Juniper Networks
Solutions
Products & Services
Company
Partners
Support
Education

Update Details

Security Intelligence Center
Print

Update #3254 (02/13/2020)

8 new signatures:

CRITICALSMTP:COMMAND:OPEN-SMTPD-CMD-INJSMTP: OpenSMTPD Command Injection
HIGHHTTP:STC:ADOBE:CVE-2020-3742-CEHTTP: Adobe Acrobat Reader CVE-2020-3742 Remote Code Execution
MEDIUMHTTP:STC:ADOBE:CVE-2020-3755-IDHTTP: Adobe Acrobat and Reader CVE-2020-3755 Information Disclosure
HIGHHTTP:STC:ADOBE:CVE-2020-3749-CEHTTP: Adobe Acrobat Reader CVE-2020-3749 Remote Code Execution
MEDIUMHTTP:STC:ADOBE:CVE-2020-3744-IDHTTP: Adobe Acrobat and Reader CVE-2020-3744 Information Disclosure
HIGHHTTP:STC:ADOBE:CVE-2020-3751-CEHTTP: Adobe Acrobat and Reader CVE-2020-3751 Remote Code Execution
HIGHHTTP:STC:ADOBE:CVE-2020-3748-CEHTTP: Adobe Acrobat and Reader CVE-2020-3748 Remote Code Execution
HIGHHTTP:STC:DL:CVE-2020-0817-RCEHTTP: Microsoft Remote Desktop Client CVE-2020-0817 Remote Code Execution

2 updated signatures:

CRITICALHTTP:STC:IE:IFRAME-NAME-OFHTTP: Internet Explorer Malformed IFRAME Buffer Overflow
MEDIUMHTTP:SCRIPT-INJ-VUL-93HTTP: SCRIPT-INJ Infection-93

1 renamed signature:

HTTP:ORACLE-EBS-GL-SQLINJ->HTTP:ORACLE-E-BS-SQLINJ


Details of the signatures included within this bulletin:

SMTP:COMMAND:OPEN-SMTPD-CMD-INJ - SMTP: OpenSMTPD Command Injection

Severity: CRITICAL

Description:

This signature detects attempts to exploit a known vulnerability against OpenSMTPD. A successful attack can lead to arbitrary code execution.

Supported On:

idp-5.1.110161014, idp-4.0.0, idp-4.0.110090709, idp-4.0.110090831, idp-4.1.0, mx-16.1, idp-4.2.0, srx-17.3, vmx-17.4, isg-3.5.141818, vsrx-17.4, srx-branch-17.4, isg-3.0.0, isg-3.1.134269, isg-3.1.135801, isg-3.4.0, vsrx3bsd-18.2, isg-3.5.0, srx-19.1, vsrx3bsd-19.1, vsrx-19.1, j-series-9.5, vsrx-19.2, srx-19.2, srx-branch-19.2, idp-4.2.110100823, srx-19.4, vsrx3bsd-19.4, srx-branch-19.4, vsrx-19.4, vmx-19.4, mx-19.4, idp-4.2.110101203, idp-5.1.0, srx-branch-19.1, idp-4.1.110110609, idp-4.1.110110719, mx-11.4, vsrx3bsd-19.2, idp-5.0.0, srx-18.2, isg-3.4.139899, idp-5.0.110121210, srx-12.1, srx-branch-12.1, isg-3.4.140032, idp-5.0.110130325, vsrx-12.1, srx-17.4, idp-5.1.110170603, vsrx-15.1

References:

  • bugtraq: 20200129
  • url: https://ftp.openbsd.org/pub/openbsd/patches/6.6/common/019_smtpd_exec.patch.sig
  • cve: CVE-2020-7247

Affected Products:

  • Debian debian_linux 10.0
  • Debian debian_linux 9.0
  • Openbsd opensmtpd 6.6

HTTP:SCRIPT-INJ-VUL-93 - HTTP: SCRIPT-INJ Infection-93

Severity: MEDIUM

Description:

This signature detects an attempt to download exploits from malicious exploit kits that may compromise a computer through various vendor vulnerabilities. Exploit kits are very specific type of toolkits which are being used by cybercriminals to deliver other pieces of malware.

Supported On:

srx-17.3, vsrx-17.4, srx-17.4, vsrx3bsd-18.2, srx-18.2, srx-19.1, vsrx3bsd-19.1, vsrx-19.1, vsrx-19.2, srx-19.2, vsrx3bsd-19.2, srx-19.4, vsrx3bsd-19.4, vsrx-19.4, vsrx-15.1, srx-12.1

HTTP:STC:ADOBE:CVE-2020-3742-CE - HTTP: Adobe Acrobat Reader CVE-2020-3742 Remote Code Execution

Severity: HIGH

Description:

This signature detects attempts to exploit a known vulnerability against Adobe Acrobat Reader. A successful attack can lead to arbitrary code execution.

