Rule Update
16-026 (September 13, 2016)
Publish date: September 13, 2016
DESCRIPTION
* indicates a new version of an existing rule
Deep Packet Inspection Rules:
Database MySQL
1007950 - Oracle MySQL Remote Code Execution Vulnerability (CVE-2016-6662)
Microsoft Office
1007939 - Microsoft Office Memory Corruption Vulnerability (CVE-2016-3357)
1007940 - Microsoft Office Memory Corruption Vulnerability (CVE-2016-3358)
1007941 - Microsoft Office Memory Corruption Vulnerability (CVE-2016-3359)
1007942 - Microsoft Office Memory Corruption Vulnerability (CVE-2016-3360)
1007943 - Microsoft Office Memory Corruption Vulnerability (CVE-2016-3362)
1007944 - Microsoft Office Memory Corruption Vulnerability (CVE-2016-3363)
1007945 - Microsoft Office Memory Corruption Vulnerability (CVE-2016-3364)
1007946 - Microsoft Office Memory Corruption Vulnerability (CVE-2016-3365)
1007947 - Microsoft Office Memory Corruption Vulnerability (CVE-2016-3381)
Web Application PHP Based
1007948 - Drupal RESTWS Module Page Callback Remote Code Execution Vulnerability
1006794* - PHP 'main/rfc1867.c' Remote Denial Of Service Vulnerability
Web Client Common
1007631* - Adobe Acrobat And Reader Multiple Security Vulnerabilities (APSB16-14) - 10
1007629* - Adobe Acrobat And Reader Multiple Security Vulnerabilities (APSB16-14) - 6
1007515* - Adobe Flash Player Heap Overflow Vulnerability (CVE-2016-1001)
1007938 - Microsoft GDI Elevation Of Privilege Vulnerability (CVE-2016-3355)
1007929 - Microsoft PDF Library Remote Code Execution Vulnerability (CVE-2016-3370)
1007930 - Microsoft PDF Library Remote Code Execution Vulnerability (CVE-2016-3374)
1007937 - Microsoft Win32k Elevation Of Privilege Vulnerability (CVE-2016-3348)
1007936 - Microsoft Windows Elevation Of Privilege Vulnerability (CVE-2016-3373)
1007931 - Microsoft Windows Information Disclosure Vulnerability (CVE-2016-3352)
1007935 - Microsoft Windows Kernel Elevation Of Privilege Vulnerability (CVE-2016-3371)
1007933 - Microsoft Windows Session Object Elevation Of Privilege Vulnerability (CVE-2016-3305)
1007934 - Microsoft Windows Session Object Elevation Of Privilege Vulnerability (CVE-2016-3306)
Web Client Internet Explorer/Edge
1007926 - Microsoft Edge Memory Corruption Vulnerability (CVE-2016-3294)
1007923 - Microsoft Internet Explorer And Edge Information Disclosure Vulnerability (CVE-2016-3325)
1007924 - Microsoft Internet Explorer And Edge Information Disclosure Vulnerability (CVE-2016-3351)
1007920 - Microsoft Internet Explorer And Edge Memory Corruption Vulnerability (CVE-2016-3247)
1007921 - Microsoft Internet Explorer And Edge Memory Corruption Vulnerability (CVE-2016-3295)
1007922 - Microsoft Internet Explorer And Edge Memory Corruption Vulnerability (CVE-2016-3297)
1007928 - Microsoft Internet Explorer Memory Corruption Vulnerability (CVE-2016-3324)
1007657* - Microsoft Internet Explorer Scripting Engine Memory Corruption Vulnerability (CVE-2016-3210)
1007925 - Microsoft Scripting Engine Memory Corruption Vulnerability (CVE-2016-3375)
1007927 - Microsoft Scripting Engine Memory Corruption Vulnerability (CVE-2016-3377)
Web Client SSL
1007906 - Multiple Products FalseCONNECT Vulnerability
Web Server Common
1007914 - Symfony Security Component Denial Of Service Vulnerability
Integrity Monitoring Rules:
There are no new or updated Integrity Monitoring Rules in this Security Update.
Log Inspection Rules:
There are no new or updated Log Inspection Rules in this Security Update.
