Juniper Networks
Solutions
Products & Services
Company
Partners
Support
Education

Update Details

Security Intelligence Center
Print

Update #3378 (04/29/2021)

2 new signatures:

CRITICALHTTP:APACHE:TAPESTRY-CARH-IDHTTP: Apache Tapestry ClasspathAssetRequestHandler Information Disclosure
HIGHHTTP:CTS:VMWARE-VRLZ-OM-API-DIRHTTP: VMware vRealize Operations Manager API Certificate Upload Directory Traversal

4 updated signatures:

HIGHHTTP:STC:CVE-2016-0161-RCEHTTP: Microsoft Edge CVE-2016-0161 Remote Code Execution
HIGHHTTP:STC:JAVA:DOCBASE-BOFHTTP: Oracle Java IE Browser Plugin docbase Parameter Stack Buffer Overflow
HIGHHTTP:STC:ADOBE:CVE-2018-4879-CEHTTP: Adobe Reader CVE-2018-4879 Arbitrary Code Execution
CRITICALHTTP:CTS:VMWARE-VCENTER-RCEHTTP: VMware vCenter Server Plugin Unauthorized Remote Code Execution


Details of the signatures included within this bulletin:

HTTP:APACHE:TAPESTRY-CARH-ID - HTTP: Apache Tapestry ClasspathAssetRequestHandler Information Disclosure

Severity: CRITICAL

Description:

This signature detects attempts to exploit a known vulnerability against Apache Tapestry. A successful attack can lead to sensitive information disclosure.

Supported On:

idp-5.1.110161014, idp-4.0.0, idp-4.0.110090709, idp-4.0.110090831, idp-4.1.0, mx-16.1, idp-4.2.0, srx-17.3, vmx-17.4, isg-3.5.141818, vsrx-17.4, srx-branch-17.4, isg-3.0.0, isg-3.1.134269, isg-3.1.135801, isg-3.4.0, vsrx3bsd-18.2, isg-3.5.0, srx-19.1, vsrx3bsd-19.1, vsrx-19.1, j-series-9.5, vsrx-19.2, srx-19.2, srx-branch-19.2, idp-4.2.110100823, srx-19.4, vsrx3bsd-19.4, srx-branch-19.4, vsrx-19.4, vmx-19.4, mx-19.4, idp-4.2.110101203, idp-5.1.0, srx-branch-19.1, idp-4.1.110110609, idp-4.1.110110719, mx-11.4, vsrx3bsd-19.2, idp-5.0.0, srx-18.2, isg-3.4.139899, idp-5.0.110121210, srx-12.1, srx-branch-12.1, isg-3.4.140032, idp-5.0.110130325, vsrx-12.1, srx-17.4, idp-5.1.110170603, vsrx-15.1

References:

  • url: https://tapestry.apache.org/release-notes-571.html
  • cve: CVE-2021-27850

Affected Products:

  • Apache tapestry 5.4.0
  • Apache tapestry 5.7.0

HTTP:CTS:VMWARE-VRLZ-OM-API-DIR - HTTP: VMware vRealize Operations Manager API Certificate Upload Directory Traversal

Severity: HIGH

Description:

This signature detects attempts to exploit a known vulnerability against VMware vRealize Operations Manager API. A successful attack can lead to directory traversal and arbitrary code execution.

Supported On:

idp-5.1.110161014, idp-4.0.0, idp-4.0.110090709, idp-4.0.110090831, idp-4.1.0, mx-16.1, idp-4.2.0, srx-17.3, vmx-17.4, isg-3.5.141818, vsrx-17.4, srx-branch-17.4, isg-3.0.0, isg-3.1.134269, isg-3.1.135801, isg-3.4.0, vsrx3bsd-18.2, isg-3.5.0, srx-19.1, vsrx3bsd-19.1, vsrx-19.1, j-series-9.5, vsrx-19.2, srx-19.2, srx-branch-19.2, idp-4.2.110100823, srx-19.4, vsrx3bsd-19.4, srx-branch-19.4, vsrx-19.4, vmx-19.4, mx-19.4, idp-4.2.110101203, idp-5.1.0, srx-branch-19.1, idp-4.1.110110609, idp-4.1.110110719, mx-11.4, vsrx3bsd-19.2, idp-5.0.0, srx-18.2, isg-3.4.139899, idp-5.0.110121210, srx-12.1, srx-branch-12.1, isg-3.4.140032, idp-5.0.110130325, vsrx-12.1, srx-17.4, idp-5.1.110170603, vsrx-15.1