Supported On:

idp-5.1.110161014, idp-4.1.0, mx-16.1, srx-17.3, vmx-17.4, isg-3.5.141818, vsrx-17.4, srx-branch-17.4, srx-17.4, idp-5.1.110170603, vsrx3bsd-18.2, srx-18.2, srx-19.1, vsrx3bsd-19.1, vsrx-19.1, srx-branch-19.1, vsrx-19.2, srx-19.2, srx-branch-19.2, vsrx3bsd-19.2, srx-19.4, vsrx3bsd-19.4, srx-branch-19.4, vsrx-19.4, vmx-19.4, mx-19.4, j-series-9.5, mx-11.4, srx-12.1, srx-branch-12.1, vsrx-12.1, vsrx-15.1

References:

  • url: https://helpx.adobe.com/security/products/acrobat/apsb20-05.html
  • cve: CVE-2020-3742

HTTP:STC:ADOBE:CVE-2020-3755-ID - HTTP: Adobe Acrobat and Reader CVE-2020-3755 Information Disclosure

Severity: MEDIUM

Description:

This signature detects attempts to exploit a known vulnerability against Adobe Acrobat and Reader. A successful attack can lead to sensitive information disclosure.

Supported On:

idp-5.1.110161014, idp-4.1.0, mx-16.1, srx-17.3, vmx-17.4, isg-3.5.141818, vsrx-17.4, srx-branch-17.4, srx-17.4, idp-5.1.110170603, vsrx3bsd-18.2, srx-18.2, srx-19.1, vsrx3bsd-19.1, vsrx-19.1, srx-branch-19.1, vsrx-19.2, srx-19.2, srx-branch-19.2, vsrx3bsd-19.2, srx-19.4, vsrx3bsd-19.4, srx-branch-19.4, vsrx-19.4, vmx-19.4, mx-19.4, j-series-9.5, mx-11.4, srx-12.1, srx-branch-12.1, vsrx-12.1, vsrx-15.1

References:

  • url: https://helpx.adobe.com/security/products/acrobat/apsb20-05.html
  • cve: CVE-2020-3755

HTTP:STC:ADOBE:CVE-2020-3749-CE - HTTP: Adobe Acrobat Reader CVE-2020-3749 Remote Code Execution

Severity: HIGH

Description:

This signature detects attempts to exploit a known vulnerability against Adobe Acrobat Reader. A successful attack can lead to arbitrary code execution.

Supported On:

idp-5.1.110161014, idp-4.1.0, mx-16.1, srx-17.3, vmx-17.4, isg-3.5.141818, vsrx-17.4, srx-branch-17.4, srx-17.4, idp-5.1.110170603, vsrx3bsd-18.2, srx-18.2, srx-19.1, vsrx3bsd-19.1, vsrx-19.1, srx-branch-19.1, vsrx-19.2, srx-19.2, srx-branch-19.2, vsrx3bsd-19.2, srx-19.4, vsrx3bsd-19.4, srx-branch-19.4, vsrx-19.4, vmx-19.4, mx-19.4, j-series-9.5, mx-11.4, srx-12.1, srx-branch-12.1, vsrx-12.1, vsrx-15.1

References:

  • url: https://helpx.adobe.com/security/products/acrobat/apsb20-05.html
  • cve: CVE-2020-3749

HTTP:STC:ADOBE:CVE-2020-3744-ID - HTTP: Adobe Acrobat and Reader CVE-2020-3744 Information Disclosure

Severity: MEDIUM

Description:

This signature detects attempts to exploit a known vulnerability against Adobe Acrobat and Reader. A successful attack can lead to sensitive information disclosure.

Supported On:

idp-5.1.110161014, idp-4.1.0, mx-16.1, srx-17.3, vmx-17.4, isg-3.5.141818, vsrx-17.4, srx-branch-17.4, srx-17.4, idp-5.1.110170603, vsrx3bsd-18.2, srx-18.2, srx-19.1, vsrx3bsd-19.1, vsrx-19.1, srx-branch-19.1, vsrx-19.2, srx-19.2, srx-branch-19.2, vsrx3bsd-19.2, srx-19.4, vsrx3bsd-19.4, srx-branch-19.4, vsrx-19.4, vmx-19.4, mx-19.4, j-series-9.5, mx-11.4, srx-12.1, srx-branch-12.1, vsrx-12.1, vsrx-15.1

References:

  • url: https://helpx.adobe.com/security/products/acrobat/apsb20-05.html
  • cve: CVE-2020-3744

HTTP:ORACLE-E-BS-SQLINJ - HTTP: Oracle E-Business Suite Multiple Components SQL Injection

Severity: MEDIUM

Description:

This signature detects attempts to exploit a known vulnerability against Oracle E-Business Suite Multiple Components. A successful attack can lead to command injection and arbitrary code execution.

