Juniper Networks
Solutions
Products & Services
Company
Partners
Support
Education

Update Details

Security Intelligence Center
Print

Update #3265 (03/24/2020)

19 new signatures:

MEDIUMHTTP:STC:DL:NITROPRO-JS-API-RCEHTTP: Nitro Pro PDF Reader Javascript API Remote Code Execution
MEDIUMHTTP:STC:ADOBE:XPS-MUL-IDHTTP: Adobe XPS Multiple Information Disclosure
HIGHHTTP:CTS:CVE-2017-8046-RCEHTTP: Spring Data REST CVE-2017-8046 Remote Code Execution
MEDIUMHTTP:SUSP-HDR-REDRCT-VUL-107HTTP: SUSP-HDR-REDRCT Infection-107
CRITICALHTTP:CTS:CNTREON-SRVRCONCONF-CIHTTP: Centreon ServerConnectionConfigurationService.php Command Injection
CRITICALHTTP:STC:SCRIPT:CVE-2017-8540HTTP: Microsoft Malware Protection Engine CVE-2017-8540 Remote Code Execution
HIGHHTTP:STC:IE:CVE-2017-8747-CEHTTP: Microsoft Internet Explorer CVE-2017-8747 Remote Code Execution
HIGHHTTP:CTS:HASHICORP-CONSUL-RCEHTTP: Hashicorp Consul Rexec Remote Command Execution
LOWHTTP:XSS:WRDPRS-PHOTOGLRY-SXSSHTTP: WordPress 10Web Photo Gallery Plugin Two Stored Cross-Site Scripting
MEDIUMHTTP:STC:ADOBE:CVE-2018-4981-CEHTTP: Adobe Flash Player EMF File CVE-2018-4981 Remote Code Execution
LOWHTTP:XSS:MS-SP-DISPLAYNAME-SXSSHTTP: Microsoft SharePoint Server Stored Cross-Site Scripting
MEDIUMHTTP:STC:ADOBE:CVE-2018-4973-IDHTTP: Adobe Acrobat Malformed JPEG CVE-2018-4973 Information Disclosure
HIGHHTTP:STC:FASTERXML-JACKSON-CEHTTP: FasterXML Jackson Databind Remote Code Execution
MEDIUMMISC:OPEN-BGP-RAND-AS-ID-DOSMISC: Open BGP Random AS ID Denial of Service
HIGHAPP:ORACLE:WL-LIMFILTER-INS-DESAPP: Oracle Weblogic LimitFilter Insecure Deserialization
HIGHHTTP:STC:ADOBE:CVE-2020-3805-CEHTTP: Adobe Acrobat Reader CVE-2020-3805 Remote Code Execution
MEDIUMHTTP:STC:SWF:CVE-2018-15978-IDHTTP: Adobe Flash CVE-2018-15978 Information Disclosure
HIGHHTTP:CTS:JIRA-JAR-RCEHTTP: Atlassian JIRA Plugin Jar Upload Remote Code Execution
HIGHHTTP:STC:SWF:MUL-RCEHTTP: Adobe Flash Player Multiple Remote Code Execution

4 updated signatures:

CRITICALCHAT:ICQ:ISS-BLACKICE-OFICQ: ISS BlackIce ICQ Decoder META_USER Buffer Overflow
HIGHNFS:LINUX-NFS-DOSNFS: Linux Kernel NFSv4 nfsd PNFS Denial of Service
HIGHSMB:MS-CVE-2020-0796-RCESMB: Microsoft Windows CVE-2020-0796 SMBv3 Client/Server Remote Code Execution
MEDIUMHTTP:MAL-REDIRECT-VUL-106HTTP: MAL-REDIRECT Infection-106


Details of the signatures included within this bulletin:

HTTP:CTS:CVE-2017-8046-RCE - HTTP: Spring Data REST CVE-2017-8046 Remote Code Execution

Severity: HIGH

Description:

This signature detects attempts to exploit a known vulnerability against Spring Data REST. A successful attack can lead to arbitrary code execution.

Supported On:

idp-5.1.110161014, idp-4.0.0, idp-4.0.110090709, idp-4.0.110090831, idp-4.1.0, mx-16.1, idp-4.2.0, srx-17.3, vmx-17.4, isg-3.5.141818, vsrx-17.4, srx-branch-17.4, isg-3.0.0, isg-3.1.134269, isg-3.1.135801, isg-3.4.0, vsrx3bsd-18.2, isg-3.5.0, srx-19.1, vsrx3bsd-19.1, vsrx-19.1, j-series-9.5, vsrx-19.2, srx-19.2, srx-branch-19.2, idp-4.2.110100823, srx-19.4, vsrx3bsd-19.4, srx-branch-19.4, vsrx-19.4, vmx-19.4, mx-19.4, idp-4.2.110101203, idp-5.1.0, srx-branch-19.1, idp-4.1.110110609, idp-4.1.110110719, mx-11.4, vsrx3bsd-19.2, idp-5.0.0, srx-18.2, isg-3.4.139899, idp-5.0.110121210, srx-12.1, srx-branch-12.1, isg-3.4.140032, idp-5.0.110130325, vsrx-12.1, srx-17.4, idp-5.1.110170603, vsrx-15.1

References:

  • bugtraq: 100948
  • cve: CVE-2017-8046

Affected Products:

  • Pivotal_software spring_data_rest 2.6
  • Pivotal_software spring_boot 1.1.4
  • Pivotal_software spring_boot 1.3.0
  • Pivotal_software spring_data_rest 2.1.4
  • Pivotal_software spring_data_rest 2.5.8
  • Pivotal_software spring_data_rest 2.6.4
  • Pivotal_software spring_data_rest 2.1.2
  • Pivotal_software spring_data_rest 2.6.6
  • Pivotal_software spring_boot 1.2.4
  • Pivotal_software spring_data_rest 2.1.0
  • Pivotal_software spring_data_rest 2.6.0
  • Pivotal_software spring_boot 1.2.6
  • Pivotal_software spring_data_rest 2.5.2
  • Pivotal_software spring_data_rest 2.6.2
  • Pivotal_software spring_boot 1.2.0
  • Pivotal_software spring_boot 1.5.8
  • Pivotal_software spring_data_rest 2.5.0
  • Pivotal_software spring_data_rest 2.2.0
  • Pivotal_software spring_boot 1.2.2
  • Pivotal_software spring_boot 1.5.6
  • Pivotal_software spring_data_rest 2.5.6
  • Pivotal_software spring_data_rest 2.2.2
  • Pivotal_software spring_boot 1.5.4
  • Pivotal_software spring_data_rest 2.5.4
  • Pivotal_software spring_data_rest 2.2.4
  • Pivotal_software spring_boot 1.5.2
  • Pivotal_software spring_boot 1.0.2
  • Pivotal_software spring_boot 2.0.0
  • Pivotal_software spring_boot 1.2.8
  • Pivotal_software spring_boot 1.5.0
  • Pivotal_software spring_boot 1.0.0
  • Pivotal_software spring_data_rest 2.5.11
  • Pivotal_software spring_boot 1.1.12
  • Pivotal_software spring_boot 1.1.10
  • Pivotal_software spring_boot 1.4.2
  • Pivotal_software spring_boot 1.1.9
  • Pivotal_software spring_boot 1.4.0
  • Pivotal_software spring_boot 1.3.1
  • Pivotal_software spring_boot 1.4.6
  • Pivotal_software spring_boot 1.3.3
  • Pivotal_software spring_data_rest 1.0.0
  • Pivotal_software spring_data_rest 2.0.2
  • Pivotal_software spring_boot 1.4.4
  • Pivotal_software spring_boot 1.3.5
  • Pivotal_software spring_data_rest 2.4.6
  • Pivotal_software spring_data_rest 2.3.0
  • Pivotal_software spring_data_rest 2.0.0
  • Pivotal_software spring_boot 1.1.8
  • Pivotal_software spring_boot 1.3.7
  • Pivotal_software spring_data_rest 2.4.4
  • Pivotal_software spring_boot 1.1.3
  • Pivotal_software spring_data_rest 2.3.2
  • Pivotal_software spring_data_rest 2.4.2
  • Pivotal_software spring_boot 1.1.1
  • Pivotal_software spring_data_rest 2.4.0
  • Pivotal_software spring_boot 1.1.7
  • Pivotal_software spring_boot 1.1.5
  • Pivotal_software spring_data_rest 2.6.5
  • Pivotal_software spring_data_rest 2.1.5
  • Pivotal_software spring_data_rest 2.5.9
  • Pivotal_software spring_data_rest 2.6.7
  • Pivotal_software spring_data_rest 2.6.1
  • Pivotal_software spring_boot 1.2.5
  • Pivotal_software spring_data_rest 2.1.1
  • Pivotal_software spring_data_rest 2.6.3
  • Pivotal_software spring_boot 1.2.7
  • Pivotal_software spring_data_rest 3.0.0
  • Pivotal_software spring_data_rest 2.5.3
  • Pivotal_software spring_data_rest 2.2.1
  • Pivotal_software spring_boot 1.2.1
  • Pivotal_software spring_boot 1.5.7
  • Pivotal_software spring_data_rest 2.5.1
  • Pivotal_software spring_data_rest 2.2.3
  • Pivotal_software spring_boot 1.2.3
  • Pivotal_software spring_data_rest 1.1.0
  • Pivotal_software spring_boot 1.5.5
  • Pivotal_software spring_data_rest 2.5.7
  • Pivotal_software spring_boot 1.5.3
  • Pivotal_software spring_data_rest 2.5.5
  • Pivotal_software spring_boot 1.5.1
  • Pivotal_software spring_data_rest 2.5.10
  • Pivotal_software spring_boot 1.0.1
  • Pivotal_software spring_boot 1.1.11
  • Pivotal_software spring_boot 1.4.3
  • Pivotal_software spring_boot 1.4.1
  • Pivotal_software spring_data_rest 2.4.1
  • Pivotal_software spring_data_rest 2.0.3
  • Pivotal_software spring_boot 1.4.7
  • Pivotal_software spring_boot 1.3.2
  • Pivotal_software spring_data_rest 2.0.1
  • Pivotal_software spring_boot 1.4.5
  • Pivotal_software spring_boot 1.3.4
  • Pivotal_software spring_data_rest 2.4.5
  • Pivotal_software spring_data_rest 2.6.8
  • Pivotal_software spring_data_rest 2.3.1
  • Pivotal_software spring_boot 1.3.6
  • Pivotal_software spring_boot 1.1.2
  • Pivotal_software spring_boot 1.3.8
  • Pivotal_software spring_boot 0.5.0
  • Pivotal_software spring_boot 1.1.0
  • Pivotal_software spring_boot 1.1.6
  • Pivotal_software spring_data_rest 2.1.6

HTTP:XSS:MS-SP-DISPLAYNAME-SXSS - HTTP: Microsoft SharePoint Server Stored Cross-Site Scripting

Severity: LOW

Description:

This signature detects attempts to exploit a known cross-site scripting vulnerability against Microsoft SharePoint Server. It is due to insufficient validation of user-supplied input. Attackers can steal cookie-based authentication credentials and launch other attacks.

