Deep Security Center
* indicates a new version of an existing rule
Deep Packet Inspection Rules:
DNS Client
1007458* - glibc getaddrinfo Stack Based Buffer Overflow Vulnerability (CVE-2015-7547)
Web Client Common
1008003* - Adobe Flash Player Use-After-Free Vulnerability (CVE-2016-7855)
1008033 - Microsoft Windows Elevation Of Privilege Vulnerability
1007929* - Microsoft Windows PDF Library Remote Code Execution Vulnerability (CVE-2016-3370)
1007930* - Microsoft Windows PDF Library Remote Code Execution Vulnerability (CVE-2016-3374)
Web Client Internet Explorer/Edge
1007923* - Microsoft Internet Explorer And Edge Information Disclosure Vulnerability (CVE-2016-3325)
Web Server Common
1000128* - HTTP Protocol Decoding
1005496* - Identified HTTP Request Smuggling Attack
Web Server HTTPS
1007253* - Trend Micro Threat Intelligence Manager Multiple Vulnerabilities Remote Code Execution
Web Server Miscellaneous
1007522* - JBoss Seam Parameterized EL Expressions Remote Code Execution Vulnerability
Integrity Monitoring Rules:
There are no new or updated Integrity Monitoring Rules in this Security Update.
Log Inspection Rules:
There are no new or updated Log Inspection Rules in this Security Update.
Deep Packet Inspection Rules:
DNS Client
1007458* - glibc getaddrinfo Stack Based Buffer Overflow Vulnerability (CVE-2015-7547)
Web Client Common
1008003* - Adobe Flash Player Use-After-Free Vulnerability (CVE-2016-7855)
1008033 - Microsoft Windows Elevation Of Privilege Vulnerability
1007929* - Microsoft Windows PDF Library Remote Code Execution Vulnerability (CVE-2016-3370)
1007930* - Microsoft Windows PDF Library Remote Code Execution Vulnerability (CVE-2016-3374)
Web Client Internet Explorer/Edge
1007923* - Microsoft Internet Explorer And Edge Information Disclosure Vulnerability (CVE-2016-3325)
Web Server Common
1000128* - HTTP Protocol Decoding
1005496* - Identified HTTP Request Smuggling Attack
Web Server HTTPS
1007253* - Trend Micro Threat Intelligence Manager Multiple Vulnerabilities Remote Code Execution
Web Server Miscellaneous
1007522* - JBoss Seam Parameterized EL Expressions Remote Code Execution Vulnerability
Integrity Monitoring Rules:
There are no new or updated Integrity Monitoring Rules in this Security Update.
Log Inspection Rules:
There are no new or updated Log Inspection Rules in this Security Update.
* indicates a new version of an existing rule
Deep Packet Inspection Rules:
Web Application PHP Based
1008005 - Joomla Core Security Bypass Vulnerabilities
Web Client Common
1008003* - Adobe Flash Player Use-After-Free Vulnerability (CVE-2016-7855)
1007978* - Microsoft Windows GDI+ Information Disclosure Vulnerability (CVE-2016-3263)
1007976* - Microsoft Windows Multiple Elevation Of Privilege Vulnerabilities (MS16-120)
1007975* - Microsoft Windows Multiple Security Vulnerabilities (MS16-123)
Web Client Internet Explorer/Edge
1007987* - Microsoft Internet Explorer And Edge Memory Corruption Vulnerability (CVE-2016-3382)
Integrity Monitoring Rules:
There are no new or updated Integrity Monitoring Rules in this Security Update.
Log Inspection Rules:
There are no new or updated Log Inspection Rules in this Security Update.
Deep Packet Inspection Rules:
Web Application PHP Based
1008005 - Joomla Core Security Bypass Vulnerabilities
Web Client Common
1008003* - Adobe Flash Player Use-After-Free Vulnerability (CVE-2016-7855)
1007978* - Microsoft Windows GDI+ Information Disclosure Vulnerability (CVE-2016-3263)
1007976* - Microsoft Windows Multiple Elevation Of Privilege Vulnerabilities (MS16-120)
1007975* - Microsoft Windows Multiple Security Vulnerabilities (MS16-123)
Web Client Internet Explorer/Edge
1007987* - Microsoft Internet Explorer And Edge Memory Corruption Vulnerability (CVE-2016-3382)
Integrity Monitoring Rules:
There are no new or updated Integrity Monitoring Rules in this Security Update.
Log Inspection Rules:
There are no new or updated Log Inspection Rules in this Security Update.
* indicates a new version of an existing rule
Deep Packet Inspection Rules:
Suspicious Server Application Activity
1003786* - Detected SNMP Server Traffic
Unix Samba
1004252* - Samba 'SMB1 Packet Chaining' Unspecified Remote Memory Corruption Vulnerability
Web Application PHP Based
1007739* - PHP TAR File Parsing Uninitialized Reference Vulnerability (CVE-2016-4343)
Web Application Tomcat
1003854* - Identified Login Attempt To Apache Tomcat Manager Using Default Credentials
Web Client Common
1007677 - Adobe Flash Player Memory Corruption Vulnerability (CVE-2016-4137)
1008003 - Adobe Flash Player Use-After-Free Vulnerability
1007930* - Microsoft PDF Library Remote Code Execution Vulnerability (CVE-2016-3374)
1007995* - Microsoft Windows Diagnostics Hub Elevation Of Privilege (CVE-2016-7188)
1007988* - Microsoft Windows Multiple Security Vulnerabilities (MS16-124)
1007665* - Microsoft Windows PDF Remote Code Execution Vulnerability (CVE-2016-3203)
1007908 - WPS Office PowerPoint Memory Corruption Vulnerability
1007909 - WPS Office SpreadSheet Memory Corruption Vulnerability
1007910 - WPS Office Writer Memory Corruption Vulnerability
Web Client Internet Explorer/Edge
1007984* - Microsoft Edge Scripting Engine Memory Corruption Vulnerability (CVE-2016-3386)
1007982* - Microsoft Edge Scripting Engine Memory Corruption Vulnerability (CVE-2016-7190)
1007991* - Microsoft Internet Explorer And Edge Information Disclosure Vulnerability (CVE-2016-3267)
1007980* - Microsoft Internet Explorer Memory Corruption Vulnerability (CVE-2016-3385)
1007903 - Microsoft Internet Explorer Scripting Engine Memory Corruption Vulnerability (CVE-2016-0189) - 1
Web Server Common
1007914* - Symfony Security Component Denial Of Service Vulnerability
Web Server HTTPS
1007253 - Trend Micro Threat Intelligence Manager Multiple Vulnerabilities Remote Code Execution
Web Server Miscellaneous
1007528* - GlassFish Java EE Application Server Arbitrary File Read Vulnerability
1007993 - RedHat JBoss Web Application Server Remote Information Disclosure Vulnerability (CVE-2005-2006)
Web Service HP SiteScope
1007742* - HP SiteScope DNS Tool Command Injection Vulnerability
Windows Services RPC Client
1007494* - Adobe Acrobat DLL Loading Arbitrary Code Execution Vulnerability (CVE-2016-1008)
Integrity Monitoring Rules:
There are no new or updated Integrity Monitoring Rules in this Security Update.
