Rule Update
15-020 (July 7, 2015)
DESCRIPTION
* indicates a new version of an existing rule
Deep Packet Inspection Rules:
Microsoft Office
1006370* - Microsoft Word Use After Free Remote Code Execution Vulnerability (CVE-2014-6357)
Web Client Common
1004079* - Adobe Acrobat And Reader CFF Encodings Handling Heap Overflow Vulnerability
1003916* - Adobe Acrobat And Reader JpxDecode Memory Corruption
1003291* - Adobe Acrobat And Reader PDF File Handling Remote Code Execution Vulnerability
1003405* - Adobe Acrobat JavaScript getIcon Method Buffer Overflow
1003056* - Adobe Acrobat PDF Javascript getCosObj Memory Corruption
1003848* - Adobe Acrobat Reader U3D CLODMeshContinuation Code Execution
1006824 - Adobe Flash ActionScript3 ByteArray Use After Free Vulnerability
1003186* - Adobe Flash Player For Linux ActionScript ASnative Command Execution
1006810* - Adobe Flash Player Heap Buffer Overflow Vulnerability (CVE-2015-3113)
1006451* - Adobe Flash Player Memory Corruption Vulnerability (CVE-2014-8438)
1002445* - Adobe Multiple Products BMP Image Header Handling Buffer Overflow
1004191* - Adobe Photoshop Remote Code Execution
1003803* - Adobe Reader And Acrobat U3D 'CLODMeshDeclaration' Buffer Overflow Vulnerability
1004857* - Adobe Reader And Acrobat U3D TIFF Resource Buffer Overflow Vulnerability (CVE-2011-2432)
1004506* - Adobe Reader Doc.printSeps() Memory Corruption Vulnerability
1004167* - Adobe Shockwave Director PAMI Chunk Remote Code Execution Vulnerability
1004422* - Adobe Shockwave Director tSAC Chunk Memory Corruption
1004448* - Adobe Shockwave Director tSAC Chunk Remote Code Execution Vulnerability
1004494* - Adobe Shockwave Player 'dirapi.dll' Memory Corruption Vulnerability
1004517* - Adobe Shockwave Player 'dirapi.dll' Stack Overflow Vulnerability
1004287* - Adobe Shockwave Player 3D Parsing Memory Corruption Vulnerability
1003596* - Adobe Shockwave Player Director File Parsing Remote Code Execution Vulnerability
1004713* - Adobe Shockwave Player Memory Corruption (CVE-2011-2111)
1004552* - Adobe TIFF File Vulnerability - 3
1004335* - Apple QuickTime 'QuickTimeStreaming.qtx' Remote Stack Buffer Overflow
1002533* - Apple QuickTime Embedded Pascal Style Remote Integer Overflow
1003722* - Apple QuickTime FlashPix Sector Size Overflow Vulnerability
1002532* - Apple QuickTime Image Descriptor (IDSC) Atom Remote Memory Corruption Vulnerability
1003543* - Apple QuickTime Movie File Clipping Region Handling Heap Buffer Overflow
1003551* - Apple QuickTime PICT Image paintPoly Parsing Heap Buffer Overflow
1005251* - Apple QuickTime Targa Image Parsing Buffer Overflow Vulnerability
1003394* - BitDefender Internet Security Script Code Execution
1001009* - CA Product AV Engine CAB Header Parsing Stack Overflow
1004356* - Cinepak Codec Decompression Vulnerability
1004872* - Cisco WebEx Player ATAS32.DLL linesProcessed Remote Code Execution Vulnerability
1003163* - ClamAV 'get_unicode_name()' Off-By-One Heap Based Buffer Overflow
1002867* - ClamAV CHM Processing Denial Of Service
1003981* - DirectShow Heap Overflow Vulnerability
1003747* - FFmpeg vmd_read_header Integer Overflow
1004375* - Flash Movie Player File Magic Denial Of Service Vulnerability
1003114* - GDI Integer Overflow Vulnerability
1004651* - GDI+ Integer Overflow Vulnerability (CVE-2011-0041)
