Deep Security Center
* indicates a new version of an existing rule
Deep Packet Inspection Rules:
DNS Client
1007740 - ISC BIND Multiple DNS Cookies Denial Of Service Vulnerability (CVE-2016-2088)
Directory Server LDAP
1007932* - Microsoft Windows Remote Code Execution Vulnerability (CVE-2016-3368)
Web Application Common
1007610* - Identified Usage Of ImageMagick Pseudo Protocols
Web Application PHP Based
1008041 - Drupal Coder Module Remote Code Execution Vulnerability
Web Application Ruby Based
1005331* - Ruby On Rails XML Processor YAML Deserialization DoS
Web Application Tomcat
1000637* - Tomcat JSP Source Code Exposure Vulnerability (CVE-2002-1148)
Web Client Common
1008090 - Adobe Flash Player Multiple Security Vulnerabilities (APSB16-39)
1008033* - Microsoft Windows Elevation Of Privilege Vulnerability (CVE-2016-7255)
Web Client Internet Explorer/Edge
1008063* - Microsoft Edge Memory Corruption Vulnerability (CVE-2016-7286)
1008009* - Microsoft Edge Scripting Engine Memory Corruption Vulnerability (CVE-2016-7201)
1007920* - Microsoft Internet Explorer And Edge Memory Corruption Vulnerability (CVE-2016-3247)
1005366* - Microsoft Internet Explorer COMWindowProxy Use After Free Vulnerability (CVE-2013-0019)
Web Server Miscellaneous
1007650 - Identified Access To NetIQ URLs Prone To Information Disclosure Vulnerability (CVE-2014-5215)
Integrity Monitoring Rules:
There are no new or updated Integrity Monitoring Rules in this Security Update.
Log Inspection Rules:
There are no new or updated Log Inspection Rules in this Security Update.
Deep Packet Inspection Rules:
DNS Client
1007740 - ISC BIND Multiple DNS Cookies Denial Of Service Vulnerability (CVE-2016-2088)
Directory Server LDAP
1007932* - Microsoft Windows Remote Code Execution Vulnerability (CVE-2016-3368)
Web Application Common
1007610* - Identified Usage Of ImageMagick Pseudo Protocols
Web Application PHP Based
1008041 - Drupal Coder Module Remote Code Execution Vulnerability
Web Application Ruby Based
1005331* - Ruby On Rails XML Processor YAML Deserialization DoS
Web Application Tomcat
1000637* - Tomcat JSP Source Code Exposure Vulnerability (CVE-2002-1148)
Web Client Common
1008090 - Adobe Flash Player Multiple Security Vulnerabilities (APSB16-39)
1008033* - Microsoft Windows Elevation Of Privilege Vulnerability (CVE-2016-7255)
Web Client Internet Explorer/Edge
1008063* - Microsoft Edge Memory Corruption Vulnerability (CVE-2016-7286)
1008009* - Microsoft Edge Scripting Engine Memory Corruption Vulnerability (CVE-2016-7201)
1007920* - Microsoft Internet Explorer And Edge Memory Corruption Vulnerability (CVE-2016-3247)
1005366* - Microsoft Internet Explorer COMWindowProxy Use After Free Vulnerability (CVE-2013-0019)
Web Server Miscellaneous
1007650 - Identified Access To NetIQ URLs Prone To Information Disclosure Vulnerability (CVE-2014-5215)
Integrity Monitoring Rules:
There are no new or updated Integrity Monitoring Rules in this Security Update.
Log Inspection Rules:
There are no new or updated Log Inspection Rules in this Security Update.
* indicates a new version of an existing rule
Deep Packet Inspection Rules:
Content Management Server Microsoft
1000984* - Microsoft CMS Cross Site Scripting Vulnerability
DNS Client
1008053 - ISC BIND DNAME Answer Handling Denial Of Service Vulnerability (CVE-2016-8864)
DNS Server
1007648* - PowerDNS Authoritative Server DNS Packet Processing Denial Of Service Vulnerability (CVE-2015-5311)
EMC AutoStart Agent Service
1007640 - Identified EMC AutoStart Remote Code Execution Vulnerability
Microsoft Office
1008075 - Microsoft Office Information Disclosure Vulnerability (CVE-2016-7264)
1008074 - Microsoft Office Information Disclosure Vulnerability (CVE-2016-7265)
1008070 - Microsoft Office Information Disclosure Vulnerability (CVE-2016-7268)
1008076 - Microsoft Office Information Disclosure Vulnerability (CVE-2016-7276)
1007617* - Microsoft Office Memory Corruption Vulnerability (CVE-2016-0126)
1008077 - Microsoft Office Memory Corruption Vulnerability (CVE-2016-7277)
1008078 - Microsoft Office Memory Corruption Vulnerability (CVE-2016-7289)
1008073 - Microsoft Office Security Feature Bypass Vulnerability (CVE-2016-7262)
1008072 - Microsoft Office Security Feature Bypass Vulnerability (CVE-2016-7266)
1008071 - Microsoft Office Security Feature Bypass Vulnerability (CVE-2016-7267)
1000764* - Microsoft Publisher Font Parsing Buffer Overflow
NTP Client
1008004 - NTP 'ntpq atoascii' Memory Corruption Vulnerability (CVE-2015-7852)
NTP Server Linux
1008040 - NTP AutoKey Malicious Message Multiple Denial Of Service Vulnerabilities
1007399* - NTP Long Control Packet Message Denial Of Service Vulnerability (CVE-2015-7855)
1008048 - NTP Mrulist Malicious Query Denial Of Service Vulnerability (CVE-2016-7434)
OpenSSL
1008039* - OpenSSL SSL3_AL_WARNING Remote Denial Of Service Vulnerability (CVE-2016-8610)
Suspicious Client Ransomware Activity
1007579* - Ransomware HTTP Request
1007577* - Ransomware Hydra
Suspicious Server Ransomware Activity
1007580* - Ransomware HTTP Request-1
Web Application Common
1006823* - Identified Suspicious Command Injection Attack - 1
Web Application Miscellaneous
1000846* - Microsoft Windows Explorer Drag and Drop Remote Code Execution
Web Application PHP Based
1008038 - PHP GC ZipArchive Class Use After Free Vulnerability (CVE-2016-5773)
1007973* - PHP ZipArchive Integer Overflow Vulnerability (CVE-2016-3078)
Web Application Tomcat
1000638* - Apache Tomcat "Tomcat Manager" Cross-Site Scripting
1000967* - Apache Tomcat Servlet Engine Directory Traversal
1000637* - Tomcat 4.x JSP source code exposure
Web Client Common
1007629* - Adobe Acrobat And Reader Multiple Security Vulnerabilities (APSB16-14) - 6
1007635* - Adobe Flash Player Heap Overflow Vulnerability (CVE-2016-1101)
1008084 - Microsoft Office OLE DLL Loading Vulnerability Over WebDAV (CVE-2016-7275)
1008079 - Microsoft Win32k Elevation Of Privilege Vulnerability (CVE-2016-7259)
1008080 - Microsoft Win32k Elevation Of Privilege Vulnerability (CVE-2016-7260)
1008029* - Microsoft Windows Animation Manager Memory Corruption Vulnerability (CVE-2016-7205)
