Rule Update

16-024 (August 23, 2016)


  DESCRIPTION

* indicates a new version of an existing rule

Deep Packet Inspection Rules:

DCERPC Services
1003080* - Server Service Vulnerability (srvsvc)


Trend Micro OfficeScan NT Listener
1003177* - Trend Micro OfficeScan Directory Traversal Vulnerability


Web Application PHP Based
1007255* - PHP SplObjectStorage Use After Free Vulnerability


Web Client Common
1007631* - Adobe Acrobat And Reader Multiple Security Vulnerabilities (APSB16-14) - 10
1007819* - Adobe Acrobat And Reader Multiple Security Vulnerabilities (APSB16-14) - 4
1007818* - Adobe Acrobat And Reader Multiple Security Vulnerabilities (APSB16-14) - 7
1007817* - Adobe Acrobat And Reader Multiple Security Vulnerabilities (APSB16-14) - 8
1007857 - Adobe Acrobat And Reader Multiple Security Vulnerabilities (APSB16-14) - 9
1007632* - Adobe Acrobat And Reader Multiple Use After Free Vulnerabilities (APSB16-14) - 1
1007824* - Adobe Acrobat And Reader Multiple Use After Free Vulnerabilities (APSB16-14) - 2
1007825* - Adobe Acrobat And Reader Multiple Use After Free Vulnerabilities (APSB16-14) - 3
1007675 - Adobe Flash Player Heap Overflow Vulnerability (CVE-2016-4135)
1007904 - Microsoft Windows Graphics Use After Free Vulnerability (CVE-2016-3310)


Web Server Common
1002593* - Allow HTTP (Including WebDAV) Methods


Web Server Miscellaneous
1007646 - Apache Struts JRE URLDecoder Cross-Site Scripting Vulnerability (CVE-2016-4003)


Integrity Monitoring Rules:

There are no new or updated Integrity Monitoring Rules in this Security Update.


Log Inspection Rules:

There are no new or updated Log Inspection Rules in this Security Update.