Rule Update
19-032 (June 11, 2019)
DESCRIPTION
* indicates a new version of an existing rule
Deep Packet Inspection Rules:
DHCP Client
1009116* - DHCP Client Script Code Execution Vulnerability (CVE-2018-1111) - 1
DHCP Client - Incoming
1009114* - DHCP Client Script Code Execution Vulnerability (CVE-2018-1111)
Mail Server Exim
1009797 - Exim 'deliver_message' Command Injection Vulnerability (CVE-2019-10149)
Web Application Common
1009751 - WordPress PayPal Checkout Payment Gateway Plugin Parameter Tampering Vulnerability (CVE-2019-7441)
Web Client Common
1009796 - Adobe Flash Player Out-Of-Bounds Read Vulnerability (CVE-2019-7845)
1009787 - Microsoft Edge Chakra Scripting Engine Memory Corruption Vulnerability (CVE-2019-1024)
1009788 - Microsoft Edge Chakra Scripting Engine Memory Corruption Vulnerability (CVE-2019-1051)
1009792 - Microsoft Edge Chakra Scripting Engine Memory Corruption Vulnerability (CVE-2019-1052)
1009793 - Microsoft Internet Explorer Scripting Engine Memory Corruption Vulnerability (CVE-2019-1055)
1009764 - Microsoft Office Security Feature Bypass Vulnerability (CVE-2019-0540)
1009769 - Microsoft Windows Codecs Library Information Disclosure Vulnerability (CVE-2018-8506)
1009779 - Microsoft Windows Multiple Security Vulnerabilities (June-2019)
1009778 - Microsoft Windows Speech API Remote Code Execution Vulnerability (CVE-2019-0985)
Web Client Internet Explorer/Edge
1009785 - Microsoft Edge Chakra Scripting Engine Memory Corruption Vulnerability (CVE-2019-0989)
1009786 - Microsoft Edge Chakra Scripting Engine Memory Corruption Vulnerability (CVE-2019-0991)
1009783 - Microsoft Edge Chakra Scripting Engine Memory Corruption Vulnerability (CVE-2019-0992)
1009784 - Microsoft Edge Chakra Scripting Engine Memory Corruption Vulnerability (CVE-2019-0993)
1009789 - Microsoft Edge Chakra Scripting Engine Memory Corruption Vulnerability (CVE-2019-1002)
1009790 - Microsoft Edge Chakra Scripting Engine Memory Corruption Vulnerability (CVE-2019-1003)
1009782 - Microsoft Edge Scripting Engine Information Disclosure Vulnerability (CVE-2019-0990)
1009794 - Microsoft Edge Scripting Engine Information Disclosure Vulnerability (CVE-2019-1023)
1009781 - Microsoft Internet Explorer Scripting Engine Memory Corruption Vulnerability (CVE-2019-0920)
1009780 - Microsoft Internet Explorer Scripting Engine Memory Corruption Vulnerability (CVE-2019-0988)
1009791 - Microsoft Internet Explorer Scripting Engine Memory Corruption Vulnerability (CVE-2019-1005)
Web Server SAP
1009715* - SAP Gateway 'gw/acl_mode' Command Injection Vulnerability (10KBLAZE)
Integrity Monitoring Rules:
1009622 - .bash_profile and .bashrc (ATT&CK: T1156)
1009629 - AppCert DLLs (ATT&CK: T1182)
Log Inspection Rules:
1008670* - Microsoft Windows Security Events - 3
Deep Packet Inspection Rules:
DHCP Client
1009116* - DHCP Client Script Code Execution Vulnerability (CVE-2018-1111) - 1
DHCP Client - Incoming
1009114* - DHCP Client Script Code Execution Vulnerability (CVE-2018-1111)
Mail Server Exim
1009797 - Exim 'deliver_message' Command Injection Vulnerability (CVE-2019-10149)
Web Application Common
1009751 - WordPress PayPal Checkout Payment Gateway Plugin Parameter Tampering Vulnerability (CVE-2019-7441)
Web Client Common
1009796 - Adobe Flash Player Out-Of-Bounds Read Vulnerability (CVE-2019-7845)
1009787 - Microsoft Edge Chakra Scripting Engine Memory Corruption Vulnerability (CVE-2019-1024)
