Update #3232 (12/10/2019)
11 new signatures:
MEDIUM | HTTP:CTS:LIBEXPAT-BO | HTTP: Libexpat Heap Based Buffer Over Read |
HIGH | HTTP:CTS:YOUPHPTUBE-CMDINJ | HTTP: YouPHPTube Encoder Command Injection |
HIGH | HTTP:CTS:YOUPHPTUBE-RCE | HTTP: YouPHPTube checkConfiguration.php Remote Code Execution |
CRITICAL | HTTP:CTS:JENKINS-STAPLER-CE | HTTP: Jenkins Stapler Web Framework Code Execution |
MEDIUM | APP:ORACLE:T3-INSECURE-RCE | APP: Oracle Weblogic T3 Requests Insecure Deserialization Remote Code Execution |
MEDIUM | HTTP:SQL:WIKID-2FA-LOG-JSP | HTTP: WiKID 2FA Enterprise Server Log.jsp SQL Injection |
HIGH | HTTP:CTS:FIBER-HOME-AUTH-BY | HTTP: FiberHome VDSL2 Modem HG 150-UB Authentication Bypass |
MEDIUM | HTTP:STC:DL:CVE-2019-1469-ID | HTTP: Microsoft Windows CVE-2019-1469 Information Disclosure |
MEDIUM | HTTP:DIR:TRENDMICRO-OFCSCAN-DIR | HTTP: Trend Micro OfficeScan Zip Directory Traversal |
HIGH | HTTP:STC:ADOBE:CVE-2019-8161-CE | HTTP: Adobe Acrobat and Reader CVE-2019-8161 Remote Code Execution |
CRITICAL | HTTP:STC:DL:MICROSOFT-WIAPI-RCE | HTTP: Microsoft Windows Imaging API Use After Free |
3 updated signatures:
MEDIUM | HTTP:XSS:SYMANTEC-EP-PARAM-XSS | HTTP: Symantec Endpoint Protection URI Parameter Reflected Cross-Site Scripting |
HIGH | HTTP:PROXY:SQUID-URN-BO | HTTP: Squid Proxy URN Response Processing Heap Buffer Overflow |
HIGH | APP:HP-ICTDOWNLOADSERVLET | APP: HP Intelligent Management Center IctDownloadServlet Information Disclosure |
1 renamed signature:
APP:MISC:ADOBE-COLDFUSION-RCE-1 | -> | APP:MISC:MULTIPLE-VUL-RCE-1 |
Details of the signatures included within this bulletin:
HTTP:CTS:LIBEXPAT-BO - HTTP: Libexpat Heap Based Buffer Over Read
Severity: MEDIUM
Description:
This signature detects attempts to exploit a known vulnerability against libexpat. A successful attack can lead to a buffer overflow and arbitrary remote code execution within the context of the server.
Supported On:
idp-5.1.110161014, idp-4.0.0, idp-4.0.110090709, idp-4.0.110090831, idp-4.1.0, mx-16.1, idp-4.2.0, srx-17.3, vmx-17.4, idp-5.0.0, vsrx-17.4, srx-branch-17.4, srx-17.4, isg-3.1.134269, isg-3.1.135801, isg-3.4.0, vsrx3bsd-18.2, isg-3.5.0, srx-19.1, vsrx3bsd-19.1, vsrx-19.1, j-series-9.5, vsrx-19.2, srx-19.2, srx-branch-19.2, idp-4.2.110100823, idp-4.2.110101203, idp-5.1.0, srx-branch-19.1, idp-4.1.110110609, idp-4.1.110110719, mx-11.4, vsrx3bsd-19.2, isg-3.5.141818, srx-18.2, isg-3.4.139899, idp-5.0.110121210, srx-12.1, srx-branch-12.1, isg-3.4.140032, idp-5.0.110130325, vsrx-12.1, isg-3.0.0, idp-5.1.110170603, vsrx-15.1
References:
Affected Products:
- Libexpat_project libexpat 2.2.1
- Libexpat_project libexpat 2.2.2
- Libexpat_project libexpat 2.2.0
- Libexpat_project libexpat 1.95.3
- Libexpat_project libexpat 2.2.6
- Libexpat_project libexpat 2.1.0
- Libexpat_project libexpat 1.95.7
- Libexpat_project libexpat 2.0.1
- Libexpat_project libexpat 1.95.2
- Libexpat_project libexpat 2.1.1
- Libexpat_project libexpat 1.95.6
- Libexpat_project libexpat 2.2.5
- Libexpat_project libexpat 2.0.0
- Libexpat_project libexpat 1.95.1
- Libexpat_project libexpat 1.95.8
- Libexpat_project libexpat 1.95.5
- Libexpat_project libexpat 2.2.4
- Libexpat_project libexpat 1.95.0
- Libexpat_project libexpat 2.2.3
- Libexpat_project libexpat 1.95.4
- Libexpat_project libexpat 2.2.7
Severity: HIGH
Description:
This signature detects attempts to exploit a known vulnerability against YouPHPTube Encoder. A successful attack can lead to Remote Code Execution.
