Rule Update

15-034 (November 10, 2015)


  DESCRIPTION

* indicates a new version of an existing rule

Deep Packet Inspection Rules:

DNS Client
1006909* - ISC BIND Zone Query Handler Denial Of Service Vulnerability


Microsoft Office
1007166 - Microsoft Office Memory Corruption Vulnerability (CVE-2015-6038)
1007167 - Microsoft Office Memory Corruption Vulnerability (CVE-2015-6091)
1007168 - Microsoft Office Memory Corruption Vulnerability (CVE-2015-6092)
1007183 - Microsoft Office Memory Corruption Vulnerability (CVE-2015-6093)
1007169 - Microsoft Office Memory Corruption Vulnerability (CVE-2015-6094)


OpenSSL
1007072 - GNU Libtasn1 'decoding.c' Heap Buffer Overflow Vulnerability (CVE-2015-3622)


Web Application Common
1007170 - Identified Suspicious China Chopper Webshell Communication


Web Application PHP Based
1007138 - Restrict WordPress XMLRPC 'system.multicall' Request
1007135 - WordPress XMLRPC 'system.multicall' Brute Force Amplification Attack


Web Application Tomcat
1004708* - Apache Tomcat NIO Connector Denial Of Service Vulnerability


Web Client Common
1007165 - Adobe Acrobat And Reader Buffer Overflow Vulnerability (CVE-2015-6692)
1006912* - Adobe Flash Player Use After Free Vulnerability (CVE-2015-3124)
1007119* - Identified Malicious Adobe Flash SWF File - 2
1007160 - Microsoft Windows Graphics Memory Remote Code Execution Vulnerability (CVE-2015-6103)
1007161 - Microsoft Windows Graphics Memory Remote Code Execution Vulnerability (CVE-2015-6104)
1007159 - Microsoft Windows Journal Heap Overflow Vulnerability (CVE-2015-6097)
1006433* - Microsoft Windows OLE Remote Code Execution Vulnerability - 3
1006997 - Multiple Browser libjpeg-turbo Memory Corruption Vulnerability
1007056 - Oracle Java Runtime Environment Type2BuildChar Function Memory Disclosure Vulnerability (CVE-2015-2619)
1007162 - Oracle Java SE Remote Security Bypass Vulnerability (CVE-2015-4902)
1007019 - Oracle Java SE True Type Font Heap Corruption Vulnerability


Web Client Internet Explorer
1007097* - Microsoft Internet Explorer Memory Corruption Vulnerability (CVE-2015-6042)
1007100* - Microsoft Internet Explorer Memory Corruption Vulnerability (CVE-2015-6049)
1007139 - Microsoft Internet Explorer Memory Corruption Vulnerability (CVE-2015-6064)
1007140 - Microsoft Internet Explorer Memory Corruption Vulnerability (CVE-2015-6065)
1007141 - Microsoft Internet Explorer Memory Corruption Vulnerability (CVE-2015-6066)
1007142 - Microsoft Internet Explorer Memory Corruption Vulnerability (CVE-2015-6068)
1007143 - Microsoft Internet Explorer Memory Corruption Vulnerability (CVE-2015-6070)
1007144 - Microsoft Internet Explorer Memory Corruption Vulnerability (CVE-2015-6071)
1007145 - Microsoft Internet Explorer Memory Corruption Vulnerability (CVE-2015-6072)
1007146 - Microsoft Internet Explorer Memory Corruption Vulnerability (CVE-2015-6073)
1007147 - Microsoft Internet Explorer Memory Corruption Vulnerability (CVE-2015-6075)
1007148 - Microsoft Internet Explorer Memory Corruption Vulnerability (CVE-2015-6076)
1007149 - Microsoft Internet Explorer Memory Corruption Vulnerability (CVE-2015-6077)
1007150 - Microsoft Internet Explorer Memory Corruption Vulnerability (CVE-2015-6078)
1007151 - Microsoft Internet Explorer Memory Corruption Vulnerability (CVE-2015-6079)
1007152 - Microsoft Internet Explorer Memory Corruption Vulnerability (CVE-2015-6080)
1007153 - Microsoft Internet Explorer Memory Corruption Vulnerability (CVE-2015-6081)
1007154 - Microsoft Internet Explorer Memory Corruption Vulnerability (CVE-2015-6082)
1007155 - Microsoft Internet Explorer Memory Corruption Vulnerability (CVE-2015-6084)
1007156 - Microsoft Internet Explorer Memory Corruption Vulnerability (CVE-2015-6085)
1007177 - Microsoft Internet Explorer Memory Corruption Vulnerability (CVE-2015-6086)
1007157 - Microsoft Internet Explorer Memory Corruption Vulnerability (CVE-2015-6087)
1007180 - Microsoft Internet Explorer Memory Corruption Vulnerability (CVE-2015-6088)
1007158 - Microsoft Internet Explorer Scripting Engine Memory Corruption Vulnerability (CVE-2015-6089)
1007105* - Microsoft Windows Shell Tablet Input Band Use After Free Vulnerability (CVE-2015-2548)


Web Client SSL
1003779* - Null Truncation In X.509 Common Name Spoofing Vulnerability


Web Server Apache
1001028* - Apache HTTP Server Mod_Cache Denial Of Service Vulnerability


Web Server Miscellaneous
1000568* - Absolute Path Traversal Vulnerability In Easy File Sharing Web Server
1006700* - Apache CouchDB "_uuids" Request Denial Of Service Vulnerability


Integrity Monitoring Rules:

There are no new or updated Integrity Monitoring Rules in this Security Update.


Log Inspection Rules:

There are no new or updated Log Inspection Rules in this Security Update.