DeepSecurity

  • * indicates a new version of an existing rule

    Deep Packet Inspection Rules:

    Microsoft Office
    1009427 - Microsoft PowerPoint Remote Code Execution Vulnerability (CVE-2018-8628)


    Web Application Common
    1009425 - ImageMagick ReadXBMImage Memory Leak Vulnerability (CVE-2018-16323) - 1


    Web Client Common
    1009426 - 7-Zip Remote Code Execution Vulnerability (CVE-2018-10115)
    1009321* - Adobe Acrobat And Reader Multiple Security Vulnerabilities (APSB18-30) - 3
    1009326* - Adobe Acrobat And Reader Multiple Security Vulnerabilities (APSB18-30) - 8
    1009424 - ImageMagick ReadXBMImage Memory Leak Vulnerability (CVE-2018-16323)
    1009428 - Microsoft Outlook Remote Code Execution Vulnerability (CVE-2018-8587)
    1009413 - Microsoft Text-To-Speech Remote Code Execution Vulnerability (CVE-2018-8634)
    1009431 - Microsoft Windows Multiple Security Vulnerabilities (Dec-2018)
    1009268 - Oracle Outside In Excel GelFrame Out-Of-Bounds Read (CVE-2018-2992)


    Web Client Internet Explorer/Edge
    1009409 - Microsoft Edge Chakra Scripting Engine Memory Corruption Vulnerability (CVE-2018-8583)
    1009411 - Microsoft Edge Chakra Scripting Engine Memory Corruption Vulnerability (CVE-2018-8617)
    1009412 - Microsoft Edge Chakra Scripting Engine Memory Corruption Vulnerability (CVE-2018-8618)
    1009416 - Microsoft Edge Chakra Scripting Engine Memory Corruption Vulnerability (CVE-2018-8624)
    1009415 - Microsoft Edge Chakra Scripting Engine Memory Corruption Vulnerability (CVE-2018-8629)
    1009335* - Microsoft Internet Explorer Memory Corruption Vulnerability (CVE-2018-8460)
    1009414 - Microsoft Internet Explorer Memory Corruption Vulnerability (CVE-2018-8631)
    1009410 - Microsoft Internet Explorer Remote Code Execution Vulnerability (CVE-2018-8619)
    1009430 - Microsoft Internet Explorer Remote Code Execution Vulnerability (CVE-2018-8625)
    1009429 - Microsoft Internet Explorer Scripting Engine Memory Corruption Vulnerability (CVE-2018-8643)


    Web Client Mozilla Firefox
    1009159 - Mozilla Firefox Vorbis Audio Residue Codebook Out Of Bounds Write Vulnerability (CVE-2018-5146)


    Integrity Monitoring Rules:

    There are no new or updated Integrity Monitoring Rules in this Security Update.


    Log Inspection Rules:

    There are no new or updated Log Inspection Rules in this Security Update.
  • * indicates a new version of an existing rule

    Deep Packet Inspection Rules:

    DCERPC Services - Client
    1004373* - Identified DLL Side Loading Attempt Over Network Share


    Web Client Common
    1009405 - Adobe Flash Player Use After Free Vulnerability (CVE-2018-15982)
    1009407 - Detected Suspicious DLL Side Loading Attempt Over WebDAV


    Integrity Monitoring Rules:

    There are no new or updated Integrity Monitoring Rules in this Security Update.


    Log Inspection Rules:

    There are no new or updated Log Inspection Rules in this Security Update.
  • * indicates a new version of an existing rule

    Deep Packet Inspection Rules:

    Elasticsearch
    1009209 - ElasticSearch Dynamic Script Arbitrary Java Code Execution Vulnerability (CVE-2014-3120)


    HP Intelligent Management Center (IMC)
    1008983 - HPE Intelligent Management Center 'saveSelectedDevices' Expression Language Injection Vulnerability (CVE-2017-12491)


    TFTP Server
    1009365 - Microsoft Windows Deployment Services TFTP Server Remote Code Execution Vulnerability (CVE-2018-8476)


    Web Application Common
    1005934* - Identified Suspicious Command Injection Attack