1009788 - Microsoft Edge Chakra Scripting Engine Memory Corruption Vulnerability (CVE-2019-1051)
1009792 - Microsoft Edge Chakra Scripting Engine Memory Corruption Vulnerability (CVE-2019-1052)
1009793 - Microsoft Internet Explorer Scripting Engine Memory Corruption Vulnerability (CVE-2019-1055)
1009764 - Microsoft Office Security Feature Bypass Vulnerability (CVE-2019-0540)
1009769 - Microsoft Windows Codecs Library Information Disclosure Vulnerability (CVE-2018-8506)
1009779 - Microsoft Windows Multiple Security Vulnerabilities (June-2019)
1009778 - Microsoft Windows Speech API Remote Code Execution Vulnerability (CVE-2019-0985)
Web Client Internet Explorer/Edge
1009785 - Microsoft Edge Chakra Scripting Engine Memory Corruption Vulnerability (CVE-2019-0989)
1009786 - Microsoft Edge Chakra Scripting Engine Memory Corruption Vulnerability (CVE-2019-0991)
1009783 - Microsoft Edge Chakra Scripting Engine Memory Corruption Vulnerability (CVE-2019-0992)
1009784 - Microsoft Edge Chakra Scripting Engine Memory Corruption Vulnerability (CVE-2019-0993)
1009789 - Microsoft Edge Chakra Scripting Engine Memory Corruption Vulnerability (CVE-2019-1002)
1009790 - Microsoft Edge Chakra Scripting Engine Memory Corruption Vulnerability (CVE-2019-1003)
1009782 - Microsoft Edge Scripting Engine Information Disclosure Vulnerability (CVE-2019-0990)
1009794 - Microsoft Edge Scripting Engine Information Disclosure Vulnerability (CVE-2019-1023)
1009781 - Microsoft Internet Explorer Scripting Engine Memory Corruption Vulnerability (CVE-2019-0920)
1009780 - Microsoft Internet Explorer Scripting Engine Memory Corruption Vulnerability (CVE-2019-0988)
1009791 - Microsoft Internet Explorer Scripting Engine Memory Corruption Vulnerability (CVE-2019-1005)
Web Server SAP
1009715* - SAP Gateway 'gw/acl_mode' Command Injection Vulnerability (10KBLAZE)
Integrity Monitoring Rules:
1009622 - .bash_profile and .bashrc (ATT&CK: T1156)
1009629 - AppCert DLLs (ATT&CK: T1182)
Log Inspection Rules:
1008670* - Microsoft Windows Security Events - 3
Featured Stories
The Mirage of AI Programming: Hallucinations and Code IntegrityThe adoption of large language models (LLMs) and Generative Pre-trained Transformers (GPTs), such as ChatGPT, by leading firms like Microsoft, Nuance, Mix and Google CCAI Insights, drives the industry towards a series of transformative changes. As the use of these new technologies becomes prevalent, it is important to understand their key behavior, advantages, and the risks they present.Read more
Open RAN: Attack of the xAppsThis article discusses two O-RAN vulnerabilities that attackers can exploit. One vulnerability stems from insufficient access control, and the other arises from faulty message handlingRead more
A Closer Exploration of Residential Proxies and CAPTCHA-Breaking ServicesThis article, the final part of a two-part series, focuses on the details of our technical findings and analyses of select residential proxies and CAPTCHA-solving services.Read more
How Residential Proxies and CAPTCHA-Solving Services Become Agents of AbuseThis article, the first of a two-part series, provides insights on how abusers and cybercriminals use residential proxies and CAPTCHA-solving services to enable bots, scrapers, and stuffers, and proposes security countermeasures for organizations.Read more