Supported On:
idp-5.1.110161014, idp-4.0.0, idp-4.0.110090709, idp-4.0.110090831, idp-4.1.0, mx-16.1, idp-4.2.0, srx-17.3, vmx-17.4, isg-3.5.141818, vsrx-17.4, srx-branch-17.4, isg-3.0.0, isg-3.1.134269, isg-3.1.135801, isg-3.4.0, vsrx3bsd-18.2, isg-3.5.0, srx-19.1, vsrx3bsd-19.1, vsrx-19.1, j-series-9.5, vsrx-19.2, srx-19.2, srx-branch-19.2, idp-4.2.110100823, idp-4.2.110101203, idp-5.1.0, srx-branch-19.1, idp-4.1.110110609, idp-4.1.110110719, mx-11.4, vsrx3bsd-19.2, idp-5.0.0, srx-18.2, isg-3.4.139899, idp-5.0.110121210, srx-12.1, srx-branch-12.1, isg-3.4.140032, idp-5.0.110130325, vsrx-12.1, srx-17.4, idp-5.1.110170603, vsrx-15.1
References:
Affected Products:
- Youphptube youphptube_encoder 2.3
HTTP:CTS:YOUPHPTUBE-RCE - HTTP: YouPHPTube checkConfiguration.php Remote Code Execution
Severity: HIGH
Description:
This signature detects attempts to exploit a known vulnerability against YouPHPTube. A successful attack can lead to arbitrary code execution.
Supported On:
idp-5.1.110161014, idp-4.0.0, idp-4.0.110090709, idp-4.0.110090831, idp-4.1.0, mx-16.1, idp-4.2.0, srx-17.3, vmx-17.4, isg-3.5.141818, vsrx-17.4, srx-branch-17.4, isg-3.0.0, isg-3.1.134269, isg-3.1.135801, isg-3.4.0, vsrx3bsd-18.2, isg-3.5.0, srx-19.1, vsrx3bsd-19.1, vsrx-19.1, j-series-9.5, vsrx-19.2, srx-19.2, srx-branch-19.2, idp-4.2.110100823, idp-4.2.110101203, idp-5.1.0, srx-branch-19.1, idp-4.1.110110609, idp-4.1.110110719, mx-11.4, vsrx3bsd-19.2, idp-5.0.0, srx-18.2, isg-3.4.139899, idp-5.0.110121210, srx-12.1, srx-branch-12.1, isg-3.4.140032, idp-5.0.110130325, vsrx-12.1, srx-17.4, idp-5.1.110170603, vsrx-15.1
References:
Affected Products:
- Youphptube youphptube 7.4
HTTP:PROXY:SQUID-URN-BO - HTTP: Squid Proxy URN Response Processing Heap Buffer Overflow
Severity: HIGH
Description:
This signature detects attempts to exploit a known vulnerability against Squid Proxy. A successful attack can lead to a buffer overflow and arbitrary remote code execution within the context of the squid process.
Supported On:
idp-5.1.110161014, idp-4.0.0, idp-4.0.110090709, idp-4.0.110090831, idp-4.1.0, mx-16.1, idp-4.2.0, srx-17.3, vmx-17.4, isg-3.5.141818, vsrx-17.4, srx-branch-17.4, isg-3.0.0, isg-3.1.134269, isg-3.1.135801, isg-3.4.0, vsrx3bsd-18.2, isg-3.5.0, srx-19.1, vsrx3bsd-19.1, vsrx-19.1, j-series-9.5, vsrx-19.2, srx-19.2, srx-branch-19.2, idp-4.2.110100823, idp-4.2.110101203, idp-5.1.0, srx-branch-19.1, idp-4.1.110110609, idp-4.1.110110719, mx-11.4, vsrx3bsd-19.2, idp-5.0.0, srx-18.2, isg-3.4.139899, idp-5.0.110121210, srx-12.1, srx-branch-12.1, isg-3.4.140032, idp-5.0.110130325, vsrx-12.1, srx-17.4, idp-5.1.110170603, vsrx-15.1
References:
Affected Products:
- Squid-cache squid 3.1.6
- Squid-cache squid 3.3.11
- Squid-cache squid 3.2.0.16
- Squid-cache squid 3.0.stable16
- Squid-cache squid 3.5.0.4
- Squid-cache squid 3.2.0.8
- Squid-cache squid 3.3.0
- Fedoraproject fedora 30
- Squid-cache squid 3.4.12
- Squid-cache squid 4.0.21
- Squid-cache squid 3.2.0.14
- Squid-cache squid 3.0.stable14
- Squid-cache squid 3.5.0.2
- Squid-cache squid 3.3.2
- Squid-cache squid 3.1.12
- Squid-cache squid 3.4.2
- Squid-cache squid 4.0.8
- Squid-cache squid 3.3.4
- Squid-cache squid 3.1.10
- Squid-cache squid 3.3.12
- Squid-cache squid 3.3.0.3
- Squid-cache squid 3.3.6
- Squid-cache squid 3.4.0.3
- Squid-cache squid 3.1.0.4
- Squid-cache squid 4.0.11
- Squid-cache squid 4.0.20
- Squid-cache squid 4.0.24
- Squid-cache squid 3.5.27
- Squid-cache squid 3.2.11
- Squid-cache squid 4.0.13
- Squid-cache squid 3.1.0.16
- Squid-cache squid 3.4.4
- Squid-cache squid 3.2.0.2
- Squid-cache squid 3.5.25
- Squid-cache squid 3.3.14
- Squid-cache squid 4.0.15
- Squid-cache squid 3.1.9
- Squid-cache squid 3.3.13
- Canonical ubuntu_linux 16.04
- Squid-cache squid 3.2.0.4
- Squid-cache squid 3.5.23
- Squid-cache squid 3.4.1
- Squid-cache squid 3.5.6
- Squid-cache squid 4.0.17
- Squid-cache squid 4.0.23
- Squid-cache squid 4.0.2
- Squid-cache squid 4.0.22
- Squid-cache squid 3.5.21
- Squid-cache squid 3.2.9
- Squid-cache squid 3.5.4
- Squid-cache squid 4.0.19
- Squid-cache squid 3.3.1
- Squid-cache squid 4.0.4
- Squid-cache squid 3.5.2
- Squid-cache squid 3.4.14
- Squid-cache squid 4.8
- Squid-cache squid 4.0.6