Log Inspection Rules:
There are no new or updated Log Inspection Rules in this Security Update.
Deep Packet Inspection Rules:
Suspicious Server Application Activity
1003786* - Detected SNMP Server Traffic
Unix Samba
1004252* - Samba 'SMB1 Packet Chaining' Unspecified Remote Memory Corruption Vulnerability
Web Application PHP Based
1007739* - PHP TAR File Parsing Uninitialized Reference Vulnerability (CVE-2016-4343)
Web Application Tomcat
1003854* - Identified Login Attempt To Apache Tomcat Manager Using Default Credentials
Web Client Common
1007677 - Adobe Flash Player Memory Corruption Vulnerability (CVE-2016-4137)
1008003 - Adobe Flash Player Use-After-Free Vulnerability
1007930* - Microsoft PDF Library Remote Code Execution Vulnerability (CVE-2016-3374)
1007995* - Microsoft Windows Diagnostics Hub Elevation Of Privilege (CVE-2016-7188)
1007988* - Microsoft Windows Multiple Security Vulnerabilities (MS16-124)
1007665* - Microsoft Windows PDF Remote Code Execution Vulnerability (CVE-2016-3203)
1007908 - WPS Office PowerPoint Memory Corruption Vulnerability
1007909 - WPS Office SpreadSheet Memory Corruption Vulnerability
1007910 - WPS Office Writer Memory Corruption Vulnerability
Web Client Internet Explorer/Edge
1007984* - Microsoft Edge Scripting Engine Memory Corruption Vulnerability (CVE-2016-3386)
1007982* - Microsoft Edge Scripting Engine Memory Corruption Vulnerability (CVE-2016-7190)
1007991* - Microsoft Internet Explorer And Edge Information Disclosure Vulnerability (CVE-2016-3267)
1007980* - Microsoft Internet Explorer Memory Corruption Vulnerability (CVE-2016-3385)
1007903 - Microsoft Internet Explorer Scripting Engine Memory Corruption Vulnerability (CVE-2016-0189) - 1
Web Server Common
1007914* - Symfony Security Component Denial Of Service Vulnerability
Web Server HTTPS
1007253 - Trend Micro Threat Intelligence Manager Multiple Vulnerabilities Remote Code Execution
Web Server Miscellaneous
1007528* - GlassFish Java EE Application Server Arbitrary File Read Vulnerability
1007993 - RedHat JBoss Web Application Server Remote Information Disclosure Vulnerability (CVE-2005-2006)
Web Service HP SiteScope
1007742* - HP SiteScope DNS Tool Command Injection Vulnerability
Windows Services RPC Client
1007494* - Adobe Acrobat DLL Loading Arbitrary Code Execution Vulnerability (CVE-2016-1008)
Integrity Monitoring Rules:
There are no new or updated Integrity Monitoring Rules in this Security Update.
Log Inspection Rules:
There are no new or updated Log Inspection Rules in this Security Update.
* indicates a new version of an existing rule
Deep Packet Inspection Rules:
DCERPC Services
1007596* - Identified Possible Ransomware File Extension Rename Activity Over Network Share
DNS Client
1007425 - ISC BIND OpenPGP Key Handler Denial Of Service Vulnerability (CVE-2015-5986)
1007465 - ISC BIND Response Handler Denial Of Service Vulnerability (CVE-2015-8000)
Microsoft Office
1007667* - Microsoft Office Information Disclosure Vulnerability (CVE-2016-3234)
1007617* - Microsoft Office Memory Corruption Vulnerability (CVE-2016-0126)
1007885* - Microsoft Office Memory Corruption Vulnerability (CVE-2016-3316)
Remote Desktop Protocol Server
1007969 - Identified Suspicious Remote Desktop Protocol (RDP) Brute Force Attempt
Web Client Common
1007998 - Adobe Acrobat And Reader Multiple Memory Corruption Vulnerabilities (APSB16-33) - 1
1007997 - Adobe Acrobat And Reader Multiple Memory Corruption Vulnerabilities (APSB16-33) - 2
1007999 - Adobe Acrobat And Reader Multiple Security Vulnerabilities (APSB16-33) - 1
1008000 - Adobe Acrobat And Reader Multiple Security Vulnerabilities (APSB16-33) - 2
1007678* - Adobe Flash Player Buffer Overflow Vulnerability (CVE-2016-4138)
1007996 - Adobe Flash Player Multiple Security Vulnerabilities (APSB16-32)
1006391* - Identified Suspicious Obfuscated JavaScript - 1
1007929* - Microsoft PDF Library Remote Code Execution Vulnerability (CVE-2016-3370)
1007975* - Microsoft Windows Multiple Security Vulnerabilities (MS16-123)
Web Client Internet Explorer/Edge
1007529 - Cumulative Security Update Of ActiveX Kill Bits - January 2016
1007926* - Microsoft Edge Memory Corruption Vulnerability (CVE-2016-3294)
1007921* - Microsoft Internet Explorer And Edge Memory Corruption Vulnerability (CVE-2016-3295)
1007928* - Microsoft Internet Explorer Memory Corruption Vulnerability (CVE-2016-3324)
Web Server Common
1005434* - Disallow Upload Of A PHP File
1007185* - Java Unserialize Remote Code Execution Vulnerability
Windows Services RPC Client
1007913* - Identified Possible Ransomware File Extension Rename Activity Over Network Share - Client
Integrity Monitoring Rules:
There are no new or updated Integrity Monitoring Rules in this Security Update.
