Trend Micro Deep Security™️およびDPIルール等の関連情報

  • Rule Update: 15-032 (2015年10月13日)
    * indicates a new version of an existing rule

    Deep Packet Inspection Rules:

    Web Client Common
    1007119 - Identified Malicious Adobe Flash SWF File - 2


    Integrity Monitoring Rules:

    There are no new or updated Integrity Monitoring Rules in this Security Update.


    Log Inspection Rules:

    There are no new or updated Log Inspection Rules in this Security Update.
  • Rule Update: 15-031 (2015年10月13日)
    * indicates a new version of an existing rule

    Deep Packet Inspection Rules:

    Application Control For File Sharing
    1003655* - Application Control For Share NT5


    Directory Server LDAP
    1002614* - OpenLDAP ber_get_next BER Decoding Denial of Service


    HP AutoPass License Server
    1006811 - HP AutoPass License Server Remote Code Execution Vulnerability (CVE-2013-6221)


    Microsoft Office
    1006941* - Microsoft Office Memory Corruption Vulnerability (CVE-2015-2477)
    1007110 - Microsoft Office Memory Corruption Vulnerability (CVE-2015-2555)
    1007111 - Microsoft Office Memory Corruption Vulnerability (CVE-2015-2557)
    1007112 - Microsoft Office Memory Corruption Vulnerability (CVE-2015-2558)


    OpenSSL
    1006854* - OpenSSL X509_cmp_time Denial Of Service Vulnerability (CVE-2015-1789)


    OpenSSL Client
    1006920* - OpenSSL Client X509_cmp_time Denial Of Service Vulnerability (CVE-2015-1789)


    Suspicious Client Application Activity
    1007116 - VMware vCenter Java JMX Server Insecure Configuration Java Code Execution Vulnerability


    Web Application PHP Based
    1006656* - Magento Admin Authentication Bypass Vulnerability


    Web Client Common
    1007090 - Adobe Flash Player Buffer Overflow Vulnerability (CVE-2015-6676)
    1007093 - Adobe Flash Player Buffer Overflow Vulnerability (CVE-2015-6678)
    1006772* - Adobe Flash Player Cross Domain Policy Bypass Vulnerability
    1006985* - Adobe Flash Player Memory Corruption Vulnerability (CVE-2015-5547)
    1006986* - Adobe Flash Player Memory Corruption Vulnerability (CVE-2015-5548)
    1007073 - Adobe Flash Player Memory Corruption Vulnerability (CVE-2015-5567)
    1007078 - Adobe Flash Player Memory Corruption Vulnerability (CVE-2015-5574)
    1007079 - Adobe Flash Player Memory Corruption Vulnerability (CVE-2015-5575)
    1007080 - Adobe Flash Player Memory Corruption Vulnerability (CVE-2015-5576)
    1007081 - Adobe Flash Player Memory Corruption Vulnerability (CVE-2015-5578)
    1007082 - Adobe Flash Player Memory Corruption Vulnerability (CVE-2015-5579)
    1007083 - Adobe Flash Player Memory Corruption Vulnerability (CVE-2015-5580)
    1007085 - Adobe Flash Player Memory Corruption Vulnerability (CVE-2015-5582)
    1007088 - Adobe Flash Player Memory Corruption Vulnerability (CVE-2015-5588)
    1002948* - Adobe Flash Player SWF Version Null Pointer Dereference Denial Of Service
    1007076 - Adobe Flash Player Security Bypass Vulnerability (CVE-2015-5572)
    1007091 - Adobe Flash Player Security Bypass Vulnerability (CVE-2015-6679)
    1007087 - Adobe Flash Player Stack Buffer Overflow Vulnerability (CVE-2015-5587)
    1007077 - Adobe Flash Player Type Confusion Vulnerability (CVE-2015-5573)
    1007115 - Adobe Flash Player Use After Free Vulnerability
    1006590* - Adobe Flash Player Use After Free Vulnerability (CVE-2015-0342)
    1006780* - Adobe Flash Player Use After Free Vulnerability (CVE-2015-3106)
    1007075 - Adobe Flash Player Use After Free Vulnerability (CVE-2015-5570)
    1007084 - Adobe Flash Player Use After Free Vulnerability (CVE-2015-5581)
    1007086 - Adobe Flash Player Use After Free Vulnerability (CVE-2015-5584)
    1007092 - Adobe Flash Player Use After Free Vulnerability (CVE-2015-6682)
    1007074 - Adobe Flash Player Vector Length Corruption Vulnerability (CVE-2015-5568)
    1007063 - Foxit Reader PNG Conversion Arbitrary Code Execution Vulnerability
    1006631* - Identified File Protocol Handler In HTTP Location Header
    1006820* - Java SE Remote Security Vulnerability (CVE-2015-0491)
    1007061 - Mozilla Firefox Arbitrary JavaScript Code Execution
    1005849* - RealNetworks RealPlayer Stack Based Buffer Overflow Vulnerability


    Web Client Internet Explorer
    1007106 - Microsoft Internet Explorer Information Disclosure Vulnerability (CVE-2015-6046)
    1007102 - Microsoft Internet Explorer Information Disclosure Vulnerability (CVE-2015-6053)
    1007108 - Microsoft Internet Explorer Information Disclosure Vulnerability (CVE-2015-6059)
    1007097 - Microsoft Internet Explorer Memory Corruption Vulnerability (CVE-2015-6042)
    1007098 - Microsoft Internet Explorer Memory Corruption Vulnerability (CVE-2015-6045)
    1007099 - Microsoft Internet Explorer Memory Corruption Vulnerability (CVE-2015-6048)
    1007100 - Microsoft Internet Explorer Memory Corruption Vulnerability (CVE-2015-6049)
    1007101 - Microsoft Internet Explorer Memory Corruption Vulnerability (CVE-2015-6050)
    1007096 - Microsoft Internet Explorer Scripting Engine Memory Corruption Vulnerability (CVE-2015-2482)
    1007103 - Microsoft Internet Explorer Scripting Engine Memory Corruption Vulnerability (CVE-2015-6055)
    1007107 - Microsoft Internet Explorer VBScript And JScript ASLR Bypass Vulnerability (CVE-2015-6052)
    1007105 - Microsoft Windows Shell Tablet Input Band Use After Free Vulnerability (CVE-2015-2548)
    1007104 - Microsoft Windows Shell Toolbar Use After Free Vulnerability (CVE-2015-2515)


