Trend Micro Deep Security™️およびDPIルール等の関連情報

* indicates a new version of an existing rule

Deep Packet Inspection Rules:

DCERPC Services - Client
1008138* - Microsoft Windows SMB Tree Connect Response Denial Of Service Vulnerability (CVE-2017-0016)


DNS Client
1008180 - ISC BIND Inconsistent DS Record Assertion Failure Denial Of Service Vulnerability (CVE-2016-9444)
1008136 - ISC BIND RRSIG Record Response Assertion Failure Denial Of Service (CVE-2016-9147)


Suspicious Client Ransomware Activity
1007579* - Ransomware HTTP Request


Unix Kerberos
1008095* - MIT Kerberos 'kadmin' DB Denial Of Service Vulnerability (CVE-2016-3119)


Web Application Common
1007609* - ImageMagick Remote Code Execution Vulnerability (CVE-2016-3714)


Web Application PHP Based
1008125 - Joomla Denial Of Service Vulnerability (CVE-2013-3242)
1008037 - PHP GC Use After Free Vulnerability (CVE-2016-5771)
1008131 - PHP Unserialize() ZVAL Reference Counter Overflow Vulnerability (CVE-2007-1286)
1008140* - WordPress REST API Unauthenticated Content Injection Vulnerability
1008132* - phpMyAdmin RegEx Pattern Modifier Code Injection Vulnerability (CVE-2016-5734)


Web Client Common
1008121* - Adobe Acrobat And Reader Multiple Security Vulnerabilities (APSB17-01) - 2
1008183 - Adobe Flash Player Multiple Security Vulnerabilities (APSB17-04)
1008171 - Microsoft Windows Graphics Component Information Disclosure Vulnerability (CVE-2017-0038)
1008108 - Oracle Java Uninitialized Object Generation Remote Code Execution Vulnerability (CVE-2016-3606)


Web Client Internet Explorer/Edge
1008064* - Microsoft Edge Memory Corruption Vulnerability (CVE-2016-7288)


Web Media Applications
1002451* - YouTube


Web Server Miscellaneous
1008097* - Identified Apache Struts Incorrect Default 'excludeParams' Security Bypass Vulnerability
1008141 - Jetty Path Sanitization Vulnerability (CVE-2016-4800)
1008093* - Oracle GlassFish Server Username And Password Brute Force Vulnerability (CVE-2011-0807)


Integrity Monitoring Rules:

There are no new or updated Integrity Monitoring Rules in this Security Update.


Log Inspection Rules:

There are no new or updated Log Inspection Rules in this Security Update.

* indicates a new version of an existing rule

Deep Packet Inspection Rules:

Backup Server IBM Tivoli Storage Manager FastBack Server
1007357* - IBM Tivoli Storage Manager FastBack Server Buffer Overflow (CVE-2015-1929)


DCERPC Services
1008123* - Microsoft Windows Local Security Authority Subsystem Service Denial Of Service Vulnerability (CVE-2016-7237)


DCERPC Services - Client
1008138* - Microsoft Windows SMB Tree Connect Response Denial Of Service Vulnerability (CVE-2017-0016)


DNS Client
1008128* - ISC BIND ANY Query Assertion Failure Vulnerability (CVE-2016-9131)
1008115* - ISC BIND DNAME Resource Records Denial Of Service Vulnerability (CVE-2016-1286)


Directory Server LDAP
1007360* - IBM Domino LDAP Server Remote Execution Vulnerability (CVE-2015-0117)
1008051* - Samba Active Directory Server Denial Of Service Vulnerability (CVE-2015-3223)


HP OpenView
1008110* - HP Data Protector Buffer Overflow Vulnerability (CVE-2016-2005)
1008114* - HP Data Protector Multiple Remote Code Execution Vulnerabilities
1008109* - HP Data Protector Remote Code Execution Vulnerability (CVE-2016-2007)


HP OpenView Network Node Manager
1007466* - HP OpenView Network Node Manager Ovalarmsrv Service Buffer Overflow (CVE-2008-1852)


