Rule Update

18-062 (November 20, 2018)


* indicates a new version of an existing rule

Deep Packet Inspection Rules:

Java RMI
1009390 - Apache Commons FileUpload DiskFileItem File Manipulation Remote Code Execution Vulnerability (CVE-2016-1000031)

Trend Micro OfficeScan
1009034* - Trend Micro Smart Protection Server Auth Command Injection Authentication Bypass Vulnerability (CVE-2018-6231)

Web Application PHP Based
1009395 - PHP 'imap_open()' Remote Code Execution Vulnerability

Web Application Tomcat
1009388 - Apache Tomcat 'mod_jk' Information Disclosure Vulnerability (CVE-2018-11759)

Web Client Common
1009394 - Adobe Acrobat And Reader NTLM SSO Hash Information Disclosure Vulnerability (CVE-2018-15979)
1009393 - Adobe Flash Player Out Of Bounds Read Vulnerability (CVE-2018-15978)
1009398 - Adobe Flash Player Type Confusion Vulnerability (CVE-2018-15981)
1004085* - Heuristic Detection Of Malicious PDF Documents - 3

Integrity Monitoring Rules:

There are no new or updated Integrity Monitoring Rules in this Security Update.

Log Inspection Rules:

There are no new or updated Log Inspection Rules in this Security Update.