Rule Update
15-024 (July 28, 2015)
DESCRIPTION
* indicates a new version of an existing rule
Deep Packet Inspection Rules:
Microsoft Office
1006574* - Microsoft Office Local Zone Remote Code Execution Vulnerability (CVE-2015-0097)
1004099* - Microsoft Office Publisher File Conversion TextBox Processing Buffer Overflow Vulnerability
OpenSSL
1006855* - OpenSSL Alternative Chains Certificate Forgery Security Bypass Vulnerability (CVE-2015-1793)
1006854 - OpenSSL X509_cmp_time Denial Of Service Vulnerability (CVE-2015-1789)
OpenSSL Client
1006856* - OpenSSL Client Alternative Chains Certificate Forgery Security Bypass Vulnerability (CVE-2015-1793)
1006806* - OpenSSL Malformed ECParameters Infinite Loop Denial Of Service Vulnerability
Unix CUPS
1006814* - CUPS Print Service Remote Privilege Escalation Vulnerability
Web Application Common
1005936* - Identified Local File Inclusion (LFI) Over HTTP
1006823* - Identified Suspicious Command Injection Attack - 1
Web Application PHP Based
1006817 - PHP 'phar_parse_tarfile' Memory Corruption Vulnerability
1006819 - PHP DateTime Use After Free Vulnerability (CVE-2015-0273)
1006821 - PHP DateTimeZone Type Confusion Information Disclosure Vulnerability
Web Client Common
1006824* - Adobe Flash ActionScript3 ByteArray Use After Free Vulnerability
1006812* - Adobe Flash Player Heap Buffer Overflow Vulnerability (CVE-2015-3113) -1
1006701* - Adobe Flash Player Type Confusion Remote Code Execution Vulnerability (CVE-2015-3077)
1006905 - Adobe Flash Player Unspecified Memory Corruption Vulnerability (CVE-2015-3123)
1006903* - Adobe Font Driver Memory Corruption Vulnerability (CVE-2015-2426)
1006890 - Adobe Reader And Acrobat Buffer Overflow Vulnerability (CVE-2015-5093)
1006893 - Adobe Reader And Acrobat Integer Overflow Vulnerability (CVE-2015-5097)
1006889 - Adobe Reader And Acrobat Memory Corruption Vulnerability (CVE-2015-5087)
1006891 - Adobe Reader And Acrobat Memory Corruption Vulnerability (CVE-2015-5094)
1006894 - Adobe Reader And Acrobat Memory Corruption Vulnerability (CVE-2015-5098)
1006896 - Adobe Reader And Acrobat Memory Corruption Vulnerability (CVE-2015-5100)
1006897 - Adobe Reader And Acrobat Memory Corruption Vulnerability (CVE-2015-5101)
1006898 - Adobe Reader And Acrobat Memory Corruption Vulnerability (CVE-2015-5102)
1006899 - Adobe Reader And Acrobat Memory Corruption Vulnerability (CVE-2015-5103)
1006900 - Adobe Reader And Acrobat Memory Corruption Vulnerability (CVE-2015-5104)
1006886 - Adobe Reader And Acrobat Security Bypass Vulnerability (CVE-2015-4447)
1006888 - Adobe Reader And Acrobat Security Bypass Vulnerability (CVE-2015-5086)
1006887 - Adobe Reader And Acrobat Use After Free Vulnerability (CVE-2015-4448)
1006892 - Adobe Reader And Acrobat Use After Free Vulnerability (CVE-2015-5095)
1006895 - Adobe Reader And Acrobat Use After Free Vulnerability (CVE-2015-5099)
1006901 - Adobe Reader And Acrobat Use After Free Vulnerability (CVE-2015-5111)
1006902 - Adobe Reader And Acrobat Use After Free Vulnerability (CVE-2015-5113)
1006883 - Google Chrome Cross Site Scripting Filter Bypass Vulnerability
1006872* - Microsoft Windows DLL Planting Remote Code Execution Vulnerability (CVE-2015-2369)
1006857* - Oracle Java SE Remote Code Execution Vulnerability (CVE-2015-2590)