- Squid-cache squid 4.0.18
- Squid-cache squid 3.1.0.1
- Squid-cache squid 3.2.0.6
- Squid-cache squid 3.4.8
- Squid-cache squid 3.1
- Squid-cache squid 3.0.stable24
- Squid-cache squid 3.2.7
- Squid-cache squid 3.1.7
- Squid-cache squid 3.1.0.7
- Squid-cache squid 3.1.0.14
- Fedoraproject fedora 31
- Squid-cache squid 3.0.stable22
- Debian debian_linux 8.0
- Squid-cache squid 3.0.stable7
- Squid-cache squid 3.1.5
- Canonical ubuntu_linux 18.04
- Squid-cache squid 3.1.0.9
- Squid-cache squid 3.0.stable20
- Squid-cache squid 3.2.3
- Squid-cache squid 3.2.14
- Squid-cache squid 3.0.stable5
- Squid-cache squid 3.5.18
- Squid-cache squid 3.5.8
- Squid-cache squid 3.0.stable3
- Squid-cache squid 3.1.3
- Squid-cache squid 3.0.stable19
- Squid-cache squid 3.3.3
- Squid-cache squid 3.5.16
- Canonical ubuntu_linux 19.10
- Squid-cache squid 3.1.12.2
- Squid-cache squid 3.1.0.5
- Squid-cache squid 3.0.stable1
- Squid-cache squid 3.5.14
- Squid-cache squid 3.3.9
- Squid-cache squid 3.4.4.2
- Squid-cache squid 3.2.0.13
- Squid-cache squid 3.5.12
- Squid-cache squid 3.1.2
- Squid-cache squid 4.7
- Squid-cache squid 3.4.9
- Squid-cache squid 3.0.stable13
- Squid-cache squid 3.1.0.12
- Squid-cache squid 3.5.10
- Opensuse leap 15.0
- Squid-cache squid 3.2.0.17
- Squid-cache squid 3.0.stable11
- Squid-cache squid 3.2.0.9
- Squid-cache squid 3.0.stable9
- Squid-cache squid 3.2.0.15
- Squid-cache squid 3.0.stable17
- Squid-cache squid 3.1.0.17
- Squid-cache squid 3.1.0.3
- Squid-cache squid 3.4.3
- Squid-cache squid 3.0.stable15
- Squid-cache squid 3.3.5
- Squid-cache squid 3.5.0.3
- Squid-cache squid 3.1.0.15
- Squid-cache squid 3.1.13
- Squid-cache squid 3.2.0.19
- Squid-cache squid 4.0.9
- Squid-cache squid 3.5.0.1
- Squid-cache squid 3.1.0.13
- Squid-cache squid 3.1.11
- Squid-cache squid 4.0.10
- Squid-cache squid 3.2.0.18
- Squid-cache squid 4.0.25
- Squid-cache squid 3.3.7
- Squid-cache squid 3.2.12
- Squid-cache squid 4.0.12
- Squid-cache squid 3.1.0.10
- Squid-cache squid 3.2.0.3
- Squid-cache squid 3.5.26
- Squid-cache squid 3.2.5
- Squid-cache squid 3.2.10
- Squid-cache squid 4.0.14
- Squid-cache squid 3.1.8
- Squid-cache squid 3.2.13
- Squid-cache squid 3.2.0.5
- Squid-cache squid 3.5.24
- Squid-cache squid 3.4.11
- Canonical ubuntu_linux 19.04
- Squid-cache squid 4.0.16
- Squid-cache squid 4.0.1
- Squid-cache squid 3.2.0.7
- Squid-cache squid 3.5.22
- Squid-cache squid 3.1.1
- Squid-cache squid 3.5.7
- Squid-cache squid 3.2.0.1
- Squid-cache squid 3.3.0.2
- Squid-cache squid 4.0.3
- Squid-cache squid 3.1.0.11
- Squid-cache squid 3.5.20
- Squid-cache squid 3.2.8
- Squid-cache squid 3.5.5
- Squid-cache squid 3.1.0.2
- Squid-cache squid 3.4.0.2
- Squid-cache squid 4.0.5
- Squid-cache squid 4.6
- Squid-cache squid 3.1.12.1
- Squid-cache squid 3.5.3
- Squid-cache squid 3.0.stable8
- Squid-cache squid 3.0.stable25
- Squid-cache squid 3.2.4
- Squid-cache squid 3.1.23
- Squid-cache squid 3.5.1
- Squid-cache squid 3.1.0.6
- Squid-cache squid 3.0
- Squid-cache squid 3.0.stable23
- Squid-cache squid 3.2.6
- Squid-cache squid 3.0.stable6
- Squid-cache squid 3.4.13
- Squid-cache squid 3.4.0.1
- Squid-cache squid 3.5.28
- Squid-cache squid 3.0.stable21
- Squid-cache squid 3.2.0.11
- Squid-cache squid 3.0.stable4
- Squid-cache squid 3.2.2
- Squid-cache squid 3.4.10
- Squid-cache squid 3.4.0.4
- Squid-cache squid 3.0.stable2
- Squid-cache squid 3.0.stable18
- Squid-cache squid 3.5.19
- Squid-cache squid 3.1.5.1
- Squid-cache squid 3.5.9
- Squid-cache squid 3.1.15
- Squid-cache squid 3.5.17
- Squid-cache squid 3.3.8
- Squid-cache squid 3.2.0.10
- Squid-cache squid 3.3.10
- Squid-cache squid 3.5.15
- Squid-cache squid 3.1.4
- Squid-cache squid 3.4.4.1
- Squid-cache squid 3.2.0.12
- Squid-cache squid 3.0.stable12
- Squid-cache squid 3.1.14
- Squid-cache squid 3.5.13
- Squid-cache squid 3.1.0.8
- Squid-cache squid 3.2.1
- Squid-cache squid 4.0
- Squid-cache squid 3.1.12.3
- Squid-cache squid 3.0.stable10
- Squid-cache squid 3.5.11
- Squid-cache squid 3.1.0.18
Severity: CRITICAL
Description:
This signature detects attempts to exploit a known vulnerability against Stapler web framework used by Jenkins. A successful attack can lead to arbitrary code execution.