References:

  • url: https://www.vmware.com/security/advisories/VMSA-2021-0004.html
  • cve: CVE-2021-21983

Affected Products:

  • Vmware vrealize_suite_lifecycle_manager 8.1
  • Vmare vrealize_operations_manager 8.1.0
  • Vmware cloud_foundation 3.5
  • Vmware cloud_foundation 3.7.1
  • Vmware cloud_foundation 3.0.1.1
  • Vmare vrealize_operations_manager 7.5.0
  • Vmware cloud_foundation 3.8.1
  • Vmare vrealize_operations_manager 8.0.1
  • Vmware cloud_foundation 3.5.1
  • Vmware cloud_foundation 3.10
  • Vmare vrealize_operations_manager 7.0.0
  • Vmware vrealize_suite_lifecycle_manager 8.0.1
  • Vmware vrealize_suite_lifecycle_manager 8.0
  • Vmare vrealize_operations_manager 8.1.1
  • Vmware cloud_foundation 3.8
  • Vmware cloud_foundation 3.7.2
  • Vmware cloud_foundation 3.0
  • Vmware vrealize_suite_lifecycle_manager 8.2
  • Vmware cloud_foundation 4.0.1
  • Vmware cloud_foundation 3.0.1
  • Vmware cloud_foundation 3.9.1
  • Vmware cloud_foundation 3.7
  • Vmare vrealize_operations_manager 8.2.0
  • Vmware cloud_foundation 4.0
  • Vmware cloud_foundation 3.9
  • Vmare vrealize_operations_manager 8.3.0
  • Vmare vrealize_operations_manager 8.0.0

HTTP:STC:JAVA:DOCBASE-BOF - HTTP: Oracle Java IE Browser Plugin docbase Parameter Stack Buffer Overflow

Severity: HIGH

Description:

This signature detects attempts to exploit a known code execution vulnerability in Oracle Java. It is contained in the Java plugin handler for Internet Explorer, JP2IEXP.dll. While parsing the parameter docbase, the value is copied into a fixed length buffer on the stack without validation. This can lead to a stack buffer overflow. An attacker can exploit this by enticing a user to visit a specially crafted Web site. This can lead to arbitrary code execution in the context of the affected application

Supported On:

idp-5.1.110161014, idp-4.0.110090709, idp-4.0.110090831, idp-4.1.0, mx-16.1, idp-4.2.0, srx-17.3, vmx-17.4, isg-3.5.141818, vsrx-17.4, srx-branch-17.4, srx-17.4, isg-3.1.134269, isg-3.1.135801, isg-3.4.0, vsrx3bsd-18.2, isg-3.5.0, srx-19.1, vsrx3bsd-19.1, vsrx-19.1, srx-branch-19.1, vsrx-19.2, srx-19.2, srx-branch-19.2, vsrx3bsd-19.2, srx-19.4, vsrx3bsd-19.4, srx-branch-19.4, vsrx-19.4, vmx-19.4, mx-19.4, idp-4.2.110101203, idp-5.1.0, j-series-9.5, idp-4.1.110110609, idp-4.1.110110719, mx-11.4, idp-4.2.110100823, idp-5.0.0, srx-18.2, isg-3.4.139899, idp-5.0.110121210, srx-12.1, srx-branch-12.1, isg-3.4.140032, idp-5.0.110130325, vsrx-12.1, idp-5.1.110170603, vsrx-15.1

References:

  • bugtraq: 44023
  • cve: CVE-2010-3552

Affected Products:

  • Red_hat enterprise_linux_supplementary 5 Server
  • Sun jdk_(solaris_production_release) 1.6.0 10
  • Sun jdk_(windows_production_release) 1.6.0 10
  • Sun jdk_(solaris_production_release) 1.6.0 04
  • Sun jdk_(windows_production_release) 1.6.0 04
  • Sun jdk_(solaris_production_release) 1.6.0 14
  • Sun jdk_(windows_production_release) 1.6.0 14
  • Sun jdk_(solaris_production_release) 1.6.0 13
  • Sun jdk_(windows_production_release) 1.6.0 13
  • Sun jdk_(solaris_production_release) 1.6.0 11
  • Sun jdk_(windows_production_release) 1.6.0 11
  • Sun jre_(linux_production_release) 1.6.0 13
  • Sun jdk_(solaris_production_release) 1.6.0 05
  • Sun jdk_(windows_production_release) 1.6.0 05
  • Sun jdk_(windows_production_release) 1.6.0 06
  • Sun jdk_(solaris_production_release) 1.6.0 06
  • Sun jdk_(solaris_production_release) 1.6.0 07
  • Sun jdk_(windows_production_release) 1.6.0 07
  • Sun jdk_(solaris_production_release) 1.6.0
  • Sun jdk_(windows_production_release) 1.6.0
  • Sun jre_(solaris_production_release) 1.6.0
  • Sun jre_(windows_production_release) 1.6.0
  • Sun jre_(solaris_production_release) 1.6.0 10
  • Sun jre_(windows_production_release) 1.6.0 10
  • Avaya proactive_contact 3.0.3
  • Sun jre_(solaris_production_release) 1.6.0 12
  • Sun jre_(windows_production_release) 1.6.0 12
  • Sun jre_(solaris_production_release) 1.6.0 13
  • Sun jre_(windows_production_release) 1.6.0 13
  • Sun jre_(solaris_production_release) 1.6.0 04
  • Sun jre_(windows_production_release) 1.6.0 04
  • Sun jre_(solaris_production_release) 1.6.0 05
  • Sun jre_(windows_production_release) 1.6.0 05
  • Sun jre_(solaris_production_release) 1.6.0 06
  • Sun jre_(windows_production_release) 1.6.0 06
  • Sun jre_(solaris_production_release) 1.6.0 07
  • Sun jre_(windows_production_release) 1.6.0 07
  • Vmware esx 4.1 Update 1
  • Avaya aura_conferencing 6.0 Standard
  • Sun jdk_(windows_production_release) 1.6.0 18
  • Sun jdk_(solaris_production_release) 1.6.0 18
  • Sun jdk_(linux_production_release) 1.6.0 18
  • Sun jre_(linux_production_release) 1.6.0 18
  • Sun jre_(windows_production_release) 1.6.0 18
  • Sun jre_(solaris_production_release) 1.6.0 18
  • Sun jdk_(linux_production_release) 1.6.0_21
  • Sun jdk_(solaris_production_release) 1.6.0_21
  • Sun jdk_(windows_production_release) 1.6.0_21
  • Sun jre_(linux_production_release) 1.6.0_21
  • Sun jre_(solaris_production_release) 1.6.0_21
  • Sun jre_(windows_production_release) 1.6.0_21
  • Vmware vcenter 4.1
  • Vmware vcenter 4.1 Update 1
  • Sun jdk_(linux_production_release) 1.6.0 02
  • Sun jdk_(windows_production_release) 1.6.0 02
  • Sun jre_(linux_production_release) 1.6.0 04
  • Sun jre_(linux_production_release) 1.6.0 02
  • Sun jdk_(linux_production_release) 1.6.0 04
  • Sun jdk_(linux_production_release) 1.6.0
  • Sun jre_(windows_production_release) 1.6.0 01
  • Sun jre_(windows_production_release) 1.6.0 02
  • Sun jre_(linux_production_release) 1.6.0 20
  • Sun jre_(windows_production_release) 1.6.0 20
  • Sun jre_(linux_production_release) 1.6.0 19
  • Sun jre_(linux_production_release) 1.6.0 07
  • Sun jdk_(linux_production_release) 1.6.0 07
  • Sun jdk_(solaris_production_release) 1.6.0 19
  • Sun jdk_(windows_production_release) 1.6.0 19
  • Sun jdk_(linux_production_release) 1.6.0 19
  • Sun jdk_(solaris_production_release) 1.6.0 03
  • Sun jdk_(linux_production_release) 1.6.0 03
  • Sun jdk_(windows_production_release) 1.6.0 20
  • Suse suse_linux_enterprise 11
  • Sun jdk_(linux_production_release) 1.6.0 13
  • Sun jdk_(windows_production_release) 1.6.0 03
  • Sun jre_(linux_production_release) 1.6.0 03
  • Sun jre_(solaris_production_release) 1.6.0 03
  • Sun jre_(windows_production_release) 1.6.0 03
  • Sun jre_(linux_production_release) 1.6.0 12
  • Sun jdk_(solaris_production_release) 1.6.0 02
  • Sun jdk_(linux_production_release) 1.6.0 05
  • Sun jre_(linux_production_release) 1.6.0 05
  • Sun jre_(linux_production_release) 1.6.0 11
  • Sun jdk_(solaris_production_release) 1.6.0 17
  • Sun jdk_(linux_production_release) 1.6.0 06
  • Sun jre_(linux_production_release) 1.6.0
  • Sun jre_(linux_production_release) 1.6.0 10
  • Sun jre_(linux_production_release) 1.6.0 06
  • Red_hat enterprise_linux_desktop_supplementary 5 Client
  • Sun jdk_(windows_production_release) 1.6.0 01
  • Sun jdk_(linux_production_release) 1.6.0 01
  • Sun jdk_(windows_production_release) 1.6.0 01-B06
  • Sun jdk_(solaris_production_release) 1.6.0 01
  • Sun jdk_(linux_production_release) 1.6.0 01-B06
  • Sun jre_(linux_production_release) 1.6.0 01
  • Gentoo linux
  • Sun jdk_(linux_production_release) 1.6.0 14
  • Sun jre_(solaris_production_release) 1.6.0 01
  • Sun jre_(solaris_production_release) 1.6.0 02
  • Sun jdk_(linux_production_release) 1.6.0 15
  • Sun jdk_(windows_production_release) 1.6.0 15
  • Sun jdk_(solaris_production_release) 1.6.0 15
  • Sun jre_(solaris_production_release) 1.6.0 15
  • Sun jre_(windows_production_release) 1.6.0 15
  • Sun jre_(linux_production_release) 1.6.0 15
  • Sun jdk_(solaris_production_release) 1.6.0 20
  • Sun jdk_(linux_production_release) 1.6.0 20
  • Sun jre_(linux_production_release) 1.6.0 14
  • Sun jre_(windows_production_release) 1.6.0 14
  • Sun jre_(solaris_production_release) 1.6.0 14
  • Suse suse_linux_enterprise 11 SP1
  • Red_hat enterprise_linux_extras 4
  • Hp hp-ux B.11.23
  • Sun jdk_(linux_production_release) 1.6.0 10
  • Sun jre_(solaris_production_release) 1.6.0 2
  • Sun jre_(windows_production_release) 1.6.0 2
  • Avaya proactive_contact 3.0.2
  • Sun jre_(windows_production_release) 1.6.0 19
  • Sun jre_(solaris_production_release) 1.6.0 19
  • Sun jre_(linux_production_release) 1.6.0 17
  • Sun jre_(solaris_production_release) 1.6.0 17
  • Sun jre_(windows_production_release) 1.6.0 17
  • Suse opensuse 11.3
  • Sun jdk_(linux_production_release) 1.6.0 17
  • Sun jre_(solaris_production_release) 1.6.0 11
  • Sun jre_(windows_production_release) 1.6.0 11
  • Sun jdk_(windows_production_release) 1.6.0 17
  • Red_hat enterprise_linux_extras 4.8.Z
  • Hp hp-ux B.11.11
  • Vmware esx 4.1
  • Hp hp-ux B.11.31
  • Sun jdk_(linux_production_release) 1.6.0 11
  • Sun jdk_(solaris_production_release) 1.6.0 01-B06
  • Avaya proactive_contact 3.0

