Trend Micro Deep Security™️およびDPIルール等の関連情報

  • Rule Update: 15-025 (2015年8月3日)
    * indicates a new version of an existing rule

    Deep Packet Inspection Rules:

    DNS Client
    1006909 - ISC BIND Zone Query Handler Denial Of Service Vulnerability


    DNS Server
    1006924 - ISC BIND TKEY Query Handling Denial Of Service Vulnerability (CVE-2015-5477)
    1006925 - ISC BIND TKEY Query Handling Denial Of Service Vulnerability (CVE-2015-5477) - 1


    Suspicious Server Application Activity
    1005090* - Identified Potentially Harmful Server Traffic


    Web Client Common
    1006914 - Adobe Flash Player Memory Corruption Vulnerability (CVE-2015-3130)
    1006917 - Adobe Flash Player Memory Corruption Vulnerability (CVE-2015-4431)
    1006923 - Adobe Flash Player Null Pointer Dereference Vulnerability (CVE-2015-3133)
    1006921 - Adobe Flash Player Null Pointer Dereference Vulnerability (CVE-2015-3126)
    1006922 - Adobe Flash Player Null Pointer Dereference Vulnerability (CVE-2015-4429)
    1006910 - Adobe Flash Player Type Confusion Vulnerability (CVE-2015-3120)
    1006911 - Adobe Flash Player Type Confusion Vulnerability (CVE-2015-3122)
    1006912 - Adobe Flash Player Use After Free Vulnerability (CVE-2015-3124)
    1006913 - Adobe Flash Player Use After Free Vulnerability (CVE-2015-3129)
    1006919 - Adobe Flash Player Use After Free Vulnerability (CVE-2015-3132)
    1006916 - Adobe Flash Player Use After Free Vulnerability (CVE-2015-4430)
    1006918 - Adobe Flash Player Use After Free Vulnerability (CVE-2015-4433)
    1006815 - Google Chrome SpeechRecognitionClient Use After Free Vulnerability (CVE-2015-1251)


    Web Server Common
    1005567* - Identified No Ending Protocol In HTTP Request


    Integrity Monitoring Rules:

    There are no new or updated Integrity Monitoring Rules in this Security Update.


    Log Inspection Rules:

    There are no new or updated Log Inspection Rules in this Security Update.
  • Rule Update: 15-024 (2015年7月28日)
    * indicates a new version of an existing rule

    Deep Packet Inspection Rules:

    Microsoft Office
    1006574* - Microsoft Office Local Zone Remote Code Execution Vulnerability (CVE-2015-0097)
    1004099* - Microsoft Office Publisher File Conversion TextBox Processing Buffer Overflow Vulnerability


    OpenSSL
    1006855* - OpenSSL Alternative Chains Certificate Forgery Security Bypass Vulnerability (CVE-2015-1793)
    1006854 - OpenSSL X509_cmp_time Denial Of Service Vulnerability (CVE-2015-1789)


    OpenSSL Client
    1006856* - OpenSSL Client Alternative Chains Certificate Forgery Security Bypass Vulnerability (CVE-2015-1793)
    1006806* - OpenSSL Malformed ECParameters Infinite Loop Denial Of Service Vulnerability


    Unix CUPS
    1006814* - CUPS Print Service Remote Privilege Escalation Vulnerability


    Web Application Common
    1005936* - Identified Local File Inclusion (LFI) Over HTTP
    1006823* - Identified Suspicious Command Injection Attack - 1


    Web Application PHP Based
    1006817 - PHP 'phar_parse_tarfile' Memory Corruption Vulnerability
    1006819 - PHP DateTime Use After Free Vulnerability (CVE-2015-0273)
    1006821 - PHP DateTimeZone Type Confusion Information Disclosure Vulnerability


    Web Client Common
    1006824* - Adobe Flash ActionScript3 ByteArray Use After Free Vulnerability
    1006812* - Adobe Flash Player Heap Buffer Overflow Vulnerability (CVE-2015-3113) -1
    1006701* - Adobe Flash Player Type Confusion Remote Code Execution Vulnerability (CVE-2015-3077)
    1006905 - Adobe Flash Player Unspecified Memory Corruption Vulnerability (CVE-2015-3123)
    1006903* - Adobe Font Driver Memory Corruption Vulnerability (CVE-2015-2426)
    1006890 - Adobe Reader And Acrobat Buffer Overflow Vulnerability (CVE-2015-5093)
    1006893 - Adobe Reader And Acrobat Integer Overflow Vulnerability (CVE-2015-5097)
    1006889 - Adobe Reader And Acrobat Memory Corruption Vulnerability (CVE-2015-5087)
    1006891 - Adobe Reader And Acrobat Memory Corruption Vulnerability (CVE-2015-5094)
    1006894 - Adobe Reader And Acrobat Memory Corruption Vulnerability (CVE-2015-5098)
    1006896 - Adobe Reader And Acrobat Memory Corruption Vulnerability (CVE-2015-5100)
    1006897 - Adobe Reader And Acrobat Memory Corruption Vulnerability (CVE-2015-5101)
    1006898 - Adobe Reader And Acrobat Memory Corruption Vulnerability (CVE-2015-5102)
    1006899 - Adobe Reader And Acrobat Memory Corruption Vulnerability (CVE-2015-5103)
    1006900 - Adobe Reader And Acrobat Memory Corruption Vulnerability (CVE-2015-5104)
    1006886 - Adobe Reader And Acrobat Security Bypass Vulnerability (CVE-2015-4447)
    1006888 - Adobe Reader And Acrobat Security Bypass Vulnerability (CVE-2015-5086)
    1006887 - Adobe Reader And Acrobat Use After Free Vulnerability (CVE-2015-4448)
    1006892 - Adobe Reader And Acrobat Use After Free Vulnerability (CVE-2015-5095)
    1006895 - Adobe Reader And Acrobat Use After Free Vulnerability (CVE-2015-5099)
    1006901 - Adobe Reader And Acrobat Use After Free Vulnerability (CVE-2015-5111)
    1006902 - Adobe Reader And Acrobat Use After Free Vulnerability (CVE-2015-5113)
    1006883 - Google Chrome Cross Site Scripting Filter Bypass Vulnerability
    1006872* - Microsoft Windows DLL Planting Remote Code Execution Vulnerability (CVE-2015-2369)
    1006857* - Oracle Java SE Remote Code Execution Vulnerability (CVE-2015-2590)


