Trend Micro Security
  Rule Update

19-037 (2019年7月9日)


  概要

* indicates a new version of an existing rule

Deep Packet Inspection Rules:

DCERPC Services - Client
1009586 - Microsoft Internet Explorer DLL Loading Arbitrary Code Execution Vulnerability Over Network Share (CVE-2011-0038)
1009588 - Microsoft Office Insecure Library Loading Vulnerability Over Network Share (CVE-2010-3337)


DHCPv6 Client - Incoming
1009798 - Microsoft Windows DHCP Client Remote Code Execution Vulnerability (CVE-2019-0698)


HP Intelligent Management Center (IMC)
1009799* - HPE Intelligent Management Center 'AccessMgrServlet ClassName' Insecure Deserialization (CVE-2019-11945)


Microsoft Office
1009835 - Microsoft Excel Information Disclosure Vulnerability (CVE-2019-1112)


Web Application Common
1009630* - DotNetNuke Remote Code Execution Vulnerability (CVE-2017-9822)
1009580 - Jenkins CI Server Forced Migration Of User Records Vulnerability (CVE-2018-1000863)
1009701 - Jenkins Metaprogramming Remote Code Execution Vulnerability (CVE-2018-1000408)


Web Client Common
1009832 - Google Chrome JS Execution Use-After-Free Vulnerability
1009593 - Microsoft Internet Explorer DLL Loading Arbitrary Code Execution Vulnerability Over WebDav (CVE-2011-0038)
1009591 - Microsoft Office Insecure Library Loading Vulnerability Over WebDav (CVE-2010-3337)
1009532 - Microsoft Visual Studio Information Disclosure Vulnerability (CVE-2019-0537)


Web Client Internet Explorer/Edge
1009843 - Microsoft Edge Chakra Scripting Engine Memory Corruption Vulnerability (CVE-2019-1062)
1009842 - Microsoft Edge Chakra Scripting Engine Memory Corruption Vulnerability (CVE-2019-1092)
1009840 - Microsoft Edge Chakra Scripting Engine Memory Corruption Vulnerability (CVE-2019-1103)
1009841 - Microsoft Edge Chakra Scripting Engine Memory Corruption Vulnerability (CVE-2019-1106)
1009834 - Microsoft Edge Chakra Scripting Engine Memory Corruption Vulnerability (CVE-2019-1107)
1009838 - Microsoft Internet Explorer And Edge Memory Corruption Vulnerability (CVE-2019-1104)
1009839 - Microsoft Internet Explorer And Edge Scripting Engine Memory Corruption Vulnerability (CVE-2019-1001)
1009836 - Microsoft Internet Explorer Memory Corruption Vulnerability (CVE-2019-1063)
1009837 - Microsoft Internet Explorer Scripting Engine Memory Corruption Vulnerability (CVE-2019-1004)


Web Server Oracle
1009831 - Oracle WebLogic Arbitrary File Read Vulnerability (CVE-2019-2615)


Integrity Monitoring Rules:

There are no new or updated Integrity Monitoring Rules in this Security Update.


Log Inspection Rules:

There are no new or updated Log Inspection Rules in this Security Update.