End of Service Products

New Dragon IPS signatures released.

  • 1.  New Dragon IPS signatures released.

    Posted 07-12-2017 10:19
    The following NIDS signature updates are available via liveupdate for Dragon versions 7.x/8.x:



    EDGE:MEMORY-CORRUPTION-RCE-41

    UPDATE-TYPE: New Signature

    CLASSIFICATION: BETA

    DESCRIPTION: A remote code injection vulnerability exists when Microsoft Edge incorrectly accesses certain objects in memory. Microsoft has released a patch for this vulnerability.

    REFERENCE: URLREF

    https://portal.msrc.microsoft.com/en-us/security-guidance/advisory/cve-2017-8617

    REFERENCE: CVE

    CVE-2017-8617





    EDGE:SCRIPT-ENG-MEM-CORRUPT-36

    UPDATE-TYPE: New Signature

    CLASSIFICATION: BETA

    DESCRIPTION: A remote code execution vulnerability exists in the way that the Scripting Engine renders when handling objects in memory in Microsoft browsers. This vulnerability may corrupt memory in such a way that an attacker could execute arbitrary code in the context of the current user. Microsoft has released a patch for this vulnerability.

    REFERENCE: URLREF

    https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2017-8598

    REFERENCE: CVE

    CVE-2017-8598





    EDGE:SCRIPT-ENG-MEM-CORRUPT-37

    UPDATE-TYPE: New Signature

    CLASSIFICATION: BETA

    DESCRIPTION: A remote code execution vulnerability exists in the way that the Scripting Engine renders when handling objects in memory in Microsoft browsers. This vulnerability may corrupt memory in such a way that an attacker could execute arbitrary code in the context of the current user. Microsoft has released a patch for this vulnerability.

    REFERENCE: URLREF

    https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2017-8601

    REFERENCE: CVE

    CVE-2017-8601





    EDGE:SCRIPT-ENG-MEM-CORRUPT-38

    UPDATE-TYPE: New Signature

    CLASSIFICATION: BETA

    DESCRIPTION: A remote code execution vulnerability exists in the way that the Scripting Engine renders when handling objects in memory in Microsoft browsers. This vulnerability may corrupt memory in such a way that an attacker could execute arbitrary code in the context of the current user. Microsoft has released a patch for this vulnerability.

    REFERENCE: URLREF

    https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2017-8605

    REFERENCE: CVE

    CVE-2017-8605





    EDGE:SCRIPT-ENG-MEM-CORRUPT-39

    UPDATE-TYPE: New Signature

    CLASSIFICATION: BETA

    DESCRIPTION: A remote code execution vulnerability exists in the way that the Scripting Engine renders when handling objects in memory in Microsoft browsers. This vulnerability may corrupt memory in such a way that an attacker could execute arbitrary code in the context of the current user. Microsoft has released a patch for this vulnerability.

    REFERENCE: URLREF

    https://portal.msrc.microsoft.com/en-us/security-guidance/advisory/cve-2017-8619

    REFERENCE: CVE

    CVE-2017-8619





    HTTP:MS-BROWSER-CORS-BYPASS

    UPDATE-TYPE: New Signature

    CLASSIFICATION: BETA

    DESCRIPTION: A vulnerability in Microsoft Internet Explorer and Microsoft Edge browsers allows for cross-origin resource sharing (CORS) restrictions to be bypassed, potentially exposing sensitive data to a third-party or attacker. Microsoft has released a patch for this vulnerability.

    REFERENCE: URLREF

    https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2017-8592

    REFERENCE: CVE

    CVE-2017-8592





    IE:MEMORY-CORRUPTION-RCE-329

    UPDATE-TYPE: New Signature

    CLASSIFICATION: BETA

    DESCRIPTION: A remote code vulnerability exists when Microsoft Internet Explorer renders certain HTML parameters. Microsoft has released a patch for this vulnerability.

    REFERENCE: URLREF

    https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2017-8594

    REFERENCE: CVE

    CVE-2017-8594





    IE:SCRIPTING-ENGINE-RCE-14

    UPDATE-TYPE: New Signature

    CLASSIFICATION: BETA

    DESCRIPTION: A remote code execution vulnerability exists in the way that the Scripting Engine renders when handling objects in memory in Microsoft browsers. This vulnerability may corrupt memory in such a way that an attacker could execute arbitrary code in the context of the current user. Microsoft has released a patch for this vulnerability.

    REFERENCE: URLREF

    https://portal.msrc.microsoft.com/en-us/security-guidance/advisory/cve-2017-8618

    REFERENCE: CVE

    CVE-2017-8618