HTTP:CTS:VMWARE-VCENTER-RCE - HTTP: VMware vCenter Server Plugin Unauthorized Remote Code Execution

Severity: CRITICAL

Description:

This signature detects attempts to exploit a known vulnerability against VMware vCenter Server plugin. A successful attack can lead to arbitrary code execution.

Supported On:

idp-5.1.110161014, idp-4.0.0, idp-4.0.110090709, idp-4.0.110090831, idp-4.1.0, mx-16.1, idp-4.2.0, srx-17.3, vmx-17.4, isg-3.5.141818, vsrx-17.4, srx-branch-17.4, isg-3.0.0, isg-3.1.134269, isg-3.1.135801, isg-3.4.0, vsrx3bsd-18.2, isg-3.5.0, srx-19.1, vsrx3bsd-19.1, vsrx-19.1, j-series-9.5, vsrx-19.2, srx-19.2, srx-branch-19.2, idp-4.2.110100823, srx-19.4, vsrx3bsd-19.4, srx-branch-19.4, vsrx-19.4, vmx-19.4, mx-19.4, idp-4.2.110101203, idp-5.1.0, srx-branch-19.1, idp-4.1.110110609, idp-4.1.110110719, mx-11.4, vsrx3bsd-19.2, idp-5.0.0, srx-18.2, isg-3.4.139899, idp-5.0.110121210, srx-12.1, srx-branch-12.1, isg-3.4.140032, idp-5.0.110130325, vsrx-12.1, srx-17.4, idp-5.1.110170603, vsrx-15.1