    Web Client SSL
    1006606* - Identified Fraudulent Digital Certificate - 1


    Web Server Common
    1007117 - Identified Python Werkzeug Debugger Remote Code Execution


    Web Server IIS
    1004396* - IIS Repeated Parameter Request Denial Of Service Vulnerability


    Web Server Miscellaneous
    1006808 - Novell Zenworks Configuration Management Multiple Information Disclosure Vulnerabilities


    Integrity Monitoring Rules:

    There are no new or updated Integrity Monitoring Rules in this Security Update.


    Log Inspection Rules:

    There are no new or updated Log Inspection Rules in this Security Update.
  • Rule Update: 15-030 (2015年9月22日)
    * indicates a new version of an existing rule

    Deep Packet Inspection Rules:

    Application Control For File Sharing
    1003655* - Application Control For Share NT5


    Application Control Packet Size Detection
    1007034 - Application Control For Share EX2 P2P


    Microsoft Office
    1007039* - Microsoft Graphics Component Buffer Overflow Vulnerability (CVE-2015-2510)
    1006940* - Microsoft Office Integer Underflow Vulnerability (CVE-2015-2470)
    1007040* - Microsoft Office Memory Corruption Vulnerability (CVE-2015-2520)
    1007050* - Microsoft Office Memory Corruption Vulnerability (CVE-2015-2521)
    1007051* - Microsoft Office Memory Corruption Vulnerability (CVE-2015-2523)
    1006323* - Microsoft Office Remote Code Execution Vulnerability (CVE-2014-6333)
    1006471* - Microsoft Office Remote Code Execution Vulnerability (CVE-2015-0064)
    1007059 - Microsoft Office Remote Code Execution Vulnerability (CVE-2015-2545)


    Port Mapper Windows
    1001033* - Windows Port Mapper Decoder


    Remote Desktop Protocol Server
    1004949* - Remote Desktop Protocol Vulnerability (CVE-2012-0002)


    TFTP Server
    1000929* - 3CDaemon Reserved Device Name DoS


    Web Application Common
    1000608* - Generic SQL Injection Prevention


    Web Application Miscellaneous
    1003707* - Adobe JRun 'logviewer.jsp' Directory Traversal Vulnerability


    Web Client Common
    1006810* - Adobe Flash Player Nellymoser Heap Buffer Overflow Vulnerabilities
    1006907 - Google Chrome Type Confusion Remote Code Execution Vulnerability (CVE-2015-1230)
    1006996* - Identified Suspicious Microsoft Word RTF File - 1
    1006947* - Microsoft Windows OpenType Font Parsing Vulnerability (CVE-2015-2459)
    1006949* - Microsoft Windows OpenType Font Parsing Vulnerability (CVE-2015-2461)
    1005351* - Oracle Outside In Technology Paradox Database Stream Filter Vulnerability
    1007047* - Windows Media Center Remote Code Execution Vulnerability (CVE-2015-2509)


    Web Client Internet Explorer
    1007026* - Microsoft Internet Explorer Memory Corruption Vulnerability (CVE-2015-2487)
    1007046* - Microsoft Internet Explorer Memory Corruption Vulnerability (CVE-2015-2499)


    Web Client Mozilla Firefox
    1006954* - Mozilla Firefox PDF Viewer Same Origin Policy Information Disclosure Vulnerability (CVE-2015-4495)


    Windows Media Service
    1004097* - Media Services Stack-based Buffer Overflow Vulnerability


    Windows Services DNS Server RPC Interface
    1000986* - Microsoft Windows DNS Server RPC Buffer Overflow


    Windows Services RPC Client
    1006994 - Executable File Download On Network Share Detected


    Windows Services RPC Server
    1006995 - Remote Add Job Through SMBv1 Protocol Detected
    1007037 - Remote Add Job Through SMBv2 Protocol Detected
    1007020 - Remote CreateService Request Detected Through SMBv1 Protocol
    1007066 - Remote Delete Job Through SMBv1 Protocol Detected
    1007038 - Remote Delete Job Through SMBv2 Protocol Detected
    1007035 - Remote DeleteService Request Through SMBv1 Detected
    1007070 - Remote PWDUMP Through SMBv1 Protocol Detected
    1007057 - Remote Registry Access Through SMBv1 Protocol Detected
    1007021 - Remote Registry Access Through SMBv2 Protocol Detected
    1007032 - Remote Schedule Task Create Through SMBv1 Protocol Detected
    1007033 - Remote Scheduled Task Access Through SMBv1 Protocol Detected
    1007069 - Remote Service Execution Through SMBv1 Detected


    Windows Services RPC Server DCERPC
    1007054 - Remote Schedule Task 'Create' Through SMBv2 Protocol Detected
    1007053 - Remote Schedule Task 'Delete' Through SMBv2 Protocol Detected
    1007017 - Remote Schedule Task 'Run' Through SMBv2 Protocol Detected
    1007068 - Remote Service Execution Through SMBv2 Protocol Detected


    Integrity Monitoring Rules:

    There are no new or updated Integrity Monitoring Rules in this Security Update.