1003773* - GDI+ PNG Integer Overflow Vulnerability
1003775* - GDI+ TIFF Buffer Overflow Vulnerability
1002683* - GNOME Project libxslt Library RC4 Key String Buffer Overflow
1003749* - Google Apps 'googleapps.url.mailto' Handler Command Injection Vulnerability
1004080* - Google Chrome Invalid FTP Server Response Remote Denial Of Service Vulnerability Helper
1004278* - LibTIFF 'td_stripbytecount' NULL Pointer Dereference Remote Denial Of Service Vulnerability
1004329* - Libpng Memory Corruption And Memory Leak Vulnerability
1005403* - Libxml2 Entity Expansion Denial Of Service Vulnerability
1003431* - MJPEG Decompression Vulnerability
1004217* - MJPEG Media Decompression Vulnerability
1004354* - MPEG Layer-3 Audio Decoder Buffer Overflow Vulnerability
1004093* - MPEG Layer-3 Audio Decoder Stack Overflow Vulnerability
1004397* - MPEG-4 Codec Vulnerability
1003675* - Malformed AVI Header Vulnerability
1004223* - Media Decompression Vulnerability
1004319* - Media Player Classic DoS Vulnerability
1000849* - Microsoft Agent Memory Corruption Vulnerability
1000947* - Microsoft Antivirus Engine PDF File Remote Code Execution
1002590* - Microsoft DirectX Crafted MJPEG Stream Handling Code Execution
1003529* - Microsoft DirectX DirectShow QuickTime Video Remote Code Execution Vulnerability
1001249* - Microsoft DirectX Parsing SAMI File Code Execution Vulnerability
1001129* - Microsoft DirectX RLE Compressed Targa Image Processing Buffer Overflow
1001246* - Microsoft DirectX WAV File Parsing Code Execution Vulnerability
1003406* - Microsoft GDI+ EMF 'GpFont.SetData()' Buffer Overflow
1005016* - Microsoft GDI+ Record Type Vulnerability (CVE-2012-0165)
1000936* - Microsoft Help Workshop HPJ File Handling Buffer Overflow
1000948* - Microsoft OLE Dialog Code Execution Vulnerability
1002627* - Microsoft SQL Server Memory Corruption Vulnerability
1001007* - Microsoft Visio Version Validation Remote Code Execution
1000206* - Microsoft Visual Studio "dbp/sln" File Handling Buffer Overflow
1001096* - Microsoft Visual Studio Crystal Reports RPT Processing Buffer Overflow
1004038* - Microsoft Windows '.ani' File 'tagBITMAPINFOHEADER' Denial Of Service Vulnerability
1004562* - Microsoft Windows 'CreateSizedDIBSECTION()' Thumbnail View Stack Buffer Overflow Vulnerability
1000976* - Microsoft Windows ANI File Remote Code Execution
1004582* - Microsoft Windows Fax Cover Page Editor Memory Corruption
1004555* - Microsoft Windows Fax Cover Page Editor Remote Code Execution
1002757* - Microsoft Windows GDI+ BMP Integer Overflow Vulnerability
1002372* - Microsoft Windows GDI+ EMF Remote Code Execution
1001045* - Microsoft Windows GDI+ ICO File DoS
1002762* - Microsoft Windows GDI+ WMF Buffer Overrun Vulnerability
1001066* - Microsoft Windows Graphics Rendering Engine Image Handling Vulnerability
1001248* - Microsoft Windows Media Format ASF Parsing Remote Code Execution
1001252* - Microsoft Windows Media Player MP4 File Stack Overflow
1001068* - Microsoft Windows Media Player Remote Code Execution
1000182* - Microsoft Windows Metafile Integer Overflow Vulnerability
1002622* - Microsoft Windows Saved Search Remote Code Execution
1004302* - Microsoft Windows Shortcut Remote Code Execution
1001032* - Microsoft Windows URI Handler Registration Vulnerability