Supported On:

idp-5.1.110161014, idp-4.0.0, idp-4.0.110090709, idp-4.0.110090831, idp-4.1.0, mx-16.1, idp-4.2.0, srx-17.3, vmx-17.4, isg-3.5.141818, vsrx-17.4, srx-branch-17.4, isg-3.0.0, isg-3.1.134269, isg-3.1.135801, isg-3.4.0, vsrx3bsd-18.2, isg-3.5.0, srx-19.1, vsrx3bsd-19.1, vsrx-19.1, j-series-9.5, vsrx-19.2, srx-19.2, srx-branch-19.2, idp-4.2.110100823, srx-19.4, vsrx3bsd-19.4, srx-branch-19.4, vsrx-19.4, vmx-19.4, mx-19.4, idp-4.2.110101203, idp-5.1.0, srx-branch-19.1, idp-4.1.110110609, idp-4.1.110110719, mx-11.4, vsrx3bsd-19.2, idp-5.0.0, srx-18.2, isg-3.4.139899, idp-5.0.110121210, srx-12.1, srx-branch-12.1, isg-3.4.140032, idp-5.0.110130325, vsrx-12.1, srx-17.4, idp-5.1.110170603, vsrx-15.1

References:

  • cve: CVE-2020-2587
  • cve: CVE-2020-2586
  • url: https://www.oracle.com/security-alerts/cpuapr2019.html
  • cve: CVE-2019-2638

Affected Products:

  • Oracle human_resources 12.1.3
  • Oracle human_resources 12.2.6
  • Oracle human_resources 12.2.5
  • Oracle human_resources 12.2.9
  • Oracle human_resources 12.2.4
  • Oracle human_resources 12.1.1
  • Oracle human_resources 12.2.3
  • Oracle human_resources 12.1.2
  • Oracle human_resources 12.2.7

HTTP:STC:ADOBE:CVE-2020-3751-CE - HTTP: Adobe Acrobat and Reader CVE-2020-3751 Remote Code Execution

Severity: HIGH

Description:

This signature detects attempts to exploit a known vulnerability against Adobe Acrobat and Reader. A successful attack can lead to arbitrary code execution.

Supported On:

idp-5.1.110161014, idp-4.1.0, mx-16.1, srx-17.3, vmx-17.4, isg-3.5.141818, vsrx-17.4, srx-branch-17.4, srx-17.4, idp-5.1.110170603, vsrx3bsd-18.2, srx-18.2, srx-19.1, vsrx3bsd-19.1, vsrx-19.1, srx-branch-19.1, vsrx-19.2, srx-19.2, srx-branch-19.2, vsrx3bsd-19.2, srx-19.4, vsrx3bsd-19.4, srx-branch-19.4, vsrx-19.4, vmx-19.4, mx-19.4, j-series-9.5, mx-11.4, srx-12.1, srx-branch-12.1, vsrx-12.1, vsrx-15.1

References:

  • url: https://helpx.adobe.com/security/products/acrobat/apsb20-05.html
  • cve: CVE-2020-3751

HTTP:STC:IE:IFRAME-NAME-OF - HTTP: Internet Explorer Malformed IFRAME Buffer Overflow

Severity: CRITICAL

Description:

This signature detects an HTML document containing a maliciously crafted IFRAME tag. Attackers can place this document on a malicious Web server to exploit clients that attempt to view the document using Microsoft Internet Explorer.

Supported On:

idp-5.1.110161014, idp-4.0.0, idp-4.0.110090709, idp-4.0.110090831, idp-4.1.0, mx-16.1, idp-4.2.0, srx-17.3, vmx-17.4, idp-5.0.0, vsrx-17.4, srx-branch-17.4, isg-3.0.0, idp-5.1.110170603, isg-3.1.135801, isg-3.4.0, vsrx3bsd-18.2, isg-3.5.0, srx-19.1, vsrx3bsd-19.1, vsrx-19.1, srx-branch-19.1, vsrx-19.2, srx-19.2, srx-branch-19.2, vsrx3bsd-19.2, srx-19.4, vsrx3bsd-19.4, srx-branch-19.4, vsrx-19.4, vmx-19.4, mx-19.4, idp-4.2.110101203, idp-5.1.0, j-series-9.5, idp-4.1.110110609, idp-4.1.110110719, mx-11.4, idp-4.2.110100823, isg-3.5.141818, srx-18.2, isg-3.4.139899, idp-5.0.110121210, srx-12.1, srx-branch-12.1, isg-3.4.140032, idp-5.0.110130325, vsrx-12.1, srx-17.4, isg-3.1.134269, vsrx-15.1

