Rule Update

15-010 (March 24, 2015)


  DESCRIPTION

* indicates a new version of an existing rule

Deep Packet Inspection Rules:

DHCP Server
1001840* - Restrict DHCP Option Length


Database MySQL
1006262 - MySQL yaSSL Pre-authentication Code Execution Vulnerability


Microsoft Office
1004266* - Identified Suspicious Microsoft Office Document
1006322* - Microsoft Office Bad Index Remote Code Execution Vulnerability (CVE-2014-6334)
1004848* - Microsoft Office Excel Data Initialization Vulnerability (CVE-2011-0105)
1005747* - Microsoft Silverlight Invalid Typecast Memory Disclosure Vulnerability
1006583 - Microsoft Silverlight Invalid Typecast Memory Disclosure Vulnerability (CVE-2013-0074)


NTP Server Linux
1006435* - Network Time Protocol configure() and ctl_putdata() Stack Based Buffer Overflow Vulnerability


OpenSSL
1006541* - Openssl DTLS 'dtls1_buffer_record' Memory Exhaustion Denial Of Service Vulnerability (CVE-2015-0206)


OpenSSL Client
1006546* - OpenSSL ECDHE Downgrade Vulnerability (CVE-2014-3572)


Solr Service
1006448 - Apache Solr SolrResourceLoader Directory Traversal Vulnerability


Web Application PHP Based
1006559* - PHPMoAdmin Unauthorized Remote Code Execution Vulnerability


Web Client Common
1006533* - Adobe Flash Player Buffer Overflow Vulnerability (CVE-2015-0311) - 1
1006286* - Adobe Flash Player Heap Buffer Overflow Vulnerability (CVE-2014-0556)
1006521* - Adobe Flash Player Heap Overflow Vulnerability (CVE-2015-0327)
1006595 - Adobe Flash Player Integer Overflow Vulnerability (CVE-2015-0338)
1006352* - Adobe Flash Player Memory Corruption Vulnerability (CVE-2014-0576)
1006451* - Adobe Flash Player Memory Corruption Vulnerability (CVE-2014-8438)
1006515* - Adobe Flash Player Memory Corruption Vulnerability (CVE-2015-0318)
1006594 - Adobe Flash Player Memory Corruption Vulnerability (CVE-2015-0337)
1006593 - Adobe Flash Player Memory Corruption Vulnerability (CVE-2015-0339)
1006596 - Adobe Flash Player Remote Code Execution Vulnerability (CVE-2015-0332)
1006588 - Adobe Flash Player Remote Code Execution Vulnerability (CVE-2015-0335)
1006589 - Adobe Flash Player Remote Code Execution Vulnerability (CVE-2015-0336)
1006584 - Adobe Flash Player Remote Memory Corruption Vulnerability (CVE-2013-0634) -1
1006592 - Adobe Flash Player Security Bypass Vulnerability (CVE-2015-0340)
1006597 - Adobe Flash Player Type Confusion Vulnerability (CVE-2015-0334)
1006591 - Adobe Flash Player Use After Free Vulnerability (CVE-2015-0341)
1006590 - Adobe Flash Player Use After Free Vulnerability (CVE-2015-0342)
1004866* - Adobe Flex SDK Cross Site Scripting Vulnerability (CVE-2011-2461)
1006551* - Adobe Font Driver Remote Code Execution Vulnerability (CVE-2015-0091)
1006553* - Adobe Font Driver Remote Code Execution Vulnerability (CVE-2015-0092)
1006587 - Adobe Reader And Acrobat U3D File Invalid Array Index Remote Vulnerability (CVE-2009-2990)
1004552* - Adobe TIFF File Vulnerability - 3
1006442* - Identified Suspicious Obfuscated JavaScript - 2
1006599 - Identified Suspicious Obfuscated JavaScript – 3
1005170* - Java Applet Remote Code Execution Vulnerability
1006545 - Microsoft Office CGM Image Converter Buffer Overflow Vulnerability
1006598 - Microsoft Windows DLL Planting Remote Code Execution Vulnerability Over WebDav (CVE-2015-0096)
1004226* - Microsoft Windows Help Centre Malformed Escape Sequences Vulnerability
1006582 - Microsoft Windows Help Centre Malformed Escape Sequences Vulnerability (CVE-2010-1885)
1006577* - Microsoft Windows Text Service Remote Code Execution Vulnerability (CVE-2015-0081)
1006536 - Oracle Java SE Hotspot Object Arbitrary Code Execution Vulnerability (CVE-2015-0395)
1006585 - Oracle Java SE Remote Java Runtime Environment Vulnerability (CVE-2012-0507) -1
1004867* - Oracle Java SE Rhino Script Engine Remote Code Execution Vulnerability
1005924* - Restrict Download Of EICAR Test File Over HTTP


Web Client Internet Explorer
1006603 - Microsoft Internet Explorer CSS Parsing Remote Code Execution (CVE-2010-3971)
1006564* - Microsoft Internet Explorer Memory Corruption Vulnerability (CVE-2015-0099)
1006570* - Microsoft Internet Explorer Memory Corruption Vulnerability (CVE-2015-0100)
1006565* - Microsoft Internet Explorer Memory Corruption Vulnerability (CVE-2015-1622)
1005908* - Microsoft Internet Explorer Remote Code Execution Vulnerability (CVE-2014-0322)
1005911* - Microsoft Internet Explorer Remote Code Execution Vulnerability (CVE-2014-0322) - 3
1006557 - Microsoft Windows Task Scheduler Remote Buffer Overflow Vulnerability
1006324* - Windows OLE Automation Array Remote Code Execution Vulnerability (CVE-2014-6332)


Web Client SSL
1005040* - Identified Revoked Certificate Authority In SSL Traffic


Web Server Apache
1006027* - Apache HTTP Server Denial Of Service Vulnerability (CVE-2014-0098)


Web Server Common
1005434* - Disallow Upload Of A File (Php/Class/Archive)


Windows Services RPC Client
1006554* - Microsoft Windows DLL Planting Remote Code Execution Vulnerability (CVE-2015-0096)
1006558 - Microsoft Windows Task Scheduler Remote Buffer Overflow Vulnerability - 1


Windows Services RPC Server
1006579 - Microsoft Windows NETLOGON Spoofing Vulnerability (CVE-2015-0005)


Integrity Monitoring Rules:

1003019* - Trend Micro Deep Security Agent


Log Inspection Rules:

There are no new or updated Log Inspection Rules in this Security Update.