1001069* - Microsoft Windows Vista Feed Headlines Gadget Code Execution
1001137* - Microsoft vCard URL Handling Vulnerability
1004349* - Movie Maker Memory Corruption Vulnerability
1004928* - Msvcrt.dll Buffer Overflow Vulnerability (CVE-2012-0150)
1003541* - Multiple Products libxml2 XML File Processing Long Entity Name Buffer Overflow
1003703* - OpenOffice Word Document Table Parsing Heap Overflow
1004024* - OpenOffice.org Microsoft Word File sprmTSetBrc Processing Buffer Overflow
1004541* - OpenType Font File CFF table Code Execution Vulnerability
1004538* - OpenType Font File CMAP Table Paring Vulnerability
1004485* - OpenType Font Parsing Vulnerability
1004621* - Oracle Java 'Applet2ClassLoader' Class Unsigned Applet Remote Code Execution Vulnerability
1004932* - Oracle Java SE Deployment Component Unspecified Remote Code Execution
1004614* - Real Networks RealPlayer '.AVI' File Parsing Buffer Overflow
1004868* - RealNetwork RealPlayer MPG Width Integer Underflow Remote Code Execution Vulnerability
1002746* - RealNetworks Multiple Products SMIL Wallclock Stack Overflow
1002750* - RealNetworks RealPlayer Invalid Chunk Size Heap Overflow Vulnerability
1002745* - RealNetworks RealPlayer Multiple Products RA File Processing Heap Overflow
1005849* - RealNetworks RealPlayer Stack Based Buffer Overflow Vulnerability
1004781* - RealNetworks Realplayer QCP Parsing Remote Code Execution Vulnerability
1002571* - SAMI Format Parsing Vulnerability
1002291* - Sun Java Web Start Charset Encoding Stack Buffer Overflow
1002653* - Sun Java Web Start JNLP java-vm-args Heap Buffer Overflow
1002649* - Sun Java Web Start JNLP vm args Stack Overflow
1004543* - TIFF Image Converter Buffer Overflow Vulnerability
1004546* - TIFF Image Converter Heap Overflow Vulnerability
1003603* - VLC Media Player 'smb://' URI Handling Remote Buffer Overflow Vulnerability
1002630* - VideoLAN VLC Media Player WAV Processing Integer Overflow
1003201* - VideoLAN VLC real.c ReadRealIndex Real Demuxer Integer Overflow
1001637* - WebDAV Mini-Redirector Remote Code Execution
1003825* - Win32k EOT Parsing Vulnerability
1003823* - Win32k TTF Parsing Vulnerability
1004844* - Winamp AMF File Handling Overflow
1004845* - Winamp Midi File Handling Overflow
1003710* - Windows Media Playback Memory Corruption Vulnerability
1003760* - Windows Media Runtime Voice Sample Rate Vulnerability
1003116* - Windows Saved Search Vulnerability
1003115* - Windows Search Parsing Vulnerability
1003785* - Xpdf Splash DrawImage Integer Overflow
1004753* - libsndfile PAF File Processing Integer Overflow
Web Client Internet Explorer
1003267* - Microsoft Internet Explorer Uninitialized Memory Corruption
Web Server Common
1004859* - Disallowed HTTP header
Web Server Miscellaneous
1006744* - Jetty Httpd HttpParser Memory Information Disclosure Vulnerability (CVE-2015-2080)
Windows Services RPC Client
1006558* - Microsoft Windows Task Scheduler Remote Buffer Overflow Vulnerability - 1
Windows Services RPC Server
1000735* - Microsoft Windows Server Service Remote Code Execution
Integrity Monitoring Rules:
There are no new or updated Integrity Monitoring Rules in this Security Update.
Log Inspection Rules:
There are no new or updated Log Inspection Rules in this Security Update.