Log Inspection Rules:
There are no new or updated Log Inspection Rules in this Security Update.
Deep Packet Inspection Rules:
DCERPC Services
1007596* - Identified Possible Ransomware File Extension Rename Activity Over Network Share
DNS Client
1007425 - ISC BIND OpenPGP Key Handler Denial Of Service Vulnerability (CVE-2015-5986)
1007465 - ISC BIND Response Handler Denial Of Service Vulnerability (CVE-2015-8000)
Microsoft Office
1007667* - Microsoft Office Information Disclosure Vulnerability (CVE-2016-3234)
1007617* - Microsoft Office Memory Corruption Vulnerability (CVE-2016-0126)
1007885* - Microsoft Office Memory Corruption Vulnerability (CVE-2016-3316)
Remote Desktop Protocol Server
1007969 - Identified Suspicious Remote Desktop Protocol (RDP) Brute Force Attempt
Web Client Common
1007998 - Adobe Acrobat And Reader Multiple Memory Corruption Vulnerabilities (APSB16-33) - 1
1007997 - Adobe Acrobat And Reader Multiple Memory Corruption Vulnerabilities (APSB16-33) - 2
1007999 - Adobe Acrobat And Reader Multiple Security Vulnerabilities (APSB16-33) - 1
1008000 - Adobe Acrobat And Reader Multiple Security Vulnerabilities (APSB16-33) - 2
1007678* - Adobe Flash Player Buffer Overflow Vulnerability (CVE-2016-4138)
1007996 - Adobe Flash Player Multiple Security Vulnerabilities (APSB16-32)
1006391* - Identified Suspicious Obfuscated JavaScript - 1
1007929* - Microsoft PDF Library Remote Code Execution Vulnerability (CVE-2016-3370)
1007975* - Microsoft Windows Multiple Security Vulnerabilities (MS16-123)
Web Client Internet Explorer/Edge
1007529 - Cumulative Security Update Of ActiveX Kill Bits - January 2016
1007926* - Microsoft Edge Memory Corruption Vulnerability (CVE-2016-3294)
1007921* - Microsoft Internet Explorer And Edge Memory Corruption Vulnerability (CVE-2016-3295)
1007928* - Microsoft Internet Explorer Memory Corruption Vulnerability (CVE-2016-3324)
Web Server Common
1005434* - Disallow Upload Of A PHP File
1007185* - Java Unserialize Remote Code Execution Vulnerability
Windows Services RPC Client
1007913* - Identified Possible Ransomware File Extension Rename Activity Over Network Share - Client
Integrity Monitoring Rules:
There are no new or updated Integrity Monitoring Rules in this Security Update.
Log Inspection Rules:
There are no new or updated Log Inspection Rules in this Security Update.
* indicates a new version of an existing rule
Deep Packet Inspection Rules:
Microsoft Office
1007373* - Microsoft Office Memory Corruption Vulnerability (CVE-2016-0010)
1007979 - Microsoft Office Memory Corruption Vulnerability (CVE-2016-7193)
Novell File Reporter (NFR) Agent
1005260* - Novell File Reporter SRS XML Server Request With Path Element Detected
OpenSSL
1007970* - OpenSSL OCSP Status Request Denial Of Service Vulnerability (CVE-2016-6304)
Suspicious Client Ransomware Activity
1007971* - Ransomware Fantom
Web Application Common
1000552* - Generic Cross Site Scripting(XSS) Prevention
Web Application PHP Based
1007641* - Magento Unauthenticated Arbitrary File Write Vulnerability (CVE-2016-4010)
1007739 - PHP TAR File Parsing Uninitialized Reference Vulnerability (CVE-2016-4343)
Web Client Common
1007995 - Microsoft Windows Diagnostics Hub Elevation Of Privilege (CVE-2016-7188)
1007974 - Microsoft Windows GDI+ Information Disclosure Vulnerability (CVE-2016-3209)
1007977 - Microsoft Windows GDI+ Information Disclosure Vulnerability (CVE-2016-3262)
1007978 - Microsoft Windows GDI+ Information Disclosure Vulnerability (CVE-2016-3263)
1007976 - Microsoft Windows Multiple Elevation Of Privilege Vulnerabilities (MS16-120)
1007989 - Microsoft Windows Multiple Security Vulnerabilities (MS16-118, MS16-119)
1007975 - Microsoft Windows Multiple Security Vulnerabilities (MS16-123)
1007988 - Microsoft Windows Multiple Security Vulnerabilities (MS16-124)
Web Client Internet Explorer/Edge
1007983 - Microsoft Edge Scripting Engine Information Disclosure Vulnerability (CVE-2016-7189)
1007984 - Microsoft Edge Scripting Engine Memory Corruption Vulnerability (CVE-2016-3386)
1007982 - Microsoft Edge Scripting Engine Memory Corruption Vulnerability (CVE-2016-7190)
1007994 - Microsoft Edge Scripting Engine Memory Corruption Vulnerability (CVE-2016-7194)
1007991 - Microsoft Internet Explorer And Edge Information Disclosure Vulnerability (CVE-2016-3267)
1007924* - Microsoft Internet Explorer And Edge Information Disclosure Vulnerability (CVE-2016-3351)
1007920* - Microsoft Internet Explorer And Edge Memory Corruption Vulnerability (CVE-2016-3247)
1007922* - Microsoft Internet Explorer And Edge Memory Corruption Vulnerability (CVE-2016-3297)
1007986 - Microsoft Internet Explorer And Edge Memory Corruption Vulnerability (CVE-2016-3331)
1007987 - Microsoft Internet Explorer And Edge Memory Corruption Vulnerability (CVE-2016-3382)
1007985 - Microsoft Internet Explorer Information Disclosure Vulnerability (CVE-2016-3298)
1007873* - Microsoft Internet Explorer Memory Corruption Vulnerability (CVE-2016-3288)
1007981 - Microsoft Internet Explorer Memory Corruption Vulnerability (CVE-2016-3383)
1007980 - Microsoft Internet Explorer Memory Corruption Vulnerability (CVE-2016-3385)
Web Server Miscellaneous
1003741* - Adobe RoboHelp Server Authentication Bypass Vulnerability
Web Service HP SiteScope
1007742 - HP SiteScope DNS Tool Command Injection Vulnerability
Integrity Monitoring Rules:
There are no new or updated Integrity Monitoring Rules in this Security Update.
