Trend Micro Security
  Rule Update

19-064 (2019年12月31日)


  概要

* indicates a new version of an existing rule

Deep Packet Inspection Rules:

HP Intelligent Management Center (IMC)
1009956* - HPE Intelligent Management Center 'PlatNavigationToBean' URL Expression Language Injection Vulnerability (CVE-2019-5387)


Oracle E-Business Suite Web Interface
1010117 - Oracle E-Business Suite General Ledger SQL Injection Vulnerability (CVE-2019-2638)


Web Application Common
1010107 - rConfig 'devices.inc.php' SQL Injection Vulnerability (CVE-2019-19207)


Web Application PHP Based
1009541* - Drupal Core Remote Code Execution Vulnerability (CVE-2019-6340)
1010112 - PHP Type Confusion Infoleak Vulnerability (CVE-2015-4599)


Web Server IIS
1010115 - Microsoft Windows WebDAV Path Parsing Command Injection Remote Code Execution Vulnerability


Integrity Monitoring Rules:

There are no new or updated Integrity Monitoring Rules in this Security Update.


Log Inspection Rules:

1002831* - Unix - Syslog