10 deprecated signatures:
HIGH | DOS:WINDOWS:WINNUKE-NETBIOS | DOS: WinNuke (netbios) | Removal Date: 08/23/2018 | Reason For Deprecation: Very old cve sig for EOS products. |
MEDIUM | SMB:MS-WIN-2000-LANMAN-UDP-DOS | SMB: Microsoft Windows 2000 Lanman UDP Denial of Service | Removal Date: 08/23/2018 | Reason For Deprecation: Very old cve sig for EOS products. |
INFO | SCAN:MISC:HTTP:FINGER-PROBE | SCAN: Finger Probe | Removal Date: 08/23/2018 | Reason For Deprecation: This signature is for End of support products. |
HIGH | DOS:IP:IGMP-OVERSIZE | DOS: IGMP Oversize | Removal Date: 08/23/2018 | Reason For Deprecation: This signature is for End of support products. |
HIGH | NETBIOS:DOS:RFPOISON | NETBIOS RFPoision DOS Attack | Removal Date: 08/23/2018 | Reason For Deprecation: Very old cve sig for EOS products. |
MEDIUM | FINGER:USER:ROOT | FINGER: User "root" | Removal Date: 08/23/2018 | Reason For Deprecation: Very old cve sig for EOS products. |
MEDIUM | HTTP:STC:CLSID:ACTIVEX:WH32-OF | HTTP: WinHelp32.exe Remote Buffer Overrun | Removal Date: 08/23/2018 | Reason For Deprecation: Very old cve sig for EOS products. |
LOW | SCAN:CYBERCOP:FINGER-QUERY | SCAN: Cybercop Finger Query | Removal Date: 08/23/2018 | Reason For Deprecation: This signature is for End of support products. |
MEDIUM | FINGER:USER:SLASH-FILE | FINGER: / File Query | Removal Date: 08/23/2018 | Reason For Deprecation: This signature is for End of support products. |
HIGH | IP:SRC-ROUTE-OF | IGMP: Source Route Overflow | Removal Date: 08/23/2018 | Reason For Deprecation: This signature is for End of support products. |
Customers are suggested to remove the deprecated signatures from the IDP policy, if they are explicitly configured, other than Dynamic groups
6 new signatures:
HIGH | HTTP:STC:ADOBE:CVE-2018-12786CE | HTTP: Adobe Acrobat Reader CVE-2018-12786 Remote Code Execution |
HIGH | HTTP:STC:ADOBE:CVE-2018-5052-HO | HTTP: Adobe Acrobat Pro CVE-2018-5052 Heap Overflow |
HIGH | HTTP:STC:ADOBE:CVE-2018-12788CE | HTTP: Adobe Acrobat Reader CVE-2018-12788 Remote Code Execution |
HIGH | HTTP:STC:FOXITREADER-ANNOT-UAF | HTTP: Foxit Reader Use After Free |
HIGH | HTTP:STC:ADOBE:CVE-2018-5065-CE | HTTP: Adobe Pdf CVE-2018-5065 Remote Code Execution |
HIGH | HTTP:STC:ADOBE:CVE-2018-5040-CE | HTTP: Adobe Acrobat Reader CVE-2018-5040 Remote Code Execution |
1 updated signature:
HIGH | APP:CVS:ARGUMENTX-CMD | APP: CVS Argumentx Command Double Free |
1 deleted signature:
HTTP:STC:IE:CVE-2014-1762-MC1 | HTTP: Microsoft Internet Explorer CVE-2014-1762 Memory Corruption1 |
This signature detects attempts to exploit a known vulnerability against CVS Argumentx Command. A successful attack can lead to unauthorized information disclosure.
isg-3.5.141652, idp-5.1.110161014, idp-4.1.110110719, mx-11.4, idp-4.1.0, mx-16.1, idp-4.2.0, srx-17.3, vmx-17.4, isg-3.5.141818, vsrx-17.4, srx-branch-17.4, srx-17.4, idp-5.1.110170603, idp-5.0.0, isg-3.5.0, vsrx3bsd-18.2, srx-18.2, j-series-9.5, srx-12.1, srx-branch-12.1, idp-4.2.110100823, idp-5.0.110130325, idp-4.2.110101203, vsrx-12.1, idp-5.1.0, idp-5.0.110121210, vsrx-15.1, idp-4.1.110110609
This signature detects attempts to exploit a known vulnerability in the Microsoft Internet Explorer. A successful attack can lead to arbitrary code execution.