Log Inspection Rules:
There are no new or updated Log Inspection Rules in this Security Update.
Deep Packet Inspection Rules:
Microsoft Office
1007373* - Microsoft Office Memory Corruption Vulnerability (CVE-2016-0010)
1007979 - Microsoft Office Memory Corruption Vulnerability (CVE-2016-7193)
Novell File Reporter (NFR) Agent
1005260* - Novell File Reporter SRS XML Server Request With Path Element Detected
OpenSSL
1007970* - OpenSSL OCSP Status Request Denial Of Service Vulnerability (CVE-2016-6304)
Suspicious Client Ransomware Activity
1007971* - Ransomware Fantom
Web Application Common
1000552* - Generic Cross Site Scripting(XSS) Prevention
Web Application PHP Based
1007641* - Magento Unauthenticated Arbitrary File Write Vulnerability (CVE-2016-4010)
1007739 - PHP TAR File Parsing Uninitialized Reference Vulnerability (CVE-2016-4343)
Web Client Common
1007995 - Microsoft Windows Diagnostics Hub Elevation Of Privilege (CVE-2016-7188)
1007974 - Microsoft Windows GDI+ Information Disclosure Vulnerability (CVE-2016-3209)
1007977 - Microsoft Windows GDI+ Information Disclosure Vulnerability (CVE-2016-3262)
1007978 - Microsoft Windows GDI+ Information Disclosure Vulnerability (CVE-2016-3263)
1007976 - Microsoft Windows Multiple Elevation Of Privilege Vulnerabilities (MS16-120)
1007989 - Microsoft Windows Multiple Security Vulnerabilities (MS16-118, MS16-119)
1007975 - Microsoft Windows Multiple Security Vulnerabilities (MS16-123)
1007988 - Microsoft Windows Multiple Security Vulnerabilities (MS16-124)
Web Client Internet Explorer/Edge
1007983 - Microsoft Edge Scripting Engine Information Disclosure Vulnerability (CVE-2016-7189)
1007984 - Microsoft Edge Scripting Engine Memory Corruption Vulnerability (CVE-2016-3386)
1007982 - Microsoft Edge Scripting Engine Memory Corruption Vulnerability (CVE-2016-7190)
1007994 - Microsoft Edge Scripting Engine Memory Corruption Vulnerability (CVE-2016-7194)
1007991 - Microsoft Internet Explorer And Edge Information Disclosure Vulnerability (CVE-2016-3267)
1007924* - Microsoft Internet Explorer And Edge Information Disclosure Vulnerability (CVE-2016-3351)
1007920* - Microsoft Internet Explorer And Edge Memory Corruption Vulnerability (CVE-2016-3247)
1007922* - Microsoft Internet Explorer And Edge Memory Corruption Vulnerability (CVE-2016-3297)
1007986 - Microsoft Internet Explorer And Edge Memory Corruption Vulnerability (CVE-2016-3331)
1007987 - Microsoft Internet Explorer And Edge Memory Corruption Vulnerability (CVE-2016-3382)
1007985 - Microsoft Internet Explorer Information Disclosure Vulnerability (CVE-2016-3298)
1007873* - Microsoft Internet Explorer Memory Corruption Vulnerability (CVE-2016-3288)
1007981 - Microsoft Internet Explorer Memory Corruption Vulnerability (CVE-2016-3383)
1007980 - Microsoft Internet Explorer Memory Corruption Vulnerability (CVE-2016-3385)
Web Server Miscellaneous
1003741* - Adobe RoboHelp Server Authentication Bypass Vulnerability
Web Service HP SiteScope
1007742 - HP SiteScope DNS Tool Command Injection Vulnerability
Integrity Monitoring Rules:
There are no new or updated Integrity Monitoring Rules in this Security Update.
Log Inspection Rules:
There are no new or updated Log Inspection Rules in this Security Update.
* indicates a new version of an existing rule
Deep Packet Inspection Rules:
Application Control For File Sharing
1003682* - Application Control For Ares Galaxy
DNS Server
1007972 - ISC BIND Assertion Failure Denial Of Service Vulnerability (CVE-2016-2776)
Microsoft Office
1007939* - Microsoft Office Memory Corruption Vulnerability (CVE-2016-3357)
Suspicious Client Ransomware Activity
1007971 - Ransomware Fantom
Web Application PHP Based
1006794* - PHP 'main/rfc1867.c' Remote Denial Of Service Vulnerability
Web Client Common
1007784* - Adobe Acrobat And Reader Memory Corruption Vulnerability (CVE-2016-4251)
1007759* - Adobe Flash Player Use After Free Vulnerability (CVE-2016-4228)
1007871 - GNU Wget Arbitrary Commands Execution Vulnerability (CVE-2016-4971)
1007935* - Microsoft Windows Kernel Elevation Of Privilege Vulnerability (CVE-2016-3371)
1007659* - Microsoft Windows PDF Information Disclosure Vulnerability (CVE-2016-3215)
Web Server Miscellaneous
1007528 - GlassFish Java EE Application Server Arbitrary File Read Vulnerability
Windows Services RPC Client
1007897* - Microsoft Internet Explorer Information Disclosure Vulnerability Over SMB (CVE-2016-3321)
Integrity Monitoring Rules:
There are no new or updated Integrity Monitoring Rules in this Security Update.
Log Inspection Rules:
There are no new or updated Log Inspection Rules in this Security Update.
Deep Packet Inspection Rules:
Application Control For File Sharing
1003682* - Application Control For Ares Galaxy
DNS Server
1007972 - ISC BIND Assertion Failure Denial Of Service Vulnerability (CVE-2016-2776)
Microsoft Office
1007939* - Microsoft Office Memory Corruption Vulnerability (CVE-2016-3357)
Suspicious Client Ransomware Activity
1007971 - Ransomware Fantom
Web Application PHP Based
1006794* - PHP 'main/rfc1867.c' Remote Denial Of Service Vulnerability
Web Client Common
1007784* - Adobe Acrobat And Reader Memory Corruption Vulnerability (CVE-2016-4251)
1007759* - Adobe Flash Player Use After Free Vulnerability (CVE-2016-4228)
1007871 - GNU Wget Arbitrary Commands Execution Vulnerability (CVE-2016-4971)
1007935* - Microsoft Windows Kernel Elevation Of Privilege Vulnerability (CVE-2016-3371)
1007659* - Microsoft Windows PDF Information Disclosure Vulnerability (CVE-2016-3215)
Web Server Miscellaneous
1007528 - GlassFish Java EE Application Server Arbitrary File Read Vulnerability
Windows Services RPC Client
1007897* - Microsoft Internet Explorer Information Disclosure Vulnerability Over SMB (CVE-2016-3321)
Integrity Monitoring Rules:
There are no new or updated Integrity Monitoring Rules in this Security Update.