    Web Client Internet Explorer/Edge
    1009244* - Microsoft Internet Explorer And Edge Scripting Engine Memory Corruption Vulnerability (CVE-2018-8355)


    Web Client Mozilla Firefox
    1009396 - Mozilla Firefox Multiple Security Vulnerabilities


    Web Server Adobe ColdFusion
    1009387 - Adobe ColdFusion Remote File Upload Vulnerability (CVE-2018-15961)


    Integrity Monitoring Rules:

    1008271* - Application - Docker
    1003131* - Virtualization Software - VMware Server


    Log Inspection Rules:

    1003802* - Directory Server - Microsoft Windows Active Directory
  • * indicates a new version of an existing rule

    Deep Packet Inspection Rules:

    Asterisk RTP Protocol
    1008964* - Digium Asterisk Compound RTCP Out-Of-Bounds Write Vulnerability (CVE-2017-17664)


    Asterisk Server IAX2
    1002607* - Asterisk IAX2 Packet Amplification Remote Denial Of Service Vulnerability (CVE-2008-1897)


    Oracle Secure Backup
    1003225* - Oracle Secure Backup NDMP CONECT_CLIENT_AUTH Command Buffer Overflow


    Web Application PHP Based
    1008817 - PHP WDDX NULL Pointer Dereference Vulnerability (CVE-2016-9934)


    Web Client Common
    1009273 - Adobe Acrobat And Reader Multiple Security Vulnerabilities (APSB18-09) - 8
    1009349* - Microsoft Windows ALPC Elevation Of Privilege Vulnerability (CVE-2018-8584)
    1009378* - Microsoft Windows DirectX Information Disclosure Vulnerability (CVE-2018-8563)
    1009088* - Microsoft Windows Multiple Elevation Of Privilege Vulnerabilities (May 2018)
    1009382* - Microsoft Windows Multiple Security Vulnerabilities (Nov-2018)
    1009293* - Microsoft Windows Remote Code Execution Vulnerability (CVE-2018-8475)
    1009171* - Microsoft Windows Shell Remote Code Execution Vulnerability
    1009238* - Microsoft Windows Shell Remote Code Execution Vulnerability - 1
    1009029* - PHP 'http_fopen_wrapper' Stack Buffer Overflow Vulnerability (CVE-2018-7584)


    Integrity Monitoring Rules:

    There are no new or updated Integrity Monitoring Rules in this Security Update.


    Log Inspection Rules:

    There are no new or updated Log Inspection Rules in this Security Update.
  • * indicates a new version of an existing rule

    Deep Packet Inspection Rules:

    Java RMI
    1009390 - Apache Commons FileUpload DiskFileItem File Manipulation Remote Code Execution Vulnerability (CVE-2016-1000031)


    Trend Micro OfficeScan
    1009034* - Trend Micro Smart Protection Server Auth Command Injection Authentication Bypass Vulnerability (CVE-2018-6231)


    Web Application PHP Based
    1009395 - PHP 'imap_open()' Remote Code Execution Vulnerability


    Web Application Tomcat
    1009388 - Apache Tomcat 'mod_jk' Information Disclosure Vulnerability (CVE-2018-11759)


    Web Client Common
    1009394 - Adobe Acrobat And Reader NTLM SSO Hash Information Disclosure Vulnerability (CVE-2018-15979)
    1009393 - Adobe Flash Player Out Of Bounds Read Vulnerability (CVE-2018-15978)
    1009398 - Adobe Flash Player Type Confusion Vulnerability (CVE-2018-15981)
    1004085* - Heuristic Detection Of Malicious PDF Documents - 3


    Integrity Monitoring Rules:

    There are no new or updated Integrity Monitoring Rules in this Security Update.