Microsoft Office
1008075* - Microsoft Office Information Disclosure Vulnerability (CVE-2016-7264)
1008078* - Microsoft Office Memory Corruption Vulnerability (CVE-2016-7289)


NTP Server Linux
1007383* - NTP Configuration Directive File Overwrite Vulnerability (CVE-2015-7703)
1007399* - NTP Long Control Packet Message Denial Of Service Vulnerability (CVE-2015-7855)
1008091* - NTP Oversized UDP Packet Denial Of Service Vulnerability (CVE-2016-9312)


Suspicious Client Application Activity
1005067* - Identified Potentially Harmful Client Traffic
1005283* - Identified Potentially Malicious RAT Traffic - I
1005299* - Identified Potentially Malicious RAT Traffic - III
1005300* - Identified Potentially Malicious RAT Traffic - IV
1005473* - Identified Potentially Malicious RAT Traffic - V
1006247* - Identified Potentially Malicious RAT Traffic - VI
1007116* - VMware vCenter Java JMX Server Insecure Configuration Java Code Execution Vulnerability


Suspicious Server Application Activity
1005974* - Identified DNS Reflected Denial Of Service
1006560* - Identified Microsoft SQL Server Resolution Service Distributed Denial Of Service Attack
1006240* - Identified NTP Reflected Denial Of Service
1005090* - Identified Potentially Harmful Server Traffic
1005957* - Identified SNMP Reflected Denial Of Service
1005910* - Identified ntpd 'monlist' Query Reflected Denial Of Service Attack
1005517* - Restrict Maximum Packet (Transport Data Length) Size


Unix Kerberos
1008095 - MIT Kerberos 'kadmin' DB Denial Of Service Vulnerability (CVE-2016-3119)


Web Application PHP Based
1007178* - WordPress Font Plugin Path Traversal Vulnerability (CVE-2015-7683)
1008132 - phpMyAdmin RegEx Pattern Modifier Code Injection Vulnerability (CVE-2016-5734)


Web Client Common
1008124* - Adobe Acrobat And Reader Multiple Security Vulnerabilities (APSB17-01) - 1
1008121* - Adobe Acrobat And Reader Multiple Security Vulnerabilities (APSB17-01) - 2
1008133* - Cisco WebEx Plugin Magic URL Arbitrary Remote Command Execution Vulnerability
1004114* - Identified Malicious Adobe SWF File
1008139 - Linux Kernel Use After Free Remote Code Execution Vulnerability (CVE-2016-7117)
1008068* - Microsoft Windows Graphics Remote Code Execution Vulnerability (CVE-2016-7272)
1008052* - Mozilla Firefox SVG Animation Use After Free Vulnerability (CVE-2016-9079)


Web Proxy Squid
1008103* - Squid Proxy ESI Response Handler Buffer Overflow Vulnerability (CVE-2016-4054)
1008101 - Squid Proxy ESI Response Processing Denial Of Service Vulnerability (CVE-2016-4555)


Web Server Common
1000473* - Parameter Name Length Restriction


Web Server Miscellaneous
1008120* - Apache Jetspeed Portal Site Manager ZIP File Upload Directory Traversal (CVE-2016-0709)
1008129 - IBM WebSphere Application Server Remote Code Execution Vulnerability (CVE-2016-5983)
1008097 - Identified Apache Struts Incorrect Default 'excludeParams' Security Bypass Vulnerability
1008093 - Oracle GlassFish Server Username And Password Brute Force Vulnerability (CVE-2011-0807)


Web Server Oracle HTTPS
1003212* - Oracle Secure Backup exec_qr() Command Injection Vulnerability


Windows Services RPC Client DCERPC
1007538* - Windows Client Port Mapper Decoder


Integrity Monitoring Rules:

There are no new or updated Integrity Monitoring Rules in this Security Update.


Log Inspection Rules:

There are no new or updated Log Inspection Rules in this Security Update.

