Rule Update

19-035 (June 25, 2019)


  DESCRIPTION

* indicates a new version of an existing rule

Deep Packet Inspection Rules:

DNS Server
1009474 - PowerDNS Recursor Out Of Bounds Read Denial Of Service Vulnerability (CVE-2018-16855)


IBM WebSphere Application Server
1009803* - IBM Websphere Application Server Remote Code Execution Vulnerability (CVE-2019-4279)


Jenkins Remoting
1009436* - Jenkins Remote Code Execution Vulnerability (CVE-2015-8103)


Mail Server Exim
1009747* - MailCarrier Remote Code Execution Vulnerability (CVE-2004-1638)


Web Application Common
1009630 - DotNetNuke Remote Code Execution Vulnerability (CVE-2017-9822)
1009687* - Ghostscript Remote Code Execution Vulnerability (CVE-2016-10218) - 1
1009531* - Jenkins CI Server Groovy Plugin Sandbox Bypass Vulnerability (CVE-2019-1003000)
1009761 - Microsoft Exchange Memory Corruption Vulnerability (CVE-2018-8302)
1009751* - WordPress PayPal Checkout Payment Gateway Plugin Parameter Tampering Vulnerability (CVE-2019-7441)


Web Application PHP Based
1009795* - Pimcore Unserialize Remote Code Execution Vulnerability (CVE-2019-10867)


Web Client Common
1009440* - Adobe Acrobat And Reader Multiple Security Vulnerabilities (APSB18-41) - 4
1009442* - Adobe Acrobat And Reader Multiple Security Vulnerabilities (APSB18-41) - 7
1009823 - Microsoft Windows ActiveX Data Objects (ADO) Remote Code Execution Vulnerability (CVE-2019-0888)
1009759* - Microsoft Windows GDI Information Disclosure Vulnerability (CVE-2019-0961)
1009808 - Microsoft Windows GDI Information Disclosure Vulnerability (CVE-2019-0968)
1009809 - Microsoft Windows GDI Information Disclosure Vulnerability (CVE-2019-0977 and CVE-2019-1047)
1009818 - Microsoft Windows GDI Information Disclosure Vulnerability (CVE-2019-1009)
1009821 - Microsoft Windows GDI Information Disclosure Vulnerability (CVE-2019-1010)
1009807 - Microsoft Windows GDI Information Disclosure Vulnerability (CVE-2019-1011)
1009812 - Microsoft Windows GDI Information Disclosure Vulnerability (CVE-2019-1012)
1009824 - Microsoft Windows GDI Information Disclosure Vulnerability (CVE-2019-1013)
1009813 - Microsoft Windows GDI Information Disclosure Vulnerability (CVE-2019-1015)
1009810 - Microsoft Windows GDI Information Disclosure Vulnerability (CVE-2019-1016)
1009822 - Microsoft Windows GDI Information Disclosure Vulnerability (CVE-2019-1046)
1009819 - Microsoft Windows GDI Information Disclosure Vulnerability (CVE-2019-1048)
1009817 - Microsoft Windows GDI Information Disclosure Vulnerability (CVE-2019-1049)
1009820 - Microsoft Windows GDI Information Disclosure Vulnerability (CVE-2019-1050)
1009825 - Microsoft Windows Graphics Information Disclosure Vulnerability (CVE-2017-8533)
1009067* - Microsoft Windows VBScript Engine Remote Code Execution Vulnerability (CVE-2018-8174)
1009489* - Microsoft Windows Vcf And Contact File Insufficient UI Warning Remote Code Execution Vulnerability
1009772 - Microsoft Word Remote Code Execution Vulnerability (CVE-2018-8573)
1009814 - Microsoft Word Remote Code Execution Vulnerability (CVE-2019-1034)
1009815 - Microsoft Word Remote Code Execution Vulnerability (CVE-2019-1035)


Web Client Internet Explorer/Edge
1009430* - Microsoft Internet Explorer Remote Code Execution Vulnerability (CVE-2018-8625)


Web Server IIS
1009346* - Microsoft IIS MDAC 'msadcs.dll' RDS DataStub Content-Type Heap Overflow Vulnerability (CVE-2002-1142)


Web Server RealVNC
1009386* - VMware VNC VMWDynResolution Heap Buffer Overflow Vulnerability (CVE-2017-4933)


Web Server SharePoint
1009706* - Microsoft Windows OData Library Denial Of Service Vulnerability (CVE-2018-8269)


Zoho ManageEngine
1009470* - Zoho ManageEngine OpManager DataMigrationServlet Insecure Deserialization Vulnerability (CVE-2018-19403)


Integrity Monitoring Rules:

There are no new or updated Integrity Monitoring Rules in this Security Update.


Log Inspection Rules:

There are no new or updated Log Inspection Rules in this Security Update.