Rule Update
15-016 (May 26, 2015)
DESCRIPTION
* indicates a new version of an existing rule
Deep Packet Inspection Rules:
DHCP Server
1001840* - Restrict DHCP Option Length
Database Oracle
1001141* - Oracle Database Server Core RDBMS Component Denial Of Service
SSL Client
1006740 - Identified SSL/TLS Diffie-Hellman Key Exchange Using Weak Parameters Client
Suspicious Server Application Activity
1003594* - Detected SSL/TLS Server Traffic
Unix Samba
1003999* - Samba MS-RPC Remote Shell Command Execution Vulnerability
Web Application PHP Based
1006656* - Magento Admin Authentication Bypass Vulnerability
Web Application Tomcat
1001074* - Apache Tomcat Cookie Handling Session ID Disclosure
Web Client Common
1006732 - Adobe Acrobat And Reader Multiple JavaScript API Execution Remote Security Bypass Vulnerabilities
1006735 - Adobe Acrobat And Reader Multiple Remote Security Bypass Vulnerabilities
1006719 - Adobe Acrobat And Reader Null Pointer Deference Remote Denial Of Service Vulnerability (CVE-2015-3047)
1006731 - Adobe Acrobat And Reader Remote Security Bypass On JavaScript API Execution
1006736 - Adobe Acrobat And Reader Remote Security Bypass On JavaScript API Execution (CVE-2015-3074)
1006733 - Adobe Acrobat And Reader Remote Security Bypass On JavaScript API Execution Vulnerability (CVE-2015-3069)
1006711 - Adobe Flash Player Heap Overflow Vulnerability (CVE-2015-3088)
1006714 - Adobe Flash Player Information Disclosure Vulnerability (CVE-2015-3091)
1006715 - Adobe Flash Player Information Disclosure Vulnerability (CVE-2015-3092)
1006710 - Adobe Flash Player Integer Overflow Vulnerability (CVE-2015-3087)
1006365* - Adobe Flash Player Memory Corruption Vulnerability (CVE-2014-8440)
1006646* - Adobe Flash Player Memory Corruption Vulnerability (CVE-2015-0359)
1006702 - Adobe Flash Player Memory Corruption Vulnerability (CVE-2015-3078)
1006712 - Adobe Flash Player Memory Corruption Vulnerability (CVE-2015-3089)
1006713 - Adobe Flash Player Memory Corruption Vulnerability (CVE-2015-3090)
1006589* - Adobe Flash Player Remote Code Execution Vulnerability (CVE-2015-0336)
1006301* - Adobe Flash Player Remote Integer Overflow Vulnerability (CVE-2014-0569)
1006701 - Adobe Flash Player Type Confusion Remote Code Execution Vulnerability (CVE-2015-3077)
1006707 - Adobe Flash Player Type Confusion Remote Code Execution Vulnerability (CVE-2015-3084)
1006709 - Adobe Flash Player Type Confusion Remote Code Execution Vulnerability (CVE-2015-3086)
1006468* - Adobe Flash Player Unspecified Vulnerability (CVE-2015-0313)
1006704 - Adobe Flash Player Use After Free Vulnerability (CVE-2015-3080)
1006718 - Adobe Reader And Acrobat Memory Corruption Vulnerability (CVE-2015-3046)
1006721 - Adobe Reader And Acrobat Memory Corruption Vulnerability (CVE-2015-3050)
1006722 - Adobe Reader And Acrobat Memory Corruption Vulnerability (CVE-2015-3051)
1006723 - Adobe Reader And Acrobat Memory Corruption Vulnerability (CVE-2015-3052)
1006727 - Adobe Reader And Acrobat Memory Corruption Vulnerability (CVE-2015-3056)
1006728 - Adobe Reader And Acrobat Memory Corruption Vulnerability (CVE-2015-3057)
1006730 - Adobe Reader And Acrobat Memory Corruption Vulnerability (CVE-2015-3059)
1006734 - Adobe Reader And Acrobat Memory Corruption Vulnerability (CVE-2015-3070)
1006738 - Adobe Reader And Acrobat Memory Corruption Vulnerability (CVE-2015-3076)
1006724 - Adobe Reader And Acrobat Remote Code Execution Vulnerability (CVE-2015-3053)
1006725 - Adobe Reader And Acrobat Remote Code Execution Vulnerability (CVE-2015-3054)
1006726 - Adobe Reader And Acrobat Remote Code Execution Vulnerability (CVE-2015-3055)
1006737 - Adobe Reader And Acrobat Remote Code Execution Vulnerability (CVE-2015-3075)
1005170* - Java Applet Remote Code Execution Vulnerability