* indicates a new version of an existing rule

Deep Packet Inspection Rules:

DCERPC Services - Client
1008138 - Microsoft Windows SMB Tree Connect Response Denial Of Service Vulnerability (CVE-2017-0016)


Web Application PHP Based
1008140 - WordPress REST API Unauthenticated Content Injection Vulnerability


Integrity Monitoring Rules:

There are no new or updated Integrity Monitoring Rules in this Security Update.


Log Inspection Rules:

There are no new or updated Log Inspection Rules in this Security Update.

* indicates a new version of an existing rule

Deep Packet Inspection Rules:

Web Client Common
1008133 - Cisco WebEx Plugin Magic URL Arbitrary Remote Command Execution Vulnerability


Integrity Monitoring Rules:

There are no new or updated Integrity Monitoring Rules in this Security Update.


Log Inspection Rules:

There are no new or updated Log Inspection Rules in this Security Update.

* indicates a new version of an existing rule

Deep Packet Inspection Rules:

BIND RNDC
1008099 - ISC BIND rndc Control Channel Denial Of Service Vulnerability (CVE-2016-1285)


DCERPC Services
1007596* - Identified Possible Ransomware File Extension Rename Activity Over Network Share
1008119 - Microsoft Windows Local Security Authority Subsystem Service (LSASS) Denial Of Service Vulnerability (CVE-2017-0004)


DCERPC Services - Client
1007913* - Identified Possible Ransomware File Extension Rename Activity Over Network Share - Client


DNS Client
1008053* - ISC BIND DNAME Answer Handling Denial Of Service Vulnerability (CVE-2016-8864)
1007740* - ISC BIND Multiple DNS Cookies Denial Of Service Vulnerability (CVE-2016-2088)
1008085 - Nginx DNS UDP Packet Handler Crash Denial Of Service Vulnerability (CVE-2016-0742)


DNS Server
1008092 - ISC BIND Assertion Failure Denial Of Service Vulnerability (CVE-2016-2848)
1008105 - PowerDNS Authoritative Server Long Qname Denial Of Service Vulnerability (CVE-2016-5426)


Directory Server LDAP
1007360 - IBM Domino LDAP Server Remote Execution Vulnerability (CVE-2015-0117)
1007932* - Microsoft Windows Remote Code Execution Vulnerability (CVE-2016-3368)


ISC LightWeight DNS Resolver
1008100 - ISC BIND Long Name Query DOS Vulnerability (CVE-2016-2775)


Microsoft Office
1008116 - Microsoft Office Memory Corruption Vulnerability (CVE-2017-0003)


NTP Server Linux
1008040* - NTP AutoKey Malicious Message Multiple Denial Of Service Vulnerabilities
1007383* - NTP Configuration Directive File Overwrite Vulnerability (CVE-2015-7703)
1008086 - NTP Daemon CRYPTO_NAK Denial Of Service Vulnerability (CVE-2016-4957)
1008048* - NTP Mrulist Malicious Query Denial Of Service Vulnerability (CVE-2016-7434)


Novell GroupWise Admin Service
1006822* - Novell Groupwise "poLibMaintenanceFileSave" Security Bypass Vulnerability


SSL Client
1008088 - GnuTLS Libtasn1 ASN.1 DER Infinite Loop Denial Of Service Vulnerability (CVE-2016-4008) - Client


SSL/TLS Server
1008089 - GnuTLS Libtasn1 ASN.1 DER Infinite Loop Denial Of Service Vulnerability (CVE-2016-4008) - Server


Suspicious Client Ransomware Activity
1007704* - Ransomware Network Traffic - 1


Web Application Common
1008050 - ImageMagick Out Of Bounds Array Indexing Denial Of Service Vulnerability (CVE-2016-7799)
1008046 - ImageMagick SGI Coder Out Of Bounds Read Vulnerability (CVE-2016-7101)


Web Application PHP Based
1008096 - Identified Drupal Core system.temporary Information Disclosure Vulnerability
1008118 - Identified Suspicious Upload Of WordPress Plugin
1008038* - PHP GC ZipArchive Class Use After Free Vulnerability (CVE-2016-5773)