Supported On:

idp-5.1.110161014, idp-4.0.0, idp-4.0.110090709, idp-4.0.110090831, idp-4.1.0, mx-16.1, idp-4.2.0, srx-17.3, vmx-17.4, isg-3.5.141818, vsrx-17.4, srx-branch-17.4, isg-3.0.0, isg-3.1.134269, isg-3.1.135801, isg-3.4.0, vsrx3bsd-18.2, isg-3.5.0, srx-19.1, vsrx3bsd-19.1, vsrx-19.1, j-series-9.5, vsrx-19.2, srx-19.2, srx-branch-19.2, idp-4.2.110100823, srx-19.4, vsrx3bsd-19.4, srx-branch-19.4, vsrx-19.4, vmx-19.4, mx-19.4, idp-4.2.110101203, idp-5.1.0, srx-branch-19.1, idp-4.1.110110609, idp-4.1.110110719, mx-11.4, vsrx3bsd-19.2, idp-5.0.0, srx-18.2, isg-3.4.139899, idp-5.0.110121210, srx-12.1, srx-branch-12.1, isg-3.4.140032, idp-5.0.110130325, vsrx-12.1, srx-17.4, idp-5.1.110170603, vsrx-15.1

References:

  • cve: CVE-2020-0693

Affected Products:

  • Microsoft sharepoint_enterprise_server 2013
  • Microsoft sharepoint_enterprise_server 2016
  • Microsoft sharepoint_enterprise_server 2019

HTTP:STC:SCRIPT:CVE-2017-8540 - HTTP: Microsoft Malware Protection Engine CVE-2017-8540 Remote Code Execution

Severity: CRITICAL

Description:

This signature detects attempts to exploit a known vulnerability against Microsoft Malware Protection Engine. A successful attack can lead to arbitrary code execution.

Supported On:

idp-5.1.110161014, idp-4.0.0, idp-4.0.110090709, idp-4.0.110090831, idp-4.1.0, mx-16.1, idp-4.2.0, srx-17.3, vmx-17.4, isg-3.5.141818, vsrx-17.4, srx-branch-17.4, srx-17.4, isg-3.1.134269, isg-3.1.135801, isg-3.4.0, vsrx3bsd-18.2, isg-3.5.0, srx-19.1, vsrx3bsd-19.1, vsrx-19.1, j-series-9.5, vsrx-19.2, srx-19.2, srx-branch-19.2, idp-4.2.110100823, srx-19.4, vsrx3bsd-19.4, srx-branch-19.4, vsrx-19.4, vmx-19.4, mx-19.4, idp-4.2.110101203, idp-5.1.0, srx-branch-19.1, idp-4.1.110110609, idp-4.1.110110719, mx-11.4, vsrx3bsd-19.2, idp-5.0.0, srx-18.2, isg-3.4.139899, idp-5.0.110121210, srx-12.1, srx-branch-12.1, isg-3.4.140032, idp-5.0.110130325, vsrx-12.1, idp-5.1.110170603, vsrx-15.1

References:

  • bugtraq: 98703
  • cve: CVE-2017-8540

Affected Products:

  • Microsoft windows_defender -
  • Microsoft forefront_security -
  • Microsoft malware_protection_engine 1.1.13704.0

HTTP:STC:IE:CVE-2017-8747-CE - HTTP: Microsoft Internet Explorer CVE-2017-8747 Remote Code Execution

Severity: HIGH

Description:

This signature detects attempts to exploit a known vulnerability against Microsoft IE. A successful attack can lead to arbitrary code execution.

Supported On:

idp-5.1.110161014, idp-4.0.0, idp-4.0.110090709, idp-4.0.110090831, idp-4.1.0, mx-16.1, idp-4.2.0, srx-17.3, vmx-17.4, isg-3.5.141818, vsrx-17.4, srx-branch-17.4, srx-17.4, isg-3.1.134269, isg-3.1.135801, isg-3.4.0, vsrx3bsd-18.2, isg-3.5.0, srx-19.1, vsrx3bsd-19.1, vsrx-19.1, j-series-9.5, vsrx-19.2, srx-19.2, srx-branch-19.2, idp-4.2.110100823, srx-19.4, vsrx3bsd-19.4, srx-branch-19.4, vsrx-19.4, vmx-19.4, mx-19.4, idp-4.2.110101203, idp-5.1.0, srx-branch-19.1, idp-4.1.110110609, idp-4.1.110110719, mx-11.4, vsrx3bsd-19.2, idp-5.0.0, srx-18.2, isg-3.4.139899, idp-5.0.110121210, srx-12.1, srx-branch-12.1, isg-3.4.140032, idp-5.0.110130325, vsrx-12.1, idp-5.1.110170603, vsrx-15.1

References:

  • url: https://portal.msrc.microsoft.com/en-us/security-guidance/advisory/CVE-2017-8747
  • cve: CVE-2017-8747

Affected Products:

  • Microsoft internet_explorer 11
  • Microsoft internet_explorer 10

HTTP:CTS:HASHICORP-CONSUL-RCE - HTTP: Hashicorp Consul Rexec Remote Command Execution

Severity: HIGH

Description:

This signature detects attempts to exploit a known vulnerability against Hashicorp Consul. A successful attack can lead to arbitrary code execution.

Supported On:

idp-5.1.110161014, idp-4.0.0, idp-4.0.110090709, idp-4.0.110090831, idp-4.1.0, mx-16.1, idp-4.2.0, srx-17.3, vmx-17.4, isg-3.5.141818, vsrx-17.4, srx-branch-17.4, isg-3.0.0, isg-3.1.134269, isg-3.1.135801, isg-3.4.0, vsrx3bsd-18.2, isg-3.5.0, srx-19.1, vsrx3bsd-19.1, vsrx-19.1, j-series-9.5, vsrx-19.2, srx-19.2, srx-branch-19.2, idp-4.2.110100823, srx-19.4, vsrx3bsd-19.4, srx-branch-19.4, vsrx-19.4, vmx-19.4, mx-19.4, idp-4.2.110101203, idp-5.1.0, srx-branch-19.1, idp-4.1.110110609, idp-4.1.110110719, mx-11.4, vsrx3bsd-19.2, idp-5.0.0, srx-18.2, isg-3.4.139899, idp-5.0.110121210, srx-12.1, srx-branch-12.1, isg-3.4.140032, idp-5.0.110130325, vsrx-12.1, srx-17.4, idp-5.1.110170603, vsrx-15.1

References:

  • url: https://www.consul.io/docs/agent/options.html#disable_remote_exec
  • url: https://www.consul.io/docs/commands/exec.html
  • url: https://github.com/torque59/Garfield

HTTP:XSS:WRDPRS-PHOTOGLRY-SXSS - HTTP: WordPress 10Web Photo Gallery Plugin Two Stored Cross-Site Scripting

Severity: LOW

Description:

This signature detects attempts to exploit a known cross-site scripting vulnerability against 10Web Photo Gallery Plugin for WordPress. It is due to insufficient validation of user-supplied input. Attackers can steal cookie-based authentication credentials and launch other attacks.

Supported On:

idp-5.1.110161014, idp-4.0.0, idp-4.0.110090709, idp-4.0.110090831, idp-4.1.0, mx-16.1, idp-4.2.0, srx-17.3, vmx-17.4, isg-3.5.141818, vsrx-17.4, srx-branch-17.4, isg-3.0.0, isg-3.1.134269, isg-3.1.135801, isg-3.4.0, vsrx3bsd-18.2, isg-3.5.0, srx-19.1, vsrx3bsd-19.1, vsrx-19.1, j-series-9.5, vsrx-19.2, srx-19.2, srx-branch-19.2, idp-4.2.110100823, srx-19.4, vsrx3bsd-19.4, srx-branch-19.4, vsrx-19.4, vmx-19.4, mx-19.4, idp-4.2.110101203, idp-5.1.0, srx-branch-19.1, idp-4.1.110110609, idp-4.1.110110719, mx-11.4, vsrx3bsd-19.2, idp-5.0.0, srx-18.2, isg-3.4.139899, idp-5.0.110121210, srx-12.1, srx-branch-12.1, isg-3.4.140032, idp-5.0.110130325, vsrx-12.1, srx-17.4, idp-5.1.110170603, vsrx-15.1

References:

  • cve: CVE-2020-9335

Affected Products:

  • 10web photo_gallery 1.3.7
  • 10web photo_gallery 1.2.107
  • 10web photo_gallery 1.3.54
  • 10web photo_gallery 1.2.92
  • 10web photo_gallery 1.2.42
  • 10web photo_gallery 1.4.8
  • 10web photo_gallery 1.5.18
  • 10web photo_gallery 1.2.101
  • 10web photo_gallery 1.3.57
  • 10web photo_gallery 1.3.39
  • 10web photo_gallery 1.2.94
  • 10web photo_gallery 1.2.40
  • 10web photo_gallery 1.0.5
  • 10web photo_gallery 1.2.103
  • 10web photo_gallery 1.2.59
  • 10web photo_gallery 1.3.21
  • 10web photo_gallery 1.4.7
  • 10web photo_gallery 1.2.21
  • 10web photo_gallery 1.2.96
  • 10web photo_gallery 1.2.46
  • 10web photo_gallery 1.0.7
  • 10web photo_gallery 1.2.20
  • 10web photo_gallery 1.3.27
  • 10web photo_gallery 1.5.35
  • 10web photo_gallery 1.1.24
  • 10web photo_gallery 1.2.44
  • 10web photo_gallery 1.3.68
  • 10web photo_gallery 1.0.1
  • 10web photo_gallery 1.1.22
  • 10web photo_gallery 1.5.19
  • 10web photo_gallery 1.4.12
  • 10web photo_gallery 1.3.25
  • 10web photo_gallery 1.5.33
  • 10web photo_gallery 1.1.26
  • 10web photo_gallery 1.0.3
  • 10web photo_gallery 1.5.3
  • 10web photo_gallery 1.4.10
  • 10web photo_gallery 1.3.31
  • 10web photo_gallery 1.5.31
  • 10web photo_gallery 1.3.42
  • 10web photo_gallery 1.2.48
  • 10web photo_gallery 1.4.1
  • 10web photo_gallery 1.2.36
  • 10web photo_gallery 1.4.4
  • 10web photo_gallery 1.4.16
  • 10web photo_gallery 1.3.33
  • 10web photo_gallery 1.3.41
  • 10web photo_gallery 1.3.66
  • 10web photo_gallery 1.2.34
  • 10web photo_gallery 1.1.17
  • 10web photo_gallery 1.5.42
  • 10web photo_gallery 1.4.14
  • 10web photo_gallery 1.3.35
  • 10web photo_gallery 1.3.43
  • 10web photo_gallery 1.2.7
  • 10web photo_gallery 1.5.15
  • 10web photo_gallery 1.3.50
  • 10web photo_gallery 1.0.9
  • 10web photo_gallery 1.5.9
  • 10web photo_gallery 1.2.75
  • 10web photo_gallery 1.2.87
  • 10web photo_gallery 1.2.19
  • 10web photo_gallery 1.3.45
  • 10web photo_gallery 1.2.23
  • 10web photo_gallery 1.2.5
  • 10web photo_gallery 1.5.17
  • 10web photo_gallery 1.2.30
  • 10web photo_gallery 1.2.85
  • 10web photo_gallery 1.3.13
  • 10web photo_gallery 1.3.47
  • 10web photo_gallery 1.2.3
  • 10web photo_gallery 1.5.11
  • 10web photo_gallery 1.2.79
  • 10web photo_gallery 1.1.20
  • 10web photo_gallery 1.5.5
  • 10web photo_gallery 1.5.44
  • 10web photo_gallery 1.2.83
  • 10web photo_gallery 1.3.11
  • 10web photo_gallery 1.3.49
  • 10web photo_gallery 1.2.69
  • 10web photo_gallery 1.2.1
  • 10web photo_gallery 1.5.13
  • 10web photo_gallery 1.5.7
  • 10web photo_gallery 1.2.24
  • 10web photo_gallery 1.2.81
  • 10web photo_gallery 1.3.17
  • 10web photo_gallery 1.2.71
  • 10web photo_gallery 1.1.6
  • 10web photo_gallery 1.2.32
  • 10web photo_gallery 1.5.1
  • 10web photo_gallery 1.1.2
  • 10web photo_gallery 1.5.20
  • 10web photo_gallery 1.3.15
  • 10web photo_gallery 1.2.77
  • 10web photo_gallery 1.5.40
  • 10web photo_gallery 1.2.38
  • 10web photo_gallery 1.1.4
  • 10web photo_gallery 1.5.22
  • 10web photo_gallery 1.1.11
  • 10web photo_gallery 1.2.13
  • 10web photo_gallery 1.3.59
  • 10web photo_gallery 1.3.19
  • 10web photo_gallery 1.2.54
  • 10web photo_gallery 1.2.22
  • 10web photo_gallery 1.5.24
  • 10web photo_gallery 1.1.13
  • 10web photo_gallery 1.2.99
  • 10web photo_gallery 1.2.61
  • 10web photo_gallery 1.2.9
  • 10web photo_gallery 1.5.8
  • 10web photo_gallery 1.3.56
  • 10web photo_gallery 1.2.56
  • 10web photo_gallery 1.1.8
  • 10web photo_gallery 1.5.26
  • 10web photo_gallery 1.1.15
  • 10web photo_gallery 1.3.55
  • 10web photo_gallery 1.3.67
  • 10web photo_gallery 1.2.50
  • 10web photo_gallery 1.3.28
  • 10web photo_gallery 1.5.29
  • 10web photo_gallery 1.3.53
  • 10web photo_gallery 1.3.65
  • 10web photo_gallery 1.3.18
  • 10web photo_gallery 1.3.2
  • 10web photo_gallery 1.2.52
  • 10web photo_gallery 1.2.28
  • 10web photo_gallery 1.4.5
  • 10web photo_gallery 1.3.26
  • 10web photo_gallery 1.3.51
  • 10web photo_gallery 1.3.63
  • 10web photo_gallery 1.3.0
  • 10web photo_gallery 1.3.37
  • 10web photo_gallery 1.2.104
  • 10web photo_gallery 1.4.0
  • 10web photo_gallery 1.3.9
  • 10web photo_gallery 1.2.91
  • 10web photo_gallery 1.2.43
  • 10web photo_gallery 1.2.17
  • 10web photo_gallery 1.3.6
  • 10web photo_gallery 1.2.89
  • 10web photo_gallery 1.2.106
  • 10web photo_gallery 1.3.22
  • 10web photo_gallery 1.1.31
  • 10web photo_gallery 1.2.93
  • 10web photo_gallery 1.2.41
  • 10web photo_gallery 1.4.9
  • 10web photo_gallery 1.0.4
  • 10web photo_gallery 1.3.4
  • 10web photo_gallery 1.2.100
  • 10web photo_gallery 1.2.58
  • 10web photo_gallery 1.3.20
  • 10web photo_gallery 1.3.38
  • 10web photo_gallery 1.1.19
  • 10web photo_gallery 1.2.95
  • 10web photo_gallery 1.2.47
  • 10web photo_gallery 1.0.6
  • 10web photo_gallery 1.4.2
  • 10web photo_gallery 1.2.102
  • 10web photo_gallery 1.2.11
  • 10web photo_gallery 1.4.6
  • 10web photo_gallery 1.2.45
  • 10web photo_gallery 1.3.8
  • 10web photo_gallery 1.5.27
  • 10web photo_gallery 1.1.28
  • 10web photo_gallery 1.3.24
  • 10web photo_gallery 1.5.34
  • 10web photo_gallery 1.2.84
  • 10web photo_gallery 1.1.25
  • 10web photo_gallery 1.3.69
  • 10web photo_gallery 1.0.2
  • 10web photo_gallery 1.4.13
  • 10web photo_gallery 1.3.12
  • 10web photo_gallery 1.5.32
  • 10web photo_gallery 1.1.27
  • 10web photo_gallery 1.2.49
  • 10web photo_gallery 1.3.48
  • 10web photo_gallery 1.2.108
  • 10web photo_gallery 1.3.64
  • 10web photo_gallery 1.4.11
  • 10web photo_gallery 1.3.30
  • 10web photo_gallery 1.3.40
  • 10web photo_gallery 1.5.30
  • 10web photo_gallery 1.1.21
  • 10web photo_gallery 1.5.28
  • 10web photo_gallery 1.2.37
  • 10web photo_gallery 1.5.10
  • 10web photo_gallery 1.4.17
  • 10web photo_gallery 1.3.32
  • 10web photo_gallery 1.2.78
  • 10web photo_gallery 1.2.6
  • 10web photo_gallery 1.1.23
  • 10web photo_gallery 1.0.8
  • 10web photo_gallery 1.2.35
  • 10web photo_gallery 1.5.43
  • 10web photo_gallery 1.4.15
  • 10web photo_gallery 1.3.34
  • 10web photo_gallery 1.3.44
  • 10web photo_gallery 1.2.4
  • 10web photo_gallery 1.5.14
  • 10web photo_gallery 1.2.65
  • 10web photo_gallery 1.2.73
  • 10web photo_gallery 1.2.33
  • 10web photo_gallery 1.5.41
  • 10web photo_gallery 1.4.3
  • 10web photo_gallery 1.2.86
  • 10web photo_gallery 1.2.25
  • 10web photo_gallery 1.3.36
  • 10web photo_gallery 1.3.46
  • 10web photo_gallery 1.2.2
  • 10web photo_gallery 1.5.16
  • 10web photo_gallery 1.2.31
  • 10web photo_gallery 1.1.30
  • 10web photo_gallery 1.1.18
  • 10web photo_gallery 1.2.72
  • 10web photo_gallery 1.2.0
  • 10web photo_gallery 1.1.29
  • 10web photo_gallery 1.5.4
  • 10web photo_gallery 1.1.1
  • 10web photo_gallery 1.5.45
  • 10web photo_gallery 1.2.82
  • 10web photo_gallery 1.3.10
  • 10web photo_gallery 1.2.70
  • 10web photo_gallery 1.2.68
  • 10web photo_gallery 1.5.12
  • 10web photo_gallery 1.3.52
  • 10web photo_gallery 1.5.6
  • 10web photo_gallery 1.1.3
  • 10web photo_gallery 1.3.62
  • 10web photo_gallery 1.2.80
  • 10web photo_gallery 1.1.0
  • 10web photo_gallery 1.3.16
  • 10web photo_gallery 1.2.76
  • 10web photo_gallery 1.3.61
  • 10web photo_gallery 1.5.0
  • 10web photo_gallery 1.1.5
  • 10web photo_gallery 1.5.21
  • 10web photo_gallery 1.3.14
  • 10web photo_gallery 1.2.74
  • 10web photo_gallery 1.2.26
  • 10web photo_gallery 1.2.39
  • 10web photo_gallery 1.1.7
  • 10web photo_gallery 1.2.18
  • 10web photo_gallery 1.5.23
  • 10web photo_gallery 1.1.10
  • 10web photo_gallery 1.2.98
  • 10web photo_gallery 1.3.58
  • 10web photo_gallery 1.2.8
  • 10web photo_gallery 1.2.67
  • 10web photo_gallery 1.2.55
  • 10web photo_gallery 1.1.9
  • 10web photo_gallery 1.2.15
  • 10web photo_gallery 1.5.25
  • 10web photo_gallery 1.2.27
  • 10web photo_gallery 1.1.12
  • 10web photo_gallery 1.3.23
  • 10web photo_gallery 1.2.60
  • 10web photo_gallery 1.2.10
  • 10web photo_gallery 1.2.57
  • 10web photo_gallery 1.2.88
  • 10web photo_gallery 1.1.14
  • 10web photo_gallery 1.2.62
  • 10web photo_gallery 1.2.12
  • 10web photo_gallery 1.3.3
  • 10web photo_gallery 1.2.51
  • 10web photo_gallery 1.2.29
  • 10web photo_gallery 1.3.29
  • 10web photo_gallery 1.3.5
  • 10web photo_gallery 1.1.16
  • 10web photo_gallery 1.2.64
  • 10web photo_gallery 1.2.14
  • 10web photo_gallery 1.3.1
  • 10web photo_gallery 1.2.105
  • 10web photo_gallery 1.2.53
  • 10web photo_gallery 1.3.60
  • 10web photo_gallery 1.2.63
  • 10web photo_gallery 1.5.2
  • 10web photo_gallery 1.2.90
  • 10web photo_gallery 1.2.66
  • 10web photo_gallery 1.2.16

HTTP:CTS:JIRA-JAR-RCE - HTTP: Atlassian JIRA Plugin Jar Upload Remote Code Execution

Severity: HIGH

Description:

This signature detects attempts to exploit a known vulnerability against Atlassian JIRA. A successful attack can lead to arbitrary code execution.

Supported On:

idp-5.1.110161014, idp-4.0.0, idp-4.0.110090709, idp-4.0.110090831, idp-4.1.0, mx-16.1, idp-4.2.0, srx-17.3, vmx-17.4, isg-3.5.141818, vsrx-17.4, srx-branch-17.4, isg-3.0.0, isg-3.1.134269, isg-3.1.135801, isg-3.4.0, vsrx3bsd-18.2, isg-3.5.0, srx-19.1, vsrx3bsd-19.1, vsrx-19.1, j-series-9.5, vsrx-19.2, srx-19.2, srx-branch-19.2, idp-4.2.110100823, srx-19.4, vsrx3bsd-19.4, srx-branch-19.4, vsrx-19.4, vmx-19.4, mx-19.4, idp-4.2.110101203, idp-5.1.0, srx-branch-19.1, idp-4.1.110110609, idp-4.1.110110719, mx-11.4, vsrx3bsd-19.2, idp-5.0.0, srx-18.2, isg-3.4.139899, idp-5.0.110121210, srx-12.1, srx-branch-12.1, isg-3.4.140032, idp-5.0.110130325, vsrx-12.1, srx-17.4, idp-5.1.110170603, vsrx-15.1

References:

  • url: https://vulners.com/metasploit/MSF:EXPLOIT/MULTI/HTTP/JIRA_PLUGIN_UPLOAD

NFS:LINUX-NFS-DOS - NFS: Linux Kernel NFSv4 nfsd PNFS Denial of Service

Severity: HIGH

Description:

This signature detects attempts to exploit a known vulnerability in the NFSv4 component of the Linux Kernel. Successful exploitation will result in a denial-of-service condition.

