This website uses cookies. By clicking Accept, you consent to the use of cookies. Click Here to learn more about how we use cookies.
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for
- Extreme Networks
- Community List
- Legacy
- End of Service Products
- New IPS/IDS signature release
Options
- Subscribe to RSS Feed
- Mark Topic as New
- Mark Topic as Read
- Float this Topic for Current User
- Bookmark
- Subscribe
- Mute
- Printer Friendly Page
New IPS/IDS signature release
New IPS/IDS signature release
Options
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Get Direct Link
- Report Inappropriate Content
09-18-2017 09:57 AM
The following NIDS signature updates are available via liveupdate for Dragon versions 7.x/8.x:
EDGE:MEMORY-CORRUPTION-RCE-42
UPDATE-TYPE: New Signature
CLASSIFICATION: BETA
DESCRIPTION: A remote code execution vulnerability exists when Microsoft Edge improperly accesses an object in memory. This vulnerability may corrupt memory in such a way that an attacker could execute arbitrary code in the context of the current user. Microsoft has released a patch for this vulnerability.
REFERENCE: URLREF
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2017-8731
REFERENCE: CVE
CVE-2017-8731
EDGE:MEMORY-CORRUPTION-RCE-43
UPDATE-TYPE: New Signature
CLASSIFICATION: BETA
DESCRIPTION: A remote code execution vulnerability exists when Microsoft Edge improperly accesses an object in memory. This vulnerability may corrupt memory in such a way that an attacker could execute arbitrary code in the context of the current user. Microsoft has released a patch for this vulnerability.
REFERENCE: URLREF
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2017-8734
REFERENCE: CVE
CVE-2017-8734
EDGE:MEMORY-CORRUPTION-RCE-44
UPDATE-TYPE: New Signature
CLASSIFICATION: BETA
DESCRIPTION: A remote code execution vulnerability exists when Microsoft Edge renders certain objects in memory. Microsoft has released a patch for this vulnerability.
REFERENCE: URLREF
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2017-8757
REFERENCE: CVE
CVE-2017-8757
EDGE:SCRIPT-ENG-MEM-CORRUPT-40
UPDATE-TYPE: New Signature
CLASSIFICATION: BETA
DESCRIPTION: A remote code execution vulnerability exists in the way that the Scripting Engine renders when handling objects in memory in Microsoft browsers. This vulnerability may corrupt memory in such a way that an attacker could execute arbitrary code in the context of the current user. Microsoft has released a patch for this vulnerability.
REFERENCE: URLREF
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2017-8738
REFERENCE: CVE
CVE-2017-8738
EDGE:SCRIPT-ENG-MEM-CORRUPT-41
UPDATE-TYPE: New Signature
CLASSIFICATION: BETA
DESCRIPTION: A remote code execution vulnerability exists when Microsoft Edge renders certain objects in memory. Microsoft has released a patch for this vulnerability.
REFERENCE: URLREF
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2017-8753
REFERENCE: CVE
CVE-2017-8753
IE:MEMORY-CORRUPTION-RCE-330
UPDATE-TYPE: New Signature
CLASSIFICATION: BETA
DESCRIPTION: A remote code injection vulnerability exists when Microsoft Internet Explorer incorrectly accesses certain objects in memory. Microsoft has released a patch for this vulnerability.
REFERENCE: URLREF
https://portal.msrc.microsoft.com/en-us/security-guidance/advisory/cve-2017-8747
REFERENCE: CVE
CVE-2017-8747
IE:MEMORY-CORRUPTION-RCE-331
UPDATE-TYPE: New Signature
CLASSIFICATION: BETA
DESCRIPTION: A remote code injection vulnerability exists when Microsoft Internet Explorer incorrectly accesses certain objects in memory. Microsoft has released a patch for this vulnerability.
REFERENCE: URLREF
https://portal.msrc.microsoft.com/en-us/security-guidance/advisory/cve-2017-8749
REFERENCE: CVE
CVE-2017-8749
IE:MEMORY-CORRUPTION-RCE-332
UPDATE-TYPE: New Signature
CLASSIFICATION: BETA
DESCRIPTION: A remote code injection vulnerability exists when Microsoft browsers incorrectly access certain objects in memory. Microsoft has released a patch for this vulnerability.
REFERENCE: URLREF
https://portal.msrc.microsoft.com/en-us/security-guidance/advisory/cve-2017-8750
REFERENCE: CVE
CVE-2017-8750
MS:DOTNET-REMOTE-CODE-VULN
UPDATE-TYPE: New Signature
CLASSIFICATION: BETA
DESCRIPTION: A remote code execution vulnerability exists when Microsoft .NET Framework processes untrusted input. Microsoft has released a patch for this vulnerability.
REFERENCE: URLREF
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2017-8759
REFERENCE: CVE
CVE-2017-8759
MS:PDF-LIBRARY-2
UPDATE-TYPE: New Signature
CLASSIFICATION: BETA
DESCRIPTION: A remote code execution vulnerability exists when Microsoft Windows PDF Library improperly handles objects in memory. Microsoft has released a patch for this vulnerability. This signature tests for the "pdf.download" FlowTag being set before generating an event on network traffic. This FlowTag is defined by the HTTP:PDF-FILE-DOWNLOAD signature, which is required for this signature to generate an event.
REFERENCE: URLREF
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2017-8728
REFERENCE: CVE
CVE-2017-8728
MS:PDF-LIBRARY-3
UPDATE-TYPE: New Signature
CLASSIFICATION: BETA
DESCRIPTION: A remote code execution vulnerability exists when Microsoft Windows PDF Library improperly handles objects in memory. Microsoft has released a patch for this vulnerability. This signature tests for the "pdf.download" FlowTag being set before generating an event on network traffic. This FlowTag is defined by the HTTP:PDF-FILE-DOWNLOAD signature, which is required for this signature to generate an event.
REFERENCE: URLREF
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2017-8737
REFERENCE: CVE
CVE-2017-8737
EDGE:MEMORY-CORRUPTION-RCE-42
UPDATE-TYPE: New Signature
CLASSIFICATION