Trend Micro Deep Security™️およびDPIルール等の関連情報

  • Rule Update: 15-028 (2015年8月25日)
    * indicates a new version of an existing rule

    Deep Packet Inspection Rules:

    Asterisk Server IAX2
    1003778* - Digium Asterisk IAX2 Call Number Denial Of Service


    Backup Server EMC Legato
    1001104* - EMC Legato Networker Remote Exec Service Stack Overflow


    DNS Client
    1002358* - Adobe Multiple Products PDF JavaScript Method Buffer Overflow
    1005101* - ISC BIND Zero Length RDATA Denial Of Service Vulnerability
    1006909* - ISC BIND Zone Query Handler Denial Of Service Vulnerability
    1000159* - Microsoft SMTP Server DNS Handling Buffer Overflow


    DNS Server
    1000836* - Microsoft Windows NAT Helper DNS Query DoS


    Database Oracle
    1000251* - Oracle Database Server Buffer Overflow In Procedure START_LOG of CTX_OUTPUT Package


    Microsoft Office
    1005346* - Identified Suspicious Microsoft Word RTF File
    1004978* - MSCOMCTL.OCX RCE Vulnerability For Office Binary File (CVE-2012-0158)
    1006625* - Microsoft Office Component Use After Free Vulnerability (CVE-2015-1649)


    Novell Configuration Management Preboot Policy Service
    1006792 - Novell ZENworks Configuration Management Stack Buffer Overflow Vulnerability
    1006791 - Novell ZENworks Preboot Service Dynamic Port Decoder


    Novell File Reporter (NFR) Agent
    1005260* - Novell File Reporter SRS XML Server Request With Path Element Detected


    OpenSSL
    1006854* - OpenSSL X509_cmp_time Denial Of Service Vulnerability (CVE-2015-1789)


    OpenSSL Client
    1006920 - OpenSSL Client X509_cmp_time Denial Of Service Vulnerability (CVE-2015-1789)


    Web Application PHP Based
    1006021* - Joomla JCE Extension Multiple Vulnerabilities


    Web Application Tomcat
    1001108* - Apache Tomcat Cookie Handling Single Quotes Vulnerability


    Web Client Common
    1003186* - Adobe Flash Player For Linux ActionScript ASnative Command Execution
    1006972* - Adobe Flash Player Heap Buffer Overflow Vulnerability (CVE-2015-5131)
    1006958* - Adobe Flash Player Heap Buffer Overflow Vulnerability (CVE-2015-5133)
    1006968 - Adobe Flash Player Memory Corruption Vulnerability (CVE-2015-5126)
    1006984* - Adobe Flash Player Memory Corruption Vulnerability (CVE-2015-5546)
    1006987* - Adobe Flash Player Memory Corruption Vulnerability (CVE-2015-5549)
    1006810* - Adobe Flash Player Nellymoser Heap Buffer Overflow Vulnerabilities
    1006967* - Adobe Flash Player Security Bypass Vulnerability (CVE-2015-5125)
    1006865* - Adobe Flash Player SharedObject Use After Free Vulnerabilities
    1006974 - Adobe Flash Player Type Confusion Memory Corruption Vulnerability (CVE-2015-5554)
    1006975* - Adobe Flash Player Type Confusion Memory Corruption Vulnerability (CVE-2015-5555)
    1006978* - Adobe Flash Player Type Confusion Memory Corruption Vulnerability (CVE-2015-5558)
    1007012 - Adobe Flash Player Type Confusion Memory Corruption Vulnerability (CVE-2015-5562)
    1006969 - Adobe Flash Player Use After Free Vulnerability (CVE-2015-5127)
    1006988* - Adobe Flash Player Use After Free Vulnerability (CVE-2015-5550)
    1006989 - Adobe Flash Player Use After Free Vulnerability (CVE-2015-5551)
    1006976* - Adobe Flash Player Use After Free Vulnerability (CVE-2015-5556)
    1006977* - Adobe Flash Player Use After Free Vulnerability (CVE-2015-5557)
    1006981* - Adobe Flash Player Use After Free Vulnerability (CVE-2015-5561)
    1007016 - Adobe Flash Player Use After Free Vulnerability (CVE-2015-5564)
    1006965* - Adobe Flash Player Use After Free Vulnerability (CVE-2015-5565)
    1006966* - Adobe Flash Player Use After Free Vulnerability (CVE-2015-5566)
    1007014 - Adobe Reader And Acrobat Heap Based Buffer Overflow Vulnerability (CVE-2015-5105)
    1007010 - Adobe Reader And Acrobat Information Disclosure Vulnerability (CVE-2015-5089)
    1007015 - Adobe Reader And Acrobat Integer Overflow Vulnerability (CVE-2015-5108)
    1007007 - Adobe Reader And Acrobat Multiple Integer Overflow And Information Disclosure Vulnerabilities
    1007001 - Adobe Reader And Acrobat Null Pointer Dereference Vulnerability (CVE-2015-4443)
    1007002 - Adobe Reader And Acrobat Null Pointer Dereference Vulnerability (CVE-2015-4444)
    1007009 - Adobe Reader And Acrobat Security Bypass Vulnerability (CVE-2015-4435)
    1007011 - Adobe Reader And Acrobat Security Bypass Vulnerability (CVE-2015-4438)
    1007000 - Adobe Reader And Acrobat Security Bypass Vulnerability (CVE-2015-4441)
    1007003 - Adobe Reader And Acrobat Security Bypass Vulnerability (CVE-2015-4445)
    1006886* - Adobe Reader And Acrobat Security Bypass Vulnerability (CVE-2015-4447)
    1007004 - Adobe Reader And Acrobat Security Bypass Vulnerability (CVE-2015-4449)
    1007005 - Adobe Reader And Acrobat Security Bypass Vulnerability (CVE-2015-4451)
    1006998 - Adobe Reader And Acrobat Security Bypass Vulnerability (CVE-2015-4452)
    1006999 - Adobe Reader And Acrobat Security Bypass Vulnerability (CVE-2015-5085)
    1006996 - Identified Suspicious Microsoft Word RTF File - 1
    1006820* - Java SE Remote Security Vulnerability (CVE-2015-0491)
    1006944* - Microsoft Windows OpenType Font Parsing Vulnerability (CVE-2015-2432)
    1006946* - Microsoft Windows OpenType Font Parsing Vulnerability (CVE-2015-2458)
    1006947* - Microsoft Windows OpenType Font Parsing Vulnerability (CVE-2015-2459)
    1006948* - Microsoft Windows OpenType Font Parsing Vulnerability (CVE-2015-2460)
    1006945* - Microsoft Windows TrueType Font Parsing Vulnerability (CVE-2015-2456)
    1004834* - Oracle DataDirect ODBC Drivers HOST Attribute arsqls24.dll Stack Based Buffer Overflow
    1006699 - libpng Heap Based Buffer Overflow Vulnerability (CVE-2015-0973)