    Log Inspection Rules:

    There are no new or updated Log Inspection Rules in this Security Update.
  • * indicates a new version of an existing rule

    Deep Packet Inspection Rules:

    Microsoft Office
    1009368 - Microsoft Word Remote Code Execution Vulnerability (CVE-2018-8539)


    Web Client Common
    1009366 - Microsoft Outlook Multiple Security Vulnerabilities (Nov-2018)
    1009349* - Microsoft Windows ALPC Elevation Of Privilege Vulnerability (CVE-2018-8584)
    1009378 - Microsoft Windows DirectX Information Disclosure Vulnerability (CVE-2018-8563)
    1009372 - Microsoft Windows Graphics Components Remote Code Execution Vulnerability (CVE-2018-8553)
    1009382 - Microsoft Windows Multiple Security Vulnerabilities (Nov-2018)
    1009369 - Microsoft Windows VBScript Engine Remote Code Execution Vulnerability (CVE-2018-8544)


    Web Client Internet Explorer/Edge
    1009383 - Microsoft Edge Chakra Scripting Engine Memory Corruption Vulnerability (CVE-2018-8542)
    1009374 - Microsoft Edge Chakra Scripting Engine Memory Corruption Vulnerability (CVE-2018-8555)
    1009375 - Microsoft Edge Chakra Scripting Engine Memory Corruption Vulnerability (CVE-2018-8556)
    1009376 - Microsoft Edge Chakra Scripting Engine Memory Corruption Vulnerability (CVE-2018-8557)
    1009381 - Microsoft Edge Chakra Scripting Engine Memory Corruption Vulnerability (CVE-2018-8588)
    1009371 - Microsoft Internet Explorer VBScript Engine Remote Code Execution Vulnerability (CVE-2018-8552)


    Integrity Monitoring Rules:

    There are no new or updated Integrity Monitoring Rules in this Security Update.


    Log Inspection Rules:

    There are no new or updated Log Inspection Rules in this Security Update.
  • * indicates a new version of an existing rule

    Deep Packet Inspection Rules:

    Database Oracle
    1009342* - Oracle Database DIRECTORY Object Information Disclosure Vulnerability (CVE-2005-0298)
    1009306* - Oracle PL/SQL Procedures Arbitrary SQL Command Execution Vulnerability (CVE-2004-1370)


    Trend Micro OfficeScan
    1009034 - Trend Micro Smart Protection Server Auth Command Injection Authentication Bypass Vulnerability (CVE-2018-6231)


    Web Application Common
    1009264* - GitLab Arbitrary File Write Vulnerability (CVE-2018-14364)
    1009350* - Telerik UI for ASP.NET AJAX Multiple Arbitrary File Upload Vulnerabilities (CVE-2017-11357 and CVE-2017-11317)
    1009356* - Telerik UI for ASP.NET AJAX RadAsyncUpload Control Path Traversal Vulnerability (CVE-2014-2217)


    Web Client Common
    1008828* - Speculative Execution Information Disclosure Vulnerabilities (Spectre)


    Web Client Internet Explorer/Edge
    1009384 - Microsoft Internet Explorer 'Tree::Notify_InvalidateDisplay' Null Pointer Dereference Vulnerability


    Web Server Apache
    1009045* - Apache httpd 'mod_cache_socache' Denial Of Service Vulnerability (CVE-2018-1303)


    Web Server HTTPS
    1008857* - Trend Micro Control Manager Multiple SQL Injection Remote Code Execution Vulnerability (CVE-2018-3604)


    Web Server Oracle
    1009358 - Oracle WebLogic Server RemoteObject Insecure Deserialization Vulnerability (CVE-2018-3191)
    1009353* - Oracle WebLogic Server RemoteObject Insecure Deserialization Vulnerability (CVE-2018-3245)


    Integrity Monitoring Rules:

    There are no new or updated Integrity Monitoring Rules in this Security Update.


    Log Inspection Rules:

    There are no new or updated Log Inspection Rules in this Security Update.
  • * indicates a new version of an existing rule

    Deep Packet Inspection Rules:

    Database Oracle
    1009342 - Oracle Database DIRECTORY Object Information Disclosure Vulnerability (CVE-2005-0298)


    Suspicious Client Application Activity
    1008756* - Identified Potentially Malicious RAT Traffic - VII


    Unix Samba
    1008847 - Samba Information Disclosure Vulnerability (CVE-2017-15275)


