Rule Update

16-003 (February 9, 2016)


  DESCRIPTION

* indicates a new version of an existing rule

Deep Packet Inspection Rules:

DNS Client
1007402 - ISC BIND APL Data Buffer Overflow Vulnerability (CVE-2015-8704)
1007377 - ISC BIND DNSSEC Key Handler Denial Of Service Vulnerability (CVE-2015-5722)
1007424 - ISC BIND OPT Pseudo-RR Data And ECS Options Denial Of Service Vulnerability (CVE-2015-8705)


Elasticsearch
1007301 - Elasticsearch Remote Code Execution Vulnerability (CVE-2015-5377)


Microsoft Office
1006623* - Microsoft Office Memory Corruption Vulnerability (CVE-2015-1641)
1007418 - Microsoft Office Memory Corruption Vulnerability (CVE-2016-0022)
1007419 - Microsoft Office Memory Corruption Vulnerability (CVE-2016-0052)
1007420 - Microsoft Office Memory Corruption Vulnerability (CVE-2016-0053)
1007421 - Microsoft Office Memory Corruption Vulnerability (CVE-2016-0054)
1007422 - Microsoft Office Memory Corruption Vulnerability (CVE-2016-0055)
1007423 - Microsoft Office Memory Corruption Vulnerability (CVE-2016-0056)


SSL/TLS Server
1007379* - TLS1.2 Signature Hash Algorithm Downgrade Attack Used In SLOTH - Server


TFTP Server
1000966* - TFTP Commands Argument Length And Directory Traversal Restriction


Web Application PHP Based
1007404 - Drupal Core Denial Of Service Vulnerability (CVE-2014-9016)


Web Client Common
1006980* - Adobe Flash Player Integer Overflow Vulnerability (CVE-2015-5560)
1007401 - Google Chrome Same-Origin-Policy Security Bypass Vulnerability (CVE-2015-1267)
1007416 - Microsoft PDF Library Buffer Overflow Vulnerability (CVE-2016-0058)
1007427 - Microsoft Windows DLL Loading Vulnerabilities Over WebDAV (MS16-014)
1007250* - Microsoft Windows Integer Underflow Vulnerability (CVE-2015-6130)
1007417 - Microsoft Windows Journal Memory Corruption vulnerability (CVE-2016-0038)
1007415 - Microsoft Windows Reader Vulnerability (CVE-2016-0046)


Web Client Internet Explorer/Edge
1007431 - Microsoft Edge ASLR Bypass Vulnerability (CVE-2016-0080)
1007378* - Microsoft Edge Memory Corruption Vulnerability (CVE-2016-0024)
1007405 - Microsoft Internet Explorer And Edge Memory Corruption Vulnerability (CVE-2016-0060)
1007406 - Microsoft Internet Explorer And Edge Memory Corruption Vulnerability (CVE-2016-0061)
1007429 - Microsoft Internet Explorer And Edge Memory Corruption Vulnerability (CVE-2016-0062)
1007410 - Microsoft Internet Explorer Elevation Of Privilege Vulnerability (CVE-2016-0068)
1007428 - Microsoft Internet Explorer Information Disclosure Vulnerability (CVE-2016-0059)
1007177* - Microsoft Internet Explorer Memory Corruption Vulnerability (CVE-2015-6086)
1007407 - Microsoft Internet Explorer Memory Corruption Vulnerability (CVE-2016-0063)
1007408 - Microsoft Internet Explorer Memory Corruption Vulnerability (CVE-2016-0064)
1007409 - Microsoft Internet Explorer Memory Corruption Vulnerability (CVE-2016-0067)
1007411 - Microsoft Internet Explorer Memory Corruption Vulnerability (CVE-2016-0071)
1007412 - Microsoft Internet Explorer Memory Corruption Vulnerability (CVE-2016-0072)


Web Client SSL
1006606* - Identified Fraudulent Digital Certificate - 1


Web Server IIS
1007430 - Microsoft .NET Framework Stack Overflow Denial Of Service Vulnerability (CVE-2016-0033)


Windows Services RPC Client
1007381 - Microsoft Windows DLL Loading Vulnerabilities Over Network Share (MS15-132)
1007426 - Microsoft Windows DLL Loading Vulnerabilities Over Network Share (MS16-014)


Integrity Monitoring Rules:

1004950* - Microsoft Visual Studio - New Add-In Created
1003019* - Trend Micro Deep Security Agent / Relay


Log Inspection Rules:

There are no new or updated Log Inspection Rules in this Security Update.