Web Client Common
1008049 - ImageMagick Out Of Bounds Array Indexing Denial Of Service Vulnerability (CVE-2016-7799) - 1
1008047 - ImageMagick SGI Coder Out Of Bounds Read Vulnerability (CVE-2016-7101) - 1
1007427* - Microsoft Windows DLL Loading Vulnerabilities Over WebDAV (MS16-014)
1008067* - Microsoft Windows Uniscribe Remote Code Execution Vulnerability (CVE-2016-7274)


Web Server Miscellaneous
1008001* - MongoDB Javascript Injection Collection Enumeration Vulnerability


Integrity Monitoring Rules:

There are no new or updated Integrity Monitoring Rules in this Security Update.


Log Inspection Rules:

1003802* - Directory Server – Microsoft Windows Active Directory

* indicates a new version of an existing rule

Deep Packet Inspection Rules:

DCERPC Services - Client
1007426* - Microsoft Windows DLL Loading Vulnerabilities Over Network Share (MS16-014)


Novell GroupWise Admin Service
1006822 - Novell Groupwise "poLibMaintenanceFileSave" Security Bypass Vulnerability


Web Application PHP Based
1007642 - WordPress Comment Handler Same Origin Method Execution Vulnerability (CVE-2015-3439)


Web Client Common
1007997* - Adobe Acrobat And Reader Multiple Memory Corruption Vulnerabilities (APSB16-33) - 2


Web Server Miscellaneous
1008001 - MongoDB Javascript Injection Collection Enumeration Vulnerability
1005557* - Novell ZENWorks Mobile Management Multiple Directory Traversal Vulnerabilities


Integrity Monitoring Rules:

There are no new or updated Integrity Monitoring Rules in this Security Update.


Log Inspection Rules:

There are no new or updated Log Inspection Rules in this Security Update.

* indicates a new version of an existing rule

Deep Packet Inspection Rules:

DNS Client
1007740 - ISC BIND Multiple DNS Cookies Denial Of Service Vulnerability (CVE-2016-2088)


Directory Server LDAP
1007932* - Microsoft Windows Remote Code Execution Vulnerability (CVE-2016-3368)


Web Application Common
1007610* - Identified Usage Of ImageMagick Pseudo Protocols


Web Application PHP Based
1008041 - Drupal Coder Module Remote Code Execution Vulnerability


Web Application Ruby Based
1005331* - Ruby On Rails XML Processor YAML Deserialization DoS


Web Application Tomcat
1000637* - Tomcat JSP Source Code Exposure Vulnerability (CVE-2002-1148)


Web Client Common
1008090 - Adobe Flash Player Multiple Security Vulnerabilities (APSB16-39)
1008033* - Microsoft Windows Elevation Of Privilege Vulnerability (CVE-2016-7255)


Web Client Internet Explorer/Edge
1008063* - Microsoft Edge Memory Corruption Vulnerability (CVE-2016-7286)
1008009* - Microsoft Edge Scripting Engine Memory Corruption Vulnerability (CVE-2016-7201)
1007920* - Microsoft Internet Explorer And Edge Memory Corruption Vulnerability (CVE-2016-3247)
1005366* - Microsoft Internet Explorer COMWindowProxy Use After Free Vulnerability (CVE-2013-0019)


Web Server Miscellaneous
1007650 - Identified Access To NetIQ URLs Prone To Information Disclosure Vulnerability (CVE-2014-5215)


Integrity Monitoring Rules:

There are no new or updated Integrity Monitoring Rules in this Security Update.


Log Inspection Rules:

There are no new or updated Log Inspection Rules in this Security Update.