    Web Client Internet Explorer
    1006868* - Microsoft Internet Explorer JScript9 Memory Corruption Vulnerability (CVE-2015-2419)
    1006832* - Microsoft Internet Explorer Memory Corruption Vulnerability (CVE-2015-2401)
    1006869* - Microsoft Internet Explorer Memory Corruption Vulnerability (CVE-2015-2425)


    Web Client Mozilla Firefox
    1006825 - Mozilla Firefox XrayWrapper Privileged Javascript Injection Vulnerability (CVE-2014-8636)


    Web Server IIS
    1006434* - Microsoft IIS Directory Traversal Vulnerability


    Web Server Miscellaneous
    1003505* - Microsoft .Net Framework Null Byte Injection Vulnerability


    Web Service HP SiteScope
    1006816* - HP SiteScope Log Analyzer Privilege Escalation Vulnerability (CVE-2015-2120)


    Windows Services RPC Server
    1006906 - Identified Usage Of PsExec Command Line Tool


    Integrity Monitoring Rules:

    There are no new or updated Integrity Monitoring Rules in this Security Update.


    Log Inspection Rules:

    There are no new or updated Log Inspection Rules in this Security Update.
  • Rule Update: 15-023 (2015年7月20日)
    * indicates a new version of an existing rule

    Deep Packet Inspection Rules:

    Remote Desktop Protocol Server
    1006870 - Microsoft Windows Remote Desktop Protocol (RDP) Remote Code Execution Vulnerability (CVE-2015-2373)


    Web Client Common
    1006858* - Adobe Flash ActionScript3 opaqueBackground Use After Free Vulnerability (CVE-2015-5122)
    1006859* - Adobe Flash Player BitmapData Remote Code Execution Vulnerability (CVE-2015-5123)
    1006530* - Adobe Flash Player Memory Corruption Vulnerability (CVE-2014-0582)
    1006903 - Adobe Font Driver Memory Corruption Vulnerability (CVE-2015-2426)
    1006904 - Microsoft Office Memory Corruption Vulnerability (CVE-2015-2424)


    Integrity Monitoring Rules:

    There are no new or updated Integrity Monitoring Rules in this Security Update.


    Log Inspection Rules:

    There are no new or updated Log Inspection Rules in this Security Update.
  • Rule Update: 15-022 (2015年7月14日)
    * indicates a new version of an existing rule

    Deep Packet Inspection Rules:

    Database Microsoft SQL
    1006840 - Microsoft SQL Server Remote Code Execution Vulnerability (CVE-2015-1762)


    Database MySQL
    1006813 - Identified Oracle MySQL Database Operation


    FTP Server ProFTPD
    1006743* - ProFTPD Remote Command Execution Vulnerability (CVE-2015-3306)


    Microsoft Office
    1006873 - Microsoft Excel ASLR Bypass Vulnerability (CVE-2015-2375)
    1006874 - Microsoft Office Memory Corruption Vulnerability (CVE-2015-2376)
    1006875 - Microsoft Office Memory Corruption Vulnerability (CVE-2015-2377)
    1006876 - Microsoft Office Memory Corruption Vulnerability (CVE-2015-2379)
    1006877 - Microsoft Office Memory Corruption Vulnerability (CVE-2015-2380)
    1006878 - Microsoft Office Memory Corruption Vulnerability (CVE-2015-2415)
    1006769* - Microsoft Office Use After Free Vulnerability (CVE-2015-1759)
    1006770* - Microsoft Office Use After Free Vulnerability (CVE-2015-1760)
    1000764* - Microsoft Publisher Font Parsing Buffer Overflow
    1005990* - Microsoft Word RTF Remote Code Execution Vulnerability (CVE-2014-1761)


    OpenSSL
    1006655* - OpenSSL ASN_TYPE_cmp Segmentation Fault Vulnerability (CVE-2015-0286)
    1006855 - OpenSSL Alternative Chains Certificate Forgery Security Bypass Vulnerability (CVE-2015-1793)


    OpenSSL Client
    1006856 - OpenSSL Client Alternative Chains Certificate Forgery Security Bypass Vulnerability (CVE-2015-1793)
    1006093* - OpenSSL Client SSL/TLS Man In The Middle Security Bypass Vulnerability
    1006806 - OpenSSL Malformed ECParameters Infinite Loop Denial Of Service Vulnerability


    SSL Client
    1006485* - SSL RSA Downgrade Vulnerability


    Unix CUPS
    1006814 - CUPS Print Service Remote Privilege Escalation Vulnerability


    Unix Samba
    1003999* - Samba MS-RPC Remote Shell Command Execution Vulnerability


    Web Application Common
    1006823 - Identified Suspicious Command Injection Attack - 1
    1005402* - Identified Suspicious User Agent In HTTP Request


    Web Application PHP Based
    1006794* - PHP 'main/rfc1867.c' Remote Denial Of Service Vulnerability
    1006390* - WordPress Denial Of Service Vulnerability (CVE-2014-9034)


    Web Application Tomcat
    1001074* - Apache Tomcat Cookie Handling Session ID Disclosure