Log Inspection Rules:
There are no new or updated Log Inspection Rules in this Security Update.
* indicates a new version of an existing rule
Deep Packet Inspection Rules:
DCERPC Services
1007596* - Identified Possible Ransomware File Extension Rename Activity Over Network Share
1007598* - Identified Possible Ransomware File Rename Activity Over Network Share
Microsoft Office
1002929* - Microsoft Excel Calendar Object Validation Vulnerability
1007887* - Microsoft Graphics Component Memory Corruption Vulnerability (CVE-2016-3318)
1007884* - Microsoft Office Memory Corruption Vulnerability (CVE-2016-3313)
NFS Server
1003401* - Disallow Device Node Creation Over NFS
OpenSSL
1007970 - OpenSSL OCSP Status Request Denial Of Service Vulnerability (CVE-2016-6304)
Web Application Common
1007518* - Identified Reflected File Download Attack
Web Application PHP Based
1007948* - Drupal RESTWS Module Page Callback Remote Code Execution Vulnerability
1007459* - Drupal XRDS Document Denial Of Service Vulnerability (CVE-2014-5267)
1007254* - PHP SplDoublyLinkedList Use After Free Vulnerability
1007252* - PHP jui_filter_rule Parsing Library Remote Code Execution Vulnerability
Web Application Ruby Based
1007530* - Ruby On Rails Action View Remote Code Execution Vulnerability (CVE-2016-0752)
Web Client Common
1007965 - Adobe Acrobat And Reader FlateDecode Parsing Out-Of-Bounds Read Information Disclosure Vulnerability (APSB16-26) - 1
1007966 - Adobe Acrobat And Reader FlateDecode Parsing Out-Of-Bounds Read Information Disclosure Vulnerability (APSB16-26) - 2
1007967 - Adobe Acrobat And Reader Font Stream Parsing Multiple Out-Of-Bounds Read Information Disclosure Vulnerability (APSB16-26) - 3
1007806 - Adobe Flash Player Buffer Overflow Vulnerability (CVE-2016-1103)
1007803 - Adobe Flash Player Memory Corruption Vulnerability (CVE-2016-1099)
1007804 - Adobe Flash Player Memory Corruption Vulnerability (CVE-2016-1100)
1007805 - Adobe Flash Player Memory Corruption Vulnerability (CVE-2016-1102)
1007808 - Adobe Flash Player Type Confusion Vulnerability (CVE-2016-1105)
1007565* - Adobe Flash Player Use After Free Vulnerability (CVE-2016-1013)
1007802 - Adobe Flash Player Use After Free Vulnerability (CVE-2016-1097)
1007809 - Adobe Flash Player Use After Free Vulnerability (CVE-2016-1106)
1007810 - Adobe Flash Player Use After Free Vulnerability (CVE-2016-1109)
1007758* - Adobe Flash Player Use After Free Vulnerability (CVE-2016-4227)
1007880* - Microsoft PDF Remote Code Execution Vulnerability (CVE-2016-3319)
1007936* - Microsoft Windows Elevation Of Privilege Vulnerability (CVE-2016-3373)
1007881* - Microsoft Windows Graphics Component Remote Code Execution Vulnerability (CVE-2016-3301)
1007883* - Microsoft Windows Graphics Component Remote Code Execution Vulnerability (CVE-2016-3304)
1007951 - Microsoft XML Core Services XMLHttpRequest 'SetCookie2' Header Information Disclosure Vulnerability
1005924* - Restrict Download Of EICAR Test File Over HTTP
Web Client Internet Explorer/Edge
1007615* - Microsoft Edge Memory Corruption Vulnerability (CVE-2016-0191)
1007878* - Microsoft Internet Explorer And Edge Information Disclosure Vulnerability (CVE-2016-3326)
1007428* - Microsoft Internet Explorer Information Disclosure Vulnerability (CVE-2016-0059)
1007896* - Microsoft Internet Explorer Information Disclosure Vulnerability Over WebDAV (CVE-2016-3321)
1007613* - Microsoft Internet Explorer Scripting Engine Memory Corruption Vulnerability (CVE-2016-0189)
Web Server Common
1007872* - HTTP Proxy Header Injection Vulnerabilities
1007185* - Java Unserialize Remote Code Execution Vulnerability
1007914* - Symfony Security Component Denial Of Service Vulnerability
Web Server Miscellaneous
1007646* - Apache Struts JRE URLDecoder Cross-Site Scripting Vulnerability (CVE-2016-4003)
1007737* - Apache Struts Url Validator Denial Of Service Vulnerability (CVE-2016-4465)
1005221* - Identified Suspicious Novell ZENworks Asset Management rtrlet Component Authentication Bypass
Windows Services RPC Client
1007913 - Identified Possible Ransomware File Extension Rename Activity Over Network Share - Client
1007912 - Identified Possible Ransomware File Rename Activity Over Network Share - Client
Integrity Monitoring Rules:
There are no new or updated Integrity Monitoring Rules in this Security Update.
Log Inspection Rules:
There are no new or updated Log Inspection Rules in this Security Update.