    Web Client Internet Explorer
    1006957* - Microsoft Internet Explorer Arbitrary Remote Code Execution Vulnerability (CVE-2015-2502)
    1006868* - Microsoft Internet Explorer JScript9 Memory Corruption Vulnerability (CVE-2015-2419)
    1006929* - Microsoft Internet Explorer Memory Corruption Vulnerability (CVE-2015-2443)
    1006930* - Microsoft Internet Explorer Memory Corruption Vulnerability (CVE-2015-2444)
    1006932* - Microsoft Internet Explorer Memory Corruption Vulnerability (CVE-2015-2448)
    1004977* - Restrict Microsoft Windows Common ListView And TreeView ActiveX Controls


    Web Server IIS
    1005622* - Microsoft Internet Information Services DOS Device Request Security Bypass Vulnerability


    Web Server Miscellaneous
    1005597* - Apache Struts 'ParameterInterceptor' Class OGNL Security Bypass Vulnerability
    1005994* - Apache Struts Multiple Directory Traversal Vulnerabilities
    1005604* - Apache Struts Multiple Remote Command Execution Vulnerability
    1006155* - Apache Struts ParameterInterceptor Class OGNL Security Bypass Vulnerability
    1004982* - Apache Struts2 'XSLTResult.java' Remote Arbitrary File Upload Vulnerability
    1006908 - Novell ZENworks Configuration Management UploadServlet Remote Code Execution Vulnerabilities


    Web Server Squid
    1000388* - Restrict Squid Cache Manager Access


    Web Service HP SiteScope
    1005837* - HP SiteScope "issueSiebelCmd" SOAP Request Detected


    Windows Services RPC Server
    1000735* - Microsoft Windows Server Service Remote Code Execution


    Integrity Monitoring Rules:

    1005041* - Malware - Suspicious Microsoft Windows Files Detected
    1005042* - Malware - Suspicious Microsoft Windows Registry Entries Detected


    Log Inspection Rules:

    1002795* - Microsoft Windows Events
  • Rule Update: 15-027 (2015年8月14日)
    * indicates a new version of an existing rule

    Deep Packet Inspection Rules:

    Web Client Common
    1006970 - Adobe Flash Player Heap Buffer Overflow Vulnerability (CVE-2015-5129)
    1006972 - Adobe Flash Player Heap Buffer Overflow Vulnerability (CVE-2015-5131)
    1006973 - Adobe Flash Player Heap Buffer Overflow Vulnerability (CVE-2015-5132)
    1006958 - Adobe Flash Player Heap Buffer Overflow Vulnerability (CVE-2015-5133)
    1006962 - Adobe Flash Player Heap Buffer Overflow Vulnerability (CVE-2015-5541)
    1006980 - Adobe Flash Player Integer Overflow Vulnerability (CVE-2015-5560)
    1006964 - Adobe Flash Player Memory Corruption Vulnerability (CVE-2015-5544)
    1006983 - Adobe Flash Player Memory Corruption Vulnerability (CVE-2015-5545)
    1006984 - Adobe Flash Player Memory Corruption Vulnerability (CVE-2015-5546)
    1006985 - Adobe Flash Player Memory Corruption Vulnerability (CVE-2015-5547)
    1006986 - Adobe Flash Player Memory Corruption Vulnerability (CVE-2015-5548)
    1006987 - Adobe Flash Player Memory Corruption Vulnerability (CVE-2015-5549)
    1006990 - Adobe Flash Player Memory Corruption Vulnerability (CVE-2015-5552)
    1006991 - Adobe Flash Player Memory Corruption Vulnerability (CVE-2015-5553)
    1006636* - Adobe Flash Player Remote Code Execution Vulnerability (CVE-2015-0349)
    1006967 - Adobe Flash Player Security Bypass Vulnerability (CVE-2015-5125)
    1006975 - Adobe Flash Player Type Confusion Memory Corruption Vulnerability (CVE-2015-5555)
    1006978 - Adobe Flash Player Type Confusion Memory Corruption Vulnerability (CVE-2015-5558)
    1006965 - Adobe Flash Player Use After Free Vulnerability (CVE-2015-3107)
    1006966 - Adobe Flash Player Use After Free Vulnerability (CVE-2015-5124)
    1006971 - Adobe Flash Player Use After Free Vulnerability (CVE-2015-5130)
    1006959 - Adobe Flash Player Use After Free Vulnerability (CVE-2015-5134)
    1006960 - Adobe Flash Player Use After Free Vulnerability (CVE-2015-5539)
    1006961 - Adobe Flash Player Use After Free Vulnerability (CVE-2015-5540)
    1006988 - Adobe Flash Player Use After Free Vulnerability (CVE-2015-5550)
    1006976 - Adobe Flash Player Use After Free Vulnerability (CVE-2015-5556)
    1006977 - Adobe Flash Player Use After Free Vulnerability (CVE-2015-5557)
    1006979 - Adobe Flash Player Use After Free Vulnerability (CVE-2015-5559)
    1006981 - Adobe Flash Player Use After Free Vulnerability (CVE-2015-5561)
    1006982 - Adobe Flash Player Use After Free Vulnerability (CVE-2015-5563)
    1006599* - Identified Suspicious Obfuscated JavaScript – 3


    Web Client Internet Explorer
    1006992 - Microsoft Internet Explorer ASLR Bypass Vulnerability (CVE-2015-2445)
    1006957 - Microsoft Internet Explorer Arbitrary Remote Code Execution Vulnerability


    Integrity Monitoring Rules:

    There are no new or updated Integrity Monitoring Rules in this Security Update.