Supported On:
idp-5.1.110161014, idp-4.0.0, idp-4.0.110090709, idp-4.0.110090831, idp-4.1.0, mx-16.1, idp-4.2.0, srx-17.3, vmx-17.4, isg-3.5.141818, vsrx-17.4, srx-branch-17.4, isg-3.0.0, isg-3.1.134269, isg-3.1.135801, isg-3.4.0, vsrx3bsd-18.2, isg-3.5.0, srx-19.1, vsrx3bsd-19.1, vsrx-19.1, j-series-9.5, vsrx-19.2, srx-19.2, srx-branch-19.2, idp-4.2.110100823, idp-4.2.110101203, idp-5.1.0, srx-branch-19.1, idp-4.1.110110609, idp-4.1.110110719, mx-11.4, vsrx3bsd-19.2, idp-5.0.0, srx-18.2, isg-3.4.139899, idp-5.0.110121210, srx-12.1, srx-branch-12.1, isg-3.4.140032, idp-5.0.110130325, vsrx-12.1, srx-17.4, idp-5.1.110170603, vsrx-15.1
References:
Affected Products:
- Jenkins jenkins 2.153
- Jenkins jenkins 2.138.3
- Redhat openshift_container_platform 3.11
APP:ORACLE:T3-INSECURE-RCE - APP: Oracle Weblogic T3 Requests Insecure Deserialization Remote Code Execution
Severity: MEDIUM
Description:
This signature detects attempts to exploit a known vulnerability against Oracle Weblogic. A successful attack can lead to arbitrary code execution.
Supported On:
idp-5.1.110161014, idp-4.0.0, idp-4.0.110090709, idp-4.0.110090831, idp-4.1.0, mx-16.1, idp-4.2.0, srx-17.3, vmx-17.4, isg-3.5.141818, vsrx-17.4, srx-branch-17.4, srx-17.4, idp-5.1.110170603, isg-3.1.135801, isg-3.4.0, vsrx3bsd-18.2, isg-3.5.0, srx-19.1, vsrx3bsd-19.1, vsrx-19.1, j-series-9.5, vsrx-19.2, srx-19.2, srx-branch-19.2, idp-4.2.110100823, idp-4.2.110101203, idp-5.1.0, srx-branch-19.1, idp-4.1.110110609, idp-4.1.110110719, mx-11.4, vsrx3bsd-19.2, idp-5.0.0, srx-18.2, isg-3.4.139899, idp-5.0.110121210, srx-12.1, srx-branch-12.1, isg-3.4.140032, idp-5.0.110130325, vsrx-12.1, isg-3.0.0, isg-3.1.134269, vsrx-15.1
References:
Affected Products:
- Oracle weblogic_server 12.2.1.3.0
- Oracle weblogic_server 10.3.6.0.0
- Oracle weblogic_server 12.1.3.0.0
HTTP:SQL:WIKID-2FA-LOG-JSP - HTTP: WiKID 2FA Enterprise Server Log.jsp SQL Injection
Severity: MEDIUM
Description:
This signature detects attempts to exploit a known vulnerability against WiKID 2FA Enterprise Server. A successful attack can lead to sql injection.
Supported On:
idp-5.1.110161014, idp-4.0.0, idp-4.0.110090709, idp-4.0.110090831, idp-4.1.0, mx-16.1, idp-4.2.0, srx-17.3, vmx-17.4, isg-3.5.141818, vsrx-17.4, srx-branch-17.4, isg-3.0.0, isg-3.1.134269, isg-3.1.135801, isg-3.4.0, vsrx3bsd-18.2, isg-3.5.0, srx-19.1, vsrx3bsd-19.1, vsrx-19.1, j-series-9.5, vsrx-19.2, srx-19.2, srx-branch-19.2, idp-4.2.110100823, idp-4.2.110101203, idp-5.1.0, srx-branch-19.1, idp-4.1.110110609, idp-4.1.110110719, mx-11.4, vsrx3bsd-19.2, idp-5.0.0, srx-18.2, isg-3.4.139899, idp-5.0.110121210, srx-12.1, srx-branch-12.1, isg-3.4.140032, idp-5.0.110130325, vsrx-12.1, srx-17.4, idp-5.1.110170603, vsrx-15.1
References:
Affected Products:
- Wikidsystems two_factor_authentication_enterprise_server 4.2.0-b2053
APP:HP-ICTDOWNLOADSERVLET - APP: HP Intelligent Management Center IctDownloadServlet Information Disclosure
Severity: HIGH
Description:
This signature detects attempts to exploit a known vulnerability against HP Intelligent Management Center. A successful attack can lead to information disclosure.