References:

  • url: https://www.vmware.com/security/advisories/VMSA-2021-0002.html
  • cve: CVE-2021-21972

Affected Products:

  • Vmware cloud_foundation 3.0
  • Vmware vcenter_server 7.0
  • Vmware vcenter_server 6.5
  • Vmware vcenter_server 6.7
  • Vmware cloud_foundation 4.0

HTTP:STC:ADOBE:CVE-2018-4879-CE - HTTP: Adobe Reader CVE-2018-4879 Arbitrary Code Execution

Severity: HIGH

Description:

This signature detects attempts to exploit a known vulnerability against Adobe Reader. A successful attack can lead to Arbitrary Code Execution.

Supported On:

idp-5.1.110161014, idp-4.0.0, idp-4.0.110090709, idp-4.0.110090831, idp-4.1.0, mx-16.1, idp-4.2.0, srx-17.3, vmx-17.4, idp-5.0.0, vsrx-17.4, srx-branch-17.4, srx-17.4, isg-3.1.134269, isg-3.1.135801, isg-3.4.0, vsrx3bsd-18.2, isg-3.5.0, srx-19.1, vsrx3bsd-19.1, vsrx-19.1, srx-branch-19.1, vsrx-19.2, srx-19.2, srx-branch-19.2, vsrx3bsd-19.2, srx-19.4, vsrx3bsd-19.4, srx-branch-19.4, vsrx-19.4, vmx-19.4, mx-19.4, idp-4.2.110101203, idp-5.1.0, j-series-9.5, idp-4.1.110110609, idp-4.1.110110719, mx-11.4, idp-4.2.110100823, isg-3.5.141818, srx-18.2, isg-3.4.139899, idp-5.0.110121210, srx-12.1, srx-branch-12.1, isg-3.4.140032, idp-5.0.110130325, vsrx-12.1, isg-3.0.0, idp-5.1.110170603, vsrx-15.1

References:

  • cve: CVE-2018-4879

Affected Products:

  • Adobe acrobat 17.0-17.011.30070
  • Adobe acrobat_reader_dc 15.0-15.006.30394
  • Adobe acrobat_dc 15.0-15.006.30394
  • Adobe acrobat_reader 17.0-17.011.30070
  • Adobe acrobat_reader_dc 18.009.20050
  • Adobe acrobat_dc 18.009.20050

HTTP:STC:CVE-2016-0161-RCE - HTTP: Microsoft Edge CVE-2016-0161 Remote Code Execution

Severity: HIGH

Description:

This signature detects an attempt to exploit a known Vulnerability in Microsoft Edge. Successful exploitation could allow an attacker to execute remote code into the application's context.

Supported On:

idp-5.1.110161014, idp-4.0.0, idp-4.0.110090709, idp-4.0.110090831, idp-4.1.0, mx-16.1, idp-4.2.0, srx-17.3, vmx-17.4, isg-3.5.141818, vsrx-17.4, srx-branch-17.4, srx-17.4, isg-3.1.134269, isg-3.1.135801, isg-3.4.0, vsrx3bsd-18.2, isg-3.5.0, srx-19.1, vsrx3bsd-19.1, vsrx-19.1, j-series-9.5, vsrx-19.2, srx-19.2, srx-branch-19.2, idp-4.2.110100823, srx-19.4, vsrx3bsd-19.4, srx-branch-19.4, vsrx-19.4, vmx-19.4, mx-19.4, idp-4.2.110101203, idp-5.1.0, srx-branch-19.1, idp-4.1.110110609, idp-4.1.110110719, mx-11.4, vsrx3bsd-19.2, idp-5.0.0, srx-18.2, isg-3.4.139899, idp-5.0.110121210, srx-12.1, srx-branch-12.1, isg-3.4.140032, idp-5.0.110130325, vsrx-12.1, idp-5.1.110170603, vsrx-15.1

References:

  • cve: CVE-2016-0161

Affected Products:

  • Microsoft edge
Site Map
RSS Feeds
Careers
Accessibility
Feedback
Privacy Policy
Legal Notices
Copyright © 1999-2010 Juniper Networks, Inc. All rights reserved.
Help
|
My Account
|
Log Out