    Log Inspection Rules:

    There are no new or updated Log Inspection Rules in this Security Update.
  • Rule Update: 15-026 (2015年8月11日)
    * indicates a new version of an existing rule

    Deep Packet Inspection Rules:

    Microsoft Office
    1006624 - Microsoft Office Component Use After Free Vulnerability (CVE-2015-1642)
    1006936 - Microsoft Office Graphics Component Remote Code Execution Vulnerability (CVE-2015-2431)
    1006940 - Microsoft Office Integer Underflow Vulnerability (CVE-2015-2470)
    1006937 - Microsoft Office Memory Corruption Vulnerability (CVE-2015-2467)
    1006938 - Microsoft Office Memory Corruption Vulnerability (CVE-2015-2468)
    1006939 - Microsoft Office Memory Corruption Vulnerability (CVE-2015-2469)
    1006941 - Microsoft Office Memory Corruption Vulnerability (CVE-2015-2477)
    1005158* - Restrict Microsoft Office Files With Embedded SWF - 2


    OpenSSL
    1006855* - OpenSSL Alternative Chains Certificate Forgery Security Bypass Vulnerability (CVE-2015-1793)


    Oracle MySQL InnoDB Memcached Plugin
    1005511* - Oracle MySQL Server InnoDB MemCached Remote Denial Of Service Vulnerability


    Web Application PHP Based
    1006817* - PHP 'phar_parse_tarfile' Memory Corruption Vulnerability
    1006819* - PHP DateTime Use After Free Vulnerability (CVE-2015-0273)
    1006821* - PHP DateTimeZone Type Confusion Information Disclosure Vulnerability


    Web Client Common
    1006824* - Adobe Flash ActionScript3 ByteArray Use After Free Vulnerability
    1006858* - Adobe Flash ActionScript3 opaqueBackground Use After Free Vulnerability (CVE-2015-5122)
    1006914* - Adobe Flash Player Memory Corruption Vulnerability (CVE-2015-3130)
    1006915 - Adobe Flash Player Memory Corruption Vulnerability (CVE-2015-3134)
    1006866* - Adobe Flash Player Multiple Use After Free Vulnerabilities
    1006863* - Adobe Flash Player Type Confusion Vulnerability (CVE-2015-3119)
    1006864* - Adobe Flash Player Type Confusion Vulnerability (CVE-2015-3121)
    1006913* - Adobe Flash Player Use After Free Vulnerability (CVE-2015-3129)
    1006919* - Adobe Flash Player Use After Free Vulnerability (CVE-2015-3132)
    1006918* - Adobe Flash Player Use After Free Vulnerability (CVE-2015-4433)
    1006943 - Adobe Flash Player Use After Free Vulnerability (CVE-2015-5117)
    1006885 - Adobe Reader And Acrobat Information Disclosure Vulnerability (CVE-2014-8450)
    1006820* - Java SE Remote Security Vulnerability (CVE-2015-0491)
    1006598* - Microsoft Windows DLL Planting Remote Code Execution Vulnerability Over HTTP (CVE-2015-0096)
    1006944 - Microsoft Windows OpenType Font Parsing Vulnerability (CVE-2015-2432)
    1006946 - Microsoft Windows OpenType Font Parsing Vulnerability (CVE-2015-2458)
    1006947 - Microsoft Windows OpenType Font Parsing Vulnerability (CVE-2015-2459)
    1006948 - Microsoft Windows OpenType Font Parsing Vulnerability (CVE-2015-2460)
    1006949 - Microsoft Windows OpenType Font Parsing Vulnerability (CVE-2015-2461)
    1006950 - Microsoft Windows OpenType Font Parsing Vulnerability (CVE-2015-2462)
    1006955 - Microsoft Windows TrueType Font Parsing Vulnerability (CVE-2015-2435)
    1006956 - Microsoft Windows TrueType Font Parsing Vulnerability (CVE-2015-2455)
    1006945 - Microsoft Windows TrueType Font Parsing Vulnerability (CVE-2015-2456)
    1006951 - Microsoft Windows TrueType Font Parsing Vulnerability (CVE-2015-2463)
    1006952 - Microsoft Windows TrueType Font Parsing Vulnerability (CVE-2015-2464)


    Web Client Internet Explorer
    1006868* - Microsoft Internet Explorer JScript9 Memory Corruption Vulnerability (CVE-2015-2419)
    1006928 - Microsoft Internet Explorer Memory Corruption Vulnerability (CVE-2015-2442)
    1006929 - Microsoft Internet Explorer Memory Corruption Vulnerability (CVE-2015-2443)
    1006930 - Microsoft Internet Explorer Memory Corruption Vulnerability (CVE-2015-2444)
    1006931 - Microsoft Internet Explorer Memory Corruption Vulnerability (CVE-2015-2446)
    1006932 - Microsoft Internet Explorer Memory Corruption Vulnerability (CVE-2015-2448)
    1006933 - Microsoft Internet Explorer Memory Corruption Vulnerability (CVE-2015-2450)
    1006934 - Microsoft Internet Explorer Memory Corruption Vulnerability (CVE-2015-2451)
    1006935 - Microsoft Internet Explorer Memory Corruption Vulnerability (CVE-2015-2452)


    Web Client Mozilla Firefox
    1006954 - Mozilla Firefox PDF Viewer Same Origin Policy Information Disclosure Vulnerability (CVE-2015-4495)


    Web Server Common
    1000128* - HTTP Protocol Decoding


    Web Server Miscellaneous
    1004874* - TimThumb Plugin Remote Code Execution Vulnerability


    Web Server RealVNC
    1006884 - libvncserver Denial Of Service Vulnerability (CVE-2014-6054)


    Windows Services RPC Server
    1006906* - Identified Usage Of PsExec Command Line Tool


    Integrity Monitoring Rules:

    1006803 - TMTR-0001: Suspicious Files Detected In Operating System Directories
    1006800 - TMTR-0002: Suspicious Files Detected In Operating System Directories
    1006802 - TMTR-0003: Suspicious Files Detected In Operating System Directories
    1006801 - TMTR-0004: Suspicious Files Detected In Operating System Directories
    1006798 - TMTR-0005: Suspicious Files Detected In Application Directories
    1006797 - TMTR-0006: Suspicious Files Detected In Application Directories
    1006796 - TMTR-0007: Suspicious Files Detected In Application Directories
    1006682* - TMTR-0008: Suspicious Files Detected In Application Directories
    1006805 - TMTR-0009: Suspicious Files Detected In System Folder
    1006804 - TMTR-0010: Suspicious Files Detected In System Folder
    1006795 - TMTR-0011: Suspicious Files Detected In System Folder
    1006658* - TMTR-0012: Suspicious Files Detected In Temporary Directories
    1006677* - TMTR-0013: Suspicious Files Detected In Windows Folder
    1006799 - TMTR-0014: Suspicious Service Detected
    1006684* - TMTR-0015: Suspicious Service Detected
    1006683* - TMTR-0016: Suspicious Running Processes Detected
    1006691* - TMTR-0017: Microsoft Windows - SAM Domain Account Users Modification Detected