Deep Packet Inspection Rules:
Microsoft Office
1006370* - Microsoft Word Use After Free Remote Code Execution Vulnerability (CVE-2014-6357)
Web Client Common
1004079* - Adobe Acrobat And Reader CFF Encodings Handling Heap Overflow Vulnerability
1003916* - Adobe Acrobat And Reader JpxDecode Memory Corruption
1003291* - Adobe Acrobat And Reader PDF File Handling Remote Code Execution Vulnerability
1003405* - Adobe Acrobat JavaScript getIcon Method Buffer Overflow
1003056* - Adobe Acrobat PDF Javascript getCosObj Memory Corruption
1003848* - Adobe Acrobat Reader U3D CLODMeshContinuation Code Execution
1006824 - Adobe Flash ActionScript3 ByteArray Use After Free Vulnerability
1003186* - Adobe Flash Player For Linux ActionScript ASnative Command Execution
1006810* - Adobe Flash Player Heap Buffer Overflow Vulnerability (CVE-2015-3113)
1006451* - Adobe Flash Player Memory Corruption Vulnerability (CVE-2014-8438)
1002445* - Adobe Multiple Products BMP Image Header Handling Buffer Overflow
1004191* - Adobe Photoshop Remote Code Execution
1003803* - Adobe Reader And Acrobat U3D 'CLODMeshDeclaration' Buffer Overflow Vulnerability
1004857* - Adobe Reader And Acrobat U3D TIFF Resource Buffer Overflow Vulnerability (CVE-2011-2432)
1004506* - Adobe Reader Doc.printSeps() Memory Corruption Vulnerability
1004167* - Adobe Shockwave Director PAMI Chunk Remote Code Execution Vulnerability
1004422* - Adobe Shockwave Director tSAC Chunk Memory Corruption
1004448* - Adobe Shockwave Director tSAC Chunk Remote Code Execution Vulnerability
1004494* - Adobe Shockwave Player 'dirapi.dll' Memory Corruption Vulnerability
1004517* - Adobe Shockwave Player 'dirapi.dll' Stack Overflow Vulnerability
1004287* - Adobe Shockwave Player 3D Parsing Memory Corruption Vulnerability
1003596* - Adobe Shockwave Player Director File Parsing Remote Code Execution Vulnerability
1004713* - Adobe Shockwave Player Memory Corruption (CVE-2011-2111)
1004552* - Adobe TIFF File Vulnerability - 3
1004335* - Apple QuickTime 'QuickTimeStreaming.qtx' Remote Stack Buffer Overflow
1002533* - Apple QuickTime Embedded Pascal Style Remote Integer Overflow
1003722* - Apple QuickTime FlashPix Sector Size Overflow Vulnerability
1002532* - Apple QuickTime Image Descriptor (IDSC) Atom Remote Memory Corruption Vulnerability
1003543* - Apple QuickTime Movie File Clipping Region Handling Heap Buffer Overflow
1003551* - Apple QuickTime PICT Image paintPoly Parsing Heap Buffer Overflow
1005251* - Apple QuickTime Targa Image Parsing Buffer Overflow Vulnerability
1003394* - BitDefender Internet Security Script Code Execution
1001009* - CA Product AV Engine CAB Header Parsing Stack Overflow
1004356* - Cinepak Codec Decompression Vulnerability
1004872* - Cisco WebEx Player ATAS32.DLL linesProcessed Remote Code Execution Vulnerability
1003163* - ClamAV 'get_unicode_name()' Off-By-One Heap Based Buffer Overflow
1002867* - ClamAV CHM Processing Denial Of Service
1003981* - DirectShow Heap Overflow Vulnerability
1003747* - FFmpeg vmd_read_header Integer Overflow
1004375* - Flash Movie Player File Magic Denial Of Service Vulnerability
1003114* - GDI Integer Overflow Vulnerability
1004651* - GDI+ Integer Overflow Vulnerability (CVE-2011-0041)
1003773* - GDI+ PNG Integer Overflow Vulnerability
1003775* - GDI+ TIFF Buffer Overflow Vulnerability
1002683* - GNOME Project libxslt Library RC4 Key String Buffer Overflow
1003749* - Google Apps 'googleapps.url.mailto' Handler Command Injection Vulnerability
1004080* - Google Chrome Invalid FTP Server Response Remote Denial Of Service Vulnerability Helper
1004278* - LibTIFF 'td_stripbytecount' NULL Pointer Dereference Remote Denial Of Service Vulnerability
