This website uses cookies. By clicking Accept, you consent to the use of cookies. Click Here to learn more about how we use cookies.
Accept
Reject
Help
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 

New Dragon IPS signatures released.

New Dragon IPS signatures released.

Dudley__Jeff
Extreme Employee

‎10-10-2018 09:18 AM

The following NIDS signature updates are available via liveupdate for Dragon versions 7.x/8.x:



EDGE:CHAKRA-SCRIPT-CORRUPT10

UPDATE-TYPE: New Signature

CLASSIFICATION: BETA

DESCRIPTION: A remote code execution vulnerability exists when Microsoft Edge improperly accesses an object in memory. This vulnerability may corrupt memory in such a way that an attacker could execute arbitrary code in the context of the current user. Microsoft has released a patch for this vulnerability.

REFERENCE: URLREF

https://portal.msrc.microsoft.com/en-us/security-guidance/advisory/cve-2018-8505

REFERENCE: CVE

CVE-2018-8505





IE:MEMORY-CORRUPTION-RCE-341

UPDATE-TYPE: New Signature

CLASSIFICATION: BETA

DESCRIPTION: A remote code execution vulnerability exists when a Microsoft browser improperly accesses an object in memory. This vulnerability may corrupt memory in such a way that an attacker could execute arbitrary code in the context of the current user. Microsoft has released a patch for this vulnerability.

REFERENCE: URLREF

https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-8460

REFERENCE: CVE

CVE-2018-8460





IE:MEMORY-CORRUPTION-RCE-342

UPDATE-TYPE: New Signature

CLASSIFICATION: BETA

DESCRIPTION: A remote code execution vulnerability exists when a Microsoft browser improperly accesses an object in memory. This vulnerability may corrupt memory in such a way that an attacker could execute arbitrary code in the context of the current user. Microsoft has released a patch for this vulnerability.

REFERENCE: URLREF

https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-8491

REFERENCE: CVE

CVE-2018-8491





MS:JET-DATABASE-ENGINE-RCE-3

UPDATE-TYPE: New Signature

CLASSIFICATION: BETA

DESCRIPTION: There is a vulnerability in the Microsoft JET Database Engine that may lead to remote code execution. An attacker who successfully exploited this vulnerability could take control of an affected system. Microsoft has released a patch for this vulnerability.

REFERENCE: URLREF

https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-8423

REFERENCE: CVE

CVE-2018-8423





MS:THEME-API-RCE

UPDATE-TYPE: New Signature

CLASSIFICATION: BETA

DESCRIPTION: A remote code execution vulnerability exists when the Windows Theme API does not properly decompress files. An attacker who successfully exploited the vulnerabilities could run arbitrary code in the context of the current user. Microsoft has released a patch for this vulnerability. This signature looks for the downloading of a malicious themepack file to the client system.

REFERENCE: URLREF

https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-8413

REFERENCE: CVE

CVE-2018-8413





WINDOWS:SHELL-RCE

UPDATE-TYPE: New Signature

CLASSIFICATION: BETA

DESCRIPTION: A remote code execution vulnerability exists when Windows Shell improperly handles URLs. An attacker who exploited this vulnerability could gain the same user rights as the current user. Microsoft has released a patch for this vulnerability.

REFERENCE: URLREF

https://portal.msrc.microsoft.com/en-us/security-guidance/advisory/cve-2018-8495

REFERENCE: CVE

CVE-2018-8495



0 REPLIES 0
GTM-P2G8KFN