* indicates a new version of an existing rule

Deep Packet Inspection Rules:

Content Management Server Microsoft
1000984* - Microsoft CMS Cross Site Scripting Vulnerability


DNS Client
1008053 - ISC BIND DNAME Answer Handling Denial Of Service Vulnerability (CVE-2016-8864)


DNS Server
1007648* - PowerDNS Authoritative Server DNS Packet Processing Denial Of Service Vulnerability (CVE-2015-5311)


EMC AutoStart Agent Service
1007640 - Identified EMC AutoStart Remote Code Execution Vulnerability


Microsoft Office
1008075 - Microsoft Office Information Disclosure Vulnerability (CVE-2016-7264)
1008074 - Microsoft Office Information Disclosure Vulnerability (CVE-2016-7265)
1008070 - Microsoft Office Information Disclosure Vulnerability (CVE-2016-7268)
1008076 - Microsoft Office Information Disclosure Vulnerability (CVE-2016-7276)
1007617* - Microsoft Office Memory Corruption Vulnerability (CVE-2016-0126)
1008077 - Microsoft Office Memory Corruption Vulnerability (CVE-2016-7277)
1008078 - Microsoft Office Memory Corruption Vulnerability (CVE-2016-7289)
1008073 - Microsoft Office Security Feature Bypass Vulnerability (CVE-2016-7262)
1008072 - Microsoft Office Security Feature Bypass Vulnerability (CVE-2016-7266)
1008071 - Microsoft Office Security Feature Bypass Vulnerability (CVE-2016-7267)
1000764* - Microsoft Publisher Font Parsing Buffer Overflow


NTP Client
1008004 - NTP 'ntpq atoascii' Memory Corruption Vulnerability (CVE-2015-7852)


NTP Server Linux
1008040 - NTP AutoKey Malicious Message Multiple Denial Of Service Vulnerabilities
1007399* - NTP Long Control Packet Message Denial Of Service Vulnerability (CVE-2015-7855)
1008048 - NTP Mrulist Malicious Query Denial Of Service Vulnerability (CVE-2016-7434)


OpenSSL
1008039* - OpenSSL SSL3_AL_WARNING Remote Denial Of Service Vulnerability (CVE-2016-8610)


Suspicious Client Ransomware Activity
1007579* - Ransomware HTTP Request
1007577* - Ransomware Hydra


Suspicious Server Ransomware Activity
1007580* - Ransomware HTTP Request-1


Web Application Common
1006823* - Identified Suspicious Command Injection Attack - 1


Web Application Miscellaneous
1000846* - Microsoft Windows Explorer Drag and Drop Remote Code Execution


Web Application PHP Based
1008038 - PHP GC ZipArchive Class Use After Free Vulnerability (CVE-2016-5773)
1007973* - PHP ZipArchive Integer Overflow Vulnerability (CVE-2016-3078)


Web Application Tomcat
1000638* - Apache Tomcat "Tomcat Manager" Cross-Site Scripting
1000967* - Apache Tomcat Servlet Engine Directory Traversal
1000637* - Tomcat 4.x JSP source code exposure


Web Client Common
1007629* - Adobe Acrobat And Reader Multiple Security Vulnerabilities (APSB16-14) - 6
1007635* - Adobe Flash Player Heap Overflow Vulnerability (CVE-2016-1101)
1008084 - Microsoft Office OLE DLL Loading Vulnerability Over WebDAV (CVE-2016-7275)
1008079 - Microsoft Win32k Elevation Of Privilege Vulnerability (CVE-2016-7259)
1008080 - Microsoft Win32k Elevation Of Privilege Vulnerability (CVE-2016-7260)
1008029* - Microsoft Windows Animation Manager Memory Corruption Vulnerability (CVE-2016-7205)
1008081 - Microsoft Windows Common Log File System Driver Information Disclosure Vulnerability (CVE-2016-7295)
1008069 - Microsoft Windows GDI Information Disclosure Vulnerability (CVE-2016-7257)
1008043 - Microsoft Windows Graphics Component Remote Code Execution Vulnerability (CVE-2016-3393)
1008068 - Microsoft Windows Graphics Remote Code Execution Vulnerability (CVE-2016-7272)
1007989* - Microsoft Windows Multiple Security Vulnerabilities (MS16-118, MS16-119)
1008082 - Microsoft Windows Multiple Security Vulnerabilities (MS16-149)
1008067 - Microsoft Windows Uniscribe Remote Code Execution Vulnerability (CVE-2016-7274)
1008052 - Mozilla Firefox SVG Animation Use After Free Vulnerability (CVE-2016-9079)


