Rule Update

15-016 (May 26, 2015)


  DESCRIPTION

* indicates a new version of an existing rule

Deep Packet Inspection Rules:

DHCP Server
1001840* - Restrict DHCP Option Length


Database Oracle
1001141* - Oracle Database Server Core RDBMS Component Denial Of Service


SSL Client
1006740 - Identified SSL/TLS Diffie-Hellman Key Exchange Using Weak Parameters Client


Suspicious Server Application Activity
1003594* - Detected SSL/TLS Server Traffic


Unix Samba
1003999* - Samba MS-RPC Remote Shell Command Execution Vulnerability


Web Application PHP Based
1006656* - Magento Admin Authentication Bypass Vulnerability


Web Application Tomcat
1001074* - Apache Tomcat Cookie Handling Session ID Disclosure


Web Client Common
1006732 - Adobe Acrobat And Reader Multiple JavaScript API Execution Remote Security Bypass Vulnerabilities
1006735 - Adobe Acrobat And Reader Multiple Remote Security Bypass Vulnerabilities
1006719 - Adobe Acrobat And Reader Null Pointer Deference Remote Denial Of Service Vulnerability (CVE-2015-3047)
1006731 - Adobe Acrobat And Reader Remote Security Bypass On JavaScript API Execution
1006736 - Adobe Acrobat And Reader Remote Security Bypass On JavaScript API Execution (CVE-2015-3074)
1006733 - Adobe Acrobat And Reader Remote Security Bypass On JavaScript API Execution Vulnerability (CVE-2015-3069)
1006711 - Adobe Flash Player Heap Overflow Vulnerability (CVE-2015-3088)
1006714 - Adobe Flash Player Information Disclosure Vulnerability (CVE-2015-3091)
1006715 - Adobe Flash Player Information Disclosure Vulnerability (CVE-2015-3092)
1006710 - Adobe Flash Player Integer Overflow Vulnerability (CVE-2015-3087)
1006365* - Adobe Flash Player Memory Corruption Vulnerability (CVE-2014-8440)
1006646* - Adobe Flash Player Memory Corruption Vulnerability (CVE-2015-0359)
1006702 - Adobe Flash Player Memory Corruption Vulnerability (CVE-2015-3078)
1006712 - Adobe Flash Player Memory Corruption Vulnerability (CVE-2015-3089)
1006713 - Adobe Flash Player Memory Corruption Vulnerability (CVE-2015-3090)
1006589* - Adobe Flash Player Remote Code Execution Vulnerability (CVE-2015-0336)
1006301* - Adobe Flash Player Remote Integer Overflow Vulnerability (CVE-2014-0569)
1006701 - Adobe Flash Player Type Confusion Remote Code Execution Vulnerability (CVE-2015-3077)
1006707 - Adobe Flash Player Type Confusion Remote Code Execution Vulnerability (CVE-2015-3084)
1006709 - Adobe Flash Player Type Confusion Remote Code Execution Vulnerability (CVE-2015-3086)
1006468* - Adobe Flash Player Unspecified Vulnerability (CVE-2015-0313)
1006704 - Adobe Flash Player Use After Free Vulnerability (CVE-2015-3080)
1006718 - Adobe Reader And Acrobat Memory Corruption Vulnerability (CVE-2015-3046)
1006721 - Adobe Reader And Acrobat Memory Corruption Vulnerability (CVE-2015-3050)
1006722 - Adobe Reader And Acrobat Memory Corruption Vulnerability (CVE-2015-3051)
1006723 - Adobe Reader And Acrobat Memory Corruption Vulnerability (CVE-2015-3052)
1006727 - Adobe Reader And Acrobat Memory Corruption Vulnerability (CVE-2015-3056)
1006728 - Adobe Reader And Acrobat Memory Corruption Vulnerability (CVE-2015-3057)
1006730 - Adobe Reader And Acrobat Memory Corruption Vulnerability (CVE-2015-3059)
1006734 - Adobe Reader And Acrobat Memory Corruption Vulnerability (CVE-2015-3070)
1006738 - Adobe Reader And Acrobat Memory Corruption Vulnerability (CVE-2015-3076)
1006724 - Adobe Reader And Acrobat Remote Code Execution Vulnerability (CVE-2015-3053)
1006725 - Adobe Reader And Acrobat Remote Code Execution Vulnerability (CVE-2015-3054)
1006726 - Adobe Reader And Acrobat Remote Code Execution Vulnerability (CVE-2015-3055)
1006737 - Adobe Reader And Acrobat Remote Code Execution Vulnerability (CVE-2015-3075)
1005170* - Java Applet Remote Code Execution Vulnerability
1005178* - Java Applet Remote Code Execution Vulnerability - 2
1006739 - Java Applet Remote Code Execution Vulnerability - 3
1001129* - Microsoft DirectX RLE Compressed Targa Image Processing Buffer Overflow
1006443* - Sun Java Runtime Environment Web Start JNLP File Stack Buffer Overflow Vulnerability


Web Client Internet Explorer
1004717* - Identified Suspicious AllowScriptAccess Parameter Of Shockwave Flash Player ActiveX Control
1006668* - Microsoft Internet Explorer Clipboard Information Disclosure Vulnerability (CVE-2015-1692)
1006618* - Microsoft Internet Explorer Memory Corruption Vulnerability (CVE-2015-1668)
1006674* - Microsoft Internet Explorer Memory Corruption Vulnerability (CVE-2015-1705)
1004339* - Microsoft Internet Explorer Uninitialized Memory Corruption Vulnerability


Web Server Apache
1006316 - Apache HTTP Server mod_proxy Reverse Proxy Mode Security Bypass Vulnerability (CVE-2011-4317)


Web Server Common
1005434* - Disallow Upload Of A File (Php/Class/Archive)


Web Server HTTPS
1006741 - Identified SSL/TLS Diffie-Hellman Key Exchange Using Weak Parameters Server


Integrity Monitoring Rules:

There are no new or updated Integrity Monitoring Rules in this Security Update.


Log Inspection Rules:

There are no new or updated Log Inspection Rules in this Security Update.