1005178* - Java Applet Remote Code Execution Vulnerability - 2
1006739 - Java Applet Remote Code Execution Vulnerability - 3
1001129* - Microsoft DirectX RLE Compressed Targa Image Processing Buffer Overflow
1006443* - Sun Java Runtime Environment Web Start JNLP File Stack Buffer Overflow Vulnerability
Web Client Internet Explorer
1004717* - Identified Suspicious AllowScriptAccess Parameter Of Shockwave Flash Player ActiveX Control
1006668* - Microsoft Internet Explorer Clipboard Information Disclosure Vulnerability (CVE-2015-1692)
1006618* - Microsoft Internet Explorer Memory Corruption Vulnerability (CVE-2015-1668)
1006674* - Microsoft Internet Explorer Memory Corruption Vulnerability (CVE-2015-1705)
1004339* - Microsoft Internet Explorer Uninitialized Memory Corruption Vulnerability
Web Server Apache
1006316 - Apache HTTP Server mod_proxy Reverse Proxy Mode Security Bypass Vulnerability (CVE-2011-4317)
Web Server Common
1005434* - Disallow Upload Of A File (Php/Class/Archive)
Web Server HTTPS
1006741 - Identified SSL/TLS Diffie-Hellman Key Exchange Using Weak Parameters Server
Integrity Monitoring Rules:
There are no new or updated Integrity Monitoring Rules in this Security Update.
Log Inspection Rules:
There are no new or updated Log Inspection Rules in this Security Update.
Deep Packet Inspection Rules:
DHCP Server
1001840* - Restrict DHCP Option Length
Database Oracle
1001141* - Oracle Database Server Core RDBMS Component Denial Of Service
SSL Client
1006740 - Identified SSL/TLS Diffie-Hellman Key Exchange Using Weak Parameters Client
Suspicious Server Application Activity
1003594* - Detected SSL/TLS Server Traffic
Unix Samba
1003999* - Samba MS-RPC Remote Shell Command Execution Vulnerability
Web Application PHP Based
1006656* - Magento Admin Authentication Bypass Vulnerability
Web Application Tomcat
1001074* - Apache Tomcat Cookie Handling Session ID Disclosure
Web Client Common
1006732 - Adobe Acrobat And Reader Multiple JavaScript API Execution Remote Security Bypass Vulnerabilities
1006735 - Adobe Acrobat And Reader Multiple Remote Security Bypass Vulnerabilities
1006719 - Adobe Acrobat And Reader Null Pointer Deference Remote Denial Of Service Vulnerability (CVE-2015-3047)
1006731 - Adobe Acrobat And Reader Remote Security Bypass On JavaScript API Execution
1006736 - Adobe Acrobat And Reader Remote Security Bypass On JavaScript API Execution (CVE-2015-3074)
1006733 - Adobe Acrobat And Reader Remote Security Bypass On JavaScript API Execution Vulnerability (CVE-2015-3069)
1006711 - Adobe Flash Player Heap Overflow Vulnerability (CVE-2015-3088)
1006714 - Adobe Flash Player Information Disclosure Vulnerability (CVE-2015-3091)
1006715 - Adobe Flash Player Information Disclosure Vulnerability (CVE-2015-3092)
1006710 - Adobe Flash Player Integer Overflow Vulnerability (CVE-2015-3087)
1006365* - Adobe Flash Player Memory Corruption Vulnerability (CVE-2014-8440)
1006646* - Adobe Flash Player Memory Corruption Vulnerability (CVE-2015-0359)
1006702 - Adobe Flash Player Memory Corruption Vulnerability (CVE-2015-3078)
1006712 - Adobe Flash Player Memory Corruption Vulnerability (CVE-2015-3089)
1006713 - Adobe Flash Player Memory Corruption Vulnerability (CVE-2015-3090)
1006589* - Adobe Flash Player Remote Code Execution Vulnerability (CVE-2015-0336)
1006301* - Adobe Flash Player Remote Integer Overflow Vulnerability (CVE-2014-0569)
1006701 - Adobe Flash Player Type Confusion Remote Code Execution Vulnerability (CVE-2015-3077)
1006707 - Adobe Flash Player Type Confusion Remote Code Execution Vulnerability (CVE-2015-3084)
1006709 - Adobe Flash Player Type Confusion Remote Code Execution Vulnerability (CVE-2015-3086)
1006468* - Adobe Flash Player Unspecified Vulnerability (CVE-2015-0313)
1006704 - Adobe Flash Player Use After Free Vulnerability (CVE-2015-3080)