    Log Inspection Rules:

    There are no new or updated Log Inspection Rules in this Security Update.
  • Rule Update: 15-025 (2015年8月3日)
    * indicates a new version of an existing rule

    Deep Packet Inspection Rules:

    DNS Client
    1006909 - ISC BIND Zone Query Handler Denial Of Service Vulnerability


    DNS Server
    1006924 - ISC BIND TKEY Query Handling Denial Of Service Vulnerability (CVE-2015-5477)
    1006925 - ISC BIND TKEY Query Handling Denial Of Service Vulnerability (CVE-2015-5477) - 1


    Suspicious Server Application Activity
    1005090* - Identified Potentially Harmful Server Traffic


    Web Client Common
    1006914 - Adobe Flash Player Memory Corruption Vulnerability (CVE-2015-3130)
    1006917 - Adobe Flash Player Memory Corruption Vulnerability (CVE-2015-4431)
    1006923 - Adobe Flash Player Null Pointer Dereference Vulnerability (CVE-2015-3133)
    1006921 - Adobe Flash Player Null Pointer Dereference Vulnerability (CVE-2015-3126)
    1006922 - Adobe Flash Player Null Pointer Dereference Vulnerability (CVE-2015-4429)
    1006910 - Adobe Flash Player Type Confusion Vulnerability (CVE-2015-3120)
    1006911 - Adobe Flash Player Type Confusion Vulnerability (CVE-2015-3122)
    1006912 - Adobe Flash Player Use After Free Vulnerability (CVE-2015-3124)
    1006913 - Adobe Flash Player Use After Free Vulnerability (CVE-2015-3129)
    1006919 - Adobe Flash Player Use After Free Vulnerability (CVE-2015-3132)
    1006916 - Adobe Flash Player Use After Free Vulnerability (CVE-2015-4430)
    1006918 - Adobe Flash Player Use After Free Vulnerability (CVE-2015-4433)
    1006815 - Google Chrome SpeechRecognitionClient Use After Free Vulnerability (CVE-2015-1251)


    Web Server Common
    1005567* - Identified No Ending Protocol In HTTP Request


    Integrity Monitoring Rules:

    There are no new or updated Integrity Monitoring Rules in this Security Update.


    Log Inspection Rules:

    There are no new or updated Log Inspection Rules in this Security Update.
  • Rule Update: 15-024 (2015年7月28日)
    * indicates a new version of an existing rule

    Deep Packet Inspection Rules:

    Microsoft Office
    1006574* - Microsoft Office Local Zone Remote Code Execution Vulnerability (CVE-2015-0097)
    1004099* - Microsoft Office Publisher File Conversion TextBox Processing Buffer Overflow Vulnerability


    OpenSSL
    1006855* - OpenSSL Alternative Chains Certificate Forgery Security Bypass Vulnerability (CVE-2015-1793)
    1006854 - OpenSSL X509_cmp_time Denial Of Service Vulnerability (CVE-2015-1789)


    OpenSSL Client
    1006856* - OpenSSL Client Alternative Chains Certificate Forgery Security Bypass Vulnerability (CVE-2015-1793)
    1006806* - OpenSSL Malformed ECParameters Infinite Loop Denial Of Service Vulnerability


    Unix CUPS
    1006814* - CUPS Print Service Remote Privilege Escalation Vulnerability


    Web Application Common
    1005936* - Identified Local File Inclusion (LFI) Over HTTP
    1006823* - Identified Suspicious Command Injection Attack - 1


    Web Application PHP Based
    1006817 - PHP 'phar_parse_tarfile' Memory Corruption Vulnerability
    1006819 - PHP DateTime Use After Free Vulnerability (CVE-2015-0273)
    1006821 - PHP DateTimeZone Type Confusion Information Disclosure Vulnerability


    Web Client Common
    1006824* - Adobe Flash ActionScript3 ByteArray Use After Free Vulnerability
    1006812* - Adobe Flash Player Heap Buffer Overflow Vulnerability (CVE-2015-3113) -1
    1006701* - Adobe Flash Player Type Confusion Remote Code Execution Vulnerability (CVE-2015-3077)
    1006905 - Adobe Flash Player Unspecified Memory Corruption Vulnerability (CVE-2015-3123)
    1006903* - Adobe Font Driver Memory Corruption Vulnerability (CVE-2015-2426)
    1006890 - Adobe Reader And Acrobat Buffer Overflow Vulnerability (CVE-2015-5093)
    1006893 - Adobe Reader And Acrobat Integer Overflow Vulnerability (CVE-2015-5097)
    1006889 - Adobe Reader And Acrobat Memory Corruption Vulnerability (CVE-2015-5087)
    1006891 - Adobe Reader And Acrobat Memory Corruption Vulnerability (CVE-2015-5094)
    1006894 - Adobe Reader And Acrobat Memory Corruption Vulnerability (CVE-2015-5098)
    1006896 - Adobe Reader And Acrobat Memory Corruption Vulnerability (CVE-2015-5100)
    1006897 - Adobe Reader And Acrobat Memory Corruption Vulnerability (CVE-2015-5101)
    1006898 - Adobe Reader And Acrobat Memory Corruption Vulnerability (CVE-2015-5102)
    1006899 - Adobe Reader And Acrobat Memory Corruption Vulnerability (CVE-2015-5103)
    1006900 - Adobe Reader And Acrobat Memory Corruption Vulnerability (CVE-2015-5104)
    1006886 - Adobe Reader And Acrobat Security Bypass Vulnerability (CVE-2015-4447)
    1006888 - Adobe Reader And Acrobat Security Bypass Vulnerability (CVE-2015-5086)
    1006887 - Adobe Reader And Acrobat Use After Free Vulnerability (CVE-2015-4448)
    1006892 - Adobe Reader And Acrobat Use After Free Vulnerability (CVE-2015-5095)
    1006895 - Adobe Reader And Acrobat Use After Free Vulnerability (CVE-2015-5099)
    1006901 - Adobe Reader And Acrobat Use After Free Vulnerability (CVE-2015-5111)
    1006902 - Adobe Reader And Acrobat Use After Free Vulnerability (CVE-2015-5113)
    1006883 - Google Chrome Cross Site Scripting Filter Bypass Vulnerability
    1006872* - Microsoft Windows DLL Planting Remote Code Execution Vulnerability (CVE-2015-2369)
    1006857* - Oracle Java SE Remote Code Execution Vulnerability (CVE-2015-2590)


