This website uses cookies. By clicking Accept, you consent to the use of cookies. Click Here to learn more about how we use cookies.
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for
- Extreme Networks
- Community List
- Legacy
- End of Service Products
- New Dragon IPS signatures released.
Options
- Subscribe to RSS Feed
- Mark Topic as New
- Mark Topic as Read
- Float this Topic for Current User
- Bookmark
- Subscribe
- Mute
- Printer Friendly Page
New Dragon IPS signatures released.
New Dragon IPS signatures released.
Options
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Get Direct Link
- Report Inappropriate Content
07-12-2017 10:19 AM
The following NIDS signature updates are available via liveupdate for Dragon versions 7.x/8.x:
EDGE:MEMORY-CORRUPTION-RCE-41
UPDATE-TYPE: New Signature
CLASSIFICATION: BETA
DESCRIPTION: A remote code injection vulnerability exists when Microsoft Edge incorrectly accesses certain objects in memory. Microsoft has released a patch for this vulnerability.
REFERENCE: URLREF
https://portal.msrc.microsoft.com/en-us/security-guidance/advisory/cve-2017-8617
REFERENCE: CVE
CVE-2017-8617
EDGE:SCRIPT-ENG-MEM-CORRUPT-36
UPDATE-TYPE: New Signature
CLASSIFICATION: BETA
DESCRIPTION: A remote code execution vulnerability exists in the way that the Scripting Engine renders when handling objects in memory in Microsoft browsers. This vulnerability may corrupt memory in such a way that an attacker could execute arbitrary code in the context of the current user. Microsoft has released a patch for this vulnerability.
REFERENCE: URLREF
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2017-8598
REFERENCE: CVE
CVE-2017-8598
EDGE:SCRIPT-ENG-MEM-CORRUPT-37
UPDATE-TYPE: New Signature
CLASSIFICATION: BETA
DESCRIPTION: A remote code execution vulnerability exists in the way that the Scripting Engine renders when handling objects in memory in Microsoft browsers. This vulnerability may corrupt memory in such a way that an attacker could execute arbitrary code in the context of the current user. Microsoft has released a patch for this vulnerability.
REFERENCE: URLREF
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2017-8601
REFERENCE: CVE
CVE-2017-8601
EDGE:SCRIPT-ENG-MEM-CORRUPT-38
UPDATE-TYPE: New Signature
CLASSIFICATION: BETA
DESCRIPTION: A remote code execution vulnerability exists in the way that the Scripting Engine renders when handling objects in memory in Microsoft browsers. This vulnerability may corrupt memory in such a way that an attacker could execute arbitrary code in the context of the current user. Microsoft has released a patch for this vulnerability.
REFERENCE: URLREF
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2017-8605
REFERENCE: CVE
CVE-2017-8605
EDGE:SCRIPT-ENG-MEM-CORRUPT-39
UPDATE-TYPE: New Signature
CLASSIFICATION: BETA
DESCRIPTION: A remote code execution vulnerability exists in the way that the Scripting Engine renders when handling objects in memory in Microsoft browsers. This vulnerability may corrupt memory in such a way that an attacker could execute arbitrary code in the context of the current user. Microsoft has released a patch for this vulnerability.
REFERENCE: URLREF
https://portal.msrc.microsoft.com/en-us/security-guidance/advisory/cve-2017-8619
REFERENCE: CVE
CVE-2017-8619
HTTP:MS-BROWSER-CORS-BYPASS
UPDATE-TYPE: New Signature
CLASSIFICATION: BETA
DESCRIPTION: A vulnerability in Microsoft Internet Explorer and Microsoft Edge browsers allows for cross-origin resource sharing (CORS) restrictions to be bypassed, potentially exposing sensitive data to a third-party or attacker. Microsoft has released a patch for this vulnerability.
REFERENCE: URLREF
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2017-8592
REFERENCE: CVE
CVE-2017-8592
IE:MEMORY-CORRUPTION-RCE-329
UPDATE-TYPE: New Signature
CLASSIFICATION: BETA
DESCRIPTION: A remote code vulnerability exists when Microsoft Internet Explorer renders certain HTML parameters. Microsoft has released a patch for this vulnerability.
REFERENCE: URLREF
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2017-8594
REFERENCE: CVE
CVE-2017-8594
IE:SCRIPTING-ENGINE-RCE-14
UPDATE-TYPE: New Signature
CLASSIFICATION: BETA
DESCRIPTION: A remote code execution vulnerability exists in the way that the Scripting Engine renders when handling objects in memory in Microsoft browsers. This vulnerability may corrupt memory in such a way that an attacker could execute arbitrary code in the context of the current user. Microsoft has released a patch for this vulnerability.