Deep Packet Inspection Rules:
DCERPC Services
1007596* - Identified Possible Ransomware File Extension Rename Activity Over Network Share
1007598* - Identified Possible Ransomware File Rename Activity Over Network Share
Microsoft Office
1002929* - Microsoft Excel Calendar Object Validation Vulnerability
1007887* - Microsoft Graphics Component Memory Corruption Vulnerability (CVE-2016-3318)
1007884* - Microsoft Office Memory Corruption Vulnerability (CVE-2016-3313)
NFS Server
1003401* - Disallow Device Node Creation Over NFS
OpenSSL
1007970 - OpenSSL OCSP Status Request Denial Of Service Vulnerability (CVE-2016-6304)
Web Application Common
1007518* - Identified Reflected File Download Attack
Web Application PHP Based
1007948* - Drupal RESTWS Module Page Callback Remote Code Execution Vulnerability
1007459* - Drupal XRDS Document Denial Of Service Vulnerability (CVE-2014-5267)
1007254* - PHP SplDoublyLinkedList Use After Free Vulnerability
1007252* - PHP jui_filter_rule Parsing Library Remote Code Execution Vulnerability
Web Application Ruby Based
1007530* - Ruby On Rails Action View Remote Code Execution Vulnerability (CVE-2016-0752)
Web Client Common
1007965 - Adobe Acrobat And Reader FlateDecode Parsing Out-Of-Bounds Read Information Disclosure Vulnerability (APSB16-26) - 1
1007966 - Adobe Acrobat And Reader FlateDecode Parsing Out-Of-Bounds Read Information Disclosure Vulnerability (APSB16-26) - 2
1007967 - Adobe Acrobat And Reader Font Stream Parsing Multiple Out-Of-Bounds Read Information Disclosure Vulnerability (APSB16-26) - 3
1007806 - Adobe Flash Player Buffer Overflow Vulnerability (CVE-2016-1103)
1007803 - Adobe Flash Player Memory Corruption Vulnerability (CVE-2016-1099)
1007804 - Adobe Flash Player Memory Corruption Vulnerability (CVE-2016-1100)
1007805 - Adobe Flash Player Memory Corruption Vulnerability (CVE-2016-1102)
1007808 - Adobe Flash Player Type Confusion Vulnerability (CVE-2016-1105)
1007565* - Adobe Flash Player Use After Free Vulnerability (CVE-2016-1013)
1007802 - Adobe Flash Player Use After Free Vulnerability (CVE-2016-1097)
1007809 - Adobe Flash Player Use After Free Vulnerability (CVE-2016-1106)
1007810 - Adobe Flash Player Use After Free Vulnerability (CVE-2016-1109)
1007758* - Adobe Flash Player Use After Free Vulnerability (CVE-2016-4227)
1007880* - Microsoft PDF Remote Code Execution Vulnerability (CVE-2016-3319)
1007936* - Microsoft Windows Elevation Of Privilege Vulnerability (CVE-2016-3373)
1007881* - Microsoft Windows Graphics Component Remote Code Execution Vulnerability (CVE-2016-3301)
1007883* - Microsoft Windows Graphics Component Remote Code Execution Vulnerability (CVE-2016-3304)
1007951 - Microsoft XML Core Services XMLHttpRequest 'SetCookie2' Header Information Disclosure Vulnerability
1005924* - Restrict Download Of EICAR Test File Over HTTP
Web Client Internet Explorer/Edge
1007615* - Microsoft Edge Memory Corruption Vulnerability (CVE-2016-0191)
1007878* - Microsoft Internet Explorer And Edge Information Disclosure Vulnerability (CVE-2016-3326)
1007428* - Microsoft Internet Explorer Information Disclosure Vulnerability (CVE-2016-0059)
1007896* - Microsoft Internet Explorer Information Disclosure Vulnerability Over WebDAV (CVE-2016-3321)
1007613* - Microsoft Internet Explorer Scripting Engine Memory Corruption Vulnerability (CVE-2016-0189)
Web Server Common
1007872* - HTTP Proxy Header Injection Vulnerabilities
1007185* - Java Unserialize Remote Code Execution Vulnerability
1007914* - Symfony Security Component Denial Of Service Vulnerability
Web Server Miscellaneous
1007646* - Apache Struts JRE URLDecoder Cross-Site Scripting Vulnerability (CVE-2016-4003)
1007737* - Apache Struts Url Validator Denial Of Service Vulnerability (CVE-2016-4465)
1005221* - Identified Suspicious Novell ZENworks Asset Management rtrlet Component Authentication Bypass
Windows Services RPC Client
1007913 - Identified Possible Ransomware File Extension Rename Activity Over Network Share - Client
1007912 - Identified Possible Ransomware File Rename Activity Over Network Share - Client
Integrity Monitoring Rules:
There are no new or updated Integrity Monitoring Rules in this Security Update.
Log Inspection Rules:
There are no new or updated Log Inspection Rules in this Security Update.
* indicates a new version of an existing rule
Deep Packet Inspection Rules:
Database Oracle
1004128* - Oracle Database Server DBMS_CDC_PUBLISH Multiple Procedure SQL Injection
Microsoft Office
1007736* - Microsoft Office Memory Corruption Vulnerability (CVE-2016-3284)
Web Application PHP Based
1007948* - Drupal RESTWS Module Page Callback Remote Code Execution Vulnerability
Web Client Common
1007954 - Adobe Flash Player Memory Corruption Vulnerability (APSB16-29)
1007953 - Adobe Flash Player Multiple Security Vulnerabilities (APSB16-29)
1007956 - Adobe Flash Player Security Bypass Vulnerability (APSB16-29)
1007952 - Adobe Flash Player Security Bypass Vulnerability (APSB16-29) - 1
1007757* - Adobe Flash Player Use After Free Vulnerability (CVE-2016-4226)
Web Client Internet Explorer/Edge
1007879* - Microsoft Internet Explorer And Edge Information Disclosure Vulnerability (CVE-2016-3327)
Web Server Apache
1006027* - Apache HTTP Server Denial Of Service Vulnerability (CVE-2014-0098)
Web Server Oracle
1005315* - Oracle Database Client System Analyzer Remote Code Execution Vulnerability
Integrity Monitoring Rules:
There are no new or updated Integrity Monitoring Rules in this Security Update.
Log Inspection Rules:
There are no new or updated Log Inspection Rules in this Security Update.
Deep Packet Inspection Rules:
Database Oracle
1004128* - Oracle Database Server DBMS_CDC_PUBLISH Multiple Procedure SQL Injection
Microsoft Office
1007736* - Microsoft Office Memory Corruption Vulnerability (CVE-2016-3284)
Web Application PHP Based
1007948* - Drupal RESTWS Module Page Callback Remote Code Execution Vulnerability
Web Client Common
1007954 - Adobe Flash Player Memory Corruption Vulnerability (APSB16-29)
1007953 - Adobe Flash Player Multiple Security Vulnerabilities (APSB16-29)
1007956 - Adobe Flash Player Security Bypass Vulnerability (APSB16-29)
1007952 - Adobe Flash Player Security Bypass Vulnerability (APSB16-29) - 1
1007757* - Adobe Flash Player Use After Free Vulnerability (CVE-2016-4226)
Web Client Internet Explorer/Edge
1007879* - Microsoft Internet Explorer And Edge Information Disclosure Vulnerability (CVE-2016-3327)
Web Server Apache
1006027* - Apache HTTP Server Denial Of Service Vulnerability (CVE-2014-0098)
Web Server Oracle
1005315* - Oracle Database Client System Analyzer Remote Code Execution Vulnerability
Integrity Monitoring Rules:
There are no new or updated Integrity Monitoring Rules in this Security Update.
