - Jenkins CI Server Groovy Plugin Sandbox Bypass Vulnerability (CVE-2019-1003000)
1009761 - Microsoft Exchange Memory Corruption Vulnerability (CVE-2018-8302)
1009751* - WordPress PayPal Checkout Payment Gateway Plugin Parameter Tampering Vulnerability (CVE-2019-7441)


Webアプリケーション PHP
1009795* - Pimcore Unserialize Remote Code Execution Vulnerability (CVE-2019-10867)


Webクライアント 共通
1009440* - Adobe Acrobat And Reader Multiple Security Vulnerabilities (APSB18-41) - 4
1009442* - Adobe Acrobat And Reader Multiple Security Vulnerabilities (APSB18-41) - 7
1009823 - Microsoft Windows ActiveX Data Objects (ADO) Remote Code Execution Vulnerability (CVE-2019-0888)
1009759* - Microsoft Windows GDI Information Disclosure Vulnerability (CVE-2019-0961)
1009808 - Microsoft Windows GDI Information Disclosure Vulnerability (CVE-2019-0968)
1009809 - Microsoft Windows GDI Information Disclosure Vulnerability (CVE-2019-0977 and CVE-2019-1047)
1009818 - Microsoft Windows GDI Information Disclosure Vulnerability (CVE-2019-1009)
1009821 - Microsoft Windows GDI Information Disclosure Vulnerability (CVE-2019-1010)
1009807 - Microsoft Windows GDI Information Disclosure Vulnerability (CVE-2019-1011)
1009812 - Microsoft Windows GDI Information Disclosure Vulnerability (CVE-2019-1012)
1009824 - Microsoft Windows GDI Information Disclosure Vulnerability (CVE-2019-1013)
1009813 - Microsoft Windows GDI Information Disclosure Vulnerability (CVE-2019-1015)
1009810 - Microsoft Windows GDI Information Disclosure Vulnerability (CVE-2019-1016)
1009822 - Microsoft Windows GDI Information Disclosure Vulnerability (CVE-2019-1046)
1009819 - Microsoft Windows GDI Information Disclosure Vulnerability (CVE-2019-1048)
1009817 - Microsoft Windows GDI Information Disclosure Vulnerability (CVE-2019-1049)
1009820 - Microsoft Windows GDI Information Disclosure Vulnerability (CVE-2019-1050)
1009825 - Microsoft Windows Graphics Information Disclosure Vulnerability (CVE-2017-8533)
1009067* - Microsoft Windows VBScript Engine Remote Code Execution Vulnerability (CVE-2018-8174)
1009489* - Microsoft Windows Vcf And Contact File Insufficient UI Warning Remote Code Execution Vulnerability
1009772 - Microsoft Word Remote Code Execution Vulnerability (CVE-2018-8573)
1009814 - Microsoft Word Remote Code Execution Vulnerability (CVE-2019-1034)
1009815 - Microsoft Word Remote Code Execution Vulnerability (CVE-2019-1035)


Webクライアント Internet Explorer/Edge
1009430* - Microsoft Internet Explorer Remote Code Execution Vulnerability (CVE-2018-8625)


Webサーバ IIS
1009346* - Microsoft IIS MDAC 'msadcs.dll' RDS DataStub Content-Type Heap Overflow Vulnerability (CVE-2002-1142)


Webサーバ RealVNC
1009386* - VMware VNC VMWDynResolution Heap Buffer Overflow Vulnerability (CVE-2017-4933)


Webサーバ SharePoint
1009706* - Microsoft Windows OData Library Denial Of Service Vulnerability (CVE-2018-8269)


Zoho ManageEngine
1009470* - Zoho ManageEngine OpManager DataMigrationServlet Insecure Deserialization Vulnerability (CVE-2018-19403)


変更監視(Integrity Monitoring)ルール:

今回のセキュリティアップデートには、新規の変更監視ルールおよび更新は含まれておりません。


セキュリティログ監視(Log Inspection)ルール:

今回のセキュリティアップデートには、新規のセキュリティログ監視ルールおよび更新は含まれておりません。