1004329* - Libpng Memory Corruption And Memory Leak Vulnerability
1005403* - Libxml2 Entity Expansion Denial Of Service Vulnerability
1003431* - MJPEG Decompression Vulnerability
1004217* - MJPEG Media Decompression Vulnerability
1004354* - MPEG Layer-3 Audio Decoder Buffer Overflow Vulnerability
1004093* - MPEG Layer-3 Audio Decoder Stack Overflow Vulnerability
1004397* - MPEG-4 Codec Vulnerability
1003675* - Malformed AVI Header Vulnerability
1004223* - Media Decompression Vulnerability
1004319* - Media Player Classic DoS Vulnerability
1000849* - Microsoft Agent Memory Corruption Vulnerability
1000947* - Microsoft Antivirus Engine PDF File Remote Code Execution
1002590* - Microsoft DirectX Crafted MJPEG Stream Handling Code Execution
1003529* - Microsoft DirectX DirectShow QuickTime Video Remote Code Execution Vulnerability
1001249* - Microsoft DirectX Parsing SAMI File Code Execution Vulnerability
1001129* - Microsoft DirectX RLE Compressed Targa Image Processing Buffer Overflow
1001246* - Microsoft DirectX WAV File Parsing Code Execution Vulnerability
1003406* - Microsoft GDI+ EMF 'GpFont.SetData()' Buffer Overflow
1005016* - Microsoft GDI+ Record Type Vulnerability (CVE-2012-0165)
1000936* - Microsoft Help Workshop HPJ File Handling Buffer Overflow
1000948* - Microsoft OLE Dialog Code Execution Vulnerability
1002627* - Microsoft SQL Server Memory Corruption Vulnerability
1001007* - Microsoft Visio Version Validation Remote Code Execution
1000206* - Microsoft Visual Studio "dbp/sln" File Handling Buffer Overflow
1001096* - Microsoft Visual Studio Crystal Reports RPT Processing Buffer Overflow
1004038* - Microsoft Windows '.ani' File 'tagBITMAPINFOHEADER' Denial Of Service Vulnerability
1004562* - Microsoft Windows 'CreateSizedDIBSECTION()' Thumbnail View Stack Buffer Overflow Vulnerability
1000976* - Microsoft Windows ANI File Remote Code Execution
1004582* - Microsoft Windows Fax Cover Page Editor Memory Corruption
1004555* - Microsoft Windows Fax Cover Page Editor Remote Code Execution
1002757* - Microsoft Windows GDI+ BMP Integer Overflow Vulnerability
1002372* - Microsoft Windows GDI+ EMF Remote Code Execution
1001045* - Microsoft Windows GDI+ ICO File DoS
1002762* - Microsoft Windows GDI+ WMF Buffer Overrun Vulnerability
1001066* - Microsoft Windows Graphics Rendering Engine Image Handling Vulnerability
1001248* - Microsoft Windows Media Format ASF Parsing Remote Code Execution
1001252* - Microsoft Windows Media Player MP4 File Stack Overflow
1001068* - Microsoft Windows Media Player Remote Code Execution
1000182* - Microsoft Windows Metafile Integer Overflow Vulnerability
1002622* - Microsoft Windows Saved Search Remote Code Execution
1004302* - Microsoft Windows Shortcut Remote Code Execution
1001032* - Microsoft Windows URI Handler Registration Vulnerability
1001069* - Microsoft Windows Vista Feed Headlines Gadget Code Execution
1001137* - Microsoft vCard URL Handling Vulnerability
1004349* - Movie Maker Memory Corruption Vulnerability
1004928* - Msvcrt.dll Buffer Overflow Vulnerability (CVE-2012-0150)
1003541* - Multiple Products libxml2 XML File Processing Long Entity Name Buffer Overflow
1003703* - OpenOffice Word Document Table Parsing Heap Overflow
1004024* - OpenOffice.org Microsoft Word File sprmTSetBrc Processing Buffer Overflow
1004541* - OpenType Font File CFF table Code Execution Vulnerability
1004538* - OpenType Font File CMAP Table Paring Vulnerability
1004485* - OpenType Font Parsing Vulnerability
1004621* - Oracle Java 'Applet2ClassLoader' Class Unsigned Applet Remote Code Execution Vulnerability
1004932* - Oracle Java SE Deployment Component Unspecified Remote Code Execution
1004614* - Real Networks RealPlayer '.AVI' File Parsing Buffer Overflow