    Log Inspection Rules:

    There are no new or updated Log Inspection Rules in this Security Update.
  • Rule Update: 15-029 (2015年9月8日)
    * indicates a new version of an existing rule

    Deep Packet Inspection Rules:

    Application Control For Download Manager
    1004902* - Application Control For JDownloader


    Database MySQL
    1004901* - Identified Suspicious Remote Login To MySQL Server Without Password
    1005063* - Restrict MySQL Database Access


    Mail Server Common
    1000883* - SMTP Header Length Restriction


    Microsoft Office
    1007039 - Microsoft Graphics Component Buffer Overflow Vulnerability (CVE-2015-2510)
    1006939* - Microsoft Office Memory Corruption Vulnerability (CVE-2015-2469)
    1007040 - Microsoft Office Memory Corruption Vulnerability (CVE-2015-2520)
    1007050 - Microsoft Office Memory Corruption Vulnerability (CVE-2015-2521)
    1007051 - Microsoft Office Memory Corruption Vulnerability (CVE-2015-2523)


    Novell Configuration Management Preboot Policy Service
    1006792* - Novell ZENworks Configuration Management Stack Buffer Overflow Vulnerability


    Suspicious Server Application Activity
    1004735* - Detected IP Messenger Server Traffic
    1001164* - Detected Terminal Services (RDP) Server Traffic


    Unix SSH
    1000798* - Unix OpenSSH sshd Identical Blocks DoS


    Web Application PHP Based
    1005465* - Identified Access To WordPress Sensitive Files
    1005915* - phpLDAPadmin 'query_engine' Remote PHP Code Injection Vulnerability
    1005947* - phpMyAdmin 'setup.php' PHP Code Injection Vulnerability


    Web Client Common
    1007023 - Adobe Flash Player Cross Domain Information Disclosure Vulnerability (CVE-2015-5116)
    1007022 - Adobe Flash Player DefineBitsLossless Memory Corruption Vulnerability (CVE-2015-3093)
    1006409* - Adobe Reader And Acrobat Memory Corruption Vulnerability (CVE-2014-8460)
    1005676* - Identified Download Of XML File With External Entity Reference
    1006532* - Identified Malicious Adobe Flash SWF File - 1
    1007029 - Microsoft Windows Journal Remote Code Execution Vulnerability (CVE-2015-2513)
    1006950* - Microsoft Windows OpenType Font Parsing Vulnerability (CVE-2015-2462)
    1007052 - Microsoft Windows OpenType Font Parsing Vulnerability (CVE-2015-2506)
    1007047 - Windows Media Center Remote Code Execution Vulnerability (CVE-2015-2509)
    1006927 - libtiff bmp2tiff Denial Of Service Vulnerability (CVE-2014-9330)


    Web Client Internet Explorer
    1007041 - Microsoft Internet Explorer Information Disclosure Vulnerability (CVE-2015-2483)
    1006929* - Microsoft Internet Explorer Memory Corruption Vulnerability (CVE-2015-2443)
    1006931* - Microsoft Internet Explorer Memory Corruption Vulnerability (CVE-2015-2446)
    1007024 - Microsoft Internet Explorer Memory Corruption Vulnerability (CVE-2015-2485)
    1007025 - Microsoft Internet Explorer Memory Corruption Vulnerability (CVE-2015-2486)
    1007026 - Microsoft Internet Explorer Memory Corruption Vulnerability (CVE-2015-2487)
    1007028 - Microsoft Internet Explorer Memory Corruption Vulnerability (CVE-2015-2490)
    1007030 - Microsoft Internet Explorer Memory Corruption Vulnerability (CVE-2015-2491)
    1007043 - Microsoft Internet Explorer Memory Corruption Vulnerability (CVE-2015-2492)
    1007045 - Microsoft Internet Explorer Memory Corruption Vulnerability (CVE-2015-2498)
    1007046 - Microsoft Internet Explorer Memory Corruption Vulnerability (CVE-2015-2499)
    1007048 - Microsoft Internet Explorer Memory Corruption Vulnerability (CVE-2015-2500)
    1007049 - Microsoft Internet Explorer Memory Corruption Vulnerability (CVE-2015-2501)
    1007044 - Microsoft Internet Explorer Scripting Engine Memory Corruption Vulnerability (CVE-2015-2493)


    Web Server Miscellaneous
    1006908* - Novell ZENworks Configuration Management UploadServlet Remote Code Execution Vulnerabilities


    Integrity Monitoring Rules:

    There are no new or updated Integrity Monitoring Rules in this Security Update.


    Log Inspection Rules:

    There are no new or updated Log Inspection Rules in this Security Update.
  • Rule Update: 15-029 (2015年9月8日)
    * indicates a new version of an existing rule

    Deep Packet Inspection Rules:

    Application Control For Download Manager
    1004902* - Application Control For JDownloader


    Database MySQL
    1004901* - Identified Suspicious Remote Login To MySQL Server Without Password
    1005063* - Restrict MySQL Database Access


    Mail Server Common
    1000883* - SMTP Header Length Restriction


    Microsoft Office
    1007039 - Microsoft Graphics Component Buffer Overflow Vulnerability (CVE-2015-2510)
    1006939* - Microsoft Office Memory Corruption Vulnerability (CVE-2015-2469)
    1007040 - Microsoft Office Memory Corruption Vulnerability (CVE-2015-2520)
    1007050 - Microsoft Office Memory Corruption Vulnerability (CVE-2015-2521)
    1007051 - Microsoft Office Memory Corruption Vulnerability (CVE-2015-2523)


    Novell Configuration Management Preboot Policy Service
    1006792* - Novell ZENworks Configuration Management Stack Buffer Overflow Vulnerability


    Suspicious Server Application Activity
    1004735* - Detected IP Messenger Server Traffic
    1001164* - Detected Terminal Services (RDP) Server Traffic


    Unix SSH
    1000798* - Unix OpenSSH sshd Identical Blocks DoS


    Web Application PHP Based
    1005465* - Identified Access To WordPress Sensitive Files
    1005915* - phpLDAPadmin 'query_engine' Remote PHP Code Injection Vulnerability
    1005947* - phpMyAdmin 'setup.php' PHP Code Injection Vulnerability