REFERENCE: URLREF
https://portal.msrc.microsoft.com/en-us/security-guidance/advisory/cve-2017-8618
REFERENCE: CVE
CVE-2017-8618
EDGE:MEMORY-CORRUPTION-RCE-41
UPDATE-TYPE: New Signature
CLASSIFICATION: BETA
DESCRIPTION: A remote code injection vulnerability exists when Microsoft Edge incorrectly accesses certain objects in memory. Microsoft has released a patch for this vulnerability.
REFERENCE: URLREF
https://portal.msrc.microsoft.com/en-us/security-guidance/advisory/cve-2017-8617
REFERENCE: CVE
CVE-2017-8617
EDGE:SCRIPT-ENG-MEM-CORRUPT-36
UPDATE-TYPE: New Signature
CLASSIFICATION: BETA
DESCRIPTION: A remote code execution vulnerability exists in the way that the Scripting Engine renders when handling objects in memory in Microsoft browsers. This vulnerability may corrupt memory in such a way that an attacker could execute arbitrary code in the context of the current user. Microsoft has released a patch for this vulnerability.
REFERENCE: URLREF
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2017-8598
REFERENCE: CVE
CVE-2017-8598
EDGE:SCRIPT-ENG-MEM-CORRUPT-37
UPDATE-TYPE: New Signature
CLASSIFICATION: BETA
DESCRIPTION: A remote code execution vulnerability exists in the way that the Scripting Engine renders when handling objects in memory in Microsoft browsers. This vulnerability may corrupt memory in such a way that an attacker could execute arbitrary code in the context of the current user. Microsoft has released a patch for this vulnerability.
REFERENCE: URLREF
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2017-8601
REFERENCE: CVE
CVE-2017-8601
EDGE:SCRIPT-ENG-MEM-CORRUPT-38
UPDATE-TYPE: New Signature
CLASSIFICATION: BETA
DESCRIPTION: A remote code execution vulnerability exists in the way that the Scripting Engine renders when handling objects in memory in Microsoft browsers. This vulnerability may corrupt memory in such a way that an attacker could execute arbitrary code in the context of the current user. Microsoft has released a patch for this vulnerability.
REFERENCE: URLREF
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2017-8605
REFERENCE: CVE
CVE-2017-8605
EDGE:SCRIPT-ENG-MEM-CORRUPT-39
UPDATE-TYPE: New Signature
CLASSIFICATION: BETA
DESCRIPTION: A remote code execution vulnerability exists in the way that the Scripting Engine renders when handling objects in memory in Microsoft browsers. This vulnerability may corrupt memory in such a way that an attacker could execute arbitrary code in the context of the current user. Microsoft has released a patch for this vulnerability.
REFERENCE: URLREF
https://portal.msrc.microsoft.com/en-us/security-guidance/advisory/cve-2017-8619
REFERENCE: CVE
CVE-2017-8619
HTTP:MS-BROWSER-CORS-BYPASS
UPDATE-TYPE: New Signature
CLASSIFICATION: BETA
DESCRIPTION: A vulnerability in Microsoft Internet Explorer and Microsoft Edge browsers allows for cross-origin resource sharing (CORS) restrictions to be bypassed, potentially exposing sensitive data to a third-party or attacker. Microsoft has released a patch for this vulnerability.
REFERENCE: URLREF
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2017-8592
REFERENCE: CVE
CVE-2017-8592
IE:MEMORY-CORRUPTION-RCE-329
UPDATE-TYPE: New Signature
CLASSIFICATION: BETA
DESCRIPTION: A remote code vulnerability exists when Microsoft Internet Explorer renders certain HTML parameters. Microsoft has released a patch for this vulnerability.
REFERENCE: URLREF
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2017-8594
REFERENCE: CVE
CVE-2017-8594
IE:SCRIPTING-ENGINE-RCE-14
UPDATE-TYPE: New Signature
CLASSIFICATION: BETA
DESCRIPTION: A remote code execution vulnerability exists in the way that the Scripting Engine renders when handling objects in memory in Microsoft browsers. This vulnerability may corrupt memory in such a way that an attacker could execute arbitrary code in the context of the current user. Microsoft has released a patch for this vulnerability.
REFERENCE: URLREF
https://portal.msrc.microsoft.com/en-us/security-guidance/advisory/cve-2017-8618
REFERENCE: CVE
CVE-2017-8618
0 REPLIES 0