    Web Application Common
    1009350 - Telerik UI for ASP.NET AJAX Multiple Arbitrary File Upload Vulnerabilities (CVE-2017-11357 and CVE-2017-11317)
    1009356 - Telerik UI for ASP.NET AJAX RadAsyncUpload Control Path Traversal Vulnerability (CVE-2014-2217)


    Web Client Common
    1009349 - Microsoft Windows Data Sharing Service Arbitrary File Delete Vulnerability
    1009333* - Microsoft Windows Theme API Remote Code Execution Vulnerability (CVE-2018-8413)


    Web Server Apache
    1006027* - Apache HTTP Server Denial Of Service Vulnerability (CVE-2014-0098)


    Web Server HTTPS
    1008857 - Trend Micro Control Manager Multiple SQL Injection Remote Code Execution Vulnerability (CVE-2018-3604)


    Web Server Miscellaneous
    1005527* - Apache Struts OGNL Expression Injection Vulnerability


    Web Server Oracle
    1009353 - Oracle WebLogic Server RemoteObject Insecure Deserialization Vulnerability (CVE-2018-3245)


    Integrity Monitoring Rules:

    There are no new or updated Integrity Monitoring Rules in this Security Update.


    Log Inspection Rules:

    There are no new or updated Log Inspection Rules in this Security Update.
  • * indicates a new version of an existing rule

    Deep Packet Inspection Rules:

    Database Oracle
    1009306 - Oracle PL/SQL Procedures Arbitrary SQL Command Execution Vulnerability (CVE-2004-1370)


    Web Application Common
    1009264 - GitLab Arbitrary File Write Vulnerability (CVE-2018-14364)


    Integrity Monitoring Rules:

    There are no new or updated Integrity Monitoring Rules in this Security Update.


    Log Inspection Rules:

    There are no new or updated Log Inspection Rules in this Security Update.
  • * indicates a new version of an existing rule

    Deep Packet Inspection Rules:

    Asterisk RTP Protocol
    1008964 - Digium Asterisk Compound RTCP Out-Of-Bounds Write Vulnerability (CVE-2017-17664)


    DCERPC Services - Client
    1009331* - Microsoft Filter Manager Elevation Of Privilege Vulnerability (CVE-2018-8333)


    Directory Server LDAP
    1008842* - OpenLDAP 'deref_parseCtrl' Denial Of Service Vulnerability (CVE-2015-1545)


    Mail Server Common
    1009117* - Dovecot 'rfc822_parse_domain' Out Of Bounds Read Vulnerability (CVE-2017-14461)


    Microsoft Office
    1009073* - Microsoft Office Remote Code Execution Vulnerability (CVE-2018-8157)


    Remote Desktop Protocol Server
    1009343 - Identified Too Many SSL Alert Messages In SSLv3 Over RDP


    Web Application Common
    1009310 - Microsoft Exchange Server SSRF Vulnerability (CVE-2018-16793)


    Web Client Common
    1008937 - Apache Subversion Client svn-ssh URL Command Execution Vulnerability (CVE-2017-9800)
    1009092* - Foxit PDF Reader JavaScript 'XFA Clone' Remote Code Execution Vulnerability (CVE-2018-3850)
    1009237 - Foxit Reader Multiple Security Vulnerabilities - 1
    1009231 - Foxit Reader Multiple Security Vulnerabilities - 2
    1009236 - Foxit Reader Multiple Security Vulnerabilities - 3
    1009232 - Foxit Reader Multiple Security Vulnerabilities - 4
    1009235 - Foxit Reader Multiple Security Vulnerabilities - 5
    1009147 - Microsoft Windows .NET Framework Device Guard Security Feature Bypass Vulnerability (CVE-2018-1039)
    1009171* - Microsoft Windows Shell Remote Code Execution Vulnerability (CVE-2018-8414)
    1009238* - Microsoft Windows Shell Remote Code Execution Vulnerability (CVE-2018-8414) - 1
    1009338* - Microsoft Windows Shell Remote Code Execution Vulnerability (CVE-2018-8495)


    Integrity Monitoring Rules:

    1003105* - Database Server - PostgreSQL


    Log Inspection Rules:

    There are no new or updated Log Inspection Rules in this Security Update.