    Web Client Common
    1007023 - Adobe Flash Player Cross Domain Information Disclosure Vulnerability (CVE-2015-5116)
    1007022 - Adobe Flash Player DefineBitsLossless Memory Corruption Vulnerability (CVE-2015-3093)
    1006409* - Adobe Reader And Acrobat Memory Corruption Vulnerability (CVE-2014-8460)
    1005676* - Identified Download Of XML File With External Entity Reference
    1006532* - Identified Malicious Adobe Flash SWF File - 1
    1007029 - Microsoft Windows Journal Remote Code Execution Vulnerability (CVE-2015-2513)
    1006950* - Microsoft Windows OpenType Font Parsing Vulnerability (CVE-2015-2462)
    1007052 - Microsoft Windows OpenType Font Parsing Vulnerability (CVE-2015-2506)
    1007047 - Windows Media Center Remote Code Execution Vulnerability (CVE-2015-2509)
    1006927 - libtiff bmp2tiff Denial Of Service Vulnerability (CVE-2014-9330)


    Web Client Internet Explorer
    1007041 - Microsoft Internet Explorer Information Disclosure Vulnerability (CVE-2015-2483)
    1006929* - Microsoft Internet Explorer Memory Corruption Vulnerability (CVE-2015-2443)
    1006931* - Microsoft Internet Explorer Memory Corruption Vulnerability (CVE-2015-2446)
    1007024 - Microsoft Internet Explorer Memory Corruption Vulnerability (CVE-2015-2485)
    1007025 - Microsoft Internet Explorer Memory Corruption Vulnerability (CVE-2015-2486)
    1007026 - Microsoft Internet Explorer Memory Corruption Vulnerability (CVE-2015-2487)
    1007028 - Microsoft Internet Explorer Memory Corruption Vulnerability (CVE-2015-2490)
    1007030 - Microsoft Internet Explorer Memory Corruption Vulnerability (CVE-2015-2491)
    1007043 - Microsoft Internet Explorer Memory Corruption Vulnerability (CVE-2015-2492)
    1007045 - Microsoft Internet Explorer Memory Corruption Vulnerability (CVE-2015-2498)
    1007046 - Microsoft Internet Explorer Memory Corruption Vulnerability (CVE-2015-2499)
    1007048 - Microsoft Internet Explorer Memory Corruption Vulnerability (CVE-2015-2500)
    1007049 - Microsoft Internet Explorer Memory Corruption Vulnerability (CVE-2015-2501)
    1007044 - Microsoft Internet Explorer Scripting Engine Memory Corruption Vulnerability (CVE-2015-2493)


    Web Server Miscellaneous
    1006908* - Novell ZENworks Configuration Management UploadServlet Remote Code Execution Vulnerabilities


    Integrity Monitoring Rules:

    There are no new or updated Integrity Monitoring Rules in this Security Update.


    Log Inspection Rules:

    There are no new or updated Log Inspection Rules in this Security Update.
  • Rule Update: 15-028 (2015年8月25日)
    * indicates a new version of an existing rule

    Deep Packet Inspection Rules:

    Asterisk Server IAX2
    1003778* - Digium Asterisk IAX2 Call Number Denial Of Service


    Backup Server EMC Legato
    1001104* - EMC Legato Networker Remote Exec Service Stack Overflow


    DNS Client
    1002358* - Adobe Multiple Products PDF JavaScript Method Buffer Overflow
    1005101* - ISC BIND Zero Length RDATA Denial Of Service Vulnerability
    1006909* - ISC BIND Zone Query Handler Denial Of Service Vulnerability
    1000159* - Microsoft SMTP Server DNS Handling Buffer Overflow


    DNS Server
    1000836* - Microsoft Windows NAT Helper DNS Query DoS


    Database Oracle
    1000251* - Oracle Database Server Buffer Overflow In Procedure START_LOG of CTX_OUTPUT Package


    Microsoft Office
    1005346* - Identified Suspicious Microsoft Word RTF File
    1004978* - MSCOMCTL.OCX RCE Vulnerability For Office Binary File (CVE-2012-0158)
    1006625* - Microsoft Office Component Use After Free Vulnerability (CVE-2015-1649)


    Novell Configuration Management Preboot Policy Service
    1006792 - Novell ZENworks Configuration Management Stack Buffer Overflow Vulnerability
    1006791 - Novell ZENworks Preboot Service Dynamic Port Decoder


    Novell File Reporter (NFR) Agent
    1005260* - Novell File Reporter SRS XML Server Request With Path Element Detected


    OpenSSL
    1006854* - OpenSSL X509_cmp_time Denial Of Service Vulnerability (CVE-2015-1789)


    OpenSSL Client
    1006920 - OpenSSL Client X509_cmp_time Denial Of Service Vulnerability (CVE-2015-1789)


    Web Application PHP Based
    1006021* - Joomla JCE Extension Multiple Vulnerabilities


    Web Application Tomcat
    1001108* - Apache Tomcat Cookie Handling Single Quotes Vulnerability