Log Inspection Rules:
There are no new or updated Log Inspection Rules in this Security Update.
* indicates a new version of an existing rule
Deep Packet Inspection Rules:
Database MySQL
1007950 - Oracle MySQL Remote Code Execution Vulnerability (CVE-2016-6662)
Microsoft Office
1007939 - Microsoft Office Memory Corruption Vulnerability (CVE-2016-3357)
1007940 - Microsoft Office Memory Corruption Vulnerability (CVE-2016-3358)
1007941 - Microsoft Office Memory Corruption Vulnerability (CVE-2016-3359)
1007942 - Microsoft Office Memory Corruption Vulnerability (CVE-2016-3360)
1007943 - Microsoft Office Memory Corruption Vulnerability (CVE-2016-3362)
1007944 - Microsoft Office Memory Corruption Vulnerability (CVE-2016-3363)
1007945 - Microsoft Office Memory Corruption Vulnerability (CVE-2016-3364)
1007946 - Microsoft Office Memory Corruption Vulnerability (CVE-2016-3365)
1007947 - Microsoft Office Memory Corruption Vulnerability (CVE-2016-3381)
Web Application PHP Based
1007948 - Drupal RESTWS Module Page Callback Remote Code Execution Vulnerability
1006794* - PHP 'main/rfc1867.c' Remote Denial Of Service Vulnerability
Web Client Common
1007631* - Adobe Acrobat And Reader Multiple Security Vulnerabilities (APSB16-14) - 10
1007629* - Adobe Acrobat And Reader Multiple Security Vulnerabilities (APSB16-14) - 6
1007515* - Adobe Flash Player Heap Overflow Vulnerability (CVE-2016-1001)
1007938 - Microsoft GDI Elevation Of Privilege Vulnerability (CVE-2016-3355)
1007929 - Microsoft PDF Library Remote Code Execution Vulnerability (CVE-2016-3370)
1007930 - Microsoft PDF Library Remote Code Execution Vulnerability (CVE-2016-3374)
1007937 - Microsoft Win32k Elevation Of Privilege Vulnerability (CVE-2016-3348)
1007936 - Microsoft Windows Elevation Of Privilege Vulnerability (CVE-2016-3373)
1007931 - Microsoft Windows Information Disclosure Vulnerability (CVE-2016-3352)
1007935 - Microsoft Windows Kernel Elevation Of Privilege Vulnerability (CVE-2016-3371)
1007933 - Microsoft Windows Session Object Elevation Of Privilege Vulnerability (CVE-2016-3305)
1007934 - Microsoft Windows Session Object Elevation Of Privilege Vulnerability (CVE-2016-3306)
Web Client Internet Explorer/Edge
1007926 - Microsoft Edge Memory Corruption Vulnerability (CVE-2016-3294)
1007923 - Microsoft Internet Explorer And Edge Information Disclosure Vulnerability (CVE-2016-3325)
1007924 - Microsoft Internet Explorer And Edge Information Disclosure Vulnerability (CVE-2016-3351)
1007920 - Microsoft Internet Explorer And Edge Memory Corruption Vulnerability (CVE-2016-3247)
1007921 - Microsoft Internet Explorer And Edge Memory Corruption Vulnerability (CVE-2016-3295)
1007922 - Microsoft Internet Explorer And Edge Memory Corruption Vulnerability (CVE-2016-3297)
1007928 - Microsoft Internet Explorer Memory Corruption Vulnerability (CVE-2016-3324)
1007657* - Microsoft Internet Explorer Scripting Engine Memory Corruption Vulnerability (CVE-2016-3210)
1007925 - Microsoft Scripting Engine Memory Corruption Vulnerability (CVE-2016-3375)
1007927 - Microsoft Scripting Engine Memory Corruption Vulnerability (CVE-2016-3377)
Web Client SSL
1007906 - Multiple Products FalseCONNECT Vulnerability
Web Server Common
1007914 - Symfony Security Component Denial Of Service Vulnerability
Integrity Monitoring Rules:
There are no new or updated Integrity Monitoring Rules in this Security Update.
Log Inspection Rules:
There are no new or updated Log Inspection Rules in this Security Update.