This signature detects attempts to exploit a known vulnerability against Adobe Acrobat Pro. A successful attack can lead to arbitrary code execution.
isg-3.5.141652, idp-5.1.110161014, idp-4.0.0, idp-4.0.110090709, idp-4.0.110090831, idp-4.1.0, mx-16.1, idp-4.2.0, srx-17.3, vmx-17.4, isg-3.5.141818, vsrx-17.4, srx-branch-17.4, isg-3.0.0, idp-5.1.110170603, isg-3.1.135801, isg-3.4.0, vsrx3bsd-18.2, isg-3.5.0, j-series-9.5, idp-4.2.110100823, idp-4.2.110101203, idp-5.1.0, idp-4.1.110110609, idp-4.1.110110719, mx-11.4, idp-5.0.0, srx-18.2, isg-3.4.139899, idp-5.0.110121210, srx-12.1, srx-branch-12.1, isg-3.4.140032, idp-5.0.110130325, vsrx-12.1, srx-17.4, isg-3.1.134269, vsrx-15.1
This signature detects attempts to exploit a known vulnerability against Adobe Acrobat Reader. A successful attack can lead to arbitrary code execution.
isg-3.5.141652, idp-5.1.110161014, idp-4.0.0, idp-4.0.110090709, idp-4.0.110090831, idp-4.1.0, mx-16.1, idp-4.2.0, srx-17.3, vmx-17.4, idp-5.0.0, vsrx-17.4, srx-branch-17.4, srx-17.4, isg-3.1.134269, isg-3.1.135801, isg-3.4.0, vsrx3bsd-18.2, isg-3.5.0, j-series-9.5, idp-4.2.110100823, idp-4.2.110101203, idp-5.1.0, idp-4.1.110110609, idp-4.1.110110719, mx-11.4, isg-3.5.141818, srx-18.2, isg-3.4.139899, idp-5.0.110121210, srx-12.1, srx-branch-12.1, isg-3.4.140032, idp-5.0.110130325, vsrx-12.1, isg-3.0.0, idp-5.1.110170603, vsrx-15.1
This signature detects attempts to exploit a known vulnerability against Adobe Acrobat Reader. A successful attack can lead to arbitrary code execution.
isg-3.5.141652, idp-5.1.110161014, idp-4.0.0, idp-4.0.110090709, idp-4.0.110090831, idp-4.1.0, mx-16.1, idp-4.2.0, srx-17.3, vmx-17.4, idp-5.0.0, vsrx-17.4, srx-branch-17.4, srx-17.4, isg-3.1.134269, isg-3.1.135801, isg-3.4.0, vsrx3bsd-18.2, isg-3.5.0, j-series-9.5, idp-4.2.110100823, idp-4.2.110101203, idp-5.1.0, idp-4.1.110110609, idp-4.1.110110719, mx-11.4, isg-3.5.141818, srx-18.2, isg-3.4.139899, idp-5.0.110121210, srx-12.1, srx-branch-12.1, isg-3.4.140032, idp-5.0.110130325, vsrx-12.1, isg-3.0.0, idp-5.1.110170603, vsrx-15.1
This signature detects attempt to exploit an use after free vulnerability which has been reported in Foxit Reader. A remote attacker could exploit this vulnerability by enticing a user to open a crafted PDF document. Successful exploitation could allow the attacker to execute arbitrary code in the context of the application.
isg-3.5.141652, idp-5.1.110161014, mx-11.4, idp-4.1.0, mx-16.1, srx-17.3, vmx-17.4, isg-3.5.141818, vsrx-17.4, srx-branch-17.4, srx-17.4, idp-5.1.110170603, vsrx3bsd-18.2, srx-18.2, j-series-9.5, srx-12.1, srx-branch-12.1, vsrx-12.1, vsrx-15.1
This signature detects attempts to exploit a known vulnerability against Adobe Reader. A successful attack can lead to arbitrary code execution.
isg-3.5.141652, idp-5.1.110161014, mx-11.4, idp-4.1.0, mx-16.1, srx-17.3, vmx-17.4, isg-3.5.141818, vsrx-17.4, srx-branch-17.4, srx-17.4, idp-5.1.110170603, vsrx3bsd-18.2, srx-18.2, j-series-9.5, srx-12.1, srx-branch-12.1, vsrx-12.1, vsrx-15.1
This signature detects attempts to exploit a known vulnerability against Adobe Acrobat Reader. A successful attack can lead to arbitrary code execution.
isg-3.5.141652, idp-5.1.110161014, idp-4.0.0, idp-4.0.110090709, idp-4.0.110090831, idp-4.1.0, mx-16.1, idp-4.2.0, srx-17.3, vmx-17.4, idp-5.0.0, vsrx-17.4, srx-branch-17.4, srx-17.4, isg-3.1.134269, isg-3.1.135801, isg-3.4.0, vsrx3bsd-18.2, isg-3.5.0, j-series-9.5, idp-4.2.110100823, idp-4.2.110101203, idp-5.1.0, idp-4.1.110110609, idp-4.1.110110719, mx-11.4, isg-3.5.141818, srx-18.2, isg-3.4.139899, idp-5.0.110121210, srx-12.1, srx-branch-12.1, isg-3.4.140032, idp-5.0.110130325, vsrx-12.1, isg-3.0.0, idp-5.1.110170603, vsrx-15.1