    Web Client Common
    1003186* - Adobe Flash Player For Linux ActionScript ASnative Command Execution
    1006972* - Adobe Flash Player Heap Buffer Overflow Vulnerability (CVE-2015-5131)
    1006958* - Adobe Flash Player Heap Buffer Overflow Vulnerability (CVE-2015-5133)
    1006968 - Adobe Flash Player Memory Corruption Vulnerability (CVE-2015-5126)
    1006984* - Adobe Flash Player Memory Corruption Vulnerability (CVE-2015-5546)
    1006987* - Adobe Flash Player Memory Corruption Vulnerability (CVE-2015-5549)
    1006810* - Adobe Flash Player Nellymoser Heap Buffer Overflow Vulnerabilities
    1006967* - Adobe Flash Player Security Bypass Vulnerability (CVE-2015-5125)
    1006865* - Adobe Flash Player SharedObject Use After Free Vulnerabilities
    1006974 - Adobe Flash Player Type Confusion Memory Corruption Vulnerability (CVE-2015-5554)
    1006975* - Adobe Flash Player Type Confusion Memory Corruption Vulnerability (CVE-2015-5555)
    1006978* - Adobe Flash Player Type Confusion Memory Corruption Vulnerability (CVE-2015-5558)
    1007012 - Adobe Flash Player Type Confusion Memory Corruption Vulnerability (CVE-2015-5562)
    1006969 - Adobe Flash Player Use After Free Vulnerability (CVE-2015-5127)
    1006988* - Adobe Flash Player Use After Free Vulnerability (CVE-2015-5550)
    1006989 - Adobe Flash Player Use After Free Vulnerability (CVE-2015-5551)
    1006976* - Adobe Flash Player Use After Free Vulnerability (CVE-2015-5556)
    1006977* - Adobe Flash Player Use After Free Vulnerability (CVE-2015-5557)
    1006981* - Adobe Flash Player Use After Free Vulnerability (CVE-2015-5561)
    1007016 - Adobe Flash Player Use After Free Vulnerability (CVE-2015-5564)
    1006965* - Adobe Flash Player Use After Free Vulnerability (CVE-2015-5565)
    1006966* - Adobe Flash Player Use After Free Vulnerability (CVE-2015-5566)
    1007014 - Adobe Reader And Acrobat Heap Based Buffer Overflow Vulnerability (CVE-2015-5105)
    1007010 - Adobe Reader And Acrobat Information Disclosure Vulnerability (CVE-2015-5089)
    1007015 - Adobe Reader And Acrobat Integer Overflow Vulnerability (CVE-2015-5108)
    1007007 - Adobe Reader And Acrobat Multiple Integer Overflow And Information Disclosure Vulnerabilities
    1007001 - Adobe Reader And Acrobat Null Pointer Dereference Vulnerability (CVE-2015-4443)
    1007002 - Adobe Reader And Acrobat Null Pointer Dereference Vulnerability (CVE-2015-4444)
    1007009 - Adobe Reader And Acrobat Security Bypass Vulnerability (CVE-2015-4435)
    1007011 - Adobe Reader And Acrobat Security Bypass Vulnerability (CVE-2015-4438)
    1007000 - Adobe Reader And Acrobat Security Bypass Vulnerability (CVE-2015-4441)
    1007003 - Adobe Reader And Acrobat Security Bypass Vulnerability (CVE-2015-4445)
    1006886* - Adobe Reader And Acrobat Security Bypass Vulnerability (CVE-2015-4447)
    1007004 - Adobe Reader And Acrobat Security Bypass Vulnerability (CVE-2015-4449)
    1007005 - Adobe Reader And Acrobat Security Bypass Vulnerability (CVE-2015-4451)
    1006998 - Adobe Reader And Acrobat Security Bypass Vulnerability (CVE-2015-4452)
    1006999 - Adobe Reader And Acrobat Security Bypass Vulnerability (CVE-2015-5085)
    1006996 - Identified Suspicious Microsoft Word RTF File - 1
    1006820* - Java SE Remote Security Vulnerability (CVE-2015-0491)
    1006944* - Microsoft Windows OpenType Font Parsing Vulnerability (CVE-2015-2432)
    1006946* - Microsoft Windows OpenType Font Parsing Vulnerability (CVE-2015-2458)
    1006947* - Microsoft Windows OpenType Font Parsing Vulnerability (CVE-2015-2459)
    1006948* - Microsoft Windows OpenType Font Parsing Vulnerability (CVE-2015-2460)
    1006945* - Microsoft Windows TrueType Font Parsing Vulnerability (CVE-2015-2456)
    1004834* - Oracle DataDirect ODBC Drivers HOST Attribute arsqls24.dll Stack Based Buffer Overflow
    1006699 - libpng Heap Based Buffer Overflow Vulnerability (CVE-2015-0973)


    Web Client Internet Explorer
    1006957* - Microsoft Internet Explorer Arbitrary Remote Code Execution Vulnerability (CVE-2015-2502)
    1006868* - Microsoft Internet Explorer JScript9 Memory Corruption Vulnerability (CVE-2015-2419)
    1006929* - Microsoft Internet Explorer Memory Corruption Vulnerability (CVE-2015-2443)
    1006930* - Microsoft Internet Explorer Memory Corruption Vulnerability (CVE-2015-2444)
    1006932* - Microsoft Internet Explorer Memory Corruption Vulnerability (CVE-2015-2448)
    1004977* - Restrict Microsoft Windows Common ListView And TreeView ActiveX Controls


    Web Server IIS
    1005622* - Microsoft Internet Information Services DOS Device Request Security Bypass Vulnerability


    Web Server Miscellaneous
    1005597* - Apache Struts 'ParameterInterceptor' Class OGNL Security Bypass Vulnerability
    1005994* - Apache Struts Multiple Directory Traversal Vulnerabilities
    1005604* - Apache Struts Multiple Remote Command Execution Vulnerability
    1006155* - Apache Struts ParameterInterceptor Class OGNL Security Bypass Vulnerability
    1004982* - Apache Struts2 'XSLTResult.java' Remote Arbitrary File Upload Vulnerability
    1006908 - Novell ZENworks Configuration Management UploadServlet Remote Code Execution Vulnerabilities


    Web Server Squid
    1000388* - Restrict Squid Cache Manager Access


    Web Service HP SiteScope
    1005837* - HP SiteScope "issueSiebelCmd" SOAP Request Detected


    Windows Services RPC Server
    1000735* - Microsoft Windows Server Service Remote Code Execution


    Integrity Monitoring Rules:

    1005041* - Malware - Suspicious Microsoft Windows Files Detected
    1005042* - Malware - Suspicious Microsoft Windows Registry Entries Detected


    Log Inspection Rules:

    1002795* - Microsoft Windows Events
  • Rule Update: 15-027 (2015年8月14日)
    * indicates a new version of an existing rule

    Deep Packet Inspection Rules:

