New Dragon IPS signature release

  • 14 November 2018
  • 0 replies
  • 145 views

Userlevel 3
The following NIDS signature updates are available via
liveupdate for Dragon versions 7.x/8.x:



EDGE:CHAKRA-SCRIPT10

UPDATE-TYPE: New Signature

CLASSIFICATION: BETA

DESCRIPTION: A remote code execution vulnerability exists when Microsoft Edge improperly accesses an object in memory. This vulnerability may corrupt memory in such a way that an attacker could execute arbitrary code in the context of the current user. Microsoft has released a patch for this vulnerability.

REFERENCE: URLREF

https://portal.msrc.microsoft.com/en-us/security-guidance/advisory/cve-2018-8588

REFERENCE: CVE

CVE-2018-8588





EDGE:CHAKRA-SCRIPT8

UPDATE-TYPE: New Signature

CLASSIFICATION: BETA

DESCRIPTION: A remote code execution vulnerability exists when Microsoft Edge improperly accesses an object in memory. This vulnerability may corrupt memory in such a way that an attacker could execute arbitrary code in the context of the current user. Microsoft has released a patch for this vulnerability.

REFERENCE: URLREF

https://portal.msrc.microsoft.com/en-us/security-guidance/advisory/cve-2018-8556

REFERENCE: CVE

CVE-2018-8556





EDGE:CHAKRA-SCRIPT9

UPDATE-TYPE: New Signature

CLASSIFICATION: BETA

DESCRIPTION: A remote code execution vulnerability exists when Microsoft Edge improperly accesses an object in memory. This vulnerability may corrupt memory in such a way that an attacker could execute arbitrary code in the context of the current user. Microsoft has released a patch for this vulnerability.

REFERENCE: URLREF

https://portal.msrc.microsoft.com/en-us/security-guidance/advisory/cve-2018-8557

REFERENCE: CVE

CVE-2018-8557





EDGE:INFO-DISCLOSURE12

UPDATE-TYPE: New Signature

CLASSIFICATION: BETA

DESCRIPTION: An information disclosure vulnerability exists when Microsoft Edge improperly handles objects in memory. An attacker who exploited this vulnerability could obtain information to further compromise the users system. Microsoft has released a patch for this vulnerability.

REFERENCE: URLREF

https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-8545

REFERENCE: CVE

CVE-2018-8545





EDGE:SCRIPT-ENG-MEM-CORRUPT-91

UPDATE-TYPE: New Signature

CLASSIFICATION: BETA

DESCRIPTION: A remote code execution vulnerability exists in the way that the Scripting Engine renders when handling objects in memory in Microsoft browsers. This vulnerability may corrupt memory in such a way that an attacker could execute arbitrary code in the context of the current user. Microsoft has released a patch for this vulnerability.

REFERENCE: URLREF

https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-8542

REFERENCE: CVE

CVE-2018-8542





EDGE:SCRIPT-ENG-MEM-CORRUPT-92

UPDATE-TYPE: New Signature

CLASSIFICATION: BETA

DESCRIPTION: A remote code execution vulnerability exists in the way that the Scripting Engine renders when handling objects in memory in Microsoft browsers. This vulnerability may corrupt memory in such a way that an attacker could execute arbitrary code in the context of the current user. Microsoft has released a patch for this vulnerability.

REFERENCE: URLREF

https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-8555

REFERENCE: CVE

CVE-2018-8555





IE:INFO-DISCLOSURE11

UPDATE-TYPE: New Signature

CLASSIFICATION: BETA

DESCRIPTION: An information disclosure vulnerability exists when a Microsoft browser incorrectly handles objects in memory. Microsoft has released a patch for this vulnerability.

REFERENCE: URLREF

https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-8552

REFERENCE: CVE

CVE-2018-8552





MS:DIRECTX-INFO-DISCLOSURE

UPDATE-TYPE: New Signature

CLASSIFICATION: BETA

DESCRIPTION: An information disclosure vulnerability exists when DirectX improperly accesses objects in memory. This vulnerability may allow an attacker to obtain information to compromise a user's system. Microsoft has released a patch for this vulnerability.

REFERENCE: URLREF

https://portal.msrc.microsoft.com/en-us/security-guidance/advisory/cve-2018-8563

REFERENCE: CVE

CVE-2018-8563





MS:OUTLOOK-RULEFILE

UPDATE-TYPE: New Signature

CLASSIFICATION: BETA

DESCRIPTION: A remote code execution vulnerability exists in Microsoft Outlook software when it failed to properly handle objects in memory. An attacker who successfully exploited the vulnerability could use a specially crafted file to perform actions in the security context of the current user. Microsoft has released a patch for this vulnerability.

REFERENCE: URLREF

https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-8522

REFERENCE: CVE

CVE-2018-8522





MS:OUTLOOK-RULEFILE-2

UPDATE-TYPE: New Signature

CLASSIFICATION: BETA

DESCRIPTION: A remote code execution vulnerability exists in Microsoft Outlook software when it failed to properly handle objects in memory. An attacker who successfully exploited the vulnerability could use a specially crafted file to perform actions in the security context of the current user. Microsoft has released a patch for this vulnerability.

REFERENCE: URLREF

https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-8582

REFERENCE: CVE

CVE-2018-8582





MS:VBSCRIPT-ENGINE-RCE-3

UPDATE-TYPE: New Signature

CLASSIFICATION: BETA

DESCRIPTION: A remote code execution vulnerability exists in a Microsoft browser when the VBScript engine improperly handles objects in memory. This vulnerability may corrupt memory in such a way that an attacker could execute arbitrary code in the context of the current user. Microsoft has released a patch for this vulnerability.

REFERENCE: URLREF

https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-8544

REFERENCE: CVE

CVE-2018-8544





MS:WIN-GRAPHICS-WMF-RCE

UPDATE-TYPE: New Signature

CLASSIFICATION: BETA

DESCRIPTION: A remote code execution vulnerability exists in the way that Microsoft Graphics Components handle objects in memory. An attacker who successfully exploited the vulnerability could execute arbitrary code on a target system. Microsoft has released a patch for this vulnerability.

REFERENCE: URLREF

https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-8553

REFERENCE: CVE

CVE-2018-8553





MS:WORD-REMOTE-CODE-EXE

UPDATE-TYPE: New Signature

CLASSIFICATION: BETA

DESCRIPTION: A remote code execution vulnerability exists in Microsoft Word software when it fails to properly handle objects in memory. An attacker who successfully exploited the vulnerability could use a specially crafted file to perform actions in the security context of the current user. Microsoft has released a patch for this vulnerability.

REFERENCE: URLREF

https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-8539

REFERENCE: CVE

CVE-2018-8539





TFTP:WINDOWS-DEPLOYMENT-RCE

UPDATE-TYPE: New Signature

CLASSIFICATION: BETA

DESCRIPTION: A remote code execution vulnerability exists in the way that Windows Deployment Services TFTP Server handles objects in memory. An attacker who successfully exploited the vulnerability could execute arbitrary code with elevated permissions on a target system. Microsoft has released a patch for this vulnerability.

REFERENCE: URLREF

https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-8476

REFERENCE: CVE

CVE-2018-8476

0 replies

Be the first to reply!

Reply