Supported On:

idp-5.1.110161014, idp-4.0.0, idp-4.0.110090709, idp-4.0.110090831, idp-4.1.0, mx-16.1, idp-4.2.0, srx-17.3, vmx-17.4, isg-3.5.141818, vsrx-17.4, srx-branch-17.4, srx-17.4, isg-3.1.134269, isg-3.1.135801, isg-3.4.0, vsrx3bsd-18.2, srx-18.2, srx-19.1, vsrx3bsd-19.1, vsrx-19.1, srx-branch-19.1, vsrx-19.2, srx-19.2, srx-branch-19.2, vsrx3bsd-19.2, srx-19.4, vsrx3bsd-19.4, srx-branch-19.4, vsrx-19.4, vmx-19.4, mx-19.4, idp-4.2.110101203, idp-5.1.0, j-series-9.5, idp-4.1.110110609, idp-4.1.110110719, mx-11.4, idp-4.2.110100823, idp-5.0.0, isg-3.5.0, isg-3.4.139899, idp-5.0.110121210, srx-12.1, srx-branch-12.1, isg-3.4.140032, idp-5.0.110130325, vsrx-12.1, isg-3.0.0, idp-5.1.110170603, vsrx-15.1

References:

  • cve: CVE-2017-8797
  • bugtraq: 99298

Affected Products:

  • Linux linux_kernel 4.11.2

APP:ORACLE:WL-LIMFILTER-INS-DES - APP: Oracle Weblogic LimitFilter Insecure Deserialization

Severity: HIGH

Description:

This signature detects attempts to exploit a known vulnerability against Oracle Weblogic. Successful exploitation could result in code execution on the target machine.

Supported On:

idp-5.1.110161014, idp-4.0.0, idp-4.0.110090709, idp-4.0.110090831, idp-4.1.0, mx-16.1, idp-4.2.0, srx-17.3, vmx-17.4, isg-3.5.141818, vsrx-17.4, srx-branch-17.4, srx-17.4, idp-5.1.110170603, isg-3.1.135801, isg-3.4.0, vsrx3bsd-18.2, isg-3.5.0, srx-19.1, vsrx3bsd-19.1, vsrx-19.1, j-series-9.5, vsrx-19.2, srx-19.2, srx-branch-19.2, idp-4.2.110100823, srx-19.4, vsrx3bsd-19.4, srx-branch-19.4, vsrx-19.4, vmx-19.4, mx-19.4, idp-4.2.110101203, idp-5.1.0, srx-branch-19.1, idp-4.1.110110609, idp-4.1.110110719, mx-11.4, vsrx3bsd-19.2, idp-5.0.0, srx-18.2, isg-3.4.139899, idp-5.0.110121210, srx-12.1, srx-branch-12.1, isg-3.4.140032, idp-5.0.110130325, vsrx-12.1, isg-3.0.0, isg-3.1.134269, vsrx-15.1

References:

  • url: https://www.oracle.com/security-alerts/cpujan2020.html
  • url: http://www.zerodayinitiative.com/advisories/zdi-20-128/
  • cve: CVE-2020-2555

Affected Products:

  • Oracle fusion_middleware 12.2.3.0.0
  • Oracle fusion_middleware 12.2.1.4.0
  • Oracle fusion_middleware 12.2.1.3.0

SMB:MS-CVE-2020-0796-RCE - SMB: Microsoft Windows CVE-2020-0796 SMBv3 Client/Server Remote Code Execution

Severity: HIGH

Description:

This signature detects attempts to exploit a known vulnerability against Microsoft Windows SMBv3 Client/Server. A successful attack can lead to arbitrary code execution.

Supported On:

idp-5.1.110161014, idp-4.0.0, idp-4.0.110090709, idp-4.0.110090831, idp-4.1.0, mx-16.1, idp-4.2.0, srx-17.3, vmx-17.4, isg-3.5.141818, vsrx-17.4, srx-branch-17.4, srx-17.4, idp-5.1.110170603, isg-3.1.135801, isg-3.4.0, vsrx3bsd-18.2, srx-18.2, srx-19.1, vsrx3bsd-19.1, vsrx-19.1, j-series-9.5, vsrx-19.2, srx-19.2, srx-branch-19.2, vsrx3bsd-19.2, srx-19.4, vsrx3bsd-19.4, srx-branch-19.4, vsrx-19.4, vmx-19.4, mx-19.4, idp-4.2.110101203, idp-5.1.0, srx-branch-19.1, idp-4.1.110110609, idp-4.1.110110719, mx-11.4, idp-4.2.110100823, idp-5.0.0, isg-3.5.0, isg-3.4.139899, idp-5.0.110121210, srx-12.1, srx-branch-12.1, isg-3.4.140032, idp-5.0.110130325, vsrx-12.1, isg-3.0.0, isg-3.1.134269, vsrx-15.1

References:

  • cve: CVE-2020-0796

Affected Products:

  • Microsoft windows_server_2016 1903
  • Microsoft windows_server_2016 1909
  • Microsoft windows_10 1909
  • Microsoft windows_10 1903

HTTP:STC:ADOBE:CVE-2020-3805-CE - HTTP: Adobe Acrobat Reader CVE-2020-3805 Remote Code Execution

Severity: HIGH

Description:

This signature detects attempts to exploit a known vulnerability against Adobe Acrobat Reader. A successful attack can lead to arbitrary code execution.

Supported On:

idp-5.1.110161014, idp-4.1.0, mx-16.1, srx-17.3, vmx-17.4, isg-3.5.141818, vsrx-17.4, srx-branch-17.4, srx-17.4, idp-5.1.110170603, vsrx3bsd-18.2, srx-18.2, srx-19.1, vsrx3bsd-19.1, vsrx-19.1, srx-branch-19.1, vsrx-19.2, srx-19.2, srx-branch-19.2, vsrx3bsd-19.2, srx-19.4, vsrx3bsd-19.4, srx-branch-19.4, vsrx-19.4, vmx-19.4, mx-19.4, j-series-9.5, mx-11.4, srx-12.1, srx-branch-12.1, vsrx-12.1, vsrx-15.1

References:

  • url: https://helpx.adobe.com/security/products/acrobat/apsb20-13.html
  • cve: CVE-2020-3805

Affected Products:

  • Adobe acrobat_reader_dc 17.012.20093
  • Adobe acrobat_reader_dc 15.016.20041
  • Adobe acrobat_reader_dc 15.006.30504
  • Adobe acrobat_reader_dc 15.006.30434
  • Adobe acrobat_dc 15.016.20041
  • Adobe acrobat_reader_dc 15.006.30416
  • Adobe acrobat_reader_dc 17.000.0000
  • Adobe acrobat_reader_dc 17.011.30078
  • Adobe acrobat_reader_dc 17.011.30102
  • Adobe acrobat_reader_dc 19.008.20074
  • Adobe acrobat_reader_dc 15.006.30173
  • Adobe acrobat_dc 17.011.30106
  • Adobe acrobat_dc 15.010.20059
  • Adobe acrobat_reader_dc 15.016.20045
  • Adobe acrobat_reader_dc 15.017.20050
  • Adobe acrobat_dc 15.006.30413
  • Adobe acrobat_reader_dc 15.006.30418
  • Adobe acrobat_reader_dc 17.011.30059
  • Adobe acrobat_dc 15.006.30198
  • Adobe acrobat_dc 15.006.30498
  • Adobe acrobat_dc 19.008.20074
  • Adobe acrobat_reader_dc 17.011.30106
  • Adobe acrobat_dc 17.011.30110
  • Adobe acrobat_dc 17.011.30102
  • Adobe acrobat_reader_dc 18.011.20038
  • Adobe acrobat_dc 19.008.20081
  • Adobe acrobat_dc 15.006.30417
  • Adobe acrobat_reader_dc 15.010.20059
  • Adobe acrobat_dc 18.011.20058
  • Adobe acrobat_reader_dc 15.006.30094
  • Adobe acrobat_reader_dc 18.009.20050
  • Adobe acrobat_reader_dc 15.006.30448
  • Adobe acrobat_dc 15.017.20050
  • Adobe acrobat_dc 17.009.20058
  • Adobe acrobat_reader_dc 15.006.30198
  • Adobe acrobat_dc 15.006.30464
  • Adobe acrobat_reader_dc 15.006.30475
  • Adobe acrobat_dc 17.011.30059
  • Adobe acrobat_reader_dc 15.009.20069
  • Adobe acrobat_reader_dc 15.010.20060
  • Adobe acrobat_dc 18.009.20044
  • Adobe acrobat_dc 15.006.30508
  • Adobe acrobat_dc 19.010.20099
  • Adobe acrobat_dc 15.006.30201
  • Adobe acrobat_reader_dc 15.006.30498
  • Adobe acrobat_dc 18.011.20038
  • Adobe acrobat_dc 15.006.30243
  • Adobe acrobat_dc 17.011.30140
  • Adobe acrobat_dc 19.010.20100
  • Adobe acrobat_reader_dc 15.006.30508
  • Adobe acrobat_reader_dc 17.011.30066
  • Adobe acrobat_dc 18.009.20050
  • Adobe acrobat_reader_dc 15.006.30464
  • Adobe acrobat_reader_dc 15.006.30243
  • Adobe acrobat_dc 15.016.20039
  • Adobe acrobat_reader_dc 17.009.20058
  • Adobe acrobat_reader_dc 19.010.20099
  • Adobe acrobat_reader_dc 19.010.20100
  • Adobe acrobat_reader_dc 19.012.20034
  • Adobe acrobat_dc 15.006.30121
  • Adobe acrobat_reader_dc 15.020.20042
  • Adobe acrobat_reader_dc 17.011.30142
  • Adobe acrobat_dc 19.012.20034
  • Adobe acrobat_reader_dc 17.012.20098
  • Adobe acrobat_reader_dc 17.011.30080
  • Adobe acrobat_reader_dc 15.023.20056
  • Adobe acrobat_dc 19.010.20091
  • Adobe acrobat_reader_dc 17.011.30140
  • Adobe acrobat_dc 15.023.20056
  • Adobe acrobat_dc 15.006.30097
  • Adobe acrobat_reader_dc 17.011.30127
  • Adobe acrobat_reader_dc 15.016.20039
  • Adobe acrobat_dc 17.011.30080
  • Adobe acrobat_reader_dc 15.006.30097
  • Adobe acrobat_reader_dc 15.006.30121
  • Adobe acrobat_reader_dc 18.011.20040
  • Adobe acrobat_dc 17.011.30127
  • Adobe acrobat_dc 17.011.30142
  • Adobe acrobat_dc 17.011.30068
  • Adobe acrobat_dc 15.008.20082
  • Adobe acrobat_reader_dc 19.010.20091
  • Adobe acrobat_reader_dc 17.011.30068
  • Adobe acrobat_dc 15.006.30482
  • Adobe acrobat_dc 15.006.30280
  • Adobe acrobat_reader_dc 15.006.30355
  • Adobe acrobat_dc 15.006.30173
  • Adobe acrobat_reader_dc 15.008.20082
  • Adobe acrobat_dc 17.012.20095
  • Adobe acrobat_reader_dc 17.011.30110
  • Adobe acrobat_dc 17.011.30099
  • Adobe acrobat_reader_dc 17.009.20044
  • Adobe acrobat_reader_dc 17.011.30099
  • Adobe acrobat_reader_dc 15.006.30482
  • Adobe acrobat_dc 17.011.30079
  • Adobe acrobat_dc 19.008.20071
  • Adobe acrobat_dc 15.006.30355
  • Adobe acrobat_dc 15.006.30457
  • Adobe acrobat_dc 15.010.20060
  • Adobe acrobat_reader_dc 15.006.30457
  • Adobe acrobat_reader_dc 19.008.20080
  • Adobe acrobat_reader_dc 15.006.30497
  • Adobe acrobat_dc 19.008.20080
  • Adobe acrobat_reader_dc 18.011.20063
  • Adobe acrobat_dc 15.006.30418
  • Adobe acrobat_dc 15.006.30448
  • Adobe acrobat_dc 17.011.30066
  • Adobe acrobat_reader_dc 19.010.20069
  • Adobe acrobat_reader_dc 15.006.30495
  • Adobe acrobat_dc 15.017.20053
  • Adobe acrobat_dc 17.009.20044
  • Adobe acrobat_reader_dc 17.011.30079
  • Adobe acrobat_dc 19.010.20069
  • Adobe acrobat_dc 15.006.30493
  • Adobe acrobat_dc 15.006.30279
  • Adobe acrobat_dc 17.012.20096
  • Adobe acrobat_reader_dc 15.006.30493
  • Adobe acrobat_reader_dc 15.023.20070
  • Adobe acrobat_reader_dc 15.006.30172
  • Adobe acrobat_dc 17.011.30105
  • Adobe acrobat_reader_dc 15.006.30505
  • Adobe acrobat_reader_dc 19.008.20071
  • Adobe acrobat_dc 15.006.30495
  • Adobe acrobat_dc 15.023.20070
  • Adobe acrobat_dc 15.006.30174
  • Adobe acrobat_dc 17.012.20098
  • Adobe acrobat_dc 18.011.20063
  • Adobe acrobat_reader_dc 15.006.30174
  • Adobe acrobat_dc 15.006.30475
  • Adobe acrobat_reader_dc 17.012.20095
  • Adobe acrobat_dc 15.006.30497
  • Adobe acrobat_dc 15.006.30172
  • Adobe acrobat_dc 17.011.30152
  • Adobe acrobat_reader_dc 15.006.30279
  • Adobe acrobat_reader_dc 17.011.30156
  • Adobe acrobat_reader_dc 15.017.20053
  • Adobe acrobat_dc 15.006.30416
  • Adobe acrobat_dc 17.011.30150
  • Adobe acrobat_reader_dc 17.011.30150
  • Adobe acrobat_dc 17.011.30156
  • Adobe acrobat_reader_dc 17.011.30105
  • Adobe acrobat_reader_dc 17.011.30113
  • Adobe acrobat_dc 18.011.20040
  • Adobe acrobat_reader_dc 17.011.30152
  • Adobe acrobat_reader_dc 15.010.20056
  • Adobe acrobat_dc 19.010.20098
  • Adobe acrobat_reader_dc 15.006.30461
  • Adobe acrobat_reader_dc 15.006.30244
  • Adobe acrobat_dc 18.011.20055
  • Adobe acrobat_reader_dc 15.006.30201
  • Adobe acrobat_reader_dc 17.011.30065
  • Adobe acrobat_reader_dc 15.006.30417
  • Adobe acrobat_dc 17.000.0000
  • Adobe acrobat_dc 17.011.30113
  • Adobe acrobat_dc 15.010.20056
  • Adobe acrobat_dc 15.006.30244
  • Adobe acrobat_dc 15.006.30504
  • Adobe acrobat_dc 17.011.30143
  • Adobe acrobat_dc 15.009.20079
  • Adobe acrobat_reader_dc 19.008.20081
  • Adobe acrobat_dc 15.023.20053
  • Adobe acrobat_dc 15.006.30094
  • Adobe acrobat_reader_dc 19.010.20098
  • Adobe acrobat_reader_dc 18.011.20055
  • Adobe acrobat_dc 17.011.30065
  • Adobe acrobat_dc 15.009.20069
  • Adobe acrobat_dc 15.006.30096
  • Adobe acrobat_dc 19.021.20058
  • Adobe acrobat_reader_dc 17.011.30096
  • Adobe acrobat_dc 17.011.30120
  • Adobe acrobat_reader_dc 15.009.20079
  • Adobe acrobat_dc 17.011.30096
  • Adobe acrobat_reader_dc 19.021.20047
  • Adobe acrobat_dc 15.020.20039
  • Adobe acrobat_dc 15.006.30060
  • Adobe acrobat_dc 17.011.30070
  • Adobe acrobat_reader_dc 15.023.20053
  • Adobe acrobat_reader_dc 15.006.30096
  • Adobe acrobat_dc 19.021.20047
  • Adobe acrobat_reader_dc 15.009.20077
  • Adobe acrobat_reader_dc 17.011.30120
  • Adobe acrobat_reader_dc 15.006.30280
  • Adobe acrobat_dc 15.009.20071
  • Adobe acrobat_reader_dc 18.009.20044
  • Adobe acrobat_reader_dc 15.020.20039
  • Adobe acrobat_dc 19.010.20064
  • Adobe acrobat_reader_dc 15.006.30354
  • Adobe acrobat_dc 15.006.30352
  • Adobe acrobat_reader_dc 19.021.20058
  • Adobe acrobat_reader_dc 15.006.30060
  • Adobe acrobat_dc 15.006.30119
  • Adobe acrobat_dc 15.006.30306
  • Adobe acrobat_reader_dc 19.021.20056
  • Adobe acrobat_reader_dc 17.011.30070
  • Adobe acrobat_reader_dc 15.009.20071
  • Adobe acrobat_dc 17.011.30155
  • Adobe acrobat_reader_dc 15.006.30392
  • Adobe acrobat_reader_dc 15.006.30452
  • Adobe acrobat_dc 17.011.30078
  • Adobe acrobat_dc 15.009.20077
  • Adobe acrobat_reader_dc 19.010.20064
  • Adobe acrobat_dc 15.006.30394
  • Adobe acrobat_dc 15.006.30456
  • Adobe acrobat_reader_dc 15.006.30352
  • Adobe acrobat_reader_dc 15.006.30306
  • Adobe acrobat_reader_dc 15.006.30394
  • Adobe acrobat_reader_dc 17.011.30138
  • Adobe acrobat_dc 15.016.20045
  • Adobe acrobat_dc 15.006.30354
  • Adobe acrobat_dc 15.006.30392
  • Adobe acrobat_dc 15.006.30434
  • Adobe acrobat_dc 19.021.20056
  • Adobe acrobat_reader_dc 15.006.30456
  • Adobe acrobat_dc 17.012.20093
  • Adobe acrobat_dc 15.020.20042
  • Adobe acrobat_reader_dc 15.006.30119
  • Adobe acrobat_dc 15.006.30452
  • Adobe acrobat_dc 17.011.30138

HTTP:STC:SWF:CVE-2018-15978-ID - HTTP: Adobe Flash CVE-2018-15978 Information Disclosure

Severity: MEDIUM

Description:

This signature detects attempts to exploit a known vulnerability against Adobe Flash Player. A successful attack can lead to sensitive information disclosure.

Supported On:

idp-5.1.110161014, idp-4.1.0, mx-16.1, srx-17.3, vmx-17.4, isg-3.5.141818, vsrx-17.4, srx-branch-17.4, srx-17.4, idp-5.1.110170603, vsrx3bsd-18.2, srx-18.2, srx-19.1, vsrx3bsd-19.1, vsrx-19.1, srx-branch-19.1, vsrx-19.2, srx-19.2, srx-branch-19.2, vsrx3bsd-19.2, srx-19.4, vsrx3bsd-19.4, srx-branch-19.4, vsrx-19.4, vmx-19.4, mx-19.4, j-series-9.5, mx-11.4, srx-12.1, srx-branch-12.1, vsrx-12.1, vsrx-15.1

References:

  • bugtraq: 105909
  • cve: CVE-2018-15978

Affected Products:

  • Redhat enterprise_linux_server 6.0
  • Adobe flash_player_desktop_runtime 31.0.0.122
  • Redhat enterprise_linux_workstation 6.0
  • Redhat enterprise_linux_desktop 6.0
  • Adobe flash_player 31.0.0.122

HTTP:MAL-REDIRECT-VUL-106 - HTTP: MAL-REDIRECT Infection-106

Severity: MEDIUM

Description:

This signature detects an attempt to download exploits from malicious exploit kits that may compromise a computer through various vendor vulnerabilities. Exploit kits are very specific type of toolkits which are being used by cybercriminals to deliver other pieces of malware.

Supported On:

srx-17.3, vsrx-17.4, srx-17.4, vsrx3bsd-18.2, srx-18.2, srx-19.1, vsrx3bsd-19.1, vsrx-19.1, vsrx-19.2, srx-19.2, vsrx3bsd-19.2, srx-19.4, vsrx3bsd-19.4, vsrx-19.4, vsrx-15.1, srx-12.1

MISC:OPEN-BGP-RAND-AS-ID-DOS - MISC: Open BGP Random AS ID Denial of Service

Severity: MEDIUM

Description:

This signature detects attempts to exploit a known vulnerability against Open BGP. A successful attack can lead to directory traversal and arbitrary code execution.

Supported On:

idp-5.1.110161014, idp-4.0.0, idp-4.0.110090709, idp-4.0.110090831, idp-4.1.0, mx-16.1, idp-4.2.0, srx-17.3, vmx-17.4, idp-5.0.0, vsrx-17.4, srx-branch-17.4, srx-17.4, idp-5.1.110170603, vsrx3bsd-18.2, isg-3.5.0, srx-19.1, vsrx3bsd-19.1, vsrx-19.1, j-series-9.5, vsrx-19.2, srx-19.2, srx-branch-19.2, idp-4.2.110100823, srx-19.4, vsrx3bsd-19.4, srx-branch-19.4, vsrx-19.4, vmx-19.4, mx-19.4, idp-4.2.110101203, idp-5.1.0, srx-branch-19.1, idp-4.1.110110609, idp-4.1.110110719, mx-11.4, vsrx3bsd-19.2, isg-3.5.141818, srx-18.2, isg-3.4.139899, idp-5.0.110121210, srx-12.1, srx-branch-12.1, isg-3.4.140032, idp-5.0.110130325, vsrx-12.1, vsrx-15.1

HTTP:STC:DL:NITROPRO-JS-API-RCE - HTTP: Nitro Pro PDF Reader Javascript API Remote Code Execution

Severity: MEDIUM

Description:

This signature detects attempts to exploit a known vulnerability against Nitro Pro. A successful attack can lead to arbitrary code execution.

Supported On:

idp-5.1.110161014, idp-4.1.0, mx-16.1, srx-17.3, vmx-17.4, isg-3.5.141818, vsrx-17.4, srx-branch-17.4, srx-17.4, idp-5.1.110170603, vsrx3bsd-18.2, srx-18.2, srx-19.1, vsrx3bsd-19.1, vsrx-19.1, srx-branch-19.1, vsrx-19.2, srx-19.2, srx-branch-19.2, vsrx3bsd-19.2, srx-19.4, vsrx3bsd-19.4, srx-branch-19.4, vsrx-19.4, vmx-19.4, mx-19.4, j-series-9.5, mx-11.4, srx-12.1, srx-branch-12.1, vsrx-12.1, vsrx-15.1

References:

  • url: http://srcincite.io/advisories/src-2017-0005/
  • url: https://blogs.securiteam.com/index.php/archives/3251
  • cve: CVE-2017-7442

Affected Products:

  • Nitro nitro_pro 11.0.3.173

HTTP:STC:ADOBE:XPS-MUL-ID - HTTP: Adobe XPS Multiple Information Disclosure

Severity: MEDIUM

Description:

This signature detects attempts to exploit a known vulnerability against Adobe XPS. A successful attack can lead to Information Disclosure.