Web Client Internet Explorer/Edge
1003507* - AOL IWinAmpActiveX Class ConvertFile() Remote Buffer Overflow
1005540* - Internet Explorer Memory Corruption Vulnerability (CVE-2013-3120)
1008061 - Microsoft Edge Information Disclosure Vulnerability (CVE-2016-7206)
1008062 - Microsoft Edge Information Disclosure Vulnerability (CVE-2016-7280)
1007248* - Microsoft Edge Memory Corruption Vulnerability (CVE-2015-6168)
1008063 - Microsoft Edge Memory Corruption Vulnerability (CVE-2016-7286)
1008064 - Microsoft Edge Memory Corruption Vulnerability (CVE-2016-7288)
1007984* - Microsoft Edge Scripting Engine Memory Corruption Vulnerability (CVE-2016-3386)
1008009* - Microsoft Edge Scripting Engine Memory Corruption Vulnerability (CVE-2016-7201)
1008013* - Microsoft Edge Scripting Engine Memory Corruption Vulnerability (CVE-2016-7202)
1008016* - Microsoft Edge Scripting Engine Memory Corruption Vulnerability (CVE-2016-7240)
1008011* - Microsoft Edge Scripting Engine Memory Corruption Vulnerability (CVE-2016-7242)
1008065 - Microsoft Edge Scripting Engine Memory Corruption Vulnerability (CVE-2016-7296)
1008066 - Microsoft Edge Scripting Engine Memory Corruption Vulnerability (CVE-2016-7297)
1007237* - Microsoft Internet Explorer And Edge Memory Corruption Vulnerability (CVE-2015-6151)
1008012* - Microsoft Internet Explorer And Edge Memory Corruption Vulnerability (CVE-2016-7195)
1008056 - Microsoft Internet Explorer And Edge Memory Corruption Vulnerability (CVE-2016-7279)
1008017* - Microsoft Internet Explorer And Edge Remote Code Execution Vulnerability (CVE-2016-7241)
1008060 - Microsoft Internet Explorer And Edge Scripting Engine Memory Corruption Vulnerability (CVE-2016-7287)
1008057 - Microsoft Internet Explorer And Edge Security Feature Bypass Vulnerability (CVE-2016-7282)
1008055 - Microsoft Internet Explorer Information Disclosure Vulnerability (CVE-2016-7278)
1008059 - Microsoft Internet Explorer Information Disclosure Vulnerability (CVE-2016-7284)
1006790* - Microsoft Internet Explorer Memory Access Violation Vulnerability
1006312* - Microsoft Internet Explorer Memory Corruption Vulnerability (CVE-2014-4141)
1007407* - Microsoft Internet Explorer Memory Corruption Vulnerability (CVE-2016-0063)
1008083 - Microsoft Internet Explorer Memory Corruption Vulnerability (CVE-2016-3384)
1008054 - Microsoft Internet Explorer Memory Corruption Vulnerability (CVE-2016-7202)
1008058 - Microsoft Internet Explorer Memory Corruption Vulnerability (CVE-2016-7283)


Web Server Miscellaneous
1007603* - Apache Struts Dynamic Method Invocation Remote Code Execution Vulnerability (CVE-2016-3081)
1004189* - RedHat JBoss Enterprise Application Platform JMX Console Authentication Bypass
1001781* - WS_FTP Server Manager Authentication Bypass and Information Disclosure Vulnerability


Web Server Oracle
1003878* - Oracle E-Business Suite Multiple Remote Vulnerabilities


Integrity Monitoring Rules:

There are no new or updated Integrity Monitoring Rules in this Security Update.


Log Inspection Rules:

There are no new or updated Log Inspection Rules in this Security Update.