    Web Client Common
    1006970 - Adobe Flash Player Heap Buffer Overflow Vulnerability (CVE-2015-5129)
    1006972 - Adobe Flash Player Heap Buffer Overflow Vulnerability (CVE-2015-5131)
    1006973 - Adobe Flash Player Heap Buffer Overflow Vulnerability (CVE-2015-5132)
    1006958 - Adobe Flash Player Heap Buffer Overflow Vulnerability (CVE-2015-5133)
    1006962 - Adobe Flash Player Heap Buffer Overflow Vulnerability (CVE-2015-5541)
    1006980 - Adobe Flash Player Integer Overflow Vulnerability (CVE-2015-5560)
    1006964 - Adobe Flash Player Memory Corruption Vulnerability (CVE-2015-5544)
    1006983 - Adobe Flash Player Memory Corruption Vulnerability (CVE-2015-5545)
    1006984 - Adobe Flash Player Memory Corruption Vulnerability (CVE-2015-5546)
    1006985 - Adobe Flash Player Memory Corruption Vulnerability (CVE-2015-5547)
    1006986 - Adobe Flash Player Memory Corruption Vulnerability (CVE-2015-5548)
    1006987 - Adobe Flash Player Memory Corruption Vulnerability (CVE-2015-5549)
    1006990 - Adobe Flash Player Memory Corruption Vulnerability (CVE-2015-5552)
    1006991 - Adobe Flash Player Memory Corruption Vulnerability (CVE-2015-5553)
    1006636* - Adobe Flash Player Remote Code Execution Vulnerability (CVE-2015-0349)
    1006967 - Adobe Flash Player Security Bypass Vulnerability (CVE-2015-5125)
    1006975 - Adobe Flash Player Type Confusion Memory Corruption Vulnerability (CVE-2015-5555)
    1006978 - Adobe Flash Player Type Confusion Memory Corruption Vulnerability (CVE-2015-5558)
    1006965 - Adobe Flash Player Use After Free Vulnerability (CVE-2015-3107)
    1006966 - Adobe Flash Player Use After Free Vulnerability (CVE-2015-5124)
    1006971 - Adobe Flash Player Use After Free Vulnerability (CVE-2015-5130)
    1006959 - Adobe Flash Player Use After Free Vulnerability (CVE-2015-5134)
    1006960 - Adobe Flash Player Use After Free Vulnerability (CVE-2015-5539)
    1006961 - Adobe Flash Player Use After Free Vulnerability (CVE-2015-5540)
    1006988 - Adobe Flash Player Use After Free Vulnerability (CVE-2015-5550)
    1006976 - Adobe Flash Player Use After Free Vulnerability (CVE-2015-5556)
    1006977 - Adobe Flash Player Use After Free Vulnerability (CVE-2015-5557)
    1006979 - Adobe Flash Player Use After Free Vulnerability (CVE-2015-5559)
    1006981 - Adobe Flash Player Use After Free Vulnerability (CVE-2015-5561)
    1006982 - Adobe Flash Player Use After Free Vulnerability (CVE-2015-5563)
    1006599* - Identified Suspicious Obfuscated JavaScript – 3


    Web Client Internet Explorer
    1006992 - Microsoft Internet Explorer ASLR Bypass Vulnerability (CVE-2015-2445)
    1006957 - Microsoft Internet Explorer Arbitrary Remote Code Execution Vulnerability


    Integrity Monitoring Rules:

    There are no new or updated Integrity Monitoring Rules in this Security Update.


    Log Inspection Rules:

    There are no new or updated Log Inspection Rules in this Security Update.
  • Rule Update: 15-026 (2015年8月11日)
    * indicates a new version of an existing rule

    Deep Packet Inspection Rules:

    Microsoft Office
    1006624 - Microsoft Office Component Use After Free Vulnerability (CVE-2015-1642)
    1006936 - Microsoft Office Graphics Component Remote Code Execution Vulnerability (CVE-2015-2431)
    1006940 - Microsoft Office Integer Underflow Vulnerability (CVE-2015-2470)
    1006937 - Microsoft Office Memory Corruption Vulnerability (CVE-2015-2467)
    1006938 - Microsoft Office Memory Corruption Vulnerability (CVE-2015-2468)
    1006939 - Microsoft Office Memory Corruption Vulnerability (CVE-2015-2469)
    1006941 - Microsoft Office Memory Corruption Vulnerability (CVE-2015-2477)
    1005158* - Restrict Microsoft Office Files With Embedded SWF - 2


    OpenSSL
    1006855* - OpenSSL Alternative Chains Certificate Forgery Security Bypass Vulnerability (CVE-2015-1793)


    Oracle MySQL InnoDB Memcached Plugin
    1005511* - Oracle MySQL Server InnoDB MemCached Remote Denial Of Service Vulnerability


    Web Application PHP Based
    1006817* - PHP 'phar_parse_tarfile' Memory Corruption Vulnerability
    1006819* - PHP DateTime Use After Free Vulnerability (CVE-2015-0273)
    1006821* - PHP DateTimeZone Type Confusion Information Disclosure Vulnerability