Deep Packet Inspection Rules:
Database MySQL
1007950 - Oracle MySQL Remote Code Execution Vulnerability (CVE-2016-6662)
Microsoft Office
1007939 - Microsoft Office Memory Corruption Vulnerability (CVE-2016-3357)
1007940 - Microsoft Office Memory Corruption Vulnerability (CVE-2016-3358)
1007941 - Microsoft Office Memory Corruption Vulnerability (CVE-2016-3359)
1007942 - Microsoft Office Memory Corruption Vulnerability (CVE-2016-3360)
1007943 - Microsoft Office Memory Corruption Vulnerability (CVE-2016-3362)
1007944 - Microsoft Office Memory Corruption Vulnerability (CVE-2016-3363)
1007945 - Microsoft Office Memory Corruption Vulnerability (CVE-2016-3364)
1007946 - Microsoft Office Memory Corruption Vulnerability (CVE-2016-3365)
1007947 - Microsoft Office Memory Corruption Vulnerability (CVE-2016-3381)
Web Application PHP Based
1007948 - Drupal RESTWS Module Page Callback Remote Code Execution Vulnerability
1006794* - PHP 'main/rfc1867.c' Remote Denial Of Service Vulnerability
Web Client Common
1007631* - Adobe Acrobat And Reader Multiple Security Vulnerabilities (APSB16-14) - 10
1007629* - Adobe Acrobat And Reader Multiple Security Vulnerabilities (APSB16-14) - 6
1007515* - Adobe Flash Player Heap Overflow Vulnerability (CVE-2016-1001)
1007938 - Microsoft GDI Elevation Of Privilege Vulnerability (CVE-2016-3355)
1007929 - Microsoft PDF Library Remote Code Execution Vulnerability (CVE-2016-3370)
1007930 - Microsoft PDF Library Remote Code Execution Vulnerability (CVE-2016-3374)
1007937 - Microsoft Win32k Elevation Of Privilege Vulnerability (CVE-2016-3348)
1007936 - Microsoft Windows Elevation Of Privilege Vulnerability (CVE-2016-3373)
1007931 - Microsoft Windows Information Disclosure Vulnerability (CVE-2016-3352)
1007935 - Microsoft Windows Kernel Elevation Of Privilege Vulnerability (CVE-2016-3371)
1007933 - Microsoft Windows Session Object Elevation Of Privilege Vulnerability (CVE-2016-3305)
1007934 - Microsoft Windows Session Object Elevation Of Privilege Vulnerability (CVE-2016-3306)
Web Client Internet Explorer/Edge
1007926 - Microsoft Edge Memory Corruption Vulnerability (CVE-2016-3294)
1007923 - Microsoft Internet Explorer And Edge Information Disclosure Vulnerability (CVE-2016-3325)
1007924 - Microsoft Internet Explorer And Edge Information Disclosure Vulnerability (CVE-2016-3351)
1007920 - Microsoft Internet Explorer And Edge Memory Corruption Vulnerability (CVE-2016-3247)
1007921 - Microsoft Internet Explorer And Edge Memory Corruption Vulnerability (CVE-2016-3295)
1007922 - Microsoft Internet Explorer And Edge Memory Corruption Vulnerability (CVE-2016-3297)
1007928 - Microsoft Internet Explorer Memory Corruption Vulnerability (CVE-2016-3324)
1007657* - Microsoft Internet Explorer Scripting Engine Memory Corruption Vulnerability (CVE-2016-3210)
1007925 - Microsoft Scripting Engine Memory Corruption Vulnerability (CVE-2016-3375)
1007927 - Microsoft Scripting Engine Memory Corruption Vulnerability (CVE-2016-3377)
Web Client SSL
1007906 - Multiple Products FalseCONNECT Vulnerability
Web Server Common
1007914 - Symfony Security Component Denial Of Service Vulnerability
Integrity Monitoring Rules:
There are no new or updated Integrity Monitoring Rules in this Security Update.
Log Inspection Rules:
There are no new or updated Log Inspection Rules in this Security Update.
Featured Stories
- The Mirage of AI Programming: Hallucinations and Code IntegrityThe adoption of large language models (LLMs) and Generative Pre-trained Transformers (GPTs), such as ChatGPT, by leading firms like Microsoft, Nuance, Mix and Google CCAI Insights, drives the industry towards a series of transformative changes. As the use of these new technologies becomes prevalent, it is important to understand their key behavior, advantages, and the risks they present.Read more
- Open RAN: Attack of the xAppsThis article discusses two O-RAN vulnerabilities that attackers can exploit. One vulnerability stems from insufficient access control, and the other arises from faulty message handlingRead more
- A Closer Exploration of Residential Proxies and CAPTCHA-Breaking ServicesThis article, the final part of a two-part series, focuses on the details of our technical findings and analyses of select residential proxies and CAPTCHA-solving services.Read more
- How Residential Proxies and CAPTCHA-Solving Services Become Agents of AbuseThis article, the first of a two-part series, provides insights on how abusers and cybercriminals use residential proxies and CAPTCHA-solving services to enable bots, scrapers, and stuffers, and proposes security countermeasures for organizations.Read more