1008081 - Microsoft Windows Common Log File System Driver Information Disclosure Vulnerability (CVE-2016-7295)
1008069 - Microsoft Windows GDI Information Disclosure Vulnerability (CVE-2016-7257)
1008043 - Microsoft Windows Graphics Component Remote Code Execution Vulnerability (CVE-2016-3393)
1008068 - Microsoft Windows Graphics Remote Code Execution Vulnerability (CVE-2016-7272)
1007989* - Microsoft Windows Multiple Security Vulnerabilities (MS16-118, MS16-119)
1008082 - Microsoft Windows Multiple Security Vulnerabilities (MS16-149)
1008067 - Microsoft Windows Uniscribe Remote Code Execution Vulnerability (CVE-2016-7274)
1008052 - Mozilla Firefox SVG Animation Use After Free Vulnerability (CVE-2016-9079)
Web Client Internet Explorer/Edge
1003507* - AOL IWinAmpActiveX Class ConvertFile() Remote Buffer Overflow
1005540* - Internet Explorer Memory Corruption Vulnerability (CVE-2013-3120)
1008061 - Microsoft Edge Information Disclosure Vulnerability (CVE-2016-7206)
1008062 - Microsoft Edge Information Disclosure Vulnerability (CVE-2016-7280)
1007248* - Microsoft Edge Memory Corruption Vulnerability (CVE-2015-6168)
1008063 - Microsoft Edge Memory Corruption Vulnerability (CVE-2016-7286)
1008064 - Microsoft Edge Memory Corruption Vulnerability (CVE-2016-7288)
1007984* - Microsoft Edge Scripting Engine Memory Corruption Vulnerability (CVE-2016-3386)
1008009* - Microsoft Edge Scripting Engine Memory Corruption Vulnerability (CVE-2016-7201)
1008013* - Microsoft Edge Scripting Engine Memory Corruption Vulnerability (CVE-2016-7202)
1008016* - Microsoft Edge Scripting Engine Memory Corruption Vulnerability (CVE-2016-7240)
1008011* - Microsoft Edge Scripting Engine Memory Corruption Vulnerability (CVE-2016-7242)
1008065 - Microsoft Edge Scripting Engine Memory Corruption Vulnerability (CVE-2016-7296)
1008066 - Microsoft Edge Scripting Engine Memory Corruption Vulnerability (CVE-2016-7297)
1007237* - Microsoft Internet Explorer And Edge Memory Corruption Vulnerability (CVE-2015-6151)
1008012* - Microsoft Internet Explorer And Edge Memory Corruption Vulnerability (CVE-2016-7195)
1008056 - Microsoft Internet Explorer And Edge Memory Corruption Vulnerability (CVE-2016-7279)
1008017* - Microsoft Internet Explorer And Edge Remote Code Execution Vulnerability (CVE-2016-7241)
1008060 - Microsoft Internet Explorer And Edge Scripting Engine Memory Corruption Vulnerability (CVE-2016-7287)
1008057 - Microsoft Internet Explorer And Edge Security Feature Bypass Vulnerability (CVE-2016-7282)
1008055 - Microsoft Internet Explorer Information Disclosure Vulnerability (CVE-2016-7278)
1008059 - Microsoft Internet Explorer Information Disclosure Vulnerability (CVE-2016-7284)
1006790* - Microsoft Internet Explorer Memory Access Violation Vulnerability
1006312* - Microsoft Internet Explorer Memory Corruption Vulnerability (CVE-2014-4141)
1007407* - Microsoft Internet Explorer Memory Corruption Vulnerability (CVE-2016-0063)
1008083 - Microsoft Internet Explorer Memory Corruption Vulnerability (CVE-2016-3384)
1008054 - Microsoft Internet Explorer Memory Corruption Vulnerability (CVE-2016-7202)
1008058 - Microsoft Internet Explorer Memory Corruption Vulnerability (CVE-2016-7283)
Web Server Miscellaneous
1007603* - Apache Struts Dynamic Method Invocation Remote Code Execution Vulnerability (CVE-2016-3081)
1004189* - RedHat JBoss Enterprise Application Platform JMX Console Authentication Bypass
1001781* - WS_FTP Server Manager Authentication Bypass and Information Disclosure Vulnerability
Web Server Oracle
1003878* - Oracle E-Business Suite Multiple Remote Vulnerabilities
Integrity Monitoring Rules:
There are no new or updated Integrity Monitoring Rules in this Security Update.
Log Inspection Rules:
There are no new or updated Log Inspection Rules in this Security Update.
Deep Packet Inspection Rules:
Content Management Server Microsoft
1000984* - Microsoft CMS Cross Site Scripting Vulnerability
DNS Client
1008053 - ISC BIND DNAME Answer Handling Denial Of Service Vulnerability (CVE-2016-8864)
DNS Server
1007648* - PowerDNS Authoritative Server DNS Packet Processing Denial Of Service Vulnerability (CVE-2015-5311)
EMC AutoStart Agent Service
1007640 - Identified EMC AutoStart Remote Code Execution Vulnerability
Microsoft Office
1008075 - Microsoft Office Information Disclosure Vulnerability (CVE-2016-7264)
1008074 - Microsoft Office Information Disclosure Vulnerability (CVE-2016-7265)
1008070 - Microsoft Office Information Disclosure Vulnerability (CVE-2016-7268)
1008076 - Microsoft Office Information Disclosure Vulnerability (CVE-2016-7276)
1007617* - Microsoft Office Memory Corruption Vulnerability (CVE-2016-0126)
1008077 - Microsoft Office Memory Corruption Vulnerability (CVE-2016-7277)
1008078 - Microsoft Office Memory Corruption Vulnerability (CVE-2016-7289)
1008073 - Microsoft Office Security Feature Bypass Vulnerability (CVE-2016-7262)
1008072 - Microsoft Office Security Feature Bypass Vulnerability (CVE-2016-7266)
1008071 - Microsoft Office Security Feature Bypass Vulnerability (CVE-2016-7267)
1000764* - Microsoft Publisher Font Parsing Buffer Overflow
NTP Client
1008004 - NTP 'ntpq atoascii' Memory Corruption Vulnerability (CVE-2015-7852)
NTP Server Linux
1008040 - NTP AutoKey Malicious Message Multiple Denial Of Service Vulnerabilities
1007399* - NTP Long Control Packet Message Denial Of Service Vulnerability (CVE-2015-7855)
1008048 - NTP Mrulist Malicious Query Denial Of Service Vulnerability (CVE-2016-7434)
OpenSSL
1008039* - OpenSSL SSL3_AL_WARNING Remote Denial Of Service Vulnerability (CVE-2016-8610)
Suspicious Client Ransomware Activity
1007579* - Ransomware HTTP Request
1007577* - Ransomware Hydra
Suspicious Server Ransomware Activity
1007580* - Ransomware HTTP Request-1
Web Application Common
1006823* - Identified Suspicious Command Injection Attack - 1
Web Application Miscellaneous
1000846* - Microsoft Windows Explorer Drag and Drop Remote Code Execution
Web Application PHP Based
1008038 - PHP GC ZipArchive Class Use After Free Vulnerability (CVE-2016-5773)
1007973* - PHP ZipArchive Integer Overflow Vulnerability (CVE-2016-3078)
Web Application Tomcat