    Web Client Common
    1006824* - Adobe Flash ActionScript3 ByteArray Use After Free Vulnerability
    1006858* - Adobe Flash ActionScript3 opaqueBackground Use After Free Vulnerability (CVE-2015-5122)
    1006914* - Adobe Flash Player Memory Corruption Vulnerability (CVE-2015-3130)
    1006915 - Adobe Flash Player Memory Corruption Vulnerability (CVE-2015-3134)
    1006866* - Adobe Flash Player Multiple Use After Free Vulnerabilities
    1006863* - Adobe Flash Player Type Confusion Vulnerability (CVE-2015-3119)
    1006864* - Adobe Flash Player Type Confusion Vulnerability (CVE-2015-3121)
    1006913* - Adobe Flash Player Use After Free Vulnerability (CVE-2015-3129)
    1006919* - Adobe Flash Player Use After Free Vulnerability (CVE-2015-3132)
    1006918* - Adobe Flash Player Use After Free Vulnerability (CVE-2015-4433)
    1006943 - Adobe Flash Player Use After Free Vulnerability (CVE-2015-5117)
    1006885 - Adobe Reader And Acrobat Information Disclosure Vulnerability (CVE-2014-8450)
    1006820* - Java SE Remote Security Vulnerability (CVE-2015-0491)
    1006598* - Microsoft Windows DLL Planting Remote Code Execution Vulnerability Over HTTP (CVE-2015-0096)
    1006944 - Microsoft Windows OpenType Font Parsing Vulnerability (CVE-2015-2432)
    1006946 - Microsoft Windows OpenType Font Parsing Vulnerability (CVE-2015-2458)
    1006947 - Microsoft Windows OpenType Font Parsing Vulnerability (CVE-2015-2459)
    1006948 - Microsoft Windows OpenType Font Parsing Vulnerability (CVE-2015-2460)
    1006949 - Microsoft Windows OpenType Font Parsing Vulnerability (CVE-2015-2461)
    1006950 - Microsoft Windows OpenType Font Parsing Vulnerability (CVE-2015-2462)
    1006955 - Microsoft Windows TrueType Font Parsing Vulnerability (CVE-2015-2435)
    1006956 - Microsoft Windows TrueType Font Parsing Vulnerability (CVE-2015-2455)
    1006945 - Microsoft Windows TrueType Font Parsing Vulnerability (CVE-2015-2456)
    1006951 - Microsoft Windows TrueType Font Parsing Vulnerability (CVE-2015-2463)
    1006952 - Microsoft Windows TrueType Font Parsing Vulnerability (CVE-2015-2464)


    Web Client Internet Explorer
    1006868* - Microsoft Internet Explorer JScript9 Memory Corruption Vulnerability (CVE-2015-2419)
    1006928 - Microsoft Internet Explorer Memory Corruption Vulnerability (CVE-2015-2442)
    1006929 - Microsoft Internet Explorer Memory Corruption Vulnerability (CVE-2015-2443)
    1006930 - Microsoft Internet Explorer Memory Corruption Vulnerability (CVE-2015-2444)
    1006931 - Microsoft Internet Explorer Memory Corruption Vulnerability (CVE-2015-2446)
    1006932 - Microsoft Internet Explorer Memory Corruption Vulnerability (CVE-2015-2448)
    1006933 - Microsoft Internet Explorer Memory Corruption Vulnerability (CVE-2015-2450)
    1006934 - Microsoft Internet Explorer Memory Corruption Vulnerability (CVE-2015-2451)
    1006935 - Microsoft Internet Explorer Memory Corruption Vulnerability (CVE-2015-2452)


    Web Client Mozilla Firefox
    1006954 - Mozilla Firefox PDF Viewer Same Origin Policy Information Disclosure Vulnerability (CVE-2015-4495)


    Web Server Common
    1000128* - HTTP Protocol Decoding


    Web Server Miscellaneous
    1004874* - TimThumb Plugin Remote Code Execution Vulnerability


    Web Server RealVNC
    1006884 - libvncserver Denial Of Service Vulnerability (CVE-2014-6054)


    Windows Services RPC Server
    1006906* - Identified Usage Of PsExec Command Line Tool


    Integrity Monitoring Rules:

    1006803 - TMTR-0001: Suspicious Files Detected In Operating System Directories
    1006800 - TMTR-0002: Suspicious Files Detected In Operating System Directories
    1006802 - TMTR-0003: Suspicious Files Detected In Operating System Directories
    1006801 - TMTR-0004: Suspicious Files Detected In Operating System Directories
    1006798 - TMTR-0005: Suspicious Files Detected In Application Directories
    1006797 - TMTR-0006: Suspicious Files Detected In Application Directories
    1006796 - TMTR-0007: Suspicious Files Detected In Application Directories
    1006682* - TMTR-0008: Suspicious Files Detected In Application Directories
    1006805 - TMTR-0009: Suspicious Files Detected In System Folder
    1006804 - TMTR-0010: Suspicious Files Detected In System Folder
    1006795 - TMTR-0011: Suspicious Files Detected In System Folder
    1006658* - TMTR-0012: Suspicious Files Detected In Temporary Directories
    1006677* - TMTR-0013: Suspicious Files Detected In Windows Folder
    1006799 - TMTR-0014: Suspicious Service Detected
    1006684* - TMTR-0015: Suspicious Service Detected
    1006683* - TMTR-0016: Suspicious Running Processes Detected
    1006691* - TMTR-0017: Microsoft Windows - SAM Domain Account Users Modification Detected


    Log Inspection Rules:

    There are no new or updated Log Inspection Rules in this Security Update.
  • Rule Update: 15-025 (2015年8月3日)
    * indicates a new version of an existing rule

    Deep Packet Inspection Rules:

    DNS Client
    1006909 - ISC BIND Zone Query Handler Denial Of Service Vulnerability


    DNS Server
    1006924 - ISC BIND TKEY Query Handling Denial Of Service Vulnerability (CVE-2015-5477)
    1006925 - ISC BIND TKEY Query Handling Denial Of Service Vulnerability (CVE-2015-5477) - 1


    Suspicious Server Application Activity
    1005090* - Identified Potentially Harmful Server Traffic


    Web Client Common
    1006914 - Adobe Flash Player Memory Corruption Vulnerability (CVE-2015-3130)
    1006917 - Adobe Flash Player Memory Corruption Vulnerability (CVE-2015-4431)
    1006923 - Adobe Flash Player Null Pointer Dereference Vulnerability (CVE-2015-3133)
    1006921 - Adobe Flash Player Null Pointer Dereference Vulnerability (CVE-2015-3126)
    1006922 - Adobe Flash Player Null Pointer Dereference Vulnerability (CVE-2015-4429)
    1006910 - Adobe Flash Player Type Confusion Vulnerability (CVE-2015-3120)
    1006911 - Adobe Flash Player Type Confusion Vulnerability (CVE-2015-3122)
    1006912 - Adobe Flash Player Use After Free Vulnerability (CVE-2015-3124)
    1006913 - Adobe Flash Player Use After Free Vulnerability (CVE-2015-3129)
    1006919 - Adobe Flash Player Use After Free Vulnerability (CVE-2015-3132)
    1006916 - Adobe Flash Player Use After Free Vulnerability (CVE-2015-4430)
    1006918 - Adobe Flash Player Use After Free Vulnerability (CVE-2015-4433)
    1006815 - Google Chrome SpeechRecognitionClient Use After Free Vulnerability (CVE-2015-1251)


    Web Server Common
    1005567* - Identified No Ending Protocol In HTTP Request


    Integrity Monitoring Rules:

    There are no new or updated Integrity Monitoring Rules in this Security Update.


