Rule Update

15-013 (April 14, 2015)


  DESCRIPTION

* indicates a new version of an existing rule

Deep Packet Inspection Rules:

Database MySQL
1006262* - MySQL yaSSL Pre-authentication Code Execution Vulnerability


HP OpenView
1006250* - HP Data Protector Unspecified Arbitrary Code Execution Vulnerability (CVE-2014-2623)


HP System Management Homepage
1006447 - HP System Management Homepage Cross Site Scripting Vulnerability (CVE-2014-2640)


Microsoft Office
1006625 - Microsoft Office Component Use After Free Vulnerability (CVE-2015-1649)
1006626 - Microsoft Office Component Use After Free Vulnerability (CVE-2015-1650)
1006627 - Microsoft Office Component Use After Free Vulnerability (CVE-2015-1651)
1006623 - Microsoft Office Memory Corruption Vulnerability (CVE-2015-1641)


OpenSSL
1006621 - OpenSSL Client Authentication Handler ClientKeyExchange Message Denial Of Service Vulnerability (CVE-2015-1787)


OpenSSL Client
1006318 - Multiple Browser Wildcard Certificate Spoofing Vulnerability


Web Application PHP Based
1004998* - PHP-CGI Query String Parameter Vulnerability


Web Client Common
1006631 - Identified File Protocol Handler In HTTP Location Header
1006619 - Microsoft Windows EMF Processing Remote Code Execution Vulnerability (CVE-2015-1645)


Web Client Internet Explorer
1006628 - MSXML Same Origin Policy Security Bypass Vulnerability (CVE-2015-1646)
1005591* - Microsoft Internet Explorer Memory Corruption Vulnerability (CVE-2013-3163)
1006609 - Microsoft Internet Explorer Memory Corruption Vulnerability (CVE-2015-1652)
1006610 - Microsoft Internet Explorer Memory Corruption Vulnerability (CVE-2015-1657)
1006611 - Microsoft Internet Explorer Memory Corruption Vulnerability (CVE-2015-1659)
1006612 - Microsoft Internet Explorer Memory Corruption Vulnerability (CVE-2015-1660)
1006613 - Microsoft Internet Explorer Memory Corruption Vulnerability (CVE-2015-1661)
1006614 - Microsoft Internet Explorer Memory Corruption Vulnerability (CVE-2015-1662)
1006615 - Microsoft Internet Explorer Memory Corruption Vulnerability (CVE-2015-1665)
1006616 - Microsoft Internet Explorer Memory Corruption Vulnerability (CVE-2015-1666)
1006617 - Microsoft Internet Explorer Memory Corruption Vulnerability (CVE-2015-1667)
1006618 - Microsoft Internet Explorer Memory Corruption Vulnerability (CVE-2015-1668)


Web Server IIS
1006629 - Microsoft Windows ASP.NET Information Disclosure Vulnerability (CVE-2015-1648)
1006620 - Microsoft Windows HTTP.sys Remote Code Execution Vulnerability (CVE-2015-1635)


Windows Services RPC Server
1003015* - Microsoft SMB Credential Reflection Vulnerability
1006579* - Microsoft Windows NETLOGON Spoofing Vulnerability (CVE-2015-0005)
1000391* - Microsoft Windows Plug And Play Registry Key Access Buffer Overflow
1000817* - Microsoft Windows Workstation RPC Stack Overflow


Integrity Monitoring Rules:

1003375* - Application - Postfix
1005041* - Malware - Suspicious Microsoft Windows Files Detected


Log Inspection Rules:

There are no new or updated Log Inspection Rules in this Security Update.