1000638* - Apache Tomcat "Tomcat Manager" Cross-Site Scripting
1000967* - Apache Tomcat Servlet Engine Directory Traversal
1000637* - Tomcat 4.x JSP source code exposure
Web Client Common
1007629* - Adobe Acrobat And Reader Multiple Security Vulnerabilities (APSB16-14) - 6
1007635* - Adobe Flash Player Heap Overflow Vulnerability (CVE-2016-1101)
1008084 - Microsoft Office OLE DLL Loading Vulnerability Over WebDAV (CVE-2016-7275)
1008079 - Microsoft Win32k Elevation Of Privilege Vulnerability (CVE-2016-7259)
1008080 - Microsoft Win32k Elevation Of Privilege Vulnerability (CVE-2016-7260)
1008029* - Microsoft Windows Animation Manager Memory Corruption Vulnerability (CVE-2016-7205)
1008081 - Microsoft Windows Common Log File System Driver Information Disclosure Vulnerability (CVE-2016-7295)
1008069 - Microsoft Windows GDI Information Disclosure Vulnerability (CVE-2016-7257)
1008043 - Microsoft Windows Graphics Component Remote Code Execution Vulnerability (CVE-2016-3393)
1008068 - Microsoft Windows Graphics Remote Code Execution Vulnerability (CVE-2016-7272)
1007989* - Microsoft Windows Multiple Security Vulnerabilities (MS16-118, MS16-119)
1008082 - Microsoft Windows Multiple Security Vulnerabilities (MS16-149)
1008067 - Microsoft Windows Uniscribe Remote Code Execution Vulnerability (CVE-2016-7274)
1008052 - Mozilla Firefox SVG Animation Use After Free Vulnerability (CVE-2016-9079)
Web Client Internet Explorer/Edge
1003507* - AOL IWinAmpActiveX Class ConvertFile() Remote Buffer Overflow
1005540* - Internet Explorer Memory Corruption Vulnerability (CVE-2013-3120)
1008061 - Microsoft Edge Information Disclosure Vulnerability (CVE-2016-7206)
1008062 - Microsoft Edge Information Disclosure Vulnerability (CVE-2016-7280)
1007248* - Microsoft Edge Memory Corruption Vulnerability (CVE-2015-6168)
1008063 - Microsoft Edge Memory Corruption Vulnerability (CVE-2016-7286)
1008064 - Microsoft Edge Memory Corruption Vulnerability (CVE-2016-7288)
1007984* - Microsoft Edge Scripting Engine Memory Corruption Vulnerability (CVE-2016-3386)
1008009* - Microsoft Edge Scripting Engine Memory Corruption Vulnerability (CVE-2016-7201)
1008013* - Microsoft Edge Scripting Engine Memory Corruption Vulnerability (CVE-2016-7202)
1008016* - Microsoft Edge Scripting Engine Memory Corruption Vulnerability (CVE-2016-7240)
1008011* - Microsoft Edge Scripting Engine Memory Corruption Vulnerability (CVE-2016-7242)
1008065 - Microsoft Edge Scripting Engine Memory Corruption Vulnerability (CVE-2016-7296)
1008066 - Microsoft Edge Scripting Engine Memory Corruption Vulnerability (CVE-2016-7297)
1007237* - Microsoft Internet Explorer And Edge Memory Corruption Vulnerability (CVE-2015-6151)
1008012* - Microsoft Internet Explorer And Edge Memory Corruption Vulnerability (CVE-2016-7195)
1008056 - Microsoft Internet Explorer And Edge Memory Corruption Vulnerability (CVE-2016-7279)
1008017* - Microsoft Internet Explorer And Edge Remote Code Execution Vulnerability (CVE-2016-7241)
1008060 - Microsoft Internet Explorer And Edge Scripting Engine Memory Corruption Vulnerability (CVE-2016-7287)
1008057 - Microsoft Internet Explorer And Edge Security Feature Bypass Vulnerability (CVE-2016-7282)
1008055 - Microsoft Internet Explorer Information Disclosure Vulnerability (CVE-2016-7278)
1008059 - Microsoft Internet Explorer Information Disclosure Vulnerability (CVE-2016-7284)
1006790* - Microsoft Internet Explorer Memory Access Violation Vulnerability
1006312* - Microsoft Internet Explorer Memory Corruption Vulnerability (CVE-2014-4141)
1007407* - Microsoft Internet Explorer Memory Corruption Vulnerability (CVE-2016-0063)
1008083 - Microsoft Internet Explorer Memory Corruption Vulnerability (CVE-2016-3384)
1008054 - Microsoft Internet Explorer Memory Corruption Vulnerability (CVE-2016-7202)
1008058 - Microsoft Internet Explorer Memory Corruption Vulnerability (CVE-2016-7283)
Web Server Miscellaneous
1007603* - Apache Struts Dynamic Method Invocation Remote Code Execution Vulnerability (CVE-2016-3081)
1004189* - RedHat JBoss Enterprise Application Platform JMX Console Authentication Bypass
1001781* - WS_FTP Server Manager Authentication Bypass and Information Disclosure Vulnerability
Web Server Oracle
1003878* - Oracle E-Business Suite Multiple Remote Vulnerabilities
Integrity Monitoring Rules:
There are no new or updated Integrity Monitoring Rules in this Security Update.
Log Inspection Rules:
There are no new or updated Log Inspection Rules in this Security Update.
* indicates a new version of an existing rule
Deep Packet Inspection Rules:
Application Control For Mail Client
1002452* - Application Control For Eudora
DNS Server
1007648 - PowerDNS Authoritative Server DNS Packet Processing Denial Of Service Vulnerability (CVE-2015-5311)
Suspicious Client Ransomware Activity
1007579* - Ransomware HTTP Request
1007577* - Ransomware Hydra
Suspicious Server Application Activity
1002378* - Detected Virtual Network Computing (VNC) Server Traffic
Suspicious Server Ransomware Activity
1007580* - Ransomware HTTP Request-1
Web Application Common
1007715* - ImageMagick And GraphicsMagick Remote Code Execution Vulnerability (CVE-2016-5118)
1007609* - ImageMagick Remote Code Execution Vulnerability (CVE-2016-3714)
Web Application PHP Based
1007298* - Joomla Core Remote Code Execution Vulnerability (CVE-2015-8562)
Web Client Common
1006532* - Identified Malicious Adobe Flash SWF File - 1
1007738* - ImageMagick And GraphicsMagick Remote Code Execution Vulnerability (CVE-2016-5118) - 1
1007611* - ImageMagick Remote Code Execution Vulnerability (CVE-2016-3714) - 1
1008033* - Microsoft Windows Elevation Of Privilege Vulnerability (CVE-2016-7255)
1008044 - OpenJPEG JPEG2000 MCC Record Code Execution Vulnerability (CVE-2016-8332)
Web Client Internet Explorer/Edge
1006383* - Microsoft Internet Explorer VBScript Memory Corruption Vulnerability (CVE-2014-6363)
Web Server Common
1007651* - Identified Absence Of Configured CDN/Reverse Proxy HTTP Header
Integrity Monitoring Rules:
There are no new or updated Integrity Monitoring Rules in this Security Update.
Log Inspection Rules:
There are no new or updated Log Inspection Rules in this Security Update.
