Rule Update
19-047 (September 17, 2019)
DESCRIPTION
* indicates a new version of an existing rule
Deep Packet Inspection Rules:
Mail Server Over SSL/TLS
1009977 - Exim Mail Server Remote Code Execution Vulnerability (CVE-2019-15846)
Microsoft Office
1009982 - Microsoft Excel Remote Code Execution Vulnerability (CVE-2019-1297)
1009848 - Microsoft Office Memory Corruption Vulnerability (CVE-2018-0798)
Web Application Common
1009979 - XStream Library ReflectionConverter Insecure Deserialization Remote Command Execution Vulnerability (CVE-2019-10173) - Server
Web Client Common
1009988 - Microsoft DirectWrite Information Disclosure Vulnerability (CVE-2019-1251)
1009984 - Microsoft Graphics Components Information Disclosure Vulnerability (CVE-2019-1283)
1009985 - Microsoft Jet Database Engine Remote Code Execution Vulnerability (CVE-2019-1241)
1009986 - Microsoft Jet Database Engine Remote Code Execution Vulnerability (CVE-2019-1243)
1009989 - Microsoft Jet Database Engine Remote Code Execution Vulnerability (CVE-2019-1246)
1009987 - Microsoft Jet Database Engine Remote Code Execution Vulnerability (CVE-2019-1249)
1009981 - Microsoft Windows GDI Information Disclosure Vulnerability (CVE-2019-1252)
1009980 - Microsoft Windows JET Database Engine Integer Underflow Remote Code Execution Vulnerability (CVE-2019-1248)
1009983 - Microsoft Windows Jet Database Engine Remote Code Execution Vulnerability (CVE-2019-1242)
1009990 - Microsoft Windows VBScript Remote Code Execution Vulnerability (CVE-2019-1208)
1009976 - XStream Library ReflectionConverter Insecure Deserialization Remote Command Execution Vulnerability (CVE-2019-10173)
Web Server Common
1003598* - Multiple HTTP Server Low Bandwidth Denial Of Service
Integrity Monitoring Rules:
1006802* - TMTR-0003: Suspicious Files Detected In Operating System Directories
1006801* - TMTR-0004: Suspicious Files Detected In Operating System Directories
1006658* - TMTR-0012: Suspicious Files Detected In Temporary Directories
Log Inspection Rules:
There are no new or updated Log Inspection Rules in this Security Update.
Deep Packet Inspection Rules:
Mail Server Over SSL/TLS
1009977 - Exim Mail Server Remote Code Execution Vulnerability (CVE-2019-15846)
Microsoft Office
1009982 - Microsoft Excel Remote Code Execution Vulnerability (CVE-2019-1297)
1009848 - Microsoft Office Memory Corruption Vulnerability (CVE-2018-0798)
Web Application Common
1009979 - XStream Library ReflectionConverter Insecure Deserialization Remote Command Execution Vulnerability (CVE-2019-10173) - Server
Web Client Common
1009988 - Microsoft DirectWrite Information Disclosure Vulnerability (CVE-2019-1251)
1009984 - Microsoft Graphics Components Information Disclosure Vulnerability (CVE-2019-1283)
1009985 - Microsoft Jet Database Engine Remote Code Execution Vulnerability (CVE-2019-1241)
1009986 - Microsoft Jet Database Engine Remote Code Execution Vulnerability (CVE-2019-1243)
1009989 - Microsoft Jet Database Engine Remote Code Execution Vulnerability (CVE-2019-1246)
1009987 - Microsoft Jet Database Engine Remote Code Execution Vulnerability (CVE-2019-1249)
1009981 - Microsoft Windows GDI Information Disclosure Vulnerability (CVE-2019-1252)
1009980 - Microsoft Windows JET Database Engine Integer Underflow Remote Code Execution Vulnerability (CVE-2019-1248)
1009983 - Microsoft Windows Jet Database Engine Remote Code Execution Vulnerability (CVE-2019-1242)
1009990 - Microsoft Windows VBScript Remote Code Execution Vulnerability (CVE-2019-1208)
1009976 - XStream Library ReflectionConverter Insecure Deserialization Remote Command Execution Vulnerability (CVE-2019-10173)
Web Server Common
1003598* - Multiple HTTP Server Low Bandwidth Denial Of Service
Integrity Monitoring Rules:
1006802* - TMTR-0003: Suspicious Files Detected In Operating System Directories
1006801* - TMTR-0004: Suspicious Files Detected In Operating System Directories
1006658* - TMTR-0012: Suspicious Files Detected In Temporary Directories
Log Inspection Rules:
There are no new or updated Log Inspection Rules in this Security Update.