Rule Update

17-009 (February 28, 2017)


  DESCRIPTION

* indicates a new version of an existing rule

Deep Packet Inspection Rules:

Backup Server IBM Tivoli Storage Manager FastBack Server
1007356* - IBM Tivoli Storage Manager FastBack Server Buffer Overflow Vulnerability (CVE-2015-1924)


Database Oracle
1003340* - Oracle Database Trigger MDSYS.SDO_TOPO_DROP_FTBL SQL Injection


Microsoft Office
1004311* - Identified Suspicious Microsoft PowerPoint Document


VoIP Smart
1008087* - IBM WebSphere Application Server SIP Processing DoS Vulnerability (CVE-2016-2960)


Web Application Common
1000608* - Generic SQL Injection Prevention


Web Application PHP Based
1008144 - PHP Remote Code Execution Vulnerability (CVE-2017-5340)


Web Client Common
1004335* - Apple QuickTime 'QuickTimeStreaming.qtx' Remote Stack Buffer Overflow
1008185 - Identified Suspicious Obfuscated PDF Document
1008028 - Microsoft Windows File Manager Remote Code Execution Vulnerability (CVE-2016-7212)
1008147 - Microsoft Windows RPC Network Data Representation Engine Remote Code Execution Vulnerability (CVE-2016-0178)


Web Client Mozilla Firefox
1007061* - Mozilla Firefox Arbitrary JavaScript Code Execution
1007062* - Mozilla Firefox Arbitrary JavaScript Execution Vulnerability (CVE-2015-0802)
1008052* - Mozilla Firefox SVG Animation Use After Free Vulnerability (CVE-2016-9079)


Web Server Adobe ColdFusion
1008113 - Adobe ColdFusion OOXML XXE Information Disclosure Vulnerability (CVE-2016-4264)


Web Server Common
1005671* - PHP SSL Module "subjectAltNames" NULL Byte Handling Security Vulnerability


Integrity Monitoring Rules:

There are no new or updated Integrity Monitoring Rules in this Security Update.


Log Inspection Rules:

There are no new or updated Log Inspection Rules in this Security Update.