Deep Packet Inspection Rules:
Application Control For Mail Client
1002452* - Application Control For Eudora
DNS Server
1007648 - PowerDNS Authoritative Server DNS Packet Processing Denial Of Service Vulnerability (CVE-2015-5311)
Suspicious Client Ransomware Activity
1007579* - Ransomware HTTP Request
1007577* - Ransomware Hydra
Suspicious Server Application Activity
1002378* - Detected Virtual Network Computing (VNC) Server Traffic
Suspicious Server Ransomware Activity
1007580* - Ransomware HTTP Request-1
Web Application Common
1007715* - ImageMagick And GraphicsMagick Remote Code Execution Vulnerability (CVE-2016-5118)
1007609* - ImageMagick Remote Code Execution Vulnerability (CVE-2016-3714)
Web Application PHP Based
1007298* - Joomla Core Remote Code Execution Vulnerability (CVE-2015-8562)
Web Client Common
1006532* - Identified Malicious Adobe Flash SWF File - 1
1007738* - ImageMagick And GraphicsMagick Remote Code Execution Vulnerability (CVE-2016-5118) - 1
1007611* - ImageMagick Remote Code Execution Vulnerability (CVE-2016-3714) - 1
1008033* - Microsoft Windows Elevation Of Privilege Vulnerability (CVE-2016-7255)
1008044 - OpenJPEG JPEG2000 MCC Record Code Execution Vulnerability (CVE-2016-8332)
Web Client Internet Explorer/Edge
1006383* - Microsoft Internet Explorer VBScript Memory Corruption Vulnerability (CVE-2014-6363)
Web Server Common
1007651* - Identified Absence Of Configured CDN/Reverse Proxy HTTP Header
Integrity Monitoring Rules:
There are no new or updated Integrity Monitoring Rules in this Security Update.
Log Inspection Rules:
There are no new or updated Log Inspection Rules in this Security Update.
* indicates a new version of an existing rule
Deep Packet Inspection Rules:
DNS Client
1007425* - ISC BIND OpenPGP Key Handler Denial Of Service Vulnerability (CVE-2015-5986)
1007465* - ISC BIND Response Handler Denial Of Service Vulnerability (CVE-2015-8000)
Database Oracle
1003510* - Oracle Database Server LT.ROLLBACKWORKSPACE SQL Injection
HP OpenView Network Node Manager
1007643* - HP OpenView Network Node Manager ovw.dll Message Handling Buffer Overflow (CVE-2008-1842)
NTP Server Linux
1007399 - NTP Long Control Packet Message Denial Of Service Vulnerability (CVE-2015-7855)
OpenSSL
1008039 - OpenSSL SSL3_AL_WARNING Remote Denial Of Service Vulnerability (CVE-2016-8610)
Suspicious Client Application Activity
1007907* - Cisco ASA Memory Corruption Vulnerability (CVE-2016-6366)
Web Client Common
1007310* - Adobe Flash Player Heap Overflow Vulnerability (CVE-2015-8446)
1008042 - Adobe Flash Player Multiple Security Vulnerabilities (APSB16-37)
1007620* - Microsoft Windows Graphics Component Information Disclosure Vulnerability (CVE-2016-0168)
1007622* - Microsoft Windows Graphics Component RCE Vulnerability (CVE-2016-0170)
Web Client Internet Explorer/Edge
1007983* - Microsoft Edge Scripting Engine Information Disclosure Vulnerability (CVE-2016-7189)
1007985* - Microsoft Internet Explorer Information Disclosure Vulnerability (CVE-2016-3298)
1007928* - Microsoft Internet Explorer Memory Corruption Vulnerability (CVE-2016-3324)
Web Server HTTPS
1007253* - Trend Micro Threat Intelligence Manager Multiple Vulnerabilities Remote Code Execution
Web Server Miscellaneous
1007993* - RedHat JBoss Web Application Server Remote Information Disclosure Vulnerability (CVE-2005-2006)
Integrity Monitoring Rules:
There are no new or updated Integrity Monitoring Rules in this Security Update.
Log Inspection Rules:
There are no new or updated Log Inspection Rules in this Security Update.
Deep Packet Inspection Rules:
DNS Client
1007425* - ISC BIND OpenPGP Key Handler Denial Of Service Vulnerability (CVE-2015-5986)
1007465* - ISC BIND Response Handler Denial Of Service Vulnerability (CVE-2015-8000)
Database Oracle
1003510* - Oracle Database Server LT.ROLLBACKWORKSPACE SQL Injection
HP OpenView Network Node Manager
1007643* - HP OpenView Network Node Manager ovw.dll Message Handling Buffer Overflow (CVE-2008-1842)
NTP Server Linux
1007399 - NTP Long Control Packet Message Denial Of Service Vulnerability (CVE-2015-7855)
OpenSSL
1008039 - OpenSSL SSL3_AL_WARNING Remote Denial Of Service Vulnerability (CVE-2016-8610)
Suspicious Client Application Activity
1007907* - Cisco ASA Memory Corruption Vulnerability (CVE-2016-6366)
Web Client Common
1007310* - Adobe Flash Player Heap Overflow Vulnerability (CVE-2015-8446)
1008042 - Adobe Flash Player Multiple Security Vulnerabilities (APSB16-37)
1007620* - Microsoft Windows Graphics Component Information Disclosure Vulnerability (CVE-2016-0168)
1007622* - Microsoft Windows Graphics Component RCE Vulnerability (CVE-2016-0170)
Web Client Internet Explorer/Edge
1007983* - Microsoft Edge Scripting Engine Information Disclosure Vulnerability (CVE-2016-7189)
1007985* - Microsoft Internet Explorer Information Disclosure Vulnerability (CVE-2016-3298)
1007928* - Microsoft Internet Explorer Memory Corruption Vulnerability (CVE-2016-3324)
Web Server HTTPS
1007253* - Trend Micro Threat Intelligence Manager Multiple Vulnerabilities Remote Code Execution
Web Server Miscellaneous
1007993* - RedHat JBoss Web Application Server Remote Information Disclosure Vulnerability (CVE-2005-2006)
Integrity Monitoring Rules:
There are no new or updated Integrity Monitoring Rules in this Security Update.
Log Inspection Rules:
There are no new or updated Log Inspection Rules in this Security Update.