Supported On:
idp-5.1.110161014, idp-4.0.0, idp-4.0.110090709, idp-4.0.110090831, idp-4.1.0, mx-16.1, idp-4.2.0, srx-17.3, vmx-17.4, isg-3.5.141818, vsrx-17.4, srx-branch-17.4, isg-3.0.0, isg-3.1.134269, isg-3.1.135801, isg-3.4.0, vsrx3bsd-18.2, isg-3.5.0, srx-19.1, vsrx3bsd-19.1, vsrx-19.1, j-series-9.5, vsrx-19.2, srx-19.2, srx-branch-19.2, idp-4.2.110100823, idp-4.2.110101203, idp-5.1.0, srx-branch-19.1, idp-4.1.110110609, idp-4.1.110110719, mx-11.4, vsrx3bsd-19.2, idp-5.0.0, srx-18.2, isg-3.4.139899, idp-5.0.110121210, srx-12.1, srx-branch-12.1, isg-3.4.140032, idp-5.0.110130325, vsrx-12.1, srx-17.4, idp-5.1.110170603, vsrx-15.1
References:
Affected Products:
- Hp imc_branch_intelligent_management_system_software_module 7.0
- Hp intelligent_management_center 7.0
APP:MISC:MULTIPLE-VUL-RCE-1 - APP: Multiple Products RMI Framework Insecure Deserializarion Remote Code Execution
Severity: CRITICAL
Description:
An insecure deserialization vulnerability has been reported in the Flex integration service of Adobe ColdFusion and Cisco Security Manager. A remote, unauthenticated attacker can exploit this vulnerability by sending maliciously crafted serialized data to the target application. Successful exploitation could result in arbitrary code execution in the context of SYSTEM.
Supported On:
idp-5.1.110161014, idp-4.0.0, idp-4.0.110090709, idp-4.0.110090831, idp-4.1.0, mx-16.1, idp-4.2.0, srx-17.3, vmx-17.4, isg-3.5.141818, vsrx-17.4, srx-branch-17.4, srx-17.4, idp-5.1.110170603, isg-3.1.135801, isg-3.4.0, vsrx3bsd-18.2, isg-3.5.0, srx-19.1, vsrx3bsd-19.1, vsrx-19.1, j-series-9.5, vsrx-19.2, srx-19.2, srx-branch-19.2, idp-4.2.110100823, idp-4.2.110101203, idp-5.1.0, srx-branch-19.1, idp-4.1.110110609, idp-4.1.110110719, mx-11.4, vsrx3bsd-19.2, idp-5.0.0, srx-18.2, isg-3.4.139899, idp-5.0.110121210, srx-12.1, srx-branch-12.1, isg-3.4.140032, idp-5.0.110130325, vsrx-12.1, isg-3.0.0, isg-3.1.134269, vsrx-15.1
References:
Affected Products:
- Adobe coldfusion 2016
- Adobe coldfusion 11.0
HTTP:STC:ADOBE:CVE-2019-8161-CE - HTTP: Adobe Acrobat and Reader CVE-2019-8161 Remote Code Execution
Severity: HIGH
Description:
This signature detects attempts to exploit a known vulnerability against Adobe Acrobat and Reader. A successful attack can lead to arbitrary code execution.
Supported On:
idp-5.1.110161014, idp-4.0.0, idp-4.0.110090709, idp-4.0.110090831, idp-4.1.0, mx-16.1, idp-4.2.0, srx-17.3, vmx-17.4, isg-3.5.141818, vsrx-17.4, srx-branch-17.4, srx-17.4, isg-3.1.134269, isg-3.1.135801, isg-3.4.0, vsrx3bsd-18.2, isg-3.5.0, srx-19.1, vsrx3bsd-19.1, vsrx-19.1, j-series-9.5, vsrx-19.2, srx-19.2, srx-branch-19.2, idp-4.2.110100823, idp-4.2.110101203, idp-5.1.0, srx-branch-19.1, idp-4.1.110110609, idp-4.1.110110719, mx-11.4, vsrx3bsd-19.2, idp-5.0.0, srx-18.2, isg-3.4.139899, idp-5.0.110121210, srx-12.1, srx-branch-12.1, isg-3.4.140032, idp-5.0.110130325, vsrx-12.1, idp-5.1.110170603, vsrx-15.1
References:
Affected Products:
- Adobe acrobat_reader_dc 17.012.20093
- Adobe acrobat_reader_dc 15.016.20041
- Adobe acrobat_reader_dc 15.006.30434
- Adobe acrobat_dc 15.016.20041
- Adobe acrobat_reader_dc 15.006.30416
- Adobe acrobat_reader_dc 17.000.0000
- Adobe acrobat_reader_dc 17.011.30078
- Adobe acrobat_reader_dc 17.011.30102
- Adobe acrobat_reader_dc 15.006.30173
- Adobe acrobat_dc 17.011.30106
- Adobe acrobat_dc 15.010.20059
- Adobe acrobat_reader_dc 15.016.20045
- Adobe acrobat_reader_dc 15.017.20050
- Adobe acrobat_dc 15.006.30413
- Adobe acrobat_reader_dc 15.006.30418
- Adobe acrobat_reader_dc 17.011.30059
- Adobe acrobat_dc 15.006.30198
- Adobe acrobat_dc 15.006.30498
- Adobe acrobat_dc 19.008.20074
- Adobe acrobat_reader_dc 17.011.30106
- Adobe acrobat_dc 17.011.30110
- Adobe acrobat_dc 17.011.30102
- Adobe acrobat_reader_dc 18.011.20038
- Adobe acrobat_dc 19.008.20081
- Adobe acrobat_dc 15.006.30417
- Adobe acrobat_reader_dc 15.010.20059
- Adobe acrobat_dc 18.011.20058
- Adobe acrobat_reader_dc 15.006.30094
- Adobe acrobat_reader_dc 18.009.20050