    Web Client Common
    1006824* - Adobe Flash ActionScript3 ByteArray Use After Free Vulnerability
    1006860 - Adobe Flash Domain Policy Security Bypass Vulnerabilities
    1006455* - Adobe Flash Player Heap Based Buffer Overflow Vulnerability (CVE-2015-0309)
    1006812 - Adobe Flash Player Heap Buffer Overflow Vulnerability (CVE-2015-3113) -1
    1006006* - Adobe Flash Player Information Disclosure Vulnerability (CVE-2014-0508)
    1003891* - Adobe Flash Player JPEG Parsing Heap Overflow Vulnerability
    1006399* - Adobe Flash Player Memory Corruption Vulnerability (CVE-2014-0574)
    1006400* - Adobe Flash Player Memory Corruption Vulnerability (CVE-2014-0586)
    1006461* - Adobe Flash Player Memory Corruption Vulnerability (CVE-2015-0310)
    1006713* - Adobe Flash Player Memory Corruption Vulnerability (CVE-2015-3090)
    1006861 - Adobe Flash Player Memory Corruption Vulnerability (CVE-2015-3117)
    1006866 - Adobe Flash Player Multiple Use After Free Vulnerabilities
    1006810* - Adobe Flash Player Nellymoser Heap Buffer Overflow Vulnerabilities
    1006779* - Adobe Flash Player Out Of Bound Write Vulnerability (CVE-2015-3105)
    1004229* - Adobe Flash Player Remote Code Execution Vulnerabilities - 2
    1006464* - Adobe Flash Player Remote Code Execution Vulnerability (CVE-2015-0312)
    1006526* - Adobe Flash Player Remote Code Execution Vulnerability (CVE-2015-0330)
    1006138* - Adobe Flash Player Security Bypass Vulnerability (CVE-2014-4671)
    1006865 - Adobe Flash Player SharedObject Use After Free Vulnerabilities
    1006863 - Adobe Flash Player Type Confusion Vulnerability (CVE-2015-3119)
    1006864 - Adobe Flash Player Type Confusion Vulnerability (CVE-2015-3121)
    1006517* - Adobe Flash Player Use After Free Vulnerability (CVE-2015-0320)
    1006862 - Adobe Flash Player Use After Free Vulnerability (CVE-2015-3118)
    1006419* - Adobe Reader And Acrobat Memory Corruption Vulnerability (CVE-2014-8461)
    1004042* - Google Chrome XML Denial Of Service
    1006882 - Identified Suspicious Obfuscated JavaScript - 4
    1006742 - Identified Suspicious User Agent In Outgoing HTTP Request
    1006818 - Java SE Remote Security Vulnerability (CVE-2015-0459)
    1006820 - Java SE Remote Security Vulnerability (CVE-2015-0491)
    1006872 - Microsoft Windows DLL Planting Remote Code Execution Vulnerability (CVE-2015-2369)
    1006879 - Microsoft Windows Graphics Component EOP Vulnerability (CVE-2015-2364)
    1006880 - Microsoft Windows OLE Elevation Of Privilege Vulnerability (CVE-2015-2416)
    1006881 - Microsoft Windows OLE Elevation Of Privilege Vulnerability (CVE-2015-2417)
    1006291* - Microsoft Windows OLE Remote Code Execution Vulnerability - 1
    1006572 - Multiple Browser libjpeg/libjpeg-turbo Library Memory Corruption Vulnerability


    Web Client Internet Explorer
    1006839 - Microsoft Internet Explorer ASLR Bypass Vulnerability (CVE-2015-2421)
    1006842 - Microsoft Internet Explorer Information Disclosure Vulnerability (CVE-2015-1729)
    1006867 - Microsoft Internet Explorer Information Disclosure Vulnerability (CVE-2015-2413)
    1006868 - Microsoft Internet Explorer JScript9 Memory Corruption Vulnerability (CVE-2015-2419)
    1006750 - Microsoft Internet Explorer Memory Corruption Vulnerability (CVE-2015-1733)
    1006752* - Microsoft Internet Explorer Memory Corruption Vulnerability (CVE-2015-1736)
    1006754 - Microsoft Internet Explorer Memory Corruption Vulnerability (CVE-2015-1738)
    1006764* - Microsoft Internet Explorer Memory Corruption Vulnerability (CVE-2015-1752)
    1006850 - Microsoft Internet Explorer Memory Corruption Vulnerability (CVE-2015-1767)
    1006843 - Microsoft Internet Explorer Memory Corruption Vulnerability (CVE-2015-2383)
    1006845 - Microsoft Internet Explorer Memory Corruption Vulnerability (CVE-2015-2383) - 1
    1006846 - Microsoft Internet Explorer Memory Corruption Vulnerability (CVE-2015-2388)
    1006847 - Microsoft Internet Explorer Memory Corruption Vulnerability (CVE-2015-2389)
    1006848 - Microsoft Internet Explorer Memory Corruption Vulnerability (CVE-2015-2390)
    1006849 - Microsoft Internet Explorer Memory Corruption Vulnerability (CVE-2015-2391)
    1006831 - Microsoft Internet Explorer Memory Corruption Vulnerability (CVE-2015-2397)
    1006832 - Microsoft Internet Explorer Memory Corruption Vulnerability (CVE-2015-2401)
    1006851 - Microsoft Internet Explorer Memory Corruption Vulnerability (CVE-2015-2403)
    1006852 - Microsoft Internet Explorer Memory Corruption Vulnerability (CVE-2015-2404)
    1006833 - Microsoft Internet Explorer Memory Corruption Vulnerability (CVE-2015-2406)
    1006835 - Microsoft Internet Explorer Memory Corruption Vulnerability (CVE-2015-2408)
    1006836 - Microsoft Internet Explorer Memory Corruption Vulnerability (CVE-2015-2409)
    1006837 - Microsoft Internet Explorer Memory Corruption Vulnerability (CVE-2015-2411)
    1006853 - Microsoft Internet Explorer Memory Corruption Vulnerability (CVE-2015-2422)
    1006869 - Microsoft Internet Explorer Memory Corruption Vulnerability (CVE-2015-2425)
    1006841 - Microsoft Windows VBScript Memory Corruption Vulnerability (CVE-2015-2372)


    Web Server Common
    1005839* - Identified XML External Entity Injection In HTTP Request


    Web Server IIS
    1006434 - Microsoft IIS Directory Traversal Vulnerability


    Web Service HP SiteScope
    1006816 - HP SiteScope Log Analyzer Privilege Escalation Vulnerability (CVE-2015-2120)


    Integrity Monitoring Rules:

    There are no new or updated Integrity Monitoring Rules in this Security Update.


    Log Inspection Rules:

    There are no new or updated Log Inspection Rules in this Security Update.
  • Rule Update: 15-021 (2015年7月12日)
    * indicates a new version of an existing rule

    Deep Packet Inspection Rules:

    Web Client Common
    1006858 - Adobe Flash ActionScript3 opaqueBackground Use After Free Vulnerability (CVE-2015-5122)
    1006859 - Adobe Flash Player BitmapData Remote Code Execution Vulnerability (CVE-2015-5123)
    1006857 - Oracle Java SE Remote Code Execution Vulnerability


    Integrity Monitoring Rules:

    There are no new or updated Integrity Monitoring Rules in this Security Update.