* indicates a new version of an existing rule
Deep Packet Inspection Rules:
DCERPC Services - Client
1007913* - Identified Possible Ransomware File Extension Rename Activity Over Network Share - Client
HP OpenView Network Node Manager
1007643 - HP OpenView Network Node Manager ovw.dll Message Handling Buffer Overflow (CVE-2008-1842)
Microsoft Office
1008024 - Microsoft Office Information Disclosure Vulnerability (CVE-2016-7233)
1008018 - Microsoft Office Memory Corruption Vulnerability (CVE-2016-7213)
1008019 - Microsoft Office Memory Corruption Vulnerability (CVE-2016-7228)
1008020 - Microsoft Office Memory Corruption Vulnerability (CVE-2016-7229)
1008021 - Microsoft Office Memory Corruption Vulnerability (CVE-2016-7230)
1008022 - Microsoft Office Memory Corruption Vulnerability (CVE-2016-7231)
1008023 - Microsoft Office Memory Corruption Vulnerability (CVE-2016-7232)
1008025 - Microsoft Office Memory Corruption Vulnerability (CVE-2016-7234)
1008026 - Microsoft Office Memory Corruption Vulnerability (CVE-2016-7235)
1008027 - Microsoft Office Memory Corruption Vulnerability (CVE-2016-7236)
NTP Server Linux
1007383 - NTP Configuration Directive File Overwrite Vulnerability (CVE-2015-7703)
Web Application PHP Based
1007973 - PHP ZipArchive Integer Overflow Vulnerability (CVE-2016-3078)
Web Client Common
1008029 - Microsoft Windows Animation Manager Memory Corruption Vulnerability (CVE-2016-7205)
1008031 - Microsoft Windows Media Foundation Memory Corruption Vulnerability (CVE-2016-7217)
1008035 - Microsoft Windows Multiple Elevation Of Privilege Vulnerabilities (MS16-138)
1007990 - Microsoft Windows Multiple Security Vulnerabilities (MS16-134)
1008034 - Microsoft Windows Multiple Security Vulnerabilities (MS16-135)
1008030 - Microsoft Windows OpenType Font Information Disclosure Vulnerability (CVE-2016-7210)
1008036 - Microsoft Windows OpenType Font Parsing Vulnerability (CVE-2016-7256)
Web Client Internet Explorer/Edge
1008014 - Microsoft Edge Information Disclosure Vulnerability (CVE-2016-7204)
1007994* - Microsoft Edge Scripting Engine Memory Corruption Vulnerability (CVE-2016-7194)
1008008 - Microsoft Edge Scripting Engine Memory Corruption Vulnerability (CVE-2016-7200)
1008009 - Microsoft Edge Scripting Engine Memory Corruption Vulnerability (CVE-2016-7201)
1008013 - Microsoft Edge Scripting Engine Memory Corruption Vulnerability (CVE-2016-7202)
1008010 - Microsoft Edge Scripting Engine Memory Corruption Vulnerability (CVE-2016-7203)
1008016 - Microsoft Edge Scripting Engine Memory Corruption Vulnerability (CVE-2016-7240)
1008011 - Microsoft Edge Scripting Engine Memory Corruption Vulnerability (CVE-2016-7242)
1008015 - Microsoft Internet Explorer And Edge Information Disclosure Vulnerability (CVE-2016-7227)
1008012 - Microsoft Internet Explorer And Edge Memory Corruption Vulnerability (CVE-2016-7195)
1008006 - Microsoft Internet Explorer And Edge Memory Corruption Vulnerability (CVE-2016-7196)
1008007 - Microsoft Internet Explorer And Edge Memory Corruption Vulnerability (CVE-2016-7198)
1008017 - Microsoft Internet Explorer And Edge Remote Code Execution Vulnerability (CVE-2016-7241)
Integrity Monitoring Rules:
There are no new or updated Integrity Monitoring Rules in this Security Update.
Log Inspection Rules:
There are no new or updated Log Inspection Rules in this Security Update.
Deep Packet Inspection Rules:
DCERPC Services - Client
1007913* - Identified Possible Ransomware File Extension Rename Activity Over Network Share - Client
HP OpenView Network Node Manager
1007643 - HP OpenView Network Node Manager ovw.dll Message Handling Buffer Overflow (CVE-2008-1842)
Microsoft Office
1008024 - Microsoft Office Information Disclosure Vulnerability (CVE-2016-7233)
1008018 - Microsoft Office Memory Corruption Vulnerability (CVE-2016-7213)
1008019 - Microsoft Office Memory Corruption Vulnerability (CVE-2016-7228)
1008020 - Microsoft Office Memory Corruption Vulnerability (CVE-2016-7229)
1008021 - Microsoft Office Memory Corruption Vulnerability (CVE-2016-7230)
1008022 - Microsoft Office Memory Corruption Vulnerability (CVE-2016-7231)
1008023 - Microsoft Office Memory Corruption Vulnerability (CVE-2016-7232)
1008025 - Microsoft Office Memory Corruption Vulnerability (CVE-2016-7234)
1008026 - Microsoft Office Memory Corruption Vulnerability (CVE-2016-7235)
1008027 - Microsoft Office Memory Corruption Vulnerability (CVE-2016-7236)
NTP Server Linux
1007383 - NTP Configuration Directive File Overwrite Vulnerability (CVE-2015-7703)
Web Application PHP Based
1007973 - PHP ZipArchive Integer Overflow Vulnerability (CVE-2016-3078)
Web Client Common
1008029 - Microsoft Windows Animation Manager Memory Corruption Vulnerability (CVE-2016-7205)
1008031 - Microsoft Windows Media Foundation Memory Corruption Vulnerability (CVE-2016-7217)
1008035 - Microsoft Windows Multiple Elevation Of Privilege Vulnerabilities (MS16-138)
1007990 - Microsoft Windows Multiple Security Vulnerabilities (MS16-134)
1008034 - Microsoft Windows Multiple Security Vulnerabilities (MS16-135)
1008030 - Microsoft Windows OpenType Font Information Disclosure Vulnerability (CVE-2016-7210)
1008036 - Microsoft Windows OpenType Font Parsing Vulnerability (CVE-2016-7256)
Web Client Internet Explorer/Edge
1008014 - Microsoft Edge Information Disclosure Vulnerability (CVE-2016-7204)
1007994* - Microsoft Edge Scripting Engine Memory Corruption Vulnerability (CVE-2016-7194)
1008008 - Microsoft Edge Scripting Engine Memory Corruption Vulnerability (CVE-2016-7200)
1008009 - Microsoft Edge Scripting Engine Memory Corruption Vulnerability (CVE-2016-7201)
1008013 - Microsoft Edge Scripting Engine Memory Corruption Vulnerability (CVE-2016-7202)
1008010 - Microsoft Edge Scripting Engine Memory Corruption Vulnerability (CVE-2016-7203)
1008016 - Microsoft Edge Scripting Engine Memory Corruption Vulnerability (CVE-2016-7240)
1008011 - Microsoft Edge Scripting Engine Memory Corruption Vulnerability (CVE-2016-7242)
1008015 - Microsoft Internet Explorer And Edge Information Disclosure Vulnerability (CVE-2016-7227)
1008012 - Microsoft Internet Explorer And Edge Memory Corruption Vulnerability (CVE-2016-7195)
1008006 - Microsoft Internet Explorer And Edge Memory Corruption Vulnerability (CVE-2016-7196)
1008007 - Microsoft Internet Explorer And Edge Memory Corruption Vulnerability (CVE-2016-7198)
1008017 - Microsoft Internet Explorer And Edge Remote Code Execution Vulnerability (CVE-2016-7241)
Integrity Monitoring Rules:
There are no new or updated Integrity Monitoring Rules in this Security Update.
Log Inspection Rules:
There are no new or updated Log Inspection Rules in this Security Update.
* indicates a new version of an existing rule
Deep Packet Inspection Rules:
DNS Client
1007458* - glibc getaddrinfo Stack Based Buffer Overflow Vulnerability (CVE-2015-7547)
Web Client Common
1008003* - Adobe Flash Player Use-After-Free Vulnerability (CVE-2016-7855)
1008033 - Microsoft Windows Elevation Of Privilege Vulnerability
1007929* - Microsoft Windows PDF Library Remote Code Execution Vulnerability (CVE-2016-3370)
1007930* - Microsoft Windows PDF Library Remote Code Execution Vulnerability (CVE-2016-3374)
Web Client Internet Explorer/Edge
1007923* - Microsoft Internet Explorer And Edge Information Disclosure Vulnerability (CVE-2016-3325)
Web Server Common
1000128* - HTTP Protocol Decoding
1005496* - Identified HTTP Request Smuggling Attack
Web Server HTTPS
1007253* - Trend Micro Threat Intelligence Manager Multiple Vulnerabilities Remote Code Execution
Web Server Miscellaneous
1007522* - JBoss Seam Parameterized EL Expressions Remote Code Execution Vulnerability
Integrity Monitoring Rules:
There are no new or updated Integrity Monitoring Rules in this Security Update.