    Web Client Internet Explorer
    1006868* - Microsoft Internet Explorer JScript9 Memory Corruption Vulnerability (CVE-2015-2419)
    1006832* - Microsoft Internet Explorer Memory Corruption Vulnerability (CVE-2015-2401)
    1006869* - Microsoft Internet Explorer Memory Corruption Vulnerability (CVE-2015-2425)


    Web Client Mozilla Firefox
    1006825 - Mozilla Firefox XrayWrapper Privileged Javascript Injection Vulnerability (CVE-2014-8636)


    Web Server IIS
    1006434* - Microsoft IIS Directory Traversal Vulnerability


    Web Server Miscellaneous
    1003505* - Microsoft .Net Framework Null Byte Injection Vulnerability


    Web Service HP SiteScope
    1006816* - HP SiteScope Log Analyzer Privilege Escalation Vulnerability (CVE-2015-2120)


    Windows Services RPC Server
    1006906 - Identified Usage Of PsExec Command Line Tool


    Integrity Monitoring Rules:

    There are no new or updated Integrity Monitoring Rules in this Security Update.


    Log Inspection Rules:

    There are no new or updated Log Inspection Rules in this Security Update.
  • Rule Update: 15-023 (2015年7月20日)
    * indicates a new version of an existing rule

    Deep Packet Inspection Rules:

    Remote Desktop Protocol Server
    1006870 - Microsoft Windows Remote Desktop Protocol (RDP) Remote Code Execution Vulnerability (CVE-2015-2373)


    Web Client Common
    1006858* - Adobe Flash ActionScript3 opaqueBackground Use After Free Vulnerability (CVE-2015-5122)
    1006859* - Adobe Flash Player BitmapData Remote Code Execution Vulnerability (CVE-2015-5123)
    1006530* - Adobe Flash Player Memory Corruption Vulnerability (CVE-2014-0582)
    1006903 - Adobe Font Driver Memory Corruption Vulnerability (CVE-2015-2426)
    1006904 - Microsoft Office Memory Corruption Vulnerability (CVE-2015-2424)


    Integrity Monitoring Rules:

    There are no new or updated Integrity Monitoring Rules in this Security Update.


    Log Inspection Rules:

    There are no new or updated Log Inspection Rules in this Security Update.
  • Rule Update: 15-022 (2015年7月14日)
    * indicates a new version of an existing rule

    Deep Packet Inspection Rules:

    Database Microsoft SQL
    1006840 - Microsoft SQL Server Remote Code Execution Vulnerability (CVE-2015-1762)


    Database MySQL
    1006813 - Identified Oracle MySQL Database Operation


    FTP Server ProFTPD
    1006743* - ProFTPD Remote Command Execution Vulnerability (CVE-2015-3306)


    Microsoft Office
    1006873 - Microsoft Excel ASLR Bypass Vulnerability (CVE-2015-2375)
    1006874 - Microsoft Office Memory Corruption Vulnerability (CVE-2015-2376)
    1006875 - Microsoft Office Memory Corruption Vulnerability (CVE-2015-2377)
    1006876 - Microsoft Office Memory Corruption Vulnerability (CVE-2015-2379)
    1006877 - Microsoft Office Memory Corruption Vulnerability (CVE-2015-2380)
    1006878 - Microsoft Office Memory Corruption Vulnerability (CVE-2015-2415)
    1006769* - Microsoft Office Use After Free Vulnerability (CVE-2015-1759)
    1006770* - Microsoft Office Use After Free Vulnerability (CVE-2015-1760)
    1000764* - Microsoft Publisher Font Parsing Buffer Overflow
    1005990* - Microsoft Word RTF Remote Code Execution Vulnerability (CVE-2014-1761)


    OpenSSL
    1006655* - OpenSSL ASN_TYPE_cmp Segmentation Fault Vulnerability (CVE-2015-0286)
    1006855 - OpenSSL Alternative Chains Certificate Forgery Security Bypass Vulnerability (CVE-2015-1793)


    OpenSSL Client
    1006856 - OpenSSL Client Alternative Chains Certificate Forgery Security Bypass Vulnerability (CVE-2015-1793)
    1006093* - OpenSSL Client SSL/TLS Man In The Middle Security Bypass Vulnerability
    1006806 - OpenSSL Malformed ECParameters Infinite Loop Denial Of Service Vulnerability


    SSL Client
    1006485* - SSL RSA Downgrade Vulnerability


    Unix CUPS
    1006814 - CUPS Print Service Remote Privilege Escalation Vulnerability


    Unix Samba
    1003999* - Samba MS-RPC Remote Shell Command Execution Vulnerability


    Web Application Common
    1006823 - Identified Suspicious Command Injection Attack - 1
    1005402* - Identified Suspicious User Agent In HTTP Request


    Web Application PHP Based
    1006794* - PHP 'main/rfc1867.c' Remote Denial Of Service Vulnerability
    1006390* - WordPress Denial Of Service Vulnerability (CVE-2014-9034)


    Web Application Tomcat
    1001074* - Apache Tomcat Cookie Handling Session ID Disclosure