- Adobe acrobat_dc 15.017.20050
- Adobe acrobat_dc 17.009.20058
- Adobe acrobat_reader_dc 15.006.30198
- Adobe acrobat_dc 15.006.30464
- Adobe acrobat_reader_dc 15.006.30475
- Adobe acrobat_dc 17.011.30059
- Adobe acrobat_reader_dc 15.009.20069
- Adobe acrobat_reader_dc 15.010.20060
- Adobe acrobat_dc 15.006.30280
- Adobe acrobat_dc 19.010.20099
- Adobe acrobat_reader_dc 15.006.30498
- Adobe acrobat_dc 18.011.20038
- Adobe acrobat_dc 15.006.30243
- Adobe acrobat_dc 17.011.30140
- Adobe acrobat_dc 19.010.20100
- Adobe acrobat_reader_dc 17.011.30066
- Adobe acrobat_reader_dc 15.006.30280
- Adobe acrobat_dc 18.009.20050
- Adobe acrobat_reader_dc 15.006.30464
- Adobe acrobat_reader_dc 15.006.30243
- Adobe acrobat_dc 15.016.20039
- Adobe acrobat_reader_dc 17.009.20058
- Adobe acrobat_reader_dc 19.010.20099
- Adobe acrobat_reader_dc 19.010.20100
- Adobe acrobat_reader_dc 19.012.20034
- Adobe acrobat_dc 15.006.30121
- Adobe acrobat_reader_dc 15.020.20042
- Adobe acrobat_reader_dc 17.011.30142
- Adobe acrobat_dc 19.012.20034
- Adobe acrobat_reader_dc 17.012.20098
- Adobe acrobat_reader_dc 17.011.30080
- Adobe acrobat_reader_dc 15.023.20056
- Adobe acrobat_dc 19.010.20091
- Adobe acrobat_reader_dc 17.011.30140
- Adobe acrobat_dc 15.023.20056
- Adobe acrobat_dc 15.006.30097
- Adobe acrobat_reader_dc 17.011.30127
- Adobe acrobat_reader_dc 15.016.20039
- Adobe acrobat_dc 17.011.30080
- Adobe acrobat_reader_dc 15.006.30097
- Adobe acrobat_reader_dc 15.006.30121
- Adobe acrobat_reader_dc 18.011.20040
- Adobe acrobat_dc 17.011.30127
- Adobe acrobat_dc 17.011.30142
- Adobe acrobat_dc 17.011.30068
- Adobe acrobat_dc 15.008.20082
- Adobe acrobat_reader_dc 19.010.20091
- Adobe acrobat_reader_dc 17.011.30068
- Adobe acrobat_dc 15.006.30482
- Adobe acrobat_reader_dc 15.006.30355
- Adobe acrobat_dc 15.006.30173
- Adobe acrobat_reader_dc 15.008.20082
- Adobe acrobat_dc 17.012.20095
- Adobe acrobat_reader_dc 17.011.30110
- Adobe acrobat_dc 17.011.30099
- Adobe acrobat_reader_dc 17.009.20044
- Adobe acrobat_reader_dc 17.011.30099
- Adobe acrobat_reader_dc 15.006.30482
- Adobe acrobat_dc 17.011.30079
- Adobe acrobat_dc 19.008.20071
- Adobe acrobat_dc 15.006.30355
- Adobe acrobat_dc 15.006.30457
- Adobe acrobat_dc 15.010.20060
- Adobe acrobat_reader_dc 15.006.30457
- Adobe acrobat_reader_dc 19.008.20080
- Adobe acrobat_reader_dc 15.006.30497
- Adobe acrobat_dc 19.008.20080
- Adobe acrobat_reader_dc 18.011.20063
- Adobe acrobat_dc 15.006.30418
- Adobe acrobat_dc 15.006.30448
- Adobe acrobat_dc 17.011.30066
- Adobe acrobat_reader_dc 19.010.20069
- Adobe acrobat_reader_dc 15.006.30495
- Adobe acrobat_dc 15.017.20053
- Adobe acrobat_dc 17.009.20044
- Adobe acrobat_reader_dc 17.011.30079
- Adobe acrobat_dc 19.010.20069
- Adobe acrobat_dc 15.006.30493
- Adobe acrobat_dc 15.006.30279
- Adobe acrobat_dc 17.012.20096
- Adobe acrobat_reader_dc 15.006.30493
- Adobe acrobat_reader_dc 15.023.20070
- Adobe acrobat_reader_dc 15.006.30172
- Adobe acrobat_dc 17.011.30105
- Adobe acrobat_reader_dc 19.008.20071
- Adobe acrobat_dc 15.006.30495
- Adobe acrobat_dc 15.023.20070
- Adobe acrobat_dc 15.006.30174
- Adobe acrobat_dc 17.012.20098
- Adobe acrobat_dc 18.011.20063
- Adobe acrobat_reader_dc 15.006.30174
- Adobe acrobat_dc 15.006.30475
- Adobe acrobat_reader_dc 19.008.20074
- Adobe acrobat_dc 15.006.30497
- Adobe acrobat_dc 15.006.30172
- Adobe acrobat_reader_dc 15.006.30279
- Adobe acrobat_reader_dc 15.017.20053
- Adobe acrobat_dc 15.006.30416
- Adobe acrobat_reader_dc 17.011.30105
- Adobe acrobat_reader_dc 17.011.30113
- Adobe acrobat_dc 18.011.20040
- Adobe acrobat_reader_dc 15.010.20056
- Adobe acrobat_dc 19.010.20098
- Adobe acrobat_reader_dc 15.006.30461
- Adobe acrobat_reader_dc 15.006.30244
- Adobe acrobat_dc 18.011.20055
- Adobe acrobat_reader_dc 15.006.30201
- Adobe acrobat_reader_dc 17.011.30065
- Adobe acrobat_reader_dc 15.006.30417
- Adobe acrobat_dc 17.000.0000
- Adobe acrobat_dc 17.011.30113
- Adobe acrobat_dc 15.010.20056
- Adobe acrobat_dc 15.006.30244
- Adobe acrobat_dc 17.011.30143