Log Inspection Rules:
There are no new or updated Log Inspection Rules in this Security Update.
Deep Packet Inspection Rules:
DNS Client
1007458* - glibc getaddrinfo Stack Based Buffer Overflow Vulnerability (CVE-2015-7547)
Web Client Common
1008003* - Adobe Flash Player Use-After-Free Vulnerability (CVE-2016-7855)
1008033 - Microsoft Windows Elevation Of Privilege Vulnerability
1007929* - Microsoft Windows PDF Library Remote Code Execution Vulnerability (CVE-2016-3370)
1007930* - Microsoft Windows PDF Library Remote Code Execution Vulnerability (CVE-2016-3374)
Web Client Internet Explorer/Edge
1007923* - Microsoft Internet Explorer And Edge Information Disclosure Vulnerability (CVE-2016-3325)
Web Server Common
1000128* - HTTP Protocol Decoding
1005496* - Identified HTTP Request Smuggling Attack
Web Server HTTPS
1007253* - Trend Micro Threat Intelligence Manager Multiple Vulnerabilities Remote Code Execution
Web Server Miscellaneous
1007522* - JBoss Seam Parameterized EL Expressions Remote Code Execution Vulnerability
Integrity Monitoring Rules:
There are no new or updated Integrity Monitoring Rules in this Security Update.
Log Inspection Rules:
There are no new or updated Log Inspection Rules in this Security Update.
* indicates a new version of an existing rule
Deep Packet Inspection Rules:
Web Application PHP Based
1008005 - Joomla Core Security Bypass Vulnerabilities
Web Client Common
1008003* - Adobe Flash Player Use-After-Free Vulnerability (CVE-2016-7855)
1007978* - Microsoft Windows GDI+ Information Disclosure Vulnerability (CVE-2016-3263)
1007976* - Microsoft Windows Multiple Elevation Of Privilege Vulnerabilities (MS16-120)
1007975* - Microsoft Windows Multiple Security Vulnerabilities (MS16-123)
Web Client Internet Explorer/Edge
1007987* - Microsoft Internet Explorer And Edge Memory Corruption Vulnerability (CVE-2016-3382)
Integrity Monitoring Rules:
There are no new or updated Integrity Monitoring Rules in this Security Update.
Log Inspection Rules:
There are no new or updated Log Inspection Rules in this Security Update.
Deep Packet Inspection Rules:
Web Application PHP Based
1008005 - Joomla Core Security Bypass Vulnerabilities
Web Client Common
1008003* - Adobe Flash Player Use-After-Free Vulnerability (CVE-2016-7855)
1007978* - Microsoft Windows GDI+ Information Disclosure Vulnerability (CVE-2016-3263)
1007976* - Microsoft Windows Multiple Elevation Of Privilege Vulnerabilities (MS16-120)
1007975* - Microsoft Windows Multiple Security Vulnerabilities (MS16-123)
Web Client Internet Explorer/Edge
1007987* - Microsoft Internet Explorer And Edge Memory Corruption Vulnerability (CVE-2016-3382)
Integrity Monitoring Rules:
There are no new or updated Integrity Monitoring Rules in this Security Update.
Log Inspection Rules:
There are no new or updated Log Inspection Rules in this Security Update.
* indicates a new version of an existing rule
Deep Packet Inspection Rules:
Suspicious Server Application Activity
1003786* - Detected SNMP Server Traffic
Unix Samba
1004252* - Samba 'SMB1 Packet Chaining' Unspecified Remote Memory Corruption Vulnerability
Web Application PHP Based
1007739* - PHP TAR File Parsing Uninitialized Reference Vulnerability (CVE-2016-4343)
Web Application Tomcat
1003854* - Identified Login Attempt To Apache Tomcat Manager Using Default Credentials
Web Client Common
1007677 - Adobe Flash Player Memory Corruption Vulnerability (CVE-2016-4137)
1008003 - Adobe Flash Player Use-After-Free Vulnerability
1007930* - Microsoft PDF Library Remote Code Execution Vulnerability (CVE-2016-3374)
1007995* - Microsoft Windows Diagnostics Hub Elevation Of Privilege (CVE-2016-7188)
1007988* - Microsoft Windows Multiple Security Vulnerabilities (MS16-124)
1007665* - Microsoft Windows PDF Remote Code Execution Vulnerability (CVE-2016-3203)
1007908 - WPS Office PowerPoint Memory Corruption Vulnerability
1007909 - WPS Office SpreadSheet Memory Corruption Vulnerability
1007910 - WPS Office Writer Memory Corruption Vulnerability
Web Client Internet Explorer/Edge
1007984* - Microsoft Edge Scripting Engine Memory Corruption Vulnerability (CVE-2016-3386)
1007982* - Microsoft Edge Scripting Engine Memory Corruption Vulnerability (CVE-2016-7190)
1007991* - Microsoft Internet Explorer And Edge Information Disclosure Vulnerability (CVE-2016-3267)
1007980* - Microsoft Internet Explorer Memory Corruption Vulnerability (CVE-2016-3385)
1007903 - Microsoft Internet Explorer Scripting Engine Memory Corruption Vulnerability (CVE-2016-0189) - 1
Web Server Common
1007914* - Symfony Security Component Denial Of Service Vulnerability
Web Server HTTPS
1007253 - Trend Micro Threat Intelligence Manager Multiple Vulnerabilities Remote Code Execution
Web Server Miscellaneous
1007528* - GlassFish Java EE Application Server Arbitrary File Read Vulnerability
1007993 - RedHat JBoss Web Application Server Remote Information Disclosure Vulnerability (CVE-2005-2006)
Web Service HP SiteScope
1007742* - HP SiteScope DNS Tool Command Injection Vulnerability
Windows Services RPC Client
1007494* - Adobe Acrobat DLL Loading Arbitrary Code Execution Vulnerability (CVE-2016-1008)
Integrity Monitoring Rules:
There are no new or updated Integrity Monitoring Rules in this Security Update.
Log Inspection Rules:
There are no new or updated Log Inspection Rules in this Security Update.