1006718 - Adobe Reader And Acrobat Memory Corruption Vulnerability (CVE-2015-3046)
1006721 - Adobe Reader And Acrobat Memory Corruption Vulnerability (CVE-2015-3050)
1006722 - Adobe Reader And Acrobat Memory Corruption Vulnerability (CVE-2015-3051)
1006723 - Adobe Reader And Acrobat Memory Corruption Vulnerability (CVE-2015-3052)
1006727 - Adobe Reader And Acrobat Memory Corruption Vulnerability (CVE-2015-3056)
1006728 - Adobe Reader And Acrobat Memory Corruption Vulnerability (CVE-2015-3057)
1006730 - Adobe Reader And Acrobat Memory Corruption Vulnerability (CVE-2015-3059)
1006734 - Adobe Reader And Acrobat Memory Corruption Vulnerability (CVE-2015-3070)
1006738 - Adobe Reader And Acrobat Memory Corruption Vulnerability (CVE-2015-3076)
1006724 - Adobe Reader And Acrobat Remote Code Execution Vulnerability (CVE-2015-3053)
1006725 - Adobe Reader And Acrobat Remote Code Execution Vulnerability (CVE-2015-3054)
1006726 - Adobe Reader And Acrobat Remote Code Execution Vulnerability (CVE-2015-3055)
1006737 - Adobe Reader And Acrobat Remote Code Execution Vulnerability (CVE-2015-3075)
1005170* - Java Applet Remote Code Execution Vulnerability
1005178* - Java Applet Remote Code Execution Vulnerability - 2
1006739 - Java Applet Remote Code Execution Vulnerability - 3
1001129* - Microsoft DirectX RLE Compressed Targa Image Processing Buffer Overflow
1006443* - Sun Java Runtime Environment Web Start JNLP File Stack Buffer Overflow Vulnerability
Web Client Internet Explorer
1004717* - Identified Suspicious AllowScriptAccess Parameter Of Shockwave Flash Player ActiveX Control
1006668* - Microsoft Internet Explorer Clipboard Information Disclosure Vulnerability (CVE-2015-1692)
1006618* - Microsoft Internet Explorer Memory Corruption Vulnerability (CVE-2015-1668)
1006674* - Microsoft Internet Explorer Memory Corruption Vulnerability (CVE-2015-1705)
1004339* - Microsoft Internet Explorer Uninitialized Memory Corruption Vulnerability
Web Server Apache
1006316 - Apache HTTP Server mod_proxy Reverse Proxy Mode Security Bypass Vulnerability (CVE-2011-4317)
Web Server Common
1005434* - Disallow Upload Of A File (Php/Class/Archive)
Web Server HTTPS
1006741 - Identified SSL/TLS Diffie-Hellman Key Exchange Using Weak Parameters Server
Integrity Monitoring Rules:
There are no new or updated Integrity Monitoring Rules in this Security Update.
Log Inspection Rules:
There are no new or updated Log Inspection Rules in this Security Update.
Featured Stories
Unveiling AI Agent Vulnerabilities Part V: Securing LLM ServicesTo conclude our series on agentic AI, this article examines emerging vulnerabilities that threaten AI agents, focusing on providing proactive security recommendations on areas such as code execution, data exfiltration, and database access.Read more
Unveiling AI Agent Vulnerabilities Part IV: Database Access VulnerabilitiesHow can attackers exploit weaknesses in database-enabled AI agents? This research explores how SQL generation vulnerabilities, stored prompt injection, and vector store poisoning can be weaponized by attackers for fraudulent activities.Read more
The Mirage of AI Programming: Hallucinations and Code IntegrityThe adoption of large language models (LLMs) and Generative Pre-trained Transformers (GPTs), such as ChatGPT, by leading firms like Microsoft, Nuance, Mix and Google CCAI Insights, drives the industry towards a series of transformative changes. As the use of these new technologies becomes prevalent, it is important to understand their key behavior, advantages, and the risks they present.Read more
Open RAN: Attack of the xAppsThis article discusses two O-RAN vulnerabilities that attackers can exploit. One vulnerability stems from insufficient access control, and the other arises from faulty message handlingRead more