    Log Inspection Rules:

    There are no new or updated Log Inspection Rules in this Security Update.
  • Rule Update: 15-024 (2015年7月28日)
    * indicates a new version of an existing rule

    Deep Packet Inspection Rules:

    Microsoft Office
    1006574* - Microsoft Office Local Zone Remote Code Execution Vulnerability (CVE-2015-0097)
    1004099* - Microsoft Office Publisher File Conversion TextBox Processing Buffer Overflow Vulnerability


    OpenSSL
    1006855* - OpenSSL Alternative Chains Certificate Forgery Security Bypass Vulnerability (CVE-2015-1793)
    1006854 - OpenSSL X509_cmp_time Denial Of Service Vulnerability (CVE-2015-1789)


    OpenSSL Client
    1006856* - OpenSSL Client Alternative Chains Certificate Forgery Security Bypass Vulnerability (CVE-2015-1793)
    1006806* - OpenSSL Malformed ECParameters Infinite Loop Denial Of Service Vulnerability


    Unix CUPS
    1006814* - CUPS Print Service Remote Privilege Escalation Vulnerability


    Web Application Common
    1005936* - Identified Local File Inclusion (LFI) Over HTTP
    1006823* - Identified Suspicious Command Injection Attack - 1


    Web Application PHP Based
    1006817 - PHP 'phar_parse_tarfile' Memory Corruption Vulnerability
    1006819 - PHP DateTime Use After Free Vulnerability (CVE-2015-0273)
    1006821 - PHP DateTimeZone Type Confusion Information Disclosure Vulnerability


    Web Client Common
    1006824* - Adobe Flash ActionScript3 ByteArray Use After Free Vulnerability
    1006812* - Adobe Flash Player Heap Buffer Overflow Vulnerability (CVE-2015-3113) -1
    1006701* - Adobe Flash Player Type Confusion Remote Code Execution Vulnerability (CVE-2015-3077)
    1006905 - Adobe Flash Player Unspecified Memory Corruption Vulnerability (CVE-2015-3123)
    1006903* - Adobe Font Driver Memory Corruption Vulnerability (CVE-2015-2426)
    1006890 - Adobe Reader And Acrobat Buffer Overflow Vulnerability (CVE-2015-5093)
    1006893 - Adobe Reader And Acrobat Integer Overflow Vulnerability (CVE-2015-5097)
    1006889 - Adobe Reader And Acrobat Memory Corruption Vulnerability (CVE-2015-5087)
    1006891 - Adobe Reader And Acrobat Memory Corruption Vulnerability (CVE-2015-5094)
    1006894 - Adobe Reader And Acrobat Memory Corruption Vulnerability (CVE-2015-5098)
    1006896 - Adobe Reader And Acrobat Memory Corruption Vulnerability (CVE-2015-5100)
    1006897 - Adobe Reader And Acrobat Memory Corruption Vulnerability (CVE-2015-5101)
    1006898 - Adobe Reader And Acrobat Memory Corruption Vulnerability (CVE-2015-5102)
    1006899 - Adobe Reader And Acrobat Memory Corruption Vulnerability (CVE-2015-5103)
    1006900 - Adobe Reader And Acrobat Memory Corruption Vulnerability (CVE-2015-5104)
    1006886 - Adobe Reader And Acrobat Security Bypass Vulnerability (CVE-2015-4447)
    1006888 - Adobe Reader And Acrobat Security Bypass Vulnerability (CVE-2015-5086)
    1006887 - Adobe Reader And Acrobat Use After Free Vulnerability (CVE-2015-4448)
    1006892 - Adobe Reader And Acrobat Use After Free Vulnerability (CVE-2015-5095)
    1006895 - Adobe Reader And Acrobat Use After Free Vulnerability (CVE-2015-5099)
    1006901 - Adobe Reader And Acrobat Use After Free Vulnerability (CVE-2015-5111)
    1006902 - Adobe Reader And Acrobat Use After Free Vulnerability (CVE-2015-5113)
    1006883 - Google Chrome Cross Site Scripting Filter Bypass Vulnerability
    1006872* - Microsoft Windows DLL Planting Remote Code Execution Vulnerability (CVE-2015-2369)
    1006857* - Oracle Java SE Remote Code Execution Vulnerability (CVE-2015-2590)


    Web Client Internet Explorer
    1006868* - Microsoft Internet Explorer JScript9 Memory Corruption Vulnerability (CVE-2015-2419)
    1006832* - Microsoft Internet Explorer Memory Corruption Vulnerability (CVE-2015-2401)
    1006869* - Microsoft Internet Explorer Memory Corruption Vulnerability (CVE-2015-2425)


    Web Client Mozilla Firefox
    1006825 - Mozilla Firefox XrayWrapper Privileged Javascript Injection Vulnerability (CVE-2014-8636)


    Web Server IIS
    1006434* - Microsoft IIS Directory Traversal Vulnerability


    Web Server Miscellaneous
    1003505* - Microsoft .Net Framework Null Byte Injection Vulnerability


    Web Service HP SiteScope
    1006816* - HP SiteScope Log Analyzer Privilege Escalation Vulnerability (CVE-2015-2120)


    Windows Services RPC Server
    1006906 - Identified Usage Of PsExec Command Line Tool


    Integrity Monitoring Rules:

    There are no new or updated Integrity Monitoring Rules in this Security Update.


    Log Inspection Rules:

    There are no new or updated Log Inspection Rules in this Security Update.