Rule Update
DPIルール他更新情報:19-047(2019年9月17日)
2019年9月17日
概要
* は既存ルールの新バージョンを示します。
DPI(Deep Packet Inspection) ルール:
メールサーバ Over SSL/TLS
1009977 - Exim Mail Server Remote Code Execution Vulnerability (CVE-2019-15846)
Microsoft Office
1009982 - Microsoft Excel Remote Code Execution Vulnerability (CVE-2019-1297)
1009848 - Microsoft Office Memory Corruption Vulnerability (CVE-2018-0798)
Webアプリケーション 共通
1009979 - XStream Library ReflectionConverter Insecure Deserialization Remote Command Execution Vulnerability (CVE-2019-10173) - Server
Webクライアント 共通
1009988 - Microsoft DirectWrite Information Disclosure Vulnerability (CVE-2019-1251)
1009984 - Microsoft Graphics Components Information Disclosure Vulnerability (CVE-2019-1283)
1009985 - Microsoft Jet Database Engine Remote Code Execution Vulnerability (CVE-2019-1241)
1009986 - Microsoft Jet Database Engine Remote Code Execution Vulnerability (CVE-2019-1243)
1009989 - Microsoft Jet Database Engine Remote Code Execution Vulnerability (CVE-2019-1246)
1009987 - Microsoft Jet Database Engine Remote Code Execution Vulnerability (CVE-2019-1249)
1009981 - Microsoft Windows GDI Information Disclosure Vulnerability (CVE-2019-1252)
1009980 - Microsoft Windows JET Database Engine Integer Underflow Remote Code Execution Vulnerability (CVE-2019-1248)
1009983 - Microsoft Windows Jet Database Engine Remote Code Execution Vulnerability (CVE-2019-1242)
1009990 - Microsoft Windows VBScript Remote Code Execution Vulnerability (CVE-2019-1208)
1009976 - XStream Library ReflectionConverter Insecure Deserialization Remote Command Execution Vulnerability (CVE-2019-10173)
Webサーバ 共通
1003598* - Multiple HTTP Server Low Bandwidth Denial Of Service
変更監視(Integrity Monitoring)ルール:
1006802* - TMTR-0003: Suspicious Files Detected In Operating System Directories
1006801* - TMTR-0004: Suspicious Files Detected In Operating System Directories
1006658* - TMTR-0012: Suspicious Files Detected In Temporary Directories
セキュリティログ監視(Log Inspection)ルール:
今回のセキュリティアップデートには、新規のセキュリティログ監視ルールおよび更新は含まれておりません。
DPI(Deep Packet Inspection) ルール:
メールサーバ Over SSL/TLS
1009977 - Exim Mail Server Remote Code Execution Vulnerability (CVE-2019-15846)
Microsoft Office
1009982 - Microsoft Excel Remote Code Execution Vulnerability (CVE-2019-1297)
1009848 - Microsoft Office Memory Corruption Vulnerability (CVE-2018-0798)
Webアプリケーション 共通
1009979 - XStream Library ReflectionConverter Insecure Deserialization Remote Command Execution Vulnerability (CVE-2019-10173) - Server
Webクライアント 共通
1009988 - Microsoft DirectWrite Information Disclosure Vulnerability (CVE-2019-1251)
1009984 - Microsoft Graphics Components Information Disclosure Vulnerability (CVE-2019-1283)
1009985 - Microsoft Jet Database Engine Remote Code Execution Vulnerability (CVE-2019-1241)
1009986 - Microsoft Jet Database Engine Remote Code Execution Vulnerability (CVE-2019-1243)
1009989 - Microsoft Jet Database Engine Remote Code Execution Vulnerability (CVE-2019-1246)
1009987 - Microsoft Jet Database Engine Remote Code Execution Vulnerability (CVE-2019-1249)
1009981 - Microsoft Windows GDI Information Disclosure Vulnerability (CVE-2019-1252)
1009980 - Microsoft Windows JET Database Engine Integer Underflow Remote Code Execution Vulnerability (CVE-2019-1248)
1009983 - Microsoft Windows Jet Database Engine Remote Code Execution Vulnerability (CVE-2019-1242)
1009990 - Microsoft Windows VBScript Remote Code Execution Vulnerability (CVE-2019-1208)
1009976 - XStream Library ReflectionConverter Insecure Deserialization Remote Command Execution Vulnerability (CVE-2019-10173)
Webサーバ 共通
1003598* - Multiple HTTP Server Low Bandwidth Denial Of Service
変更監視(Integrity Monitoring)ルール:
1006802* - TMTR-0003: Suspicious Files Detected In Operating System Directories
1006801* - TMTR-0004: Suspicious Files Detected In Operating System Directories
1006658* - TMTR-0012: Suspicious Files Detected In Temporary Directories
セキュリティログ監視(Log Inspection)ルール:
今回のセキュリティアップデートには、新規のセキュリティログ監視ルールおよび更新は含まれておりません。