* indicates a new version of an existing rule

Deep Packet Inspection Rules:

Application Control For Mail Client
1002452* - Application Control For Eudora


DNS Server
1007648 - PowerDNS Authoritative Server DNS Packet Processing Denial Of Service Vulnerability (CVE-2015-5311)


Suspicious Client Ransomware Activity
1007579* - Ransomware HTTP Request
1007577* - Ransomware Hydra


Suspicious Server Application Activity
1002378* - Detected Virtual Network Computing (VNC) Server Traffic


Suspicious Server Ransomware Activity
1007580* - Ransomware HTTP Request-1


Web Application Common
1007715* - ImageMagick And GraphicsMagick Remote Code Execution Vulnerability (CVE-2016-5118)
1007609* - ImageMagick Remote Code Execution Vulnerability (CVE-2016-3714)


Web Application PHP Based
1007298* - Joomla Core Remote Code Execution Vulnerability (CVE-2015-8562)


Web Client Common
1006532* - Identified Malicious Adobe Flash SWF File - 1
1007738* - ImageMagick And GraphicsMagick Remote Code Execution Vulnerability (CVE-2016-5118) - 1
1007611* - ImageMagick Remote Code Execution Vulnerability (CVE-2016-3714) - 1
1008033* - Microsoft Windows Elevation Of Privilege Vulnerability (CVE-2016-7255)
1008044 - OpenJPEG JPEG2000 MCC Record Code Execution Vulnerability (CVE-2016-8332)


Web Client Internet Explorer/Edge
1006383* - Microsoft Internet Explorer VBScript Memory Corruption Vulnerability (CVE-2014-6363)


Web Server Common
1007651* - Identified Absence Of Configured CDN/Reverse Proxy HTTP Header


Integrity Monitoring Rules:

There are no new or updated Integrity Monitoring Rules in this Security Update.


Log Inspection Rules:

There are no new or updated Log Inspection Rules in this Security Update.

* indicates a new version of an existing rule

Deep Packet Inspection Rules:

DNS Client
1007425* - ISC BIND OpenPGP Key Handler Denial Of Service Vulnerability (CVE-2015-5986)
1007465* - ISC BIND Response Handler Denial Of Service Vulnerability (CVE-2015-8000)


Database Oracle
1003510* - Oracle Database Server LT.ROLLBACKWORKSPACE SQL Injection


HP OpenView Network Node Manager
1007643* - HP OpenView Network Node Manager ovw.dll Message Handling Buffer Overflow (CVE-2008-1842)


NTP Server Linux
1007399 - NTP Long Control Packet Message Denial Of Service Vulnerability (CVE-2015-7855)


OpenSSL
1008039 - OpenSSL SSL3_AL_WARNING Remote Denial Of Service Vulnerability (CVE-2016-8610)


Suspicious Client Application Activity
1007907* - Cisco ASA Memory Corruption Vulnerability (CVE-2016-6366)


Web Client Common
1007310* - Adobe Flash Player Heap Overflow Vulnerability (CVE-2015-8446)
1008042 - Adobe Flash Player Multiple Security Vulnerabilities (APSB16-37)
1007620* - Microsoft Windows Graphics Component Information Disclosure Vulnerability (CVE-2016-0168)
1007622* - Microsoft Windows Graphics Component RCE Vulnerability (CVE-2016-0170)


Web Client Internet Explorer/Edge
1007983* - Microsoft Edge Scripting Engine Information Disclosure Vulnerability (CVE-2016-7189)
1007985* - Microsoft Internet Explorer Information Disclosure Vulnerability (CVE-2016-3298)
1007928* - Microsoft Internet Explorer Memory Corruption Vulnerability (CVE-2016-3324)


Web Server HTTPS
1007253* - Trend Micro Threat Intelligence Manager Multiple Vulnerabilities Remote Code Execution


Web Server Miscellaneous
1007993* - RedHat JBoss Web Application Server Remote Information Disclosure Vulnerability (CVE-2005-2006)


Integrity Monitoring Rules:

There are no new or updated Integrity Monitoring Rules in this Security Update.


Log Inspection Rules:

There are no new or updated Log Inspection Rules in this Security Update.