    Log Inspection Rules:

    There are no new or updated Log Inspection Rules in this Security Update.
  • Rule Update: 15-020 (2015年7月7日)
    * indicates a new version of an existing rule

    Deep Packet Inspection Rules:

    Microsoft Office
    1006370* - Microsoft Word Use After Free Remote Code Execution Vulnerability (CVE-2014-6357)


    Web Client Common
    1004079* - Adobe Acrobat And Reader CFF Encodings Handling Heap Overflow Vulnerability
    1003916* - Adobe Acrobat And Reader JpxDecode Memory Corruption
    1003291* - Adobe Acrobat And Reader PDF File Handling Remote Code Execution Vulnerability
    1003405* - Adobe Acrobat JavaScript getIcon Method Buffer Overflow
    1003056* - Adobe Acrobat PDF Javascript getCosObj Memory Corruption
    1003848* - Adobe Acrobat Reader U3D CLODMeshContinuation Code Execution
    1006824 - Adobe Flash ActionScript3 ByteArray Use After Free Vulnerability
    1003186* - Adobe Flash Player For Linux ActionScript ASnative Command Execution
    1006810* - Adobe Flash Player Heap Buffer Overflow Vulnerability (CVE-2015-3113)
    1006451* - Adobe Flash Player Memory Corruption Vulnerability (CVE-2014-8438)
    1002445* - Adobe Multiple Products BMP Image Header Handling Buffer Overflow
    1004191* - Adobe Photoshop Remote Code Execution
    1003803* - Adobe Reader And Acrobat U3D 'CLODMeshDeclaration' Buffer Overflow Vulnerability
    1004857* - Adobe Reader And Acrobat U3D TIFF Resource Buffer Overflow Vulnerability (CVE-2011-2432)
    1004506* - Adobe Reader Doc.printSeps() Memory Corruption Vulnerability
    1004167* - Adobe Shockwave Director PAMI Chunk Remote Code Execution Vulnerability
    1004422* - Adobe Shockwave Director tSAC Chunk Memory Corruption
    1004448* - Adobe Shockwave Director tSAC Chunk Remote Code Execution Vulnerability
    1004494* - Adobe Shockwave Player 'dirapi.dll' Memory Corruption Vulnerability
    1004517* - Adobe Shockwave Player 'dirapi.dll' Stack Overflow Vulnerability
    1004287* - Adobe Shockwave Player 3D Parsing Memory Corruption Vulnerability
    1003596* - Adobe Shockwave Player Director File Parsing Remote Code Execution Vulnerability
    1004713* - Adobe Shockwave Player Memory Corruption (CVE-2011-2111)
    1004552* - Adobe TIFF File Vulnerability - 3
    1004335* - Apple QuickTime 'QuickTimeStreaming.qtx' Remote Stack Buffer Overflow
    1002533* - Apple QuickTime Embedded Pascal Style Remote Integer Overflow
    1003722* - Apple QuickTime FlashPix Sector Size Overflow Vulnerability
    1002532* - Apple QuickTime Image Descriptor (IDSC) Atom Remote Memory Corruption Vulnerability
    1003543* - Apple QuickTime Movie File Clipping Region Handling Heap Buffer Overflow
    1003551* - Apple QuickTime PICT Image paintPoly Parsing Heap Buffer Overflow
    1005251* - Apple QuickTime Targa Image Parsing Buffer Overflow Vulnerability
    1003394* - BitDefender Internet Security Script Code Execution
    1001009* - CA Product AV Engine CAB Header Parsing Stack Overflow
    1004356* - Cinepak Codec Decompression Vulnerability
    1004872* - Cisco WebEx Player ATAS32.DLL linesProcessed Remote Code Execution Vulnerability
    1003163* - ClamAV 'get_unicode_name()' Off-By-One Heap Based Buffer Overflow
    1002867* - ClamAV CHM Processing Denial Of Service
    1003981* - DirectShow Heap Overflow Vulnerability
    1003747* - FFmpeg vmd_read_header Integer Overflow
    1004375* - Flash Movie Player File Magic Denial Of Service Vulnerability
    1003114* - GDI Integer Overflow Vulnerability
    1004651* - GDI+ Integer Overflow Vulnerability (CVE-2011-0041)
    1003773* - GDI+ PNG Integer Overflow Vulnerability
    1003775* - GDI+ TIFF Buffer Overflow Vulnerability
    1002683* - GNOME Project libxslt Library RC4 Key String Buffer Overflow
    1003749* - Google Apps 'googleapps.url.mailto' Handler Command Injection Vulnerability
    1004080* - Google Chrome Invalid FTP Server Response Remote Denial Of Service Vulnerability Helper
    1004278* - LibTIFF 'td_stripbytecount' NULL Pointer Dereference Remote Denial Of Service Vulnerability
    1004329* - Libpng Memory Corruption And Memory Leak Vulnerability
    1005403* - Libxml2 Entity Expansion Denial Of Service Vulnerability
    1003431* - MJPEG Decompression Vulnerability
    1004217* - MJPEG Media Decompression Vulnerability
    1004354* - MPEG Layer-3 Audio Decoder Buffer Overflow Vulnerability
    1004093* - MPEG Layer-3 Audio Decoder Stack Overflow Vulnerability
    1004397* - MPEG-4 Codec Vulnerability
    1003675* - Malformed AVI Header Vulnerability
    1004223* - Media Decompression Vulnerability
    1004319* - Media Player Classic DoS Vulnerability
    1000849* - Microsoft Agent Memory Corruption Vulnerability
    1000947* - Microsoft Antivirus Engine PDF File Remote Code Execution
    1002590* - Microsoft DirectX Crafted MJPEG Stream Handling Code Execution
