New Dragon IPS signature release December 2018

  • 12 December 2018
  • 1 reply
  • 198 views

Userlevel 3
The following NIDS signature updates are available via liveupdate for Dragon versions 7.x/8.x:

EDGE:CHAKRA-SCRIPT11
UPDATE-TYPE: New Signature
CLASSIFICATION: BETA
DESCRIPTION: A remote code execution vulnerability exists when Microsoft Edge improperly accesses an object in memory. This vulnerability may corrupt memory in such a way that an attacker could execute arbitrary code in the context of the current user. Microsoft has released a patch for this vulnerability.
REFERENCE: URLREF
https://portal.msrc.microsoft.com/en-us/security-guidance/advisory/cve-2018-8624
REFERENCE: CVE
CVE-2018-8624


EDGE:SCRIPT-ENG-MEM-CORRUPT-93
UPDATE-TYPE: New Signature
CLASSIFICATION: BETA
DESCRIPTION: A remote code execution vulnerability exists in the way that the Scripting Engine renders when handling objects in memory in Microsoft browsers. This vulnerability may corrupt memory in such a way that an attacker could execute arbitrary code in the context of the current user. Microsoft has released a patch for this vulnerability.
REFERENCE: URLREF
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-8629
REFERENCE: CVE
CVE-2018-8629


EDGE:SCRIPT-ENG-MEM-CORRUPT-94
UPDATE-TYPE: New Signature
CLASSIFICATION: BETA
DESCRIPTION: A remote code execution vulnerability exists in the way that the Chakra scripting engine handles objects in memory in Microsoft Edge. The vulnerability could corrupt memory in such a way that an attacker could execute arbitrary code in the context of the current user. Microsoft has released a patch for this vulnerability.
REFERENCE: URLREF
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-8583
REFERENCE: CVE
CVE-2018-8583


EDGE:SCRIPT-ENG-MEM-CORRUPT-95
UPDATE-TYPE: New Signature
CLASSIFICATION: BETA
DESCRIPTION: A remote code execution vulnerability exists in the way that the Chakra scripting engine handles objects in memory in Microsoft Edge. The vulnerability could corrupt memory in such a way that an attacker could execute arbitrary code in the context of the current user. Microsoft has released a patch for this vulnerability.
REFERENCE: URLREF
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-8618
REFERENCE: CVE
CVE-2018-8618


IE:MEMORY-CORRUPTION-RCE-343
UPDATE-TYPE: New Signature
CLASSIFICATION: BETA
DESCRIPTION: A remote code execution vulnerability exists when a Microsoft browser improperly accesses an object in memory. This vulnerability may corrupt memory in such a way that an attacker could execute arbitrary code in the context of the current user. Microsoft has released a patch for this vulnerability.
REFERENCE: URLREF
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-8631
REFERENCE: CVE
CVE-2018-8631


IE:SCRIPTING-ENGINE-RCE-59
UPDATE-TYPE: New Signature
CLASSIFICATION: BETA
DESCRIPTION: A remote code execution vulnerability exists in the way that the Scripting Engine renders when handling objects in memory in Microsoft browsers. This vulnerability may corrupt memory in such a way that an attacker could execute arbitrary code in the context of the current user. Microsoft has released a patch for this vulnerability.
REFERENCE: URLREF
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-8643
REFERENCE: CVE
CVE-2018-8643


IE:SCRIPTING-ENGINE-RCE-60
UPDATE-TYPE: New Signature
CLASSIFICATION: BETA
DESCRIPTION: A remote code execution vulnerability exists in Internet Explorer when the VBScript execution policy does not properly restrict VBScript under specific conditions. Microsoft has released a patch for this vulnerability.
REFERENCE: URLREF
https://portal.msrc.microsoft.com/en-us/security-guidance/advisory/cve-2018-8619
REFERENCE: CVE
CVE-2018-8619


MS:TEXT-TO-SPEECH-RCE
UPDATE-TYPE: New Signature
CLASSIFICATION: BETA
DESCRIPTION: A remote code execution vulnerability exists in Windows where Microsoft text-to-speech fails to properly handle objects in memory. An attacker who successfully exploited this vulnerability could take control of the affected system. Microsoft has released a patch for this vulnerability.
REFERENCE: URLREF
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-8634
REFERENCE: CVE
CVE-2018-8634


MS:VBSCRIPT-ENGINE-RCE-4
UPDATE-TYPE: New Signature
CLASSIFICATION: BETA
DESCRIPTION: A remote code execution vulnerability exists in the way that the VBScript engine handles objects in memory. The vulnerability could corrupt memory in such a way that an attacker could execute arbitrary code in the context of the current user. Microsoft has released a patch for this vulnerability.
REFERENCE: URLREF
https://portal.msrc.microsoft.com/en-us/security-guidance/advisory/cve-2018-8625
REFERENCE: CVE
CVE-2018-8625

1 reply

thank you for info

Reply