Web Client Internet Explorer
1006868* - Microsoft Internet Explorer JScript9 Memory Corruption Vulnerability (CVE-2015-2419)
1006832* - Microsoft Internet Explorer Memory Corruption Vulnerability (CVE-2015-2401)
1006869* - Microsoft Internet Explorer Memory Corruption Vulnerability (CVE-2015-2425)
Web Client Mozilla Firefox
1006825 - Mozilla Firefox XrayWrapper Privileged Javascript Injection Vulnerability (CVE-2014-8636)
Web Server IIS
1006434* - Microsoft IIS Directory Traversal Vulnerability
Web Server Miscellaneous
1003505* - Microsoft .Net Framework Null Byte Injection Vulnerability
Web Service HP SiteScope
1006816* - HP SiteScope Log Analyzer Privilege Escalation Vulnerability (CVE-2015-2120)
Windows Services RPC Server
1006906 - Identified Usage Of PsExec Command Line Tool
Integrity Monitoring Rules:
There are no new or updated Integrity Monitoring Rules in this Security Update.
Log Inspection Rules:
There are no new or updated Log Inspection Rules in this Security Update.
Deep Packet Inspection Rules:
Microsoft Office
1006574* - Microsoft Office Local Zone Remote Code Execution Vulnerability (CVE-2015-0097)
1004099* - Microsoft Office Publisher File Conversion TextBox Processing Buffer Overflow Vulnerability
OpenSSL
1006855* - OpenSSL Alternative Chains Certificate Forgery Security Bypass Vulnerability (CVE-2015-1793)
1006854 - OpenSSL X509_cmp_time Denial Of Service Vulnerability (CVE-2015-1789)
OpenSSL Client
1006856* - OpenSSL Client Alternative Chains Certificate Forgery Security Bypass Vulnerability (CVE-2015-1793)
1006806* - OpenSSL Malformed ECParameters Infinite Loop Denial Of Service Vulnerability
Unix CUPS
1006814* - CUPS Print Service Remote Privilege Escalation Vulnerability
Web Application Common
1005936* - Identified Local File Inclusion (LFI) Over HTTP
1006823* - Identified Suspicious Command Injection Attack - 1
Web Application PHP Based
1006817 - PHP 'phar_parse_tarfile' Memory Corruption Vulnerability
1006819 - PHP DateTime Use After Free Vulnerability (CVE-2015-0273)
1006821 - PHP DateTimeZone Type Confusion Information Disclosure Vulnerability
Web Client Common
1006824* - Adobe Flash ActionScript3 ByteArray Use After Free Vulnerability
1006812* - Adobe Flash Player Heap Buffer Overflow Vulnerability (CVE-2015-3113) -1
1006701* - Adobe Flash Player Type Confusion Remote Code Execution Vulnerability (CVE-2015-3077)
1006905 - Adobe Flash Player Unspecified Memory Corruption Vulnerability (CVE-2015-3123)
1006903* - Adobe Font Driver Memory Corruption Vulnerability (CVE-2015-2426)
1006890 - Adobe Reader And Acrobat Buffer Overflow Vulnerability (CVE-2015-5093)
1006893 - Adobe Reader And Acrobat Integer Overflow Vulnerability (CVE-2015-5097)
1006889 - Adobe Reader And Acrobat Memory Corruption Vulnerability (CVE-2015-5087)
1006891 - Adobe Reader And Acrobat Memory Corruption Vulnerability (CVE-2015-5094)
1006894 - Adobe Reader And Acrobat Memory Corruption Vulnerability (CVE-2015-5098)
1006896 - Adobe Reader And Acrobat Memory Corruption Vulnerability (CVE-2015-5100)
1006897 - Adobe Reader And Acrobat Memory Corruption Vulnerability (CVE-2015-5101)
1006898 - Adobe Reader And Acrobat Memory Corruption Vulnerability (CVE-2015-5102)
1006899 - Adobe Reader And Acrobat Memory Corruption Vulnerability (CVE-2015-5103)