Deep Packet Inspection Rules:
Suspicious Server Application Activity
1003786* - Detected SNMP Server Traffic
Unix Samba
1004252* - Samba 'SMB1 Packet Chaining' Unspecified Remote Memory Corruption Vulnerability
Web Application PHP Based
1007739* - PHP TAR File Parsing Uninitialized Reference Vulnerability (CVE-2016-4343)
Web Application Tomcat
1003854* - Identified Login Attempt To Apache Tomcat Manager Using Default Credentials
Web Client Common
1007677 - Adobe Flash Player Memory Corruption Vulnerability (CVE-2016-4137)
1008003 - Adobe Flash Player Use-After-Free Vulnerability
1007930* - Microsoft PDF Library Remote Code Execution Vulnerability (CVE-2016-3374)
1007995* - Microsoft Windows Diagnostics Hub Elevation Of Privilege (CVE-2016-7188)
1007988* - Microsoft Windows Multiple Security Vulnerabilities (MS16-124)
1007665* - Microsoft Windows PDF Remote Code Execution Vulnerability (CVE-2016-3203)
1007908 - WPS Office PowerPoint Memory Corruption Vulnerability
1007909 - WPS Office SpreadSheet Memory Corruption Vulnerability
1007910 - WPS Office Writer Memory Corruption Vulnerability
Web Client Internet Explorer/Edge
1007984* - Microsoft Edge Scripting Engine Memory Corruption Vulnerability (CVE-2016-3386)
1007982* - Microsoft Edge Scripting Engine Memory Corruption Vulnerability (CVE-2016-7190)
1007991* - Microsoft Internet Explorer And Edge Information Disclosure Vulnerability (CVE-2016-3267)
1007980* - Microsoft Internet Explorer Memory Corruption Vulnerability (CVE-2016-3385)
1007903 - Microsoft Internet Explorer Scripting Engine Memory Corruption Vulnerability (CVE-2016-0189) - 1
Web Server Common
1007914* - Symfony Security Component Denial Of Service Vulnerability
Web Server HTTPS
1007253 - Trend Micro Threat Intelligence Manager Multiple Vulnerabilities Remote Code Execution
Web Server Miscellaneous
1007528* - GlassFish Java EE Application Server Arbitrary File Read Vulnerability
1007993 - RedHat JBoss Web Application Server Remote Information Disclosure Vulnerability (CVE-2005-2006)
Web Service HP SiteScope
1007742* - HP SiteScope DNS Tool Command Injection Vulnerability
Windows Services RPC Client
1007494* - Adobe Acrobat DLL Loading Arbitrary Code Execution Vulnerability (CVE-2016-1008)
Integrity Monitoring Rules:
There are no new or updated Integrity Monitoring Rules in this Security Update.
Log Inspection Rules:
There are no new or updated Log Inspection Rules in this Security Update.
* indicates a new version of an existing rule
Deep Packet Inspection Rules:
DCERPC Services
1007596* - Identified Possible Ransomware File Extension Rename Activity Over Network Share
DNS Client
1007425 - ISC BIND OpenPGP Key Handler Denial Of Service Vulnerability (CVE-2015-5986)
1007465 - ISC BIND Response Handler Denial Of Service Vulnerability (CVE-2015-8000)
Microsoft Office
1007667* - Microsoft Office Information Disclosure Vulnerability (CVE-2016-3234)
1007617* - Microsoft Office Memory Corruption Vulnerability (CVE-2016-0126)
1007885* - Microsoft Office Memory Corruption Vulnerability (CVE-2016-3316)
Remote Desktop Protocol Server
1007969 - Identified Suspicious Remote Desktop Protocol (RDP) Brute Force Attempt
Web Client Common
1007998 - Adobe Acrobat And Reader Multiple Memory Corruption Vulnerabilities (APSB16-33) - 1
1007997 - Adobe Acrobat And Reader Multiple Memory Corruption Vulnerabilities (APSB16-33) - 2
1007999 - Adobe Acrobat And Reader Multiple Security Vulnerabilities (APSB16-33) - 1
1008000 - Adobe Acrobat And Reader Multiple Security Vulnerabilities (APSB16-33) - 2
1007678* - Adobe Flash Player Buffer Overflow Vulnerability (CVE-2016-4138)
1007996 - Adobe Flash Player Multiple Security Vulnerabilities (APSB16-32)
1006391* - Identified Suspicious Obfuscated JavaScript - 1
1007929* - Microsoft PDF Library Remote Code Execution Vulnerability (CVE-2016-3370)
1007975* - Microsoft Windows Multiple Security Vulnerabilities (MS16-123)
Web Client Internet Explorer/Edge
1007529 - Cumulative Security Update Of ActiveX Kill Bits - January 2016
1007926* - Microsoft Edge Memory Corruption Vulnerability (CVE-2016-3294)
1007921* - Microsoft Internet Explorer And Edge Memory Corruption Vulnerability (CVE-2016-3295)
1007928* - Microsoft Internet Explorer Memory Corruption Vulnerability (CVE-2016-3324)
Web Server Common
1005434* - Disallow Upload Of A PHP File
1007185* - Java Unserialize Remote Code Execution Vulnerability
Windows Services RPC Client
1007913* - Identified Possible Ransomware File Extension Rename Activity Over Network Share - Client
Integrity Monitoring Rules:
There are no new or updated Integrity Monitoring Rules in this Security Update.
Log Inspection Rules:
There are no new or updated Log Inspection Rules in this Security Update.
Deep Packet Inspection Rules:
DCERPC Services
1007596* - Identified Possible Ransomware File Extension Rename Activity Over Network Share
DNS Client
1007425 - ISC BIND OpenPGP Key Handler Denial Of Service Vulnerability (CVE-2015-5986)
1007465 - ISC BIND Response Handler Denial Of Service Vulnerability (CVE-2015-8000)
Microsoft Office
1007667* - Microsoft Office Information Disclosure Vulnerability (CVE-2016-3234)
1007617* - Microsoft Office Memory Corruption Vulnerability (CVE-2016-0126)
1007885* - Microsoft Office Memory Corruption Vulnerability (CVE-2016-3316)
Remote Desktop Protocol Server
1007969 - Identified Suspicious Remote Desktop Protocol (RDP) Brute Force Attempt
Web Client Common
1007998 - Adobe Acrobat And Reader Multiple Memory Corruption Vulnerabilities (APSB16-33) - 1
1007997 - Adobe Acrobat And Reader Multiple Memory Corruption Vulnerabilities (APSB16-33) - 2
1007999 - Adobe Acrobat And Reader Multiple Security Vulnerabilities (APSB16-33) - 1
1008000 - Adobe Acrobat And Reader Multiple Security Vulnerabilities (APSB16-33) - 2
1007678* - Adobe Flash Player Buffer Overflow Vulnerability (CVE-2016-4138)
1007996 - Adobe Flash Player Multiple Security Vulnerabilities (APSB16-32)
1006391* - Identified Suspicious Obfuscated JavaScript - 1
1007929* - Microsoft PDF Library Remote Code Execution Vulnerability (CVE-2016-3370)
1007975* - Microsoft Windows Multiple Security Vulnerabilities (MS16-123)
Web Client Internet Explorer/Edge
1007529 - Cumulative Security Update Of ActiveX Kill Bits - January 2016
1007926* - Microsoft Edge Memory Corruption Vulnerability (CVE-2016-3294)
1007921* - Microsoft Internet Explorer And Edge Memory Corruption Vulnerability (CVE-2016-3295)
1007928* - Microsoft Internet Explorer Memory Corruption Vulnerability (CVE-2016-3324)
Web Server Common
1005434* - Disallow Upload Of A PHP File
1007185* - Java Unserialize Remote Code Execution Vulnerability
Windows Services RPC Client
1007913* - Identified Possible Ransomware File Extension Rename Activity Over Network Share - Client
Integrity Monitoring Rules:
There are no new or updated Integrity Monitoring Rules in this Security Update.
Log Inspection Rules:
There are no new or updated Log Inspection Rules in this Security Update.