- Adobe acrobat_dc 15.009.20079
- Adobe acrobat_reader_dc 19.008.20081
- Adobe acrobat_dc 15.023.20053
- Adobe acrobat_dc 18.009.20044
- Adobe acrobat_reader_dc 19.010.20098
- Adobe acrobat_reader_dc 18.011.20055
- Adobe acrobat_dc 15.006.30094
- Adobe acrobat_dc 17.011.30065
- Adobe acrobat_dc 15.009.20069
- Adobe acrobat_dc 15.006.30096
- Adobe acrobat_dc 15.006.30201
- Adobe acrobat_reader_dc 17.011.30096
- Adobe acrobat_dc 17.011.30120
- Adobe acrobat_reader_dc 15.009.20079
- Adobe acrobat_dc 17.011.30096
- Adobe acrobat_dc 15.020.20039
- Adobe acrobat_dc 15.006.30060
- Adobe acrobat_dc 17.011.30070
- Adobe acrobat_reader_dc 15.023.20053
- Adobe acrobat_reader_dc 15.006.30096
- Adobe acrobat_reader_dc 15.009.20077
- Adobe acrobat_reader_dc 17.011.30120
- Adobe acrobat_reader_dc 17.012.20095
- Adobe acrobat_dc 15.009.20071
- Adobe acrobat_reader_dc 18.009.20044
- Adobe acrobat_reader_dc 15.020.20039
- Adobe acrobat_dc 19.010.20064
- Adobe acrobat_reader_dc 15.006.30354
- Adobe acrobat_dc 15.006.30352
- Adobe acrobat_reader_dc 15.006.30060
- Adobe acrobat_dc 15.006.30119
- Adobe acrobat_dc 15.006.30306
- Adobe acrobat_reader_dc 17.011.30070
- Adobe acrobat_reader_dc 15.009.20071
- Adobe acrobat_reader_dc 15.006.30392
- Adobe acrobat_reader_dc 15.006.30452
- Adobe acrobat_dc 17.011.30078
- Adobe acrobat_dc 15.009.20077
- Adobe acrobat_reader_dc 19.010.20064
- Adobe acrobat_dc 15.006.30394
- Adobe acrobat_dc 15.006.30456
- Adobe acrobat_reader_dc 15.006.30352
- Adobe acrobat_reader_dc 15.006.30306
- Adobe acrobat_reader_dc 15.006.30394
- Adobe acrobat_reader_dc 17.011.30138
- Adobe acrobat_dc 15.016.20045
- Adobe acrobat_dc 15.006.30354
- Adobe acrobat_dc 15.006.30392
- Adobe acrobat_dc 15.006.30434
- Adobe acrobat_reader_dc 15.006.30448
- Adobe acrobat_reader_dc 15.006.30456
- Adobe acrobat_dc 17.012.20093
- Adobe acrobat_dc 15.020.20042
- Adobe acrobat_reader_dc 15.006.30119
- Adobe acrobat_dc 15.006.30452
- Adobe acrobat_dc 17.011.30138
HTTP:STC:DL:CVE-2019-1469-ID - HTTP: Microsoft Windows CVE-2019-1469 Information Disclosure
Severity: MEDIUM
Description:
This signature detects attempts to exploit a known vulnerability against Microsoft Windows. A successful attack can lead to sensitive information disclosure.
Supported On:
idp-5.1.110161014, idp-4.0.0, idp-4.0.110090709, idp-4.0.110090831, idp-4.1.0, mx-16.1, idp-4.2.0, srx-17.3, vmx-17.4, idp-5.0.0, vsrx-17.4, srx-branch-17.4, srx-17.4, isg-3.1.134269, isg-3.1.135801, isg-3.4.0, vsrx3bsd-18.2, isg-3.5.0, srx-19.1, vsrx3bsd-19.1, vsrx-19.1, j-series-9.5, vsrx-19.2, srx-19.2, srx-branch-19.2, idp-4.2.110100823, idp-4.2.110101203, idp-5.1.0, srx-branch-19.1, idp-4.1.110110609, idp-4.1.110110719, mx-11.4, vsrx3bsd-19.2, isg-3.5.141818, srx-18.2, isg-3.4.139899, idp-5.0.110121210, srx-12.1, srx-branch-12.1, isg-3.4.140032, idp-5.0.110130325, vsrx-12.1, isg-3.0.0, idp-5.1.110170603, vsrx-15.1
References:
Affected Products:
- Microsoft windows_10 1607
- Microsoft windows_server_2016 1903
- Microsoft windows_rt_8.1 -
- Microsoft windows_10 1803
- Microsoft windows_10 1909
- Microsoft windows_10 1809
- Microsoft windows_server_2019 -
- Microsoft windows_server_2016 1803
- Microsoft windows_server_2016 1909
- Microsoft windows_10 1903
- Microsoft windows_8.1 -
- Microsoft windows_server_2008 r2
- Microsoft windows_server_2012 -
- Microsoft windows_10 1709
- Microsoft windows_7 -
- Microsoft windows_10 -
- Microsoft windows_server_2016 -
- Microsoft windows_server_2008 -
- Microsoft windows_server_2012 r2
HTTP:XSS:SYMANTEC-EP-PARAM-XSS - HTTP: Symantec Endpoint Protection URI Parameter Reflected Cross-Site Scripting
Severity: MEDIUM
Description:
This signature detect attempts to exploit a known vulnerability against Symantec Endpoint Protection Manager. The vulnerabilities are due to insufficient validation of user input before it is sent back to the user. A remote unauthenticated attacker may exploit these vulnerabilities to execute arbitrary script code in the context of the the current browser session.