    1003529* - Microsoft DirectX DirectShow QuickTime Video Remote Code Execution Vulnerability
    1001249* - Microsoft DirectX Parsing SAMI File Code Execution Vulnerability
    1001129* - Microsoft DirectX RLE Compressed Targa Image Processing Buffer Overflow
    1001246* - Microsoft DirectX WAV File Parsing Code Execution Vulnerability
    1003406* - Microsoft GDI+ EMF 'GpFont.SetData()' Buffer Overflow
    1005016* - Microsoft GDI+ Record Type Vulnerability (CVE-2012-0165)
    1000936* - Microsoft Help Workshop HPJ File Handling Buffer Overflow
    1000948* - Microsoft OLE Dialog Code Execution Vulnerability
    1002627* - Microsoft SQL Server Memory Corruption Vulnerability
    1001007* - Microsoft Visio Version Validation Remote Code Execution
    1000206* - Microsoft Visual Studio "dbp/sln" File Handling Buffer Overflow
    1001096* - Microsoft Visual Studio Crystal Reports RPT Processing Buffer Overflow
    1004038* - Microsoft Windows '.ani' File 'tagBITMAPINFOHEADER' Denial Of Service Vulnerability
    1004562* - Microsoft Windows 'CreateSizedDIBSECTION()' Thumbnail View Stack Buffer Overflow Vulnerability
    1000976* - Microsoft Windows ANI File Remote Code Execution
    1004582* - Microsoft Windows Fax Cover Page Editor Memory Corruption
    1004555* - Microsoft Windows Fax Cover Page Editor Remote Code Execution
    1002757* - Microsoft Windows GDI+ BMP Integer Overflow Vulnerability
    1002372* - Microsoft Windows GDI+ EMF Remote Code Execution
    1001045* - Microsoft Windows GDI+ ICO File DoS
    1002762* - Microsoft Windows GDI+ WMF Buffer Overrun Vulnerability
    1001066* - Microsoft Windows Graphics Rendering Engine Image Handling Vulnerability
    1001248* - Microsoft Windows Media Format ASF Parsing Remote Code Execution
    1001252* - Microsoft Windows Media Player MP4 File Stack Overflow
    1001068* - Microsoft Windows Media Player Remote Code Execution
    1000182* - Microsoft Windows Metafile Integer Overflow Vulnerability
    1002622* - Microsoft Windows Saved Search Remote Code Execution
    1004302* - Microsoft Windows Shortcut Remote Code Execution
    1001032* - Microsoft Windows URI Handler Registration Vulnerability
    1001069* - Microsoft Windows Vista Feed Headlines Gadget Code Execution
    1001137* - Microsoft vCard URL Handling Vulnerability
    1004349* - Movie Maker Memory Corruption Vulnerability
    1004928* - Msvcrt.dll Buffer Overflow Vulnerability (CVE-2012-0150)
    1003541* - Multiple Products libxml2 XML File Processing Long Entity Name Buffer Overflow
    1003703* - OpenOffice Word Document Table Parsing Heap Overflow
    1004024* - OpenOffice.org Microsoft Word File sprmTSetBrc Processing Buffer Overflow
    1004541* - OpenType Font File CFF table Code Execution Vulnerability
    1004538* - OpenType Font File CMAP Table Paring Vulnerability
    1004485* - OpenType Font Parsing Vulnerability
    1004621* - Oracle Java 'Applet2ClassLoader' Class Unsigned Applet Remote Code Execution Vulnerability
    1004932* - Oracle Java SE Deployment Component Unspecified Remote Code Execution
    1004614* - Real Networks RealPlayer '.AVI' File Parsing Buffer Overflow
    1004868* - RealNetwork RealPlayer MPG Width Integer Underflow Remote Code Execution Vulnerability
    1002746* - RealNetworks Multiple Products SMIL Wallclock Stack Overflow
    1002750* - RealNetworks RealPlayer Invalid Chunk Size Heap Overflow Vulnerability
    1002745* - RealNetworks RealPlayer Multiple Products RA File Processing Heap Overflow
    1005849* - RealNetworks RealPlayer Stack Based Buffer Overflow Vulnerability
    1004781* - RealNetworks Realplayer QCP Parsing Remote Code Execution Vulnerability
    1002571* - SAMI Format Parsing Vulnerability
    1002291* - Sun Java Web Start Charset Encoding Stack Buffer Overflow
    1002653* - Sun Java Web Start JNLP java-vm-args Heap Buffer Overflow
    1002649* - Sun Java Web Start JNLP vm args Stack Overflow
    1004543* - TIFF Image Converter Buffer Overflow Vulnerability
    1004546* - TIFF Image Converter Heap Overflow Vulnerability
    1003603* - VLC Media Player 'smb://' URI Handling Remote Buffer Overflow Vulnerability
    1002630* - VideoLAN VLC Media Player WAV Processing Integer Overflow
    1003201* - VideoLAN VLC real.c ReadRealIndex Real Demuxer Integer Overflow
    1001637* - WebDAV Mini-Redirector Remote Code Execution
    1003825* - Win32k EOT Parsing Vulnerability
    1003823* - Win32k TTF Parsing Vulnerability
    1004844* - Winamp AMF File Handling Overflow
    1004845* - Winamp Midi File Handling Overflow
    1003710* - Windows Media Playback Memory Corruption Vulnerability
    1003760* - Windows Media Runtime Voice Sample Rate Vulnerability
    1003116* - Windows Saved Search Vulnerability
    1003115* - Windows Search Parsing Vulnerability
    1003785* - Xpdf Splash DrawImage Integer Overflow
    1004753* - libsndfile PAF File Processing Integer Overflow