Deep Packet Inspection Rules:
Database MySQL
1007950 - Oracle MySQL Remote Code Execution Vulnerability (CVE-2016-6662)
Microsoft Office
1007939 - Microsoft Office Memory Corruption Vulnerability (CVE-2016-3357)
1007940 - Microsoft Office Memory Corruption Vulnerability (CVE-2016-3358)
1007941 - Microsoft Office Memory Corruption Vulnerability (CVE-2016-3359)
1007942 - Microsoft Office Memory Corruption Vulnerability (CVE-2016-3360)
1007943 - Microsoft Office Memory Corruption Vulnerability (CVE-2016-3362)
1007944 - Microsoft Office Memory Corruption Vulnerability (CVE-2016-3363)
1007945 - Microsoft Office Memory Corruption Vulnerability (CVE-2016-3364)
1007946 - Microsoft Office Memory Corruption Vulnerability (CVE-2016-3365)
1007947 - Microsoft Office Memory Corruption Vulnerability (CVE-2016-3381)
Web Application PHP Based
1007948 - Drupal RESTWS Module Page Callback Remote Code Execution Vulnerability
1006794* - PHP 'main/rfc1867.c' Remote Denial Of Service Vulnerability
Web Client Common
1007631* - Adobe Acrobat And Reader Multiple Security Vulnerabilities (APSB16-14) - 10
1007629* - Adobe Acrobat And Reader Multiple Security Vulnerabilities (APSB16-14) - 6
1007515* - Adobe Flash Player Heap Overflow Vulnerability (CVE-2016-1001)
1007938 - Microsoft GDI Elevation Of Privilege Vulnerability (CVE-2016-3355)
1007929 - Microsoft PDF Library Remote Code Execution Vulnerability (CVE-2016-3370)
1007930 - Microsoft PDF Library Remote Code Execution Vulnerability (CVE-2016-3374)
1007937 - Microsoft Win32k Elevation Of Privilege Vulnerability (CVE-2016-3348)
1007936 - Microsoft Windows Elevation Of Privilege Vulnerability (CVE-2016-3373)
1007931 - Microsoft Windows Information Disclosure Vulnerability (CVE-2016-3352)
1007935 - Microsoft Windows Kernel Elevation Of Privilege Vulnerability (CVE-2016-3371)
1007933 - Microsoft Windows Session Object Elevation Of Privilege Vulnerability (CVE-2016-3305)
1007934 - Microsoft Windows Session Object Elevation Of Privilege Vulnerability (CVE-2016-3306)
Web Client Internet Explorer/Edge
1007926 - Microsoft Edge Memory Corruption Vulnerability (CVE-2016-3294)
1007923 - Microsoft Internet Explorer And Edge Information Disclosure Vulnerability (CVE-2016-3325)
1007924 - Microsoft Internet Explorer And Edge Information Disclosure Vulnerability (CVE-2016-3351)
1007920 - Microsoft Internet Explorer And Edge Memory Corruption Vulnerability (CVE-2016-3247)
1007921 - Microsoft Internet Explorer And Edge Memory Corruption Vulnerability (CVE-2016-3295)
1007922 - Microsoft Internet Explorer And Edge Memory Corruption Vulnerability (CVE-2016-3297)
1007928 - Microsoft Internet Explorer Memory Corruption Vulnerability (CVE-2016-3324)
1007657* - Microsoft Internet Explorer Scripting Engine Memory Corruption Vulnerability (CVE-2016-3210)
1007925 - Microsoft Scripting Engine Memory Corruption Vulnerability (CVE-2016-3375)
1007927 - Microsoft Scripting Engine Memory Corruption Vulnerability (CVE-2016-3377)
Web Client SSL
1007906 - Multiple Products FalseCONNECT Vulnerability
Web Server Common
1007914 - Symfony Security Component Denial Of Service Vulnerability
Integrity Monitoring Rules:
There are no new or updated Integrity Monitoring Rules in this Security Update.
Log Inspection Rules:
There are no new or updated Log Inspection Rules in this Security Update.
* indicates a new version of an existing rule
Deep Packet Inspection Rules:
RealNetworks Helix Server
1004120* - RealNetworks Helix Server NTLM Authentication Heap Buffer Overflow Vulnerability (CVE-2010-1318)
Suspicious Client Application Activity
1007907 - Cisco ASA Memory Corruption Vulnerability (CVE-2016-6366)
Web Application Ruby Based
1005331* - Ruby On Rails XML Processor YAML Deserialization DoS
Web Client Common
1007630* - Adobe Acrobat And Reader Multiple Security Vulnerabilities (APSB16-14) - 5
1007590* - Adobe Flash Player DLL Hijacking Vulnerability Over WebDAV (CVE-2016-1014)
1007676* - Adobe Flash Player Heap Overflow Vulnerability (CVE-2016-4136)
1007452 - Adobe Flash Player Use After Free Vulnerability (CVE-2016-0959)
1003742* - FFmpeg OGV File Format Double Free Memory Corruption
1003747* - FFmpeg vmd_read_header Integer Overflow
1007918 - Fortinet FortiGate Cookie Parser Buffer Overflow Vulnerability (CVE-2016-6909)
1006532* - Identified Malicious Adobe Flash SWF File - 1
1007919 - Microsoft .NET Framework And Silverlight Array Offset Vulnerability (CVE-2011-0664)
1007911 - Microsoft .NET Framework XAML Browser Applications Stack Corruption (CVE-2010-3958)
1007882* - Microsoft Windows Graphics Component Remote Code Execution Vulnerability (CVE-2016-3303)
1007558* - Microsoft Windows OLE Remote Code Execution Vulnerability (CVE-2016-0153)
Web Server Miscellaneous
1005516* - RedHat JBoss Enterprise Application Platform Block Access To Status Servlet
Windows Services RPC Client DCERPC
1007538* - Windows Client Port Mapper Decoder
Integrity Monitoring Rules:
There are no new or updated Integrity Monitoring Rules in this Security Update.
Log Inspection Rules:
There are no new or updated Log Inspection Rules in this Security Update.
Deep Packet Inspection Rules:
RealNetworks Helix Server
1004120* - RealNetworks Helix Server NTLM Authentication Heap Buffer Overflow Vulnerability (CVE-2010-1318)
Suspicious Client Application Activity
1007907 - Cisco ASA Memory Corruption Vulnerability (CVE-2016-6366)
Web Application Ruby Based
1005331* - Ruby On Rails XML Processor YAML Deserialization DoS
Web Client Common
1007630* - Adobe Acrobat And Reader Multiple Security Vulnerabilities (APSB16-14) - 5
1007590* - Adobe Flash Player DLL Hijacking Vulnerability Over WebDAV (CVE-2016-1014)
1007676* - Adobe Flash Player Heap Overflow Vulnerability (CVE-2016-4136)
1007452 - Adobe Flash Player Use After Free Vulnerability (CVE-2016-0959)
1003742* - FFmpeg OGV File Format Double Free Memory Corruption
1003747* - FFmpeg vmd_read_header Integer Overflow
1007918 - Fortinet FortiGate Cookie Parser Buffer Overflow Vulnerability (CVE-2016-6909)
1006532* - Identified Malicious Adobe Flash SWF File - 1
1007919 - Microsoft .NET Framework And Silverlight Array Offset Vulnerability (CVE-2011-0664)
1007911 - Microsoft .NET Framework XAML Browser Applications Stack Corruption (CVE-2010-3958)
1007882* - Microsoft Windows Graphics Component Remote Code Execution Vulnerability (CVE-2016-3303)
1007558* - Microsoft Windows OLE Remote Code Execution Vulnerability (CVE-2016-0153)
Web Server Miscellaneous
1005516* - RedHat JBoss Enterprise Application Platform Block Access To Status Servlet
Windows Services RPC Client DCERPC
1007538* - Windows Client Port Mapper Decoder
Integrity Monitoring Rules:
There are no new or updated Integrity Monitoring Rules in this Security Update.
Log Inspection Rules:
There are no new or updated Log Inspection Rules in this Security Update.