References:

  • bugtraq: 11515
  • url: http://www.kb.cert.org/vuls/id/842160
  • cve: CVE-2004-1050

Affected Products:

  • Microsoft internet_explorer 6.0
  • Avaya definityone_media_servers R10
  • Avaya definityone_media_servers R12
  • Avaya ip600_media_servers R12
  • Avaya ip600_media_servers R10
  • Avaya s3400_message_application_server
  • Avaya s8100_media_servers R12
  • Avaya definityone_media_servers
  • Avaya ip600_media_servers
  • Avaya ip600_media_servers R11
  • Avaya ip600_media_servers R9
  • Avaya ip600_media_servers R8
  • Avaya ip600_media_servers R7
  • Avaya ip600_media_servers R6
  • Avaya definityone_media_servers R6
  • Avaya definityone_media_servers R7
  • Avaya definityone_media_servers R8
  • Avaya definityone_media_servers R9
  • Avaya s8100_media_servers R9
  • Avaya s8100_media_servers R8
  • Avaya s8100_media_servers R7
  • Avaya s8100_media_servers R6
  • Microsoft internet_explorer 6.0 SP1
  • Avaya s8100_media_servers R10
  • Avaya s8100_media_servers
  • Avaya s8100_media_servers R11
  • Avaya definityone_media_servers R11
  • Avaya modular_messaging S3400

HTTP:STC:ADOBE:CVE-2020-3748-CE - HTTP: Adobe Acrobat and Reader CVE-2020-3748 Remote Code Execution

Severity: HIGH

Description:

This signature detects attempts to exploit a known vulnerability against Adobe Acrobat and Reader. A successful attack can lead to arbitrary code execution.

Supported On:

idp-5.1.110161014, idp-4.1.0, mx-16.1, srx-17.3, vmx-17.4, isg-3.5.141818, vsrx-17.4, srx-branch-17.4, srx-17.4, idp-5.1.110170603, vsrx3bsd-18.2, srx-18.2, srx-19.1, vsrx3bsd-19.1, vsrx-19.1, srx-branch-19.1, vsrx-19.2, srx-19.2, srx-branch-19.2, vsrx3bsd-19.2, srx-19.4, vsrx3bsd-19.4, srx-branch-19.4, vsrx-19.4, vmx-19.4, mx-19.4, j-series-9.5, mx-11.4, srx-12.1, srx-branch-12.1, vsrx-12.1, vsrx-15.1

References:

  • url: https://helpx.adobe.com/security/products/acrobat/apsb20-05.html
  • cve: CVE-2020-3748

HTTP:STC:DL:CVE-2020-0817-RCE - HTTP: Microsoft Remote Desktop Client CVE-2020-0817 Remote Code Execution

Severity: HIGH

Description:

This signature detects attempts to exploit a known vulnerability against Microsoft Remote Desktop Client. A successful attack can lead to arbitrary code execution.

Supported On:

idp-5.1.110161014, idp-4.0.0, idp-4.0.110090709, idp-4.0.110090831, idp-4.1.0, mx-16.1, idp-4.2.0, srx-17.3, vmx-17.4, idp-5.0.0, vsrx-17.4, srx-branch-17.4, srx-17.4, isg-3.1.134269, isg-3.1.135801, isg-3.4.0, vsrx3bsd-18.2, isg-3.5.0, srx-19.1, vsrx3bsd-19.1, vsrx-19.1, j-series-9.5, vsrx-19.2, srx-19.2, srx-branch-19.2, idp-4.2.110100823, srx-19.4, vsrx3bsd-19.4, srx-branch-19.4, vsrx-19.4, vmx-19.4, mx-19.4, idp-4.2.110101203, idp-5.1.0, srx-branch-19.1, idp-4.1.110110609, idp-4.1.110110719, mx-11.4, vsrx3bsd-19.2, isg-3.5.141818, srx-18.2, isg-3.4.139899, idp-5.0.110121210, srx-12.1, srx-branch-12.1, isg-3.4.140032, idp-5.0.110130325, vsrx-12.1, isg-3.0.0, idp-5.1.110170603, vsrx-15.1

References:

  • cve: CVE-2020-0817
Site Map
RSS Feeds
Careers
Accessibility
Feedback
Privacy Policy
Legal Notices
Copyright © 1999-2010 Juniper Networks, Inc. All rights reserved.
Help
|
My Account
|
Log Out