Supported On:
idp-5.1.110161014, idp-4.0.0, idp-4.0.110090709, idp-4.0.110090831, idp-4.1.0, mx-16.1, idp-4.2.0, srx-17.3, vmx-17.4, isg-3.5.141818, vsrx-17.4, srx-branch-17.4, isg-3.0.0, isg-3.1.134269, isg-3.1.135801, isg-3.4.0, vsrx3bsd-18.2, isg-3.5.0, srx-19.1, vsrx3bsd-19.1, vsrx-19.1, j-series-9.5, vsrx-19.2, srx-19.2, srx-branch-19.2, idp-4.2.110100823, idp-4.2.110101203, idp-5.1.0, srx-branch-19.1, idp-4.1.110110609, idp-4.1.110110719, mx-11.4, vsrx3bsd-19.2, idp-5.0.0, srx-18.2, isg-3.4.139899, idp-5.0.110121210, srx-12.1, srx-branch-12.1, isg-3.4.140032, idp-5.0.110130325, vsrx-12.1, srx-17.4, idp-5.1.110170603, vsrx-15.1
References:
Affected Products:
- Symantec endpoint_protection_manager 12.1.3
- Symantec endpoint_protection_manager 12.1.0
- Symantec endpoint_protection_manager 12.1.1
- Symantec endpoint_protection_manager 12.1.4
- Symantec endpoint_protection_manager 12.1.2
Severity: CRITICAL
Description:
This signature detects attempts to exploit a known vulnerability against Microsoft Windows Imaging API. A successful attack can lead to remote code execution.
Supported On:
idp-5.1.110161014, idp-4.0.0, idp-4.0.110090709, idp-4.0.110090831, idp-4.1.0, mx-16.1, idp-4.2.0, srx-17.3, vmx-17.4, idp-5.0.0, vsrx-17.4, srx-branch-17.4, srx-17.4, isg-3.1.134269, isg-3.1.135801, isg-3.4.0, vsrx3bsd-18.2, isg-3.5.0, srx-19.1, vsrx3bsd-19.1, vsrx-19.1, j-series-9.5, vsrx-19.2, srx-19.2, srx-branch-19.2, idp-4.2.110100823, idp-4.2.110101203, idp-5.1.0, srx-branch-19.1, idp-4.1.110110609, idp-4.1.110110719, mx-11.4, vsrx3bsd-19.2, isg-3.5.141818, srx-18.2, isg-3.4.139899, idp-5.0.110121210, srx-12.1, srx-branch-12.1, isg-3.4.140032, idp-5.0.110130325, vsrx-12.1, isg-3.0.0, idp-5.1.110170603, vsrx-15.1
References:
Affected Products:
- Microsoft windows_10 1607
- Microsoft windows_server_2016 1903
- Microsoft windows_rt_8.1 -
- Microsoft windows_10 1803
- Microsoft windows_10 1809
- Microsoft windows_server_2019 -
- Microsoft windows_server_2016 1803
- Microsoft windows_10 1903
- Microsoft windows_8.1 -
- Microsoft windows_server_2012 -
- Microsoft windows_10 1709
- Microsoft windows_7 -
- Microsoft windows_10 -
- Microsoft windows_10 1703
- Microsoft windows_server_2016 -
- Microsoft windows_server_2012 r2
HTTP:CTS:FIBER-HOME-AUTH-BY - HTTP: FiberHome VDSL2 Modem HG 150-UB Authentication Bypass
Severity: HIGH
Description:
This signature detects attempts to exploit a known vulnerability against FiberHome VDSL2 Modem HG 150-UB. A successful attack can lead to security bypass.
Supported On:
idp-5.1.110161014, idp-4.0.0, idp-4.0.110090709, idp-4.0.110090831, idp-4.1.0, mx-16.1, idp-4.2.0, srx-17.3, vmx-17.4, isg-3.5.141818, vsrx-17.4, srx-branch-17.4, srx-17.4, isg-3.1.134269, isg-3.1.135801, isg-3.4.0, vsrx3bsd-18.2, isg-3.5.0, srx-19.1, vsrx3bsd-19.1, vsrx-19.1, j-series-9.5, vsrx-19.2, srx-19.2, srx-branch-19.2, idp-4.2.110100823, idp-4.2.110101203, idp-5.1.0, srx-branch-19.1, idp-4.1.110110609, idp-4.1.110110719, mx-11.4, vsrx3bsd-19.2, idp-5.0.0, srx-18.2, isg-3.4.139899, idp-5.0.110121210, srx-12.1, srx-branch-12.1, isg-3.4.140032, idp-5.0.110130325, vsrx-12.1, isg-3.0.0, idp-5.1.110170603, vsrx-15.1
References:
Affected Products:
- Fiberhome vdsl2_modem_hg_150-ub_firmware -
Severity: MEDIUM
Description:
This signature detects attempts to exploit a known vulnerability against Trend Micro OfficeScan. A successful attack can lead to Directory traversal and Remote Code Execution.
Supported On:
idp-5.1.110161014, idp-4.0.0, idp-4.0.110090709, idp-4.0.110090831, idp-4.1.0, mx-16.1, idp-4.2.0, srx-17.3, vmx-17.4, isg-3.5.141818, vsrx-17.4, srx-branch-17.4, isg-3.0.0, isg-3.1.134269, isg-3.1.135801, isg-3.4.0, vsrx3bsd-18.2, isg-3.5.0, srx-19.1, vsrx3bsd-19.1, vsrx-19.1, j-series-9.5, vsrx-19.2, srx-19.2, srx-branch-19.2, idp-4.2.110100823, idp-4.2.110101203, idp-5.1.0, srx-branch-19.1, idp-4.1.110110609, idp-4.1.110110719, mx-11.4, vsrx3bsd-19.2, idp-5.0.0, srx-18.2, isg-3.4.139899, idp-5.0.110121210, srx-12.1, srx-branch-12.1, isg-3.4.140032, idp-5.0.110130325, vsrx-12.1, srx-17.4, idp-5.1.110170603, vsrx-15.1
References:
Affected Products:
- Trendmicro officescan xg
- Trendmicro officescan 11.0