Supported On:

idp-5.1.110161014, idp-4.0.0, idp-4.0.110090709, idp-4.0.110090831, idp-4.1.0, mx-16.1, idp-4.2.0, srx-17.3, vmx-17.4, isg-3.5.141818, vsrx-17.4, srx-branch-17.4, isg-3.0.0, isg-3.1.134269, isg-3.1.135801, isg-3.4.0, vsrx3bsd-18.2, isg-3.5.0, srx-19.1, vsrx3bsd-19.1, vsrx-19.1, j-series-9.5, vsrx-19.2, srx-19.2, srx-branch-19.2, idp-4.2.110100823, srx-19.4, vsrx3bsd-19.4, srx-branch-19.4, vsrx-19.4, vmx-19.4, mx-19.4, idp-4.2.110101203, idp-5.1.0, srx-branch-19.1, idp-4.1.110110609, idp-4.1.110110719, mx-11.4, vsrx3bsd-19.2, idp-5.0.0, srx-18.2, isg-3.4.139899, idp-5.0.110121210, srx-12.1, srx-branch-12.1, isg-3.4.140032, idp-5.0.110130325, vsrx-12.1, srx-17.4, idp-5.1.110170603, vsrx-15.1

References:

  • bugtraq: 104175
  • cve: CVE-2018-4975
  • cve: CVE-2018-4967
  • url: https://helpx.adobe.com/in/security/products/acrobat/apsb18-09.html

Affected Products:

  • Adobe acrobat_reader_dc 17.012.20093
  • Adobe acrobat_reader_dc 15.016.20041
  • Adobe acrobat_dc 15.006.30280
  • Adobe acrobat_dc 15.016.20041
  • Adobe acrobat_reader_dc 17.000.0000
  • Adobe acrobat_reader_dc 17.011.30078
  • Adobe acrobat_dc 15.017.20050
  • Adobe acrobat_dc 15.010.20059
  • Adobe acrobat_reader_dc 15.016.20045
  • Adobe acrobat_reader_dc 15.017.20050
  • Adobe acrobat_dc 15.006.30413
  • Adobe acrobat_reader_dc 17.011.30059
  • Adobe acrobat_dc 15.006.30198
  • Adobe acrobat_dc 17.012.20095
  • Adobe acrobat_reader_dc 18.011.20038
  • Adobe acrobat_dc 15.006.30417
  • Adobe acrobat_reader_dc 15.010.20059
  • Adobe acrobat_reader_dc 15.006.30094
  • Adobe acrobat_reader_dc 18.009.20050
  • Adobe acrobat_dc 17.009.20058
  • Adobe acrobat_reader_dc 15.006.30198
  • Adobe acrobat_dc 15.020.20042
  • Adobe acrobat_dc 17.011.30059
  • Adobe acrobat_reader_dc 15.009.20069
  • Adobe acrobat_reader_dc 15.010.20060
  • Adobe acrobat_dc 18.011.20038
  • Adobe acrobat_dc 15.006.30243
  • Adobe acrobat_reader_dc 17.011.30066
  • Adobe acrobat_dc 18.009.20050
  • Adobe acrobat_reader_dc 15.006.30243
  • Adobe acrobat_dc 15.016.20039
  • Adobe acrobat_reader_dc 17.009.20058
  • Adobe acrobat_dc 15.006.30121
  • Adobe acrobat_reader_dc 15.020.20042
  • Adobe acrobat_dc 17.011.30066
  • Adobe acrobat_reader_dc 15.006.30201
  • Adobe acrobat_dc 15.006.30201
  • Adobe acrobat_dc 15.006.30097
  • Adobe acrobat_reader_dc 15.006.30173
  • Adobe acrobat_reader_dc 15.016.20039
  • Adobe acrobat_reader_dc 15.006.30097
  • Adobe acrobat_reader_dc 15.006.30121
  • Adobe acrobat_dc 17.011.30068
  • Adobe acrobat_dc 15.008.20082
  • Adobe acrobat_reader_dc 17.011.30068
  • Adobe acrobat_reader_dc 15.006.30355
  • Adobe acrobat_dc 15.006.30173
  • Adobe acrobat_reader_dc 15.008.20082
  • Adobe acrobat_reader_dc 17.009.20044
  • Adobe acrobat_dc 17.011.30079
  • Adobe acrobat_dc 15.006.30355
  • Adobe acrobat_dc 15.010.20060
  • Adobe acrobat_dc 15.017.20053
  • Adobe acrobat_dc 17.009.20044
  • Adobe acrobat_reader_dc 17.011.30079
  • Adobe acrobat_dc 15.006.30279
  • Adobe acrobat_dc 17.012.20096
  • Adobe acrobat_reader_dc 15.023.20070
  • Adobe acrobat_reader_dc 15.006.30172
  • Adobe acrobat_reader_dc 15.006.30416
  • Adobe acrobat_dc 15.023.20070
  • Adobe acrobat_dc 15.006.30174
  • Adobe acrobat_dc 17.012.20098
  • Adobe acrobat_reader_dc 15.006.30174
  • Adobe acrobat_dc 15.006.30172
  • Adobe acrobat_reader_dc 15.006.30279
  • Adobe acrobat_reader_dc 15.017.20053
  • Adobe acrobat_dc 15.006.30416
  • Adobe acrobat_reader_dc 17.012.20098
  • Adobe acrobat_reader_dc 15.010.20056
  • Adobe acrobat_reader_dc 15.006.30244
  • Adobe acrobat_reader_dc 15.023.20056
  • Adobe acrobat_reader_dc 17.011.30065
  • Adobe acrobat_reader_dc 15.006.30417
  • Adobe acrobat_dc 17.000.0000
  • Adobe acrobat_dc 15.010.20056
  • Adobe acrobat_dc 15.006.30244
  • Adobe acrobat_dc 15.009.20079
  • Adobe acrobat_dc 15.023.20053
  • Adobe acrobat_dc 18.009.20044
  • Adobe acrobat_dc 15.006.30094
  • Adobe acrobat_dc 17.011.30065
  • Adobe acrobat_dc 15.009.20069
  • Adobe acrobat_dc 15.006.30096
  • Adobe acrobat_dc 15.023.20056
  • Adobe acrobat_reader_dc 15.009.20079
  • Adobe acrobat_dc 15.020.20039
  • Adobe acrobat_dc 15.006.30060
  • Adobe acrobat_dc 17.011.30070
  • Adobe acrobat_reader_dc 15.023.20053
  • Adobe acrobat_reader_dc 15.006.30096
  • Adobe acrobat_reader_dc 15.009.20077
  • Adobe acrobat_reader_dc 17.012.20095
  • Adobe acrobat_dc 15.009.20071
  • Adobe acrobat_reader_dc 18.009.20044
  • Adobe acrobat_reader_dc 15.020.20039
  • Adobe acrobat_reader_dc 15.006.30354
  • Adobe acrobat_dc 15.006.30352
  • Adobe acrobat_reader_dc 15.006.30060
  • Adobe acrobat_dc 15.006.30119
  • Adobe acrobat_dc 15.006.30306
  • Adobe acrobat_reader_dc 17.011.30070
  • Adobe acrobat_reader_dc 15.009.20071
  • Adobe acrobat_reader_dc 15.006.30392
  • Adobe acrobat_dc 17.011.30078
  • Adobe acrobat_dc 15.009.20077
  • Adobe acrobat_dc 15.006.30394
  • Adobe acrobat_reader_dc 15.006.30352
  • Adobe acrobat_reader_dc 15.006.30306
  • Adobe acrobat_reader_dc 15.006.30394
  • Adobe acrobat_dc 15.016.20045
  • Adobe acrobat_dc 15.006.30354
  • Adobe acrobat_dc 15.006.30392
  • Adobe acrobat_reader_dc 15.006.30280
  • Adobe acrobat_dc 17.012.20093
  • Adobe acrobat_reader_dc 15.006.30119

HTTP:STC:ADOBE:CVE-2018-4973-ID - HTTP: Adobe Acrobat Malformed JPEG CVE-2018-4973 Information Disclosure

Severity: MEDIUM

Description:

This signature detects attempts to exploit a known vulnerability against Adobe Acrobat JPEG. A successful attack can lead to information disclosure.

Supported On:

idp-5.1.110161014, idp-4.0.0, idp-4.0.110090709, idp-4.0.110090831, idp-4.1.0, mx-16.1, idp-4.2.0, srx-17.3, vmx-17.4, isg-3.5.141818, vsrx-17.4, srx-branch-17.4, srx-17.4, isg-3.1.134269, isg-3.1.135801, isg-3.4.0, vsrx3bsd-18.2, isg-3.5.0, srx-19.1, vsrx3bsd-19.1, vsrx-19.1, j-series-9.5, vsrx-19.2, srx-19.2, srx-branch-19.2, idp-4.2.110100823, srx-19.4, vsrx3bsd-19.4, srx-branch-19.4, vsrx-19.4, vmx-19.4, mx-19.4, idp-4.2.110101203, idp-5.1.0, srx-branch-19.1, idp-4.1.110110609, idp-4.1.110110719, mx-11.4, vsrx3bsd-19.2, idp-5.0.0, srx-18.2, isg-3.4.139899, idp-5.0.110121210, srx-12.1, srx-branch-12.1, isg-3.4.140032, idp-5.0.110130325, vsrx-12.1, idp-5.1.110170603, vsrx-15.1

References:

  • cve: CVE-2018-4973
  • url: https://helpx.adobe.com/in/security/products/acrobat/apsb18-09.html

Affected Products:

  • Adobe acrobat_reader_dc 17.012.20093
  • Adobe acrobat_reader_dc 15.016.20041
  • Adobe acrobat_dc 15.006.30280
  • Adobe acrobat_dc 15.016.20041
  • Adobe acrobat_reader_dc 17.000.0000
  • Adobe acrobat_reader_dc 17.011.30078
  • Adobe acrobat_dc 15.017.20050
  • Adobe acrobat_dc 15.010.20059
  • Adobe acrobat_reader_dc 15.016.20045
  • Adobe acrobat_reader_dc 15.017.20050
  • Adobe acrobat_dc 15.006.30413
  • Adobe acrobat_reader_dc 17.011.30059
  • Adobe acrobat_dc 15.006.30198
  • Adobe acrobat_dc 17.012.20095
  • Adobe acrobat_reader_dc 18.011.20038
  • Adobe acrobat_dc 15.006.30417
  • Adobe acrobat_reader_dc 15.010.20059
  • Adobe acrobat_reader_dc 15.006.30094
  • Adobe acrobat_reader_dc 18.009.20050
  • Adobe acrobat_dc 17.009.20058
  • Adobe acrobat_reader_dc 15.006.30198
  • Adobe acrobat_dc 15.020.20042
  • Adobe acrobat_dc 17.011.30059
  • Adobe acrobat_reader_dc 15.009.20069
  • Adobe acrobat_reader_dc 15.010.20060
  • Adobe acrobat_dc 18.011.20038
  • Adobe acrobat_dc 15.006.30243
  • Adobe acrobat_reader_dc 17.011.30066
  • Adobe acrobat_dc 18.009.20050
  • Adobe acrobat_reader_dc 15.006.30243
  • Adobe acrobat_dc 15.016.20039
  • Adobe acrobat_reader_dc 17.009.20058
  • Adobe acrobat_dc 15.006.30121
  • Adobe acrobat_reader_dc 15.020.20042
  • Adobe acrobat_dc 17.011.30066
  • Adobe acrobat_reader_dc 15.006.30201
  • Adobe acrobat_dc 15.006.30201
  • Adobe acrobat_dc 15.006.30097
  • Adobe acrobat_reader_dc 15.006.30173
  • Adobe acrobat_reader_dc 15.016.20039
  • Adobe acrobat_reader_dc 15.006.30097
  • Adobe acrobat_reader_dc 15.006.30121
  • Adobe acrobat_dc 17.011.30068
  • Adobe acrobat_dc 15.008.20082
  • Adobe acrobat_reader_dc 17.011.30068
  • Adobe acrobat_reader_dc 15.006.30355
  • Adobe acrobat_dc 15.006.30173
  • Adobe acrobat_reader_dc 15.008.20082
  • Adobe acrobat_reader_dc 17.009.20044
  • Adobe acrobat_dc 17.011.30079
  • Adobe acrobat_dc 15.006.30355
  • Adobe acrobat_dc 15.010.20060
  • Adobe acrobat_dc 15.017.20053
  • Adobe acrobat_dc 17.009.20044
  • Adobe acrobat_reader_dc 17.011.30079
  • Adobe acrobat_dc 15.006.30279
  • Adobe acrobat_dc 17.012.20096
  • Adobe acrobat_reader_dc 15.023.20070
  • Adobe acrobat_reader_dc 15.006.30172
  • Adobe acrobat_reader_dc 15.006.30416
  • Adobe acrobat_dc 15.023.20070
  • Adobe acrobat_dc 15.006.30174
  • Adobe acrobat_dc 17.012.20098
  • Adobe acrobat_reader_dc 15.006.30174
  • Adobe acrobat_dc 15.006.30172
  • Adobe acrobat_reader_dc 15.006.30279
  • Adobe acrobat_reader_dc 15.017.20053
  • Adobe acrobat_dc 15.006.30416
  • Adobe acrobat_reader_dc 17.012.20098
  • Adobe acrobat_reader_dc 15.010.20056
  • Adobe acrobat_reader_dc 15.006.30244
  • Adobe acrobat_reader_dc 15.023.20056
  • Adobe acrobat_reader_dc 17.011.30065
  • Adobe acrobat_reader_dc 15.006.30417
  • Adobe acrobat_dc 17.000.0000
  • Adobe acrobat_dc 15.010.20056
  • Adobe acrobat_dc 15.006.30244
  • Adobe acrobat_dc 15.009.20079
  • Adobe acrobat_dc 15.023.20053
  • Adobe acrobat_dc 18.009.20044
  • Adobe acrobat_dc 15.006.30094
  • Adobe acrobat_dc 17.011.30065
  • Adobe acrobat_dc 15.009.20069
  • Adobe acrobat_dc 15.006.30096
  • Adobe acrobat_dc 15.023.20056
  • Adobe acrobat_reader_dc 15.009.20079
  • Adobe acrobat_dc 15.020.20039
  • Adobe acrobat_dc 15.006.30060
  • Adobe acrobat_dc 17.011.30070
  • Adobe acrobat_reader_dc 15.023.20053
  • Adobe acrobat_reader_dc 15.006.30096
  • Adobe acrobat_reader_dc 15.009.20077
  • Adobe acrobat_reader_dc 17.012.20095
  • Adobe acrobat_dc 15.009.20071
  • Adobe acrobat_reader_dc 18.009.20044
  • Adobe acrobat_reader_dc 15.020.20039
  • Adobe acrobat_reader_dc 15.006.30354
  • Adobe acrobat_dc 15.006.30352
  • Adobe acrobat_reader_dc 15.006.30060
  • Adobe acrobat_dc 15.006.30119
  • Adobe acrobat_dc 15.006.30306
  • Adobe acrobat_reader_dc 17.011.30070
  • Adobe acrobat_reader_dc 15.009.20071
  • Adobe acrobat_reader_dc 15.006.30392
  • Adobe acrobat_dc 17.011.30078
  • Adobe acrobat_dc 15.009.20077
  • Adobe acrobat_dc 15.006.30394
  • Adobe acrobat_reader_dc 15.006.30352
  • Adobe acrobat_reader_dc 15.006.30306
  • Adobe acrobat_reader_dc 15.006.30394
  • Adobe acrobat_dc 15.016.20045
  • Adobe acrobat_dc 15.006.30354
  • Adobe acrobat_dc 15.006.30392
  • Adobe acrobat_reader_dc 15.006.30280
  • Adobe acrobat_dc 17.012.20093
  • Adobe acrobat_reader_dc 15.006.30119

HTTP:CTS:CNTREON-SRVRCONCONF-CI - HTTP: Centreon ServerConnectionConfigurationService.php Command Injection

Severity: CRITICAL

Description:

This signature detects attempts to exploit a known vulnerability against Centreon Web Application. A successful attack can lead to command injection and arbitrary code execution.

Supported On:

idp-5.1.110161014, idp-4.0.0, idp-4.0.110090709, idp-4.0.110090831, idp-4.1.0, mx-16.1, idp-4.2.0, srx-17.3, vmx-17.4, isg-3.5.141818, vsrx-17.4, srx-branch-17.4, isg-3.0.0, isg-3.1.134269, isg-3.1.135801, isg-3.4.0, vsrx3bsd-18.2, isg-3.5.0, srx-19.1, vsrx3bsd-19.1, vsrx-19.1, j-series-9.5, vsrx-19.2, srx-19.2, srx-branch-19.2, idp-4.2.110100823, srx-19.4, vsrx3bsd-19.4, srx-branch-19.4, vsrx-19.4, vmx-19.4, mx-19.4, idp-4.2.110101203, idp-5.1.0, srx-branch-19.1, idp-4.1.110110609, idp-4.1.110110719, mx-11.4, vsrx3bsd-19.2, idp-5.0.0, srx-18.2, isg-3.4.139899, idp-5.0.110121210, srx-12.1, srx-branch-12.1, isg-3.4.140032, idp-5.0.110130325, vsrx-12.1, srx-17.4, idp-5.1.110170603, vsrx-15.1

References:

  • cve: CVE-2020-9463

Affected Products:

  • Centreon centreon 19.10

HTTP:STC:ADOBE:CVE-2018-4981-CE - HTTP: Adobe Flash Player EMF File CVE-2018-4981 Remote Code Execution

Severity: MEDIUM

Description:

This signature detects attempts to exploit a known vulnerability against Adobe Flash Player EMF File. A successful attack can lead to arbitrary code execution.

Supported On:

idp-5.1.110161014, idp-4.0.0, idp-4.0.110090709, idp-4.0.110090831, idp-4.1.0, mx-16.1, idp-4.2.0, srx-17.3, vmx-17.4, idp-5.0.0, vsrx-17.4, srx-branch-17.4, srx-17.4, isg-3.1.134269, isg-3.1.135801, isg-3.4.0, vsrx3bsd-18.2, isg-3.5.0, srx-19.1, vsrx3bsd-19.1, vsrx-19.1, j-series-9.5, vsrx-19.2, srx-19.2, srx-branch-19.2, idp-4.2.110100823, srx-19.4, vsrx3bsd-19.4, srx-branch-19.4, vsrx-19.4, vmx-19.4, mx-19.4, idp-4.2.110101203, idp-5.1.0, srx-branch-19.1, idp-4.1.110110609, idp-4.1.110110719, mx-11.4, vsrx3bsd-19.2, isg-3.5.141818, srx-18.2, isg-3.4.139899, idp-5.0.110121210, srx-12.1, srx-branch-12.1, isg-3.4.140032, idp-5.0.110130325, vsrx-12.1, isg-3.0.0, idp-5.1.110170603, vsrx-15.1

References:

  • url: https://helpx.adobe.com/in/security/products/acrobat/apsb18-09.html
  • cve: CVE-2018-4981

Affected Products:

  • Adobe acrobat_dc 17.011.30079
  • Adobe acrobat_reader_dc 17.011.30079
  • Adobe acrobat_reader_dc 15.006.30417
  • Adobe acrobat_reader_dc 18.011.20038
  • Adobe acrobat_dc 15.006.30417
  • Adobe acrobat_dc 18.011.20038

HTTP:SUSP-HDR-REDRCT-VUL-107 - HTTP: SUSP-HDR-REDRCT Infection-107

Severity: MEDIUM

Description:

This signature detects an attempt to download exploits from malicious exploit kits that may compromise a computer through various vendor vulnerabilities. Exploit kits are very specific type of toolkits which are being used by cybercriminals to deliver other pieces of malware.

Supported On:

srx-17.3, vsrx-17.4, srx-17.4, vsrx3bsd-18.2, srx-18.2, srx-19.1, vsrx3bsd-19.1, vsrx-19.1, vsrx-19.2, srx-19.2, vsrx3bsd-19.2, srx-19.4, vsrx3bsd-19.4, vsrx-19.4, vsrx-15.1, srx-12.1

CHAT:ICQ:ISS-BLACKICE-OF - ICQ: ISS BlackIce ICQ Decoder META_USER Buffer Overflow

Severity: CRITICAL

Description:

This signature detects attempts to exploit a known vulnerability in the ICQ decoder on ISS BlackIce network devices. Attackers can remotely execute arbitrary code.

Supported On:

idp-5.1.110161014, idp-4.0.0, idp-4.0.110090709, idp-4.0.110090831, idp-4.1.0, mx-16.1, idp-4.2.0, srx-17.3, vmx-17.4, isg-3.5.141818, vsrx-17.4, srx-branch-17.4, isg-3.0.0, isg-3.1.134269, isg-3.1.135801, isg-3.4.0, vsrx3bsd-18.2, isg-3.5.0, srx-19.1, vsrx3bsd-19.1, vsrx-19.1, j-series-9.5, vsrx-19.2, srx-19.2, srx-branch-19.2, idp-4.2.110100823, srx-19.4, vsrx3bsd-19.4, srx-branch-19.4, vsrx-19.4, vmx-19.4, mx-19.4, idp-4.2.110101203, idp-5.1.0, srx-branch-19.1, idp-4.1.110110609, idp-4.1.110110719, mx-11.4, vsrx3bsd-19.2, idp-5.0.0, srx-18.2, isg-3.4.139899, idp-5.0.110121210, srx-12.1, srx-branch-12.1, isg-3.4.140032, idp-5.0.110130325, vsrx-12.1, srx-17.4, idp-5.1.110170603, vsrx-15.1

References:

  • url: http://www.kb.cert.org/vuls/id/947254
  • bugtraq: 9913
  • cve: CVE-2004-0362

Affected Products:

  • Ibm realsecure_server_sensor 6.0.1 Win SR1.1
  • Ibm realsecure_server_sensor 6.5.0 Win SR3.1
  • Ibm realsecure_sentry 3.6.0 ecb
  • Ibm realsecure_server_sensor 5.0.0 Win
  • Ibm realsecure_server_sensor 5.5.0 Win
  • Ibm realsecure_server_sensor 5.5.2 Win
  • Ibm realsecure_server_sensor 6.0.0 Win
  • Ibm realsecure_server_sensor 6.0.1 Win
  • Ibm realsecure_server_sensor 5.5.1 Win
  • Ibm blackice_agent_for_server 3.6.0 eca
  • Ibm blackice_server_protection 3.6.0 cbz
  • Ibm realsecure_desktop 3.6.0 eca
  • Ibm realsecure_desktop 7.0.0 ebg
  • Ibm blackice_agent_for_server 3.6.0 ecb
  • Ibm realsecure_desktop 7.0.0 ebh
  • Ibm realsecure_desktop 3.6.0 ecb
  • Ibm blackice_server_protection 3.6.0 ccb
  • Ibm blackice_pc_protection 3.6.0 ccb
  • Ibm realsecure_network_sensor 7.0.0 XPU 20.11
  • Ibm proventia_g_series XPU 22.4
  • Ibm realsecure_server_sensor 7.0.0 XPU 22.9
  • Ibm realsecure_desktop 7.0.0 eba
  • Ibm proventia_a_series XPU 22.9
  • Ibm realsecure_server_sensor 7.0.0 XPU 22.11
  • Ibm proventia_a_series XPU 20.11
  • Ibm proventia_g_series XPU 22.11
  • Ibm realsecure_server_sensor 7.0.0 XPU 22.8
  • Ibm realsecure_server_sensor 7.0.0 XPU 22.7
  • Ibm realsecure_server_sensor 7.0.0 XPU 22.6
  • Ibm realsecure_server_sensor 7.0.0 XPU 22.5
  • Ibm proventia_a_series XPU 22.8
  • Ibm realsecure_server_sensor 7.0.0 XPU 22.4
  • Ibm realsecure_server_sensor 7.0.0 XPU 22.3
  • Ibm realsecure_server_sensor 7.0.0 XPU 22.2
  • Ibm realsecure_server_sensor 7.0.0 XPU 22.1
  • Ibm proventia_a_series XPU 22.7
  • Ibm proventia_a_series XPU 22.6
  • Ibm proventia_a_series XPU 22.5
  • Ibm proventia_a_series XPU 22.4
  • Ibm proventia_a_series XPU 22.3
  • Ibm proventia_a_series XPU 22.2
  • Ibm proventia_a_series XPU 22.1
  • Ibm proventia_g_series XPU 22.8
  • Ibm proventia_g_series XPU 22.7
  • Ibm proventia_g_series XPU 22.6
  • Ibm proventia_g_series XPU 22.5
  • Ibm realsecure_desktop 3.6.0 ece
  • Ibm proventia_g_series XPU 22.2
  • Ibm proventia_g_series XPU 22.1
  • Ibm proventia_m_series XPU 1.6
  • Ibm proventia_m_series XPU 1.5
  • Ibm proventia_m_series XPU 1.4
  • Ibm realsecure_network_sensor 7.0.0 XPU 22.9
  • Ibm proventia_m_series XPU 1.1
  • Ibm proventia_m_series XPU 1.9
  • Ibm realsecure_desktop 7.0.0 ebk
  • Ibm realsecure_desktop 7.0.0 ebl
  • Ibm realsecure_guard 3.6.0 ecb
  • Ibm realsecure_desktop 3.6.0 ecf
  • Ibm realsecure_guard 3.6.0 eca
  • Ibm realsecure_guard 3.6.0 ecc
  • Ibm proventia_g_series XPU 22.3
  • Ibm realsecure_guard 3.6.0 ecf
  • Ibm proventia_m_series XPU 1.3
  • Ibm proventia_m_series XPU 1.7
  • Ibm realsecure_sentry 3.6.0 ecc
  • Ibm realsecure_sentry 3.6.0 ece
  • Ibm realsecure_desktop 7.0.0 ebj
  • Ibm realsecure_desktop 3.6.0 ecd
  • Ibm realsecure_guard 3.6.0 ecd
  • Ibm realsecure_sentry 3.6.0 ecd
  • Ibm realsecure_sentry 3.6.0 eca
  • Ibm blackice_server_protection 3.6.0 ccd
  • Ibm proventia_a_series XPU 22.10
  • Ibm proventia_g_series XPU 22.10
  • Ibm proventia_m_series XPU 1.8
  • Ibm realsecure_server_sensor 6.5.0 Win SR3.9
  • Ibm realsecure_network_sensor 7.0.0 XPU 22.10
  • Ibm realsecure_server_sensor 6.5.0 Win SR3.8
  • Ibm realsecure_server_sensor 6.5.0 Win SR3.7
  • Ibm realsecure_server_sensor 6.5.0 Win SR3.6
  • Ibm realsecure_server_sensor 6.5.0 Win SR3.5
  • Ibm realsecure_server_sensor 7.0.0 XPU 22.10
  • Ibm realsecure_server_sensor 6.5.0 Win SR3.2
  • Ibm blackice_pc_protection 3.6.0 cca
  • Ibm blackice_pc_protection 3.6.0 ccc
  • Ibm blackice_pc_protection 3.6.0 ccf
  • Ibm blackice_pc_protection 3.6.0 cce
  • Ibm realsecure_sentry 3.6.0 ecf
  • Ibm blackice_server_protection 3.6.0 cca
  • Ibm blackice_server_protection 3.6.0 ccc
  • Ibm blackice_server_protection 3.6.0 cce
  • Ibm blackice_server_protection 3.6.0 ccf
  • Ibm blackice_agent_for_server 3.6.0 ecc
  • Ibm blackice_agent_for_server 3.6.0 ecd
  • Ibm blackice_pc_protection 3.6.0 ccd
  • Ibm blackice_agent_for_server 3.6.0 ecf
  • Ibm realsecure_server_sensor 6.5.0 Win SR3.10
  • Ibm blackice_agent_for_server 3.6.0 ebz
  • Ibm realsecure_network_sensor 7.0.0 XPU 22.4
  • Ibm realsecure_desktop 7.0.0 ebf
  • Ibm realsecure_desktop 3.6.0 ebz
  • Ibm realsecure_guard 3.6.0 ebz
  • Ibm realsecure_sentry 3.6.0 ebz
  • Ibm realsecure_server_sensor 6.5.0 Win SR3.4
  • Ibm realsecure_network_sensor 7.0.0
  • Ibm realsecure_server_sensor 6.5.0 Win SR3.3
  • Ibm proventia_m_series XPU 1.2
  • Ibm realsecure_guard 3.6.0 ece
  • Ibm blackice_pc_protection 3.6.0 .cbz
  • Ibm blackice_agent_for_server 3.6.0 ece
  • Ibm blackice_agent 3.1.0
  • Ibm realsecure_server_sensor 6.5.0 Win
  • Ibm proventia_g_series XPU 22.9

HTTP:STC:SWF:MUL-RCE - HTTP: Adobe Flash Player Multiple Remote Code Execution

Severity: HIGH

Description:

This signature detects attempts to exploit a known vulnerability against Adobe Flash Player. A successful attack can lead to arbitrary code execution.

Supported On:

idp-5.1.110161014, idp-4.1.0, mx-16.1, srx-17.3, vmx-17.4, isg-3.5.141818, vsrx-17.4, srx-branch-17.4, srx-17.4, idp-5.1.110170603, vsrx3bsd-18.2, srx-18.2, srx-19.1, vsrx3bsd-19.1, vsrx-19.1, srx-branch-19.1, vsrx-19.2, srx-19.2, srx-branch-19.2, vsrx3bsd-19.2, srx-19.4, vsrx3bsd-19.4, srx-branch-19.4, vsrx-19.4, vmx-19.4, mx-19.4, j-series-9.5, mx-11.4, srx-12.1, srx-branch-12.1, vsrx-12.1, vsrx-15.1

References:

  • url: https://helpx.adobe.com/security/products/flash-player/apsb18-01.html
  • url: https://helpx.adobe.com/security/products/flash-player/apsb18-03.html
  • url: https://helpx.adobe.com/security/products/flash-player/apsb18-08.html
  • url: https://helpx.adobe.com/security/products/flash-player/apsb18-16.html
  • cve: CVE-2018-4944
  • cve: CVE-2018-4934
  • cve: CVE-2018-4933
  • cve: CVE-2018-4932
  • cve: CVE-2018-4877
  • cve: CVE-2018-4871

Affected Products:

  • Redhat enterprise_linux_server 6.0
  • Redhat enterprise_linux_desktop 6.0
  • Adobe flash_player 29.0.0.140
  • Redhat enterprise_linux_workstation 6.0

HTTP:STC:FASTERXML-JACKSON-CE - HTTP: FasterXML Jackson Databind Remote Code Execution

Severity: HIGH

Description:

This signature detects attempts to exploit a known vulnerability against FasterXML Jackson. A successful attack can lead to arbitrary code execution.

Supported On:

idp-5.1.110161014, idp-4.0.0, idp-4.0.110090709, idp-4.0.110090831, idp-4.1.0, mx-16.1, idp-4.2.0, srx-17.3, vmx-17.4, idp-5.0.0, vsrx-17.4, srx-branch-17.4, srx-17.4, isg-3.1.134269, isg-3.1.135801, isg-3.4.0, vsrx3bsd-18.2, isg-3.5.0, srx-19.1, vsrx3bsd-19.1, vsrx-19.1, j-series-9.5, vsrx-19.2, srx-19.2, srx-branch-19.2, idp-4.2.110100823, srx-19.4, vsrx3bsd-19.4, srx-branch-19.4, vsrx-19.4, vmx-19.4, mx-19.4, idp-4.2.110101203, idp-5.1.0, srx-branch-19.1, idp-4.1.110110609, idp-4.1.110110719, mx-11.4, vsrx3bsd-19.2, isg-3.5.141818, srx-18.2, isg-3.4.139899, idp-5.0.110121210, srx-12.1, srx-branch-12.1, isg-3.4.140032, idp-5.0.110130325, vsrx-12.1, isg-3.0.0, idp-5.1.110170603, vsrx-15.1

References:

  • cve: CVE-2017-17485

Affected Products:

  • Fasterxml jackson-databind 2.9.1
  • Fasterxml jackson-databind 2.8.3
  • Redhat jboss_enterprise_application_platform 7.1.0
  • Fasterxml jackson 1.0.0
  • Fasterxml jackson-databind 2.8.2
  • Fasterxml jackson 1.7
  • Fasterxml jackson 1.1.2
  • Redhat jboss_enterprise_application_platform 6.4.19
  • Fasterxml jackson-databind 2.8.1
  • Fasterxml jackson 1.6
  • Redhat jboss_bpm_suite 6.4.11
  • Fasterxml jackson 1.1.0
  • Redhat jboss_operations_network 3.3.10
  • Fasterxml jackson-databind 2.8.6
  • Fasterxml jackson 1.2.0
  • Redhat jboss_brms 6.4.10
  • Redhat jboss_enterprise_application_platform 6.0.0
  • Fasterxml jackson-databind 2.8.10
  • Fasterxml jackson-databind 2.8.4
  • Redhat jboss_enterprise_application_platform 6.4.0
  • Fasterxml jackson 1.4.6
  • Fasterxml jackson-databind 2.8.5
  • Fasterxml jackson-databind 2.8.0
  • Fasterxml jackson-databind 2.8.7
  • Fasterxml jackson 1.9
  • Fasterxml jackson 1.8
  • Fasterxml jackson-databind 2.8.8.1
  • Fasterxml jackson-databind 2.8.9
  • Fasterxml jackson 1.5
  • Fasterxml jackson-databind 2.8.8
  • Debian debian_linux 9.0
  • Fasterxml jackson 1.4.0
  • Fasterxml jackson-databind 2.9.2
  • Debian debian_linux 8.0
  • Fasterxml jackson-databind 2.9.3
  • Fasterxml jackson 1.3
Site Map
RSS Feeds
Careers
Accessibility
Feedback
Privacy Policy
Legal Notices
Copyright © 1999-2010 Juniper Networks, Inc. All rights reserved.
Help
|
My Account
|
Log Out