    Web Client Internet Explorer
    1003267* - Microsoft Internet Explorer Uninitialized Memory Corruption


    Web Server Common
    1004859* - Disallowed HTTP header


    Web Server Miscellaneous
    1006744* - Jetty Httpd HttpParser Memory Information Disclosure Vulnerability (CVE-2015-2080)


    Windows Services RPC Client
    1006558* - Microsoft Windows Task Scheduler Remote Buffer Overflow Vulnerability - 1


    Windows Services RPC Server
    1000735* - Microsoft Windows Server Service Remote Code Execution


    Integrity Monitoring Rules:

    There are no new or updated Integrity Monitoring Rules in this Security Update.


    Log Inspection Rules:

    There are no new or updated Log Inspection Rules in this Security Update.
  • Rule Update: 15-019 (2015年6月24日)
    * indicates a new version of an existing rule

    Deep Packet Inspection Rules:

    Web Client Common
    1006810 - Adobe Flash Player Heap Buffer Overflow Vulnerability (CVE-2015-3113)
    1006654* - Adobe Flash Player Memory Corruption Vulnerability (CVE-2015-3043)


    Integrity Monitoring Rules:

    There are no new or updated Integrity Monitoring Rules in this Security Update.


    Log Inspection Rules:

    There are no new or updated Log Inspection Rules in this Security Update.
  • Rule Update: 15-018 (2015年6月23日)
    * indicates a new version of an existing rule

    Deep Packet Inspection Rules:

    Application Control For File Sharing
    1004707* - Application Control For Dropbox


    Application Control For Web Media
    1002451* - Application Control For YouTube


    Elasticsearch
    1006793 - Elasticsearch Groovy Search Sandbox Bypass Vulnerability


    FTP Server ProFTPD
    1006743 - ProFTPD Remote Command Execution Vulnerability (CVE-2015-3306)


    LDAP Client
    1006785 - Identified LDAP BindRequest Using NTLM Authentication Mechanism


    Microsoft Office
    1006370* - Microsoft Word Use After Free Remote Code Execution Vulnerability (CVE-2014-6357)


    OpenSSL
    1006655 - OpenSSL ASN_TYPE_cmp Segmentation Fault Vulnerability (CVE-2015-0286)


    OpenSSL Client
    1006546* - OpenSSL ECDHE Downgrade Vulnerability (CVE-2014-3572)


    Suspicious Server Application Activity
    1006560 - Identified Microsoft SQL Server Resolution Service Distributed Denial Of Service Attack


    Universal Plug And Play Service
    1006746 - Detected Too Many SSDP Traffic Amplification Requests


    Web Application Common
    1000552* - Generic Cross Site Scripting(XSS) Prevention
    1000608* - Generic SQL Injection Prevention


    Web Application PHP Based
    1006794 - PHP 'main/rfc1867.c' Remote Denial Of Service Vulnerability


    Web Application Tomcat
    1001074* - Apache Tomcat Cookie Handling Session ID Disclosure


    Web Client Common
    1006299* - Adobe Flash Player Memory Corruption Vulnerability (CVE-2014-0558)
    1006530* - Adobe Flash Player Memory Corruption Vulnerability (CVE-2014-0582)
    1006353* - Adobe Flash Player Memory Corruption Vulnerability (CVE-2014-0584)
    1006398* - Adobe Flash Player Memory Corruption Vulnerability (CVE-2014-0585)
    1006449* - Adobe Flash Player Memory Corruption Vulnerability (CVE-2014-0590)
    1006365* - Adobe Flash Player Memory Corruption Vulnerability (CVE-2014-8440)
    1006646* - Adobe Flash Player Memory Corruption Vulnerability (CVE-2015-0359)
    1006657* - Adobe Flash Player Remote Integer Overflow Vulnerability (CVE-2014-0569) - 2
    1006468* - Adobe Flash Player Unspecified Vulnerability (CVE-2015-0313)
    1006512* - Adobe Flash Player Use After Free Remote Code Execution Vulnerability (CVE-2015-0315)
    1006787 - Adobe Font Driver Denial Of Service Vulnerability (CVE-2015-0074)
    1006550* - Adobe Font Driver Remote Code Execution Vulnerability (CVE-2015-0090)
    1006421* - Adobe Reader And Acrobat Memory Corruption Vulnerability (CVE-2014-8457)
    1006418* - Adobe Reader And Acrobat Memory Corruption Vulnerability (CVE-2014-8458)
    1006420* - Adobe Reader And Acrobat Memory Corruption Vulnerability (CVE-2014-9159)
    1006598* - Microsoft Windows DLL Planting Remote Code Execution Vulnerability Over HTTP (CVE-2015-0096)
    1006549* - OpenType Font Parsing Vulnerabilities


    Web Client Internet Explorer
    1006807 - Microsoft Internet Explorer ASLR Bypass Using MemoryProtection Vulnerability
    1006790 - Microsoft Internet Explorer Memory Access Violation Vulnerability
    1006758* - Microsoft Internet Explorer Memory Corruption Vulnerability (CVE-2015-1744)
    1006759* - Microsoft Internet Explorer Memory Corruption Vulnerability (CVE-2015-1745)
    1006760* - Microsoft Internet Explorer Memory Corruption Vulnerability (CVE-2015-1747)
    1006789 - Microsoft Internet Explorer MemoryProtector ASLR Bypass Vulnerability
    1006783 - Microsoft Internet Explorer Null Pointer Denial Of Service Vulnerability
    1006809 - Microsoft Internet Explorer Type Confusion Using Isolated Heap Vulnerability
    1006665* - Microsoft Internet Explorer VBScript ASLR Bypass (CVE-2015-1686)


    Web Client Mozilla Firefox
    1003324* - Mozilla Firefox URI Invisible Control Characters Incorrect Decoding


    Web Client SSL
    1005040* - Identified Revoked Certificate Authority In SSL Traffic


    Web Server Common
    1005839* - Identified XML External Entity Injection In HTTP Request
    1006386 - PHP 'unserialize()' Integer Overflow Vulnerability (CVE-2014-3669)


    Web Server Miscellaneous
    1006744 - Jetty Httpd HttpParser Memory Information Disclosure Vulnerability (CVE-2015-2080)


    Windows Services RPC Client
    1006784 - Identified Windows Group Policy Files Downloaded From Untrusted Sources
    1003980* - SMB Client Race Condition Vulnerability


    Integrity Monitoring Rules:

    There are no new or updated Integrity Monitoring Rules in this Security Update.


    Log Inspection Rules:

    There are no new or updated Log Inspection Rules in this Security Update.
  • Rule Update: 15-017 (2015年6月9日)
    * indicates a new version of an existing rule

    Deep Packet Inspection Rules:

    Application Control For Remote Login
    1002508* - Application Control For RDP


    HP Intelligent Management Center (IMC)
    1005476* - HP Intelligent Management Center Multiple Information Disclosure Vulnerabilities


    Microsoft Office
    1006771 - Microsoft Office Uninitialized Memory Use Vulnerability (CVE-2015-1770)
    1006769 - Microsoft Office Use After Free Vulnerability (CVE-2015-1759)
    1006770 - Microsoft Office Use After Free Vulnerability (CVE-2015-1760)


    OpenSSL Client
    1006318* - Multiple Browser Wildcard Certificate Spoofing Vulnerability
    1006546* - OpenSSL ECDHE Downgrade Vulnerability (CVE-2014-3572)