1004868* - RealNetwork RealPlayer MPG Width Integer Underflow Remote Code Execution Vulnerability
1002746* - RealNetworks Multiple Products SMIL Wallclock Stack Overflow
1002750* - RealNetworks RealPlayer Invalid Chunk Size Heap Overflow Vulnerability
1002745* - RealNetworks RealPlayer Multiple Products RA File Processing Heap Overflow
1005849* - RealNetworks RealPlayer Stack Based Buffer Overflow Vulnerability
1004781* - RealNetworks Realplayer QCP Parsing Remote Code Execution Vulnerability
1002571* - SAMI Format Parsing Vulnerability
1002291* - Sun Java Web Start Charset Encoding Stack Buffer Overflow
1002653* - Sun Java Web Start JNLP java-vm-args Heap Buffer Overflow
1002649* - Sun Java Web Start JNLP vm args Stack Overflow
1004543* - TIFF Image Converter Buffer Overflow Vulnerability
1004546* - TIFF Image Converter Heap Overflow Vulnerability
1003603* - VLC Media Player 'smb://' URI Handling Remote Buffer Overflow Vulnerability
1002630* - VideoLAN VLC Media Player WAV Processing Integer Overflow
1003201* - VideoLAN VLC real.c ReadRealIndex Real Demuxer Integer Overflow
1001637* - WebDAV Mini-Redirector Remote Code Execution
1003825* - Win32k EOT Parsing Vulnerability
1003823* - Win32k TTF Parsing Vulnerability
1004844* - Winamp AMF File Handling Overflow
1004845* - Winamp Midi File Handling Overflow
1003710* - Windows Media Playback Memory Corruption Vulnerability
1003760* - Windows Media Runtime Voice Sample Rate Vulnerability
1003116* - Windows Saved Search Vulnerability
1003115* - Windows Search Parsing Vulnerability
1003785* - Xpdf Splash DrawImage Integer Overflow
1004753* - libsndfile PAF File Processing Integer Overflow
Web Client Internet Explorer
1003267* - Microsoft Internet Explorer Uninitialized Memory Corruption
Web Server Common
1004859* - Disallowed HTTP header
Web Server Miscellaneous
1006744* - Jetty Httpd HttpParser Memory Information Disclosure Vulnerability (CVE-2015-2080)
Windows Services RPC Client
1006558* - Microsoft Windows Task Scheduler Remote Buffer Overflow Vulnerability - 1
Windows Services RPC Server
1000735* - Microsoft Windows Server Service Remote Code Execution
Integrity Monitoring Rules:
There are no new or updated Integrity Monitoring Rules in this Security Update.
Log Inspection Rules:
There are no new or updated Log Inspection Rules in this Security Update.
Featured Stories
Unveiling AI Agent Vulnerabilities Part V: Securing LLM ServicesTo conclude our series on agentic AI, this article examines emerging vulnerabilities that threaten AI agents, focusing on providing proactive security recommendations on areas such as code execution, data exfiltration, and database access.Read more
Unveiling AI Agent Vulnerabilities Part IV: Database Access VulnerabilitiesHow can attackers exploit weaknesses in database-enabled AI agents? This research explores how SQL generation vulnerabilities, stored prompt injection, and vector store poisoning can be weaponized by attackers for fraudulent activities.Read more
The Mirage of AI Programming: Hallucinations and Code IntegrityThe adoption of large language models (LLMs) and Generative Pre-trained Transformers (GPTs), such as ChatGPT, by leading firms like Microsoft, Nuance, Mix and Google CCAI Insights, drives the industry towards a series of transformative changes. As the use of these new technologies becomes prevalent, it is important to understand their key behavior, advantages, and the risks they present.Read more
Open RAN: Attack of the xAppsThis article discusses two O-RAN vulnerabilities that attackers can exploit. One vulnerability stems from insufficient access control, and the other arises from faulty message handlingRead more