* indicates a new version of an existing rule
Deep Packet Inspection Rules:
Microsoft Office
1007373* - Microsoft Office Memory Corruption Vulnerability (CVE-2016-0010)
1007979 - Microsoft Office Memory Corruption Vulnerability (CVE-2016-7193)
Novell File Reporter (NFR) Agent
1005260* - Novell File Reporter SRS XML Server Request With Path Element Detected
OpenSSL
1007970* - OpenSSL OCSP Status Request Denial Of Service Vulnerability (CVE-2016-6304)
Suspicious Client Ransomware Activity
1007971* - Ransomware Fantom
Web Application Common
1000552* - Generic Cross Site Scripting(XSS) Prevention
Web Application PHP Based
1007641* - Magento Unauthenticated Arbitrary File Write Vulnerability (CVE-2016-4010)
1007739 - PHP TAR File Parsing Uninitialized Reference Vulnerability (CVE-2016-4343)
Web Client Common
1007995 - Microsoft Windows Diagnostics Hub Elevation Of Privilege (CVE-2016-7188)
1007974 - Microsoft Windows GDI+ Information Disclosure Vulnerability (CVE-2016-3209)
1007977 - Microsoft Windows GDI+ Information Disclosure Vulnerability (CVE-2016-3262)
1007978 - Microsoft Windows GDI+ Information Disclosure Vulnerability (CVE-2016-3263)
1007976 - Microsoft Windows Multiple Elevation Of Privilege Vulnerabilities (MS16-120)
1007989 - Microsoft Windows Multiple Security Vulnerabilities (MS16-118, MS16-119)
1007975 - Microsoft Windows Multiple Security Vulnerabilities (MS16-123)
1007988 - Microsoft Windows Multiple Security Vulnerabilities (MS16-124)
Web Client Internet Explorer/Edge
1007983 - Microsoft Edge Scripting Engine Information Disclosure Vulnerability (CVE-2016-7189)
1007984 - Microsoft Edge Scripting Engine Memory Corruption Vulnerability (CVE-2016-3386)
1007982 - Microsoft Edge Scripting Engine Memory Corruption Vulnerability (CVE-2016-7190)
1007994 - Microsoft Edge Scripting Engine Memory Corruption Vulnerability (CVE-2016-7194)
1007991 - Microsoft Internet Explorer And Edge Information Disclosure Vulnerability (CVE-2016-3267)
1007924* - Microsoft Internet Explorer And Edge Information Disclosure Vulnerability (CVE-2016-3351)
1007920* - Microsoft Internet Explorer And Edge Memory Corruption Vulnerability (CVE-2016-3247)
1007922* - Microsoft Internet Explorer And Edge Memory Corruption Vulnerability (CVE-2016-3297)
1007986 - Microsoft Internet Explorer And Edge Memory Corruption Vulnerability (CVE-2016-3331)
1007987 - Microsoft Internet Explorer And Edge Memory Corruption Vulnerability (CVE-2016-3382)
1007985 - Microsoft Internet Explorer Information Disclosure Vulnerability (CVE-2016-3298)
1007873* - Microsoft Internet Explorer Memory Corruption Vulnerability (CVE-2016-3288)
1007981 - Microsoft Internet Explorer Memory Corruption Vulnerability (CVE-2016-3383)
1007980 - Microsoft Internet Explorer Memory Corruption Vulnerability (CVE-2016-3385)
Web Server Miscellaneous
1003741* - Adobe RoboHelp Server Authentication Bypass Vulnerability
Web Service HP SiteScope
1007742 - HP SiteScope DNS Tool Command Injection Vulnerability
Integrity Monitoring Rules:
There are no new or updated Integrity Monitoring Rules in this Security Update.
Log Inspection Rules:
There are no new or updated Log Inspection Rules in this Security Update.
Deep Packet Inspection Rules:
Microsoft Office
1007373* - Microsoft Office Memory Corruption Vulnerability (CVE-2016-0010)
1007979 - Microsoft Office Memory Corruption Vulnerability (CVE-2016-7193)
Novell File Reporter (NFR) Agent
1005260* - Novell File Reporter SRS XML Server Request With Path Element Detected
OpenSSL
1007970* - OpenSSL OCSP Status Request Denial Of Service Vulnerability (CVE-2016-6304)
Suspicious Client Ransomware Activity
1007971* - Ransomware Fantom
Web Application Common
1000552* - Generic Cross Site Scripting(XSS) Prevention
Web Application PHP Based
1007641* - Magento Unauthenticated Arbitrary File Write Vulnerability (CVE-2016-4010)
1007739 - PHP TAR File Parsing Uninitialized Reference Vulnerability (CVE-2016-4343)
Web Client Common
1007995 - Microsoft Windows Diagnostics Hub Elevation Of Privilege (CVE-2016-7188)
1007974 - Microsoft Windows GDI+ Information Disclosure Vulnerability (CVE-2016-3209)
1007977 - Microsoft Windows GDI+ Information Disclosure Vulnerability (CVE-2016-3262)
1007978 - Microsoft Windows GDI+ Information Disclosure Vulnerability (CVE-2016-3263)
1007976 - Microsoft Windows Multiple Elevation Of Privilege Vulnerabilities (MS16-120)
1007989 - Microsoft Windows Multiple Security Vulnerabilities (MS16-118, MS16-119)
1007975 - Microsoft Windows Multiple Security Vulnerabilities (MS16-123)
1007988 - Microsoft Windows Multiple Security Vulnerabilities (MS16-124)
Web Client Internet Explorer/Edge
1007983 - Microsoft Edge Scripting Engine Information Disclosure Vulnerability (CVE-2016-7189)
1007984 - Microsoft Edge Scripting Engine Memory Corruption Vulnerability (CVE-2016-3386)
1007982 - Microsoft Edge Scripting Engine Memory Corruption Vulnerability (CVE-2016-7190)
1007994 - Microsoft Edge Scripting Engine Memory Corruption Vulnerability (CVE-2016-7194)
1007991 - Microsoft Internet Explorer And Edge Information Disclosure Vulnerability (CVE-2016-3267)
1007924* - Microsoft Internet Explorer And Edge Information Disclosure Vulnerability (CVE-2016-3351)
1007920* - Microsoft Internet Explorer And Edge Memory Corruption Vulnerability (CVE-2016-3247)
1007922* - Microsoft Internet Explorer And Edge Memory Corruption Vulnerability (CVE-2016-3297)
1007986 - Microsoft Internet Explorer And Edge Memory Corruption Vulnerability (CVE-2016-3331)
1007987 - Microsoft Internet Explorer And Edge Memory Corruption Vulnerability (CVE-2016-3382)
1007985 - Microsoft Internet Explorer Information Disclosure Vulnerability (CVE-2016-3298)
1007873* - Microsoft Internet Explorer Memory Corruption Vulnerability (CVE-2016-3288)
1007981 - Microsoft Internet Explorer Memory Corruption Vulnerability (CVE-2016-3383)
1007980 - Microsoft Internet Explorer Memory Corruption Vulnerability (CVE-2016-3385)
Web Server Miscellaneous
1003741* - Adobe RoboHelp Server Authentication Bypass Vulnerability
Web Service HP SiteScope
1007742 - HP SiteScope DNS Tool Command Injection Vulnerability
Integrity Monitoring Rules:
There are no new or updated Integrity Monitoring Rules in this Security Update.
Log Inspection Rules:
There are no new or updated Log Inspection Rules in this Security Update.