End of Service Products

New Dragon IPS signature release

  • 1.  New Dragon IPS signature release

    Posted 11-14-2018 11:36
    The following NIDS signature updates are available via
    liveupdate for Dragon versions 7.x/8.x:



    EDGE:CHAKRA-SCRIPT10

    UPDATE-TYPE: New Signature

    CLASSIFICATION: BETA

    DESCRIPTION: A remote code execution vulnerability exists when Microsoft Edge improperly accesses an object in memory. This vulnerability may corrupt memory in such a way that an attacker could execute arbitrary code in the context of the current user. Microsoft has released a patch for this vulnerability.

    REFERENCE: URLREF

    https://portal.msrc.microsoft.com/en-us/security-guidance/advisory/cve-2018-8588

    REFERENCE: CVE

    CVE-2018-8588





    EDGE:CHAKRA-SCRIPT8

    UPDATE-TYPE: New Signature

    CLASSIFICATION: BETA

    DESCRIPTION: A remote code execution vulnerability exists when Microsoft Edge improperly accesses an object in memory. This vulnerability may corrupt memory in such a way that an attacker could execute arbitrary code in the context of the current user. Microsoft has released a patch for this vulnerability.

    REFERENCE: URLREF

    https://portal.msrc.microsoft.com/en-us/security-guidance/advisory/cve-2018-8556

    REFERENCE: CVE

    CVE-2018-8556





    EDGE:CHAKRA-SCRIPT9

    UPDATE-TYPE: New Signature

    CLASSIFICATION: BETA

    DESCRIPTION: A remote code execution vulnerability exists when Microsoft Edge improperly accesses an object in memory. This vulnerability may corrupt memory in such a way that an attacker could execute arbitrary code in the context of the current user. Microsoft has released a patch for this vulnerability.

    REFERENCE: URLREF

    https://portal.msrc.microsoft.com/en-us/security-guidance/advisory/cve-2018-8557

    REFERENCE: CVE

    CVE-2018-8557





    EDGE:INFO-DISCLOSURE12

    UPDATE-TYPE: New Signature

    CLASSIFICATION: BETA

    DESCRIPTION: An information disclosure vulnerability exists when Microsoft Edge improperly handles objects in memory. An attacker who exploited this vulnerability could obtain information to further compromise the users system. Microsoft has released a patch for this vulnerability.

    REFERENCE: URLREF

    https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-8545

    REFERENCE: CVE

    CVE-2018-8545





    EDGE:SCRIPT-ENG-MEM-CORRUPT-91

    UPDATE-TYPE: New Signature

    CLASSIFICATION: BETA

    DESCRIPTION: A remote code execution vulnerability exists in the way that the Scripting Engine renders when handling objects in memory in Microsoft browsers. This vulnerability may corrupt memory in such a way that an attacker could execute arbitrary code in the context of the current user. Microsoft has released a patch for this vulnerability.

    REFERENCE: URLREF

    https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-8542

    REFERENCE: CVE

    CVE-2018-8542





    EDGE:SCRIPT-ENG-MEM-CORRUPT-92

    UPDATE-TYPE: New Signature

    CLASSIFICATION: BETA

    DESCRIPTION: A remote code execution vulnerability exists in the way that the Scripting Engine renders when handling objects in memory in Microsoft browsers. This vulnerability may corrupt memory in such a way that an attacker could execute arbitrary code in the context of the current user. Microsoft has released a patch for this vulnerability.

    REFERENCE: URLREF

    https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-8555

    REFERENCE: CVE

    CVE-2018-8555





    IE:INFO-DISCLOSURE11

    UPDATE-TYPE: New Signature

    CLASSIFICATION: BETA

    DESCRIPTION: An information disclosure vulnerability exists when a Microsoft browser incorrectly handles objects in memory. Microsoft has released a patch for this vulnerability.

    REFERENCE: URLREF

    https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-8552

    REFERENCE: CVE

    CVE-2018-8552





    MS:DIRECTX-INFO-DISCLOSURE

    UPDATE-TYPE: New Signature

    CLASSIFICATION: BETA

    DESCRIPTION: An information disclosure vulnerability exists when DirectX improperly accesses objects in memory. This vulnerability may allow an attacker to obtain information to compromise a user's system. Microsoft has released a patch for this vulnerability.

    REFERENCE: URLREF

    https://portal.msrc.microsoft.com/en-us/security-guidance/advisory/cve-2018-8563

    REFERENCE: CVE

    CVE-2018-8563





    MS:OUTLOOK-RULEFILE

    UPDATE-TYPE: New Signature

    CLASSIFICATION: BETA

    DESCRIPTION: A remote code execution vulnerability exists in Microsoft Outlook software when it failed to properly handle objects in memory. An attacker who successfully exploited the vulnerability could use a specially crafted file to perform actions in the security context of the current user. Microsoft has released a patch for this vulnerability.

    REFERENCE: URLREF

    https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-8522

    REFERENCE: CVE

    CVE-2018-8522





    MS:OUTLOOK-RULEFILE-2

    UPDATE-TYPE: New Signature

    CLASSIFICATION: BETA

    DESCRIPTION: A remote code execution vulnerability exists in Microsoft Outlook software when it failed to properly handle objects in memory. An attacker who successfully exploited the vulnerability could use a specially crafted file to perform actions in the security context of the current user. Microsoft has released a patch for this vulnerability.

    REFERENCE: URLREF

    https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-8582

    REFERENCE: CVE

    CVE-2018-8582





    MS:VBSCRIPT-ENGINE-RCE-3

    UPDATE-TYPE: New Signature

    CLASSIFICATION: BETA

    DESCRIPTION: A remote code execution vulnerability exists in a Microsoft browser when the VBScript engine improperly handles objects in memory. This vulnerability may corrupt memory in such a way that an attacker could execute arbitrary code in the context of the current user. Microsoft has released a patch for this vulnerability.

    REFERENCE: URLREF

    https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-8544

    REFERENCE: CVE

    CVE-2018-8544





    MS:WIN-GRAPHICS-WMF-RCE

    UPDATE-TYPE: New Signature

    CLASSIFICATION: BETA

    DESCRIPTION: A remote code execution vulnerability exists in the way that Microsoft Graphics Components handle objects in memory. An attacker who successfully exploited the vulnerability could execute arbitrary code on a target system. Microsoft has released a patch for this vulnerability.

    REFERENCE: URLREF

    https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-8553

    REFERENCE: CVE

    CVE-2018-8553





    MS:WORD-REMOTE-CODE-EXE

    UPDATE-TYPE: New Signature

    CLASSIFICATION: BETA

    DESCRIPTION: A remote code execution vulnerability exists in Microsoft Word software when it fails to properly handle objects in memory. An attacker who successfully exploited the vulnerability could use a specially crafted file to perform actions in the security context of the current user. Microsoft has released a patch for this vulnerability.

    REFERENCE: URLREF

    https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-8539

    REFERENCE: CVE

    CVE-2018-8539





    TFTP:WINDOWS-DEPLOYMENT-RCE

    UPDATE-TYPE: New Signature

    CLASSIFICATION: BETA

    DESCRIPTION: A remote code execution vulnerability exists in the way that Windows Deployment Services TFTP Server handles objects in memory. An attacker who successfully exploited the vulnerability could execute arbitrary code with elevated permissions on a target system. Microsoft has released a patch for this vulnerability.

    REFERENCE: URLREF

    https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-8476

    REFERENCE: CVE

    CVE-2018-8476