1006900 - Adobe Reader And Acrobat Memory Corruption Vulnerability (CVE-2015-5104)
1006886 - Adobe Reader And Acrobat Security Bypass Vulnerability (CVE-2015-4447)
1006888 - Adobe Reader And Acrobat Security Bypass Vulnerability (CVE-2015-5086)
1006887 - Adobe Reader And Acrobat Use After Free Vulnerability (CVE-2015-4448)
1006892 - Adobe Reader And Acrobat Use After Free Vulnerability (CVE-2015-5095)
1006895 - Adobe Reader And Acrobat Use After Free Vulnerability (CVE-2015-5099)
1006901 - Adobe Reader And Acrobat Use After Free Vulnerability (CVE-2015-5111)
1006902 - Adobe Reader And Acrobat Use After Free Vulnerability (CVE-2015-5113)
1006883 - Google Chrome Cross Site Scripting Filter Bypass Vulnerability
1006872* - Microsoft Windows DLL Planting Remote Code Execution Vulnerability (CVE-2015-2369)
1006857* - Oracle Java SE Remote Code Execution Vulnerability (CVE-2015-2590)
Web Client Internet Explorer
1006868* - Microsoft Internet Explorer JScript9 Memory Corruption Vulnerability (CVE-2015-2419)
1006832* - Microsoft Internet Explorer Memory Corruption Vulnerability (CVE-2015-2401)
1006869* - Microsoft Internet Explorer Memory Corruption Vulnerability (CVE-2015-2425)
Web Client Mozilla Firefox
1006825 - Mozilla Firefox XrayWrapper Privileged Javascript Injection Vulnerability (CVE-2014-8636)
Web Server IIS
1006434* - Microsoft IIS Directory Traversal Vulnerability
Web Server Miscellaneous
1003505* - Microsoft .Net Framework Null Byte Injection Vulnerability
Web Service HP SiteScope
1006816* - HP SiteScope Log Analyzer Privilege Escalation Vulnerability (CVE-2015-2120)
Windows Services RPC Server
1006906 - Identified Usage Of PsExec Command Line Tool
Integrity Monitoring Rules:
There are no new or updated Integrity Monitoring Rules in this Security Update.
Log Inspection Rules:
There are no new or updated Log Inspection Rules in this Security Update.
Featured Stories
When AI Becomes a Zero-Day Machine: What Public Sector Organizations Need to KnowClaude Mythos Preview shows how AI can rapidly discover and weaponize zero-day vulnerabilities—transforming once human-scale threats into machine-speed attacks. As these capabilities spread, public sector organizations must rely on trusted, proactive defenders like TrendAI™ ZDI to stay ahead of an AI-driven threat landscape.Read more
Hunt Them All: An AI-Powered Vulnerability Sweep of 19,000 MCP ServersIn this research, we analyzed over 19,000 open-source MCP server repositories to uncover how much AI-generated code they contain and how many harbor exploitable vulnerabilities.Read more
Update on Exposed MCP Servers: The Threat Widens to the CloudExposed Model Context Protocol (MCP) servers have become powerful vectors for cloud attacks, enabling threat actors to not only access sensitive data but also take control of the cloud services themselves.Read more
Old Vulnerabilities, New AI Era, Amplified Risk: How Outdated Flaws Continue to Fuel the N-Day Exploit MarketEven as AI adoption accelerates, old exploits remain overlooked weaknesses. Underground trends show a renewed demand for exploits, with cybercriminals relying on aging but still effective vulnerabilities. We examine this blind spot and why long-standing issues need to be addressed.Read more