    Suspicious Server Application Activity
    1001164* - Detected Terminal Services (RDP) Server Traffic


    VoIP Soft Phones
    1006537* - Asterisk Open Source SIP SUBSCRIBE Request Denial Of Service Vulnerability


    Web Application Common
    1000552* - Generic Cross Site Scripting(XSS) Prevention
    1005402* - Identified Suspicious User Agent In HTTP Request


    Web Client Apple Safari
    1004362* - Apple Safari For Windows Long Link DoS


    Web Client Common
    1006533* - Adobe Flash Player Buffer Overflow Vulnerability (CVE-2015-0311) - 1
    1006772 - Adobe Flash Player Cross Domain Policy Bypass Vulnerability (CVE-2015-3096)
    1006773 - Adobe Flash Player Cross Domain Policy Bypass Vulnerability (CVE-2015-3098)
    1006774 - Adobe Flash Player Cross Domain Policy Bypass Vulnerability (CVE-2015-3099)
    1006776 - Adobe Flash Player Cross Domain Policy Bypass Vulnerability (CVE-2015-3102)
    1006286* - Adobe Flash Player Heap Buffer Overflow Vulnerability (CVE-2014-0556)
    1006778 - Adobe Flash Player Integer Overflow Vulnerability (CVE-2015-3104)
    1006365* - Adobe Flash Player Memory Corruption Vulnerability (CVE-2014-8440)
    1006781 - Adobe Flash Player Memory Corruption Vulnerability (CVE-2015-3108)
    1006779 - Adobe Flash Player Out Of Bound Write Vulnerability (CVE-2015-3105)
    1006589* - Adobe Flash Player Remote Code Execution Vulnerability (CVE-2015-0336)
    1006775 - Adobe Flash Player Remote Code Execution Vulnerability (CVE-2015-3100)
    1006657 - Adobe Flash Player Remote Integer Overflow Vulnerability (CVE-2014-0569) - 2
    1006701* - Adobe Flash Player Type Confusion Remote Code Execution Vulnerability (CVE-2015-3077)
    1006707* - Adobe Flash Player Type Confusion Remote Code Execution Vulnerability (CVE-2015-3084)
    1006468* - Adobe Flash Player Unspecified Vulnerability (CVE-2015-0313)
    1006777 - Adobe Flash Player Use After Free Vulnerability (CVE-2015-3103)
    1006780 - Adobe Flash Player Use After Free Vulnerability (CVE-2015-3106)
    1004715* - HTTP Web Client Decoding
    1006598* - Microsoft Windows DLL Planting Remote Code Execution Vulnerability Over HTTP (CVE-2015-0096)
    1006619* - Microsoft Windows EMF Processing Remote Code Execution Vulnerability (CVE-2015-1645)
    1006782 - Microsoft Windows HTML Application Denial Of Service Vulnerability


    Web Client Internet Explorer
    1003268* - CSS Memory Corruption Vulnerability (CVE-2009-0076)
    1006761 - Microsoft Internet Explorer Elevation Of Privilege Vulnerability (CVE-2015-1748)
    1006745 - Microsoft Internet Explorer Memory Corruption Vulnerability (CVE-2015-1687)
    1006747 - Microsoft Internet Explorer Memory Corruption Vulnerability (CVE-2015-1730)
    1006748 - Microsoft Internet Explorer Memory Corruption Vulnerability (CVE-2015-1731)
    1006749 - Microsoft Internet Explorer Memory Corruption Vulnerability (CVE-2015-1732)
    1006751 - Microsoft Internet Explorer Memory Corruption Vulnerability (CVE-2015-1735)
    1006752 - Microsoft Internet Explorer Memory Corruption Vulnerability (CVE-2015-1736)
    1006753 - Microsoft Internet Explorer Memory Corruption Vulnerability (CVE-2015-1737)
    1006755 - Microsoft Internet Explorer Memory Corruption Vulnerability (CVE-2015-1740)
    1006756 - Microsoft Internet Explorer Memory Corruption Vulnerability (CVE-2015-1741)
    1006757 - Microsoft Internet Explorer Memory Corruption Vulnerability (CVE-2015-1742)
    1006758 - Microsoft Internet Explorer Memory Corruption Vulnerability (CVE-2015-1744)
    1006759 - Microsoft Internet Explorer Memory Corruption Vulnerability (CVE-2015-1745)
    1006760 - Microsoft Internet Explorer Memory Corruption Vulnerability (CVE-2015-1747)
    1006762 - Microsoft Internet Explorer Memory Corruption Vulnerability (CVE-2015-1750)
    1006763 - Microsoft Internet Explorer Memory Corruption Vulnerability (CVE-2015-1751)
    1006764 - Microsoft Internet Explorer Memory Corruption Vulnerability (CVE-2015-1752)
    1006765 - Microsoft Internet Explorer Memory Corruption Vulnerability (CVE-2015-1753)
    1006766 - Microsoft Internet Explorer Memory Corruption Vulnerability (CVE-2015-1755)
    1006767 - Microsoft Internet Explorer Memory Corruption Vulnerability (CVE-2015-1766)
    1005110* - Novell iPrint Client 'nipplib.dll' GetDriverSettings Realm Remote Code Execution Vulnerability


    Web Client SSL
    1006606* - Identified Fraudulent Digital Certificate - 1


    Web Server Miscellaneous
    1004189* - RedHat JBoss Enterprise Application Platform JMX Console Authentication Bypass


    Web Server SharePoint
    1003815* - Microsoft SharePoint Team Services Download Feature Source Code Information Disclosure Vulnerability


    Windows Services RPC Client
    1003293* - Block Conficker.B++ Worm Outgoing Named Pipe Connection
    1006554* - Microsoft Windows DLL Planting Remote Code Execution Vulnerability (CVE-2015-0096)


    Integrity Monitoring Rules:

    1005041* - Malware - Suspicious Microsoft Windows Files Detected
    1005042* - Malware - Suspicious Microsoft Windows Registry Entries Detected
    1006677 - Suspicious Files Detected In Operating System Directories
    1006658 - Suspicious Files Detected In Temporary Directories
    1006683* - Suspicious Running Processes Detected
    1003002* - Web Browser - Internet Explorer


    Log Inspection Rules:

    There are no new or updated Log Inspection Rules in this Security Update.
  • Rule Update: 15-016 (2015年5月26日)
    * indicates a new version of an existing rule

    Deep Packet Inspection Rules:

    DHCP Server
    1001840* - Restrict DHCP Option Length


    Database Oracle
    1001141* - Oracle Database Server Core RDBMS Component Denial Of Service


    SSL Client
    1006740 - Identified SSL/TLS Diffie-Hellman Key Exchange Using Weak Parameters Client


    Suspicious Server Application Activity
    1003594* - Detected SSL/TLS Server Traffic


    Unix Samba
    1003999* - Samba MS-RPC Remote Shell Command Execution Vulnerability


    Web Application PHP Based
    1006656* - Magento Admin Authentication Bypass Vulnerability


    Web Application Tomcat
    1001074* - Apache Tomcat Cookie Handling Session ID Disclosure


    Web Client Common
    1006732 - Adobe Acrobat And Reader Multiple JavaScript API Execution Remote Security Bypass Vulnerabilities
    1006735 - Adobe Acrobat And Reader Multiple Remote Security Bypass Vulnerabilities
    1006719 - Adobe Acrobat And Reader Null Pointer Deference Remote Denial Of Service Vulnerability (CVE-2015-3047)
    1006731 - Adobe Acrobat And Reader Remote Security Bypass On JavaScript API Execution
    1006736 - Adobe Acrobat And Reader Remote Security Bypass On JavaScript API Execution (CVE-2015-3074)
    1006733 - Adobe Acrobat And Reader Remote Security Bypass On JavaScript API Execution Vulnerability (CVE-2015-3069)
    1006711 - Adobe Flash Player Heap Overflow Vulnerability (CVE-2015-3088)
    1006714 - Adobe Flash Player Information Disclosure Vulnerability (CVE-2015-3091)
    1006715 - Adobe Flash Player Information Disclosure Vulnerability (CVE-2015-3092)
    1006710 - Adobe Flash Player Integer Overflow Vulnerability (CVE-2015-3087)
    1006365* - Adobe Flash Player Memory Corruption Vulnerability (CVE-2014-8440)
    1006646* - Adobe Flash Player Memory Corruption Vulnerability (CVE-2015-0359)
    1006702 - Adobe Flash Player Memory Corruption Vulnerability (CVE-2015-3078)
    1006712 - Adobe Flash Player Memory Corruption Vulnerability (CVE-2015-3089)
    1006713 - Adobe Flash Player Memory Corruption Vulnerability (CVE-2015-3090)
    1006589* - Adobe Flash Player Remote Code Execution Vulnerability (CVE-2015-0336)
    1006301* - Adobe Flash Player Remote Integer Overflow Vulnerability (CVE-2014-0569)
    1006701 - Adobe Flash Player Type Confusion Remote Code Execution Vulnerability (CVE-2015-3077)
    1006707 - Adobe Flash Player Type Confusion Remote Code Execution Vulnerability (CVE-2015-3084)
    1006709 - Adobe Flash Player Type Confusion Remote Code Execution Vulnerability (CVE-2015-3086)
    1006468* - Adobe Flash Player Unspecified Vulnerability (CVE-2015-0313)
    1006704 - Adobe Flash Player Use After Free Vulnerability (CVE-2015-3080)
    1006718 - Adobe Reader And Acrobat Memory Corruption Vulnerability (CVE-2015-3046)
    1006721 - Adobe Reader And Acrobat Memory Corruption Vulnerability (CVE-2015-3050)
    1006722 - Adobe Reader And Acrobat Memory Corruption Vulnerability (CVE-2015-3051)
    1006723 - Adobe Reader And Acrobat Memory Corruption Vulnerability (CVE-2015-3052)
    1006727 - Adobe Reader And Acrobat Memory Corruption Vulnerability (CVE-2015-3056)
    1006728 - Adobe Reader And Acrobat Memory Corruption Vulnerability (CVE-2015-3057)
    1006730 - Adobe Reader And Acrobat Memory Corruption Vulnerability (CVE-2015-3059)
    1006734 - Adobe Reader And Acrobat Memory Corruption Vulnerability (CVE-2015-3070)
    1006738 - Adobe Reader And Acrobat Memory Corruption Vulnerability (CVE-2015-3076)
    1006724 - Adobe Reader And Acrobat Remote Code Execution Vulnerability (CVE-2015-3053)
    1006725 - Adobe Reader And Acrobat Remote Code Execution Vulnerability (CVE-2015-3054)
    1006726 - Adobe Reader And Acrobat Remote Code Execution Vulnerability (CVE-2015-3055)
    1006737 - Adobe Reader And Acrobat Remote Code Execution Vulnerability (CVE-2015-3075)
    1005170* - Java Applet Remote Code Execution Vulnerability
    1005178* - Java Applet Remote Code Execution Vulnerability - 2
    1006739 - Java Applet Remote Code Execution Vulnerability - 3
    1001129* - Microsoft DirectX RLE Compressed Targa Image Processing Buffer Overflow
    1006443* - Sun Java Runtime Environment Web Start JNLP File Stack Buffer Overflow Vulnerability


    Web Client Internet Explorer
    1004717* - Identified Suspicious AllowScriptAccess Parameter Of Shockwave Flash Player ActiveX Control
    1006668* - Microsoft Internet Explorer Clipboard Information Disclosure Vulnerability (CVE-2015-1692)
    1006618* - Microsoft Internet Explorer Memory Corruption Vulnerability (CVE-2015-1668)
    1006674* - Microsoft Internet Explorer Memory Corruption Vulnerability (CVE-2015-1705)
    1004339* - Microsoft Internet Explorer Uninitialized Memory Corruption Vulnerability


    Web Server Apache
    1006316 - Apache HTTP Server mod_proxy Reverse Proxy Mode Security Bypass Vulnerability (CVE-2011-4317)


    Web Server Common
    1005434* - Disallow Upload Of A File (Php/Class/Archive)


    Web Server HTTPS
    1006741 - Identified SSL/TLS Diffie-Hellman Key Exchange Using Weak Parameters Server


    Integrity Monitoring Rules:

    There are no new or updated Integrity Monitoring Rules in this Security Update.


    Log Inspection Rules:

    There are no new or updated Log Inspection Rules in this Security Update.