    Web Client Common
    1006824* - Adobe Flash ActionScript3 ByteArray Use After Free Vulnerability
    1006860 - Adobe Flash Domain Policy Security Bypass Vulnerabilities
    1006455* - Adobe Flash Player Heap Based Buffer Overflow Vulnerability (CVE-2015-0309)
    1006812 - Adobe Flash Player Heap Buffer Overflow Vulnerability (CVE-2015-3113) -1
    1006006* - Adobe Flash Player Information Disclosure Vulnerability (CVE-2014-0508)
    1003891* - Adobe Flash Player JPEG Parsing Heap Overflow Vulnerability
    1006399* - Adobe Flash Player Memory Corruption Vulnerability (CVE-2014-0574)
    1006400* - Adobe Flash Player Memory Corruption Vulnerability (CVE-2014-0586)
    1006461* - Adobe Flash Player Memory Corruption Vulnerability (CVE-2015-0310)
    1006713* - Adobe Flash Player Memory Corruption Vulnerability (CVE-2015-3090)
    1006861 - Adobe Flash Player Memory Corruption Vulnerability (CVE-2015-3117)
    1006866 - Adobe Flash Player Multiple Use After Free Vulnerabilities
    1006810* - Adobe Flash Player Nellymoser Heap Buffer Overflow Vulnerabilities
    1006779* - Adobe Flash Player Out Of Bound Write Vulnerability (CVE-2015-3105)
    1004229* - Adobe Flash Player Remote Code Execution Vulnerabilities - 2
    1006464* - Adobe Flash Player Remote Code Execution Vulnerability (CVE-2015-0312)
    1006526* - Adobe Flash Player Remote Code Execution Vulnerability (CVE-2015-0330)
    1006138* - Adobe Flash Player Security Bypass Vulnerability (CVE-2014-4671)
    1006865 - Adobe Flash Player SharedObject Use After Free Vulnerabilities
    1006863 - Adobe Flash Player Type Confusion Vulnerability (CVE-2015-3119)
    1006864 - Adobe Flash Player Type Confusion Vulnerability (CVE-2015-3121)
    1006517* - Adobe Flash Player Use After Free Vulnerability (CVE-2015-0320)
    1006862 - Adobe Flash Player Use After Free Vulnerability (CVE-2015-3118)
    1006419* - Adobe Reader And Acrobat Memory Corruption Vulnerability (CVE-2014-8461)
    1004042* - Google Chrome XML Denial Of Service
    1006882 - Identified Suspicious Obfuscated JavaScript - 4
    1006742 - Identified Suspicious User Agent In Outgoing HTTP Request
    1006818 - Java SE Remote Security Vulnerability (CVE-2015-0459)
    1006820 - Java SE Remote Security Vulnerability (CVE-2015-0491)
    1006872 - Microsoft Windows DLL Planting Remote Code Execution Vulnerability (CVE-2015-2369)
    1006879 - Microsoft Windows Graphics Component EOP Vulnerability (CVE-2015-2364)
    1006880 - Microsoft Windows OLE Elevation Of Privilege Vulnerability (CVE-2015-2416)
    1006881 - Microsoft Windows OLE Elevation Of Privilege Vulnerability (CVE-2015-2417)
    1006291* - Microsoft Windows OLE Remote Code Execution Vulnerability - 1
    1006572 - Multiple Browser libjpeg/libjpeg-turbo Library Memory Corruption Vulnerability


    Web Client Internet Explorer
    1006839 - Microsoft Internet Explorer ASLR Bypass Vulnerability (CVE-2015-2421)
    1006842 - Microsoft Internet Explorer Information Disclosure Vulnerability (CVE-2015-1729)
    1006867 - Microsoft Internet Explorer Information Disclosure Vulnerability (CVE-2015-2413)
    1006868 - Microsoft Internet Explorer JScript9 Memory Corruption Vulnerability (CVE-2015-2419)
    1006750 - Microsoft Internet Explorer Memory Corruption Vulnerability (CVE-2015-1733)
    1006752* - Microsoft Internet Explorer Memory Corruption Vulnerability (CVE-2015-1736)
    1006754 - Microsoft Internet Explorer Memory Corruption Vulnerability (CVE-2015-1738)
    1006764* - Microsoft Internet Explorer Memory Corruption Vulnerability (CVE-2015-1752)
    1006850 - Microsoft Internet Explorer Memory Corruption Vulnerability (CVE-2015-1767)
    1006843 - Microsoft Internet Explorer Memory Corruption Vulnerability (CVE-2015-2383)
    1006845 - Microsoft Internet Explorer Memory Corruption Vulnerability (CVE-2015-2383) - 1
    1006846 - Microsoft Internet Explorer Memory Corruption Vulnerability (CVE-2015-2388)
    1006847 - Microsoft Internet Explorer Memory Corruption Vulnerability (CVE-2015-2389)
    1006848 - Microsoft Internet Explorer Memory Corruption Vulnerability (CVE-2015-2390)
    1006849 - Microsoft Internet Explorer Memory Corruption Vulnerability (CVE-2015-2391)
    1006831 - Microsoft Internet Explorer Memory Corruption Vulnerability (CVE-2015-2397)
    1006832 - Microsoft Internet Explorer Memory Corruption Vulnerability (CVE-2015-2401)
    1006851 - Microsoft Internet Explorer Memory Corruption Vulnerability (CVE-2015-2403)
    1006852 - Microsoft Internet Explorer Memory Corruption Vulnerability (CVE-2015-2404)
    1006833 - Microsoft Internet Explorer Memory Corruption Vulnerability (CVE-2015-2406)
    1006835 - Microsoft Internet Explorer Memory Corruption Vulnerability (CVE-2015-2408)
    1006836 - Microsoft Internet Explorer Memory Corruption Vulnerability (CVE-2015-2409)
    1006837 - Microsoft Internet Explorer Memory Corruption Vulnerability (CVE-2015-2411)
    1006853 - Microsoft Internet Explorer Memory Corruption Vulnerability (CVE-2015-2422)
    1006869 - Microsoft Internet Explorer Memory Corruption Vulnerability (CVE-2015-2425)
    1006841 - Microsoft Windows VBScript Memory Corruption Vulnerability (CVE-2015-2372)


    Web Server Common
    1005839* - Identified XML External Entity Injection In HTTP Request


    Web Server IIS
    1006434 - Microsoft IIS Directory Traversal Vulnerability


    Web Service HP SiteScope
    1006816 - HP SiteScope Log Analyzer Privilege Escalation Vulnerability (CVE-2015-2120)


    Integrity Monitoring Rules:

    There are no new or updated Integrity Monitoring Rules in this Security Update.


    Log Inspection Rules:

    There are no new or updated Log Inspection Rules in this Security Update.
  • Rule Update: 15-021 (2015年7月12日)
    * indicates a new version of an existing rule

    Deep Packet Inspection Rules:

    Web Client Common
    1006858 - Adobe Flash ActionScript3 opaqueBackground Use After Free Vulnerability (CVE-2015-5122)
    1006859 - Adobe Flash Player BitmapData Remote Code Execution Vulnerability (CVE-2015-5123)
    1006857 - Oracle Java SE Remote Code Execution Vulnerability


    Integrity Monitoring Rules:

    There are no new or updated Integrity Monitoring Rules in this Security Update.


    Log Inspection Rules:

    There are no new or updated Log Inspection Rules in this Security Update.
  • Rule Update: 15-020 (2015年7月7日)
    * indicates a new version of an existing rule

    Deep Packet Inspection Rules:

    Microsoft Office
    1006370* - Microsoft Word Use After Free Remote Code Execution Vulnerability (CVE-2014-6357)


    Web Client Common
    1004079* - Adobe Acrobat And Reader CFF Encodings Handling Heap Overflow Vulnerability
    1003916* - Adobe Acrobat And Reader JpxDecode Memory Corruption
    1003291* - Adobe Acrobat And Reader PDF File Handling Remote Code Execution Vulnerability
    1003405* - Adobe Acrobat JavaScript getIcon Method Buffer Overflow
    1003056* - Adobe Acrobat PDF Javascript getCosObj Memory Corruption
    1003848* - Adobe Acrobat Reader U3D CLODMeshContinuation Code Execution
    1006824 - Adobe Flash ActionScript3 ByteArray Use After Free Vulnerability
    1003186* - Adobe Flash Player For Linux ActionScript ASnative Command Execution
    1006810* - Adobe Flash Player Heap Buffer Overflow Vulnerability (CVE-2015-3113)
    1006451* - Adobe Flash Player Memory Corruption Vulnerability (CVE-2014-8438)
    1002445* - Adobe Multiple Products BMP Image Header Handling Buffer Overflow
    1004191* - Adobe Photoshop Remote Code Execution
    1003803* - Adobe Reader And Acrobat U3D 'CLODMeshDeclaration' Buffer Overflow Vulnerability
    1004857* - Adobe Reader And Acrobat U3D TIFF Resource Buffer Overflow Vulnerability (CVE-2011-2432)
    1004506* - Adobe Reader Doc.printSeps() Memory Corruption Vulnerability
    1004167* - Adobe Shockwave Director PAMI Chunk Remote Code Execution Vulnerability
    1004422* - Adobe Shockwave Director tSAC Chunk Memory Corruption
    1004448* - Adobe Shockwave Director tSAC Chunk Remote Code Execution Vulnerability
    1004494* - Adobe Shockwave Player 'dirapi.dll' Memory Corruption Vulnerability
    1004517* - Adobe Shockwave Player 'dirapi.dll' Stack Overflow Vulnerability
    1004287* - Adobe Shockwave Player 3D Parsing Memory Corruption Vulnerability
    1003596* - Adobe Shockwave Player Director File Parsing Remote Code Execution Vulnerability
    1004713* - Adobe Shockwave Player Memory Corruption (CVE-2011-2111)
    1004552* - Adobe TIFF File Vulnerability - 3
    1004335* - Apple QuickTime 'QuickTimeStreaming.qtx' Remote Stack Buffer Overflow
    1002533* - Apple QuickTime Embedded Pascal Style Remote Integer Overflow
    1003722* - Apple QuickTime FlashPix Sector Size Overflow Vulnerability
    1002532* - Apple QuickTime Image Descriptor (IDSC) Atom Remote Memory Corruption Vulnerability
    1003543* - Apple QuickTime Movie File Clipping Region Handling Heap Buffer Overflow
    1003551* - Apple QuickTime PICT Image paintPoly Parsing Heap Buffer Overflow
    1005251* - Apple QuickTime Targa Image Parsing Buffer Overflow Vulnerability
    1003394* - BitDefender Internet Security Script Code Execution
    1001009* - CA Product AV Engine CAB Header Parsing Stack Overflow
    1004356* - Cinepak Codec Decompression Vulnerability
    1004872* - Cisco WebEx Player ATAS32.DLL linesProcessed Remote Code Execution Vulnerability
    1003163* - ClamAV 'get_unicode_name()' Off-By-One Heap Based Buffer Overflow
    1002867* - ClamAV CHM Processing Denial Of Service
    1003981* - DirectShow Heap Overflow Vulnerability
    1003747* - FFmpeg vmd_read_header Integer Overflow
    1004375* - Flash Movie Player File Magic Denial Of Service Vulnerability
    1003114* - GDI Integer Overflow Vulnerability
    1004651* - GDI+ Integer Overflow Vulnerability (CVE-2011-0041)
    1003773* - GDI+ PNG Integer Overflow Vulnerability
    1003775* - GDI+ TIFF Buffer Overflow Vulnerability
    1002683* - GNOME Project libxslt Library RC4 Key String Buffer Overflow
    1003749* - Google Apps 'googleapps.url.mailto' Handler Command Injection Vulnerability
    1004080* - Google Chrome Invalid FTP Server Response Remote Denial Of Service Vulnerability Helper
    1004278* - LibTIFF 'td_stripbytecount' NULL Pointer Dereference Remote Denial Of Service Vulnerability
    1004329* - Libpng Memory Corruption And Memory Leak Vulnerability
    1005403* - Libxml2 Entity Expansion Denial Of Service Vulnerability
    1003431* - MJPEG Decompression Vulnerability
    1004217* - MJPEG Media Decompression Vulnerability
    1004354* - MPEG Layer-3 Audio Decoder Buffer Overflow Vulnerability
    1004093* - MPEG Layer-3 Audio Decoder Stack Overflow Vulnerability
    1004397* - MPEG-4 Codec Vulnerability
    1003675* - Malformed AVI Header Vulnerability
    1004223* - Media Decompression Vulnerability
    1004319* - Media Player Classic DoS Vulnerability
    1000849* - Microsoft Agent Memory Corruption Vulnerability
    1000947* - Microsoft Antivirus Engine PDF File Remote Code Execution
    1002590* - Microsoft DirectX Crafted MJPEG Stream Handling Code Execution
    1003529* - Microsoft DirectX DirectShow QuickTime Video Remote Code Execution Vulnerability
    1001249* - Microsoft DirectX Parsing SAMI File Code Execution Vulnerability
    1001129* - Microsoft DirectX RLE Compressed Targa Image Processing Buffer Overflow
    1001246* - Microsoft DirectX WAV File Parsing Code Execution Vulnerability
    1003406* - Microsoft GDI+ EMF 'GpFont.SetData()' Buffer Overflow
    1005016* - Microsoft GDI+ Record Type Vulnerability (CVE-2012-0165)
    1000936* - Microsoft Help Workshop HPJ File Handling Buffer Overflow
    1000948* - Microsoft OLE Dialog Code Execution Vulnerability
    1002627* - Microsoft SQL Server Memory Corruption Vulnerability
    1001007* - Microsoft Visio Version Validation Remote Code Execution
    1000206* - Microsoft Visual Studio "dbp/sln" File Handling Buffer Overflow
    1001096* - Microsoft Visual Studio Crystal Reports RPT Processing Buffer Overflow
    1004038* - Microsoft Windows '.ani' File 'tagBITMAPINFOHEADER' Denial Of Service Vulnerability
    1004562* - Microsoft Windows 'CreateSizedDIBSECTION()' Thumbnail View Stack Buffer Overflow Vulnerability
    1000976* - Microsoft Windows ANI File Remote Code Execution
    1004582* - Microsoft Windows Fax Cover Page Editor Memory Corruption
    1004555* - Microsoft Windows Fax Cover Page Editor Remote Code Execution
    1002757* - Microsoft Windows GDI+ BMP Integer Overflow Vulnerability
    1002372* - Microsoft Windows GDI+ EMF Remote Code Execution
    1001045* - Microsoft Windows GDI+ ICO File DoS
    1002762* - Microsoft Windows GDI+ WMF Buffer Overrun Vulnerability
    1001066* - Microsoft Windows Graphics Rendering Engine Image Handling Vulnerability
    1001248* - Microsoft Windows Media Format ASF Parsing Remote Code Execution
    1001252* - Microsoft Windows Media Player MP4 File Stack Overflow
    1001068* - Microsoft Windows Media Player Remote Code Execution
    1000182* - Microsoft Windows Metafile Integer Overflow Vulnerability
    1002622* - Microsoft Windows Saved Search Remote Code Execution
    1004302* - Microsoft Windows Shortcut Remote Code Execution
    1001032* - Microsoft Windows URI Handler Registration Vulnerability
    1001069* - Microsoft Windows Vista Feed Headlines Gadget Code Execution
    1001137* - Microsoft vCard URL Handling Vulnerability
    1004349* - Movie Maker Memory Corruption Vulnerability
    1004928* - Msvcrt.dll Buffer Overflow Vulnerability (CVE-2012-0150)
    1003541* - Multiple Products libxml2 XML File Processing Long Entity Name Buffer Overflow
    1003703* - OpenOffice Word Document Table Parsing Heap Overflow
    1004024* - OpenOffice.org Microsoft Word File sprmTSetBrc Processing Buffer Overflow
    1004541* - OpenType Font File CFF table Code Execution Vulnerability
    1004538* - OpenType Font File CMAP Table Paring Vulnerability
    1004485* - OpenType Font Parsing Vulnerability
    1004621* - Oracle Java 'Applet2ClassLoader' Class Unsigned Applet Remote Code Execution Vulnerability
    1004932* - Oracle Java SE Deployment Component Unspecified Remote Code Execution
    1004614* - Real Networks RealPlayer '.AVI' File Parsing Buffer Overflow
    1004868* - RealNetwork RealPlayer MPG Width Integer Underflow Remote Code Execution Vulnerability
    1002746* - RealNetworks Multiple Products SMIL Wallclock Stack Overflow
    1002750* - RealNetworks RealPlayer Invalid Chunk Size Heap Overflow Vulnerability
    1002745* - RealNetworks RealPlayer Multiple Products RA File Processing Heap Overflow
    1005849* - RealNetworks RealPlayer Stack Based Buffer Overflow Vulnerability
    1004781* - RealNetworks Realplayer QCP Parsing Remote Code Execution Vulnerability
    1002571* - SAMI Format Parsing Vulnerability
    1002291* - Sun Java Web Start Charset Encoding Stack Buffer Overflow
    1002653* - Sun Java Web Start JNLP java-vm-args Heap Buffer Overflow
    1002649* - Sun Java Web Start JNLP vm args Stack Overflow
    1004543* - TIFF Image Converter Buffer Overflow Vulnerability
    1004546* - TIFF Image Converter Heap Overflow Vulnerability
    1003603* - VLC Media Player 'smb://' URI Handling Remote Buffer Overflow Vulnerability
    1002630* - VideoLAN VLC Media Player WAV Processing Integer Overflow
    1003201* - VideoLAN VLC real.c ReadRealIndex Real Demuxer Integer Overflow
    1001637* - WebDAV Mini-Redirector Remote Code Execution
    1003825* - Win32k EOT Parsing Vulnerability
    1003823* - Win32k TTF Parsing Vulnerability
    1004844* - Winamp AMF File Handling Overflow
    1004845* - Winamp Midi File Handling Overflow
    1003710* - Windows Media Playback Memory Corruption Vulnerability
    1003760* - Windows Media Runtime Voice Sample Rate Vulnerability
    1003116* - Windows Saved Search Vulnerability
    1003115* - Windows Search Parsing Vulnerability
    1003785* - Xpdf Splash DrawImage Integer Overflow
    1004753* - libsndfile PAF File Processing Integer Overflow


    Web Client Internet Explorer
    1003267* - Microsoft Internet Explorer Uninitialized Memory Corruption


    Web Server Common
    1004859* - Disallowed HTTP header


    Web Server Miscellaneous
    1006744* - Jetty Httpd HttpParser Memory Information Disclosure Vulnerability (CVE-2015-2080)


    Windows Services RPC Client
    1006558* - Microsoft Windows Task Scheduler Remote Buffer Overflow Vulnerability - 1


    Windows Services RPC Server
    1000735* - Microsoft Windows Server Service Remote Code Execution


    Integrity Monitoring Rules:

    There are no new or updated Integrity Monitoring Rules in this Security Update.


    Log Inspection Rules:

    There are no new or updated Log Inspection Rules in this Security Update.
  • Rule Update: 15-019 (2015年6月24日)
    * indicates a new version of an existing rule

    Deep Packet Inspection Rules:

    Web Client Common
    1006810 - Adobe Flash Player Heap Buffer Overflow Vulnerability (CVE-2015-3113)
    1006654* - Adobe Flash Player Memory Corruption Vulnerability (CVE-2015-3043)


    Integrity Monitoring Rules:

    There are no new or updated Integrity Monitoring Rules in this Security Update.


    Log Inspection Rules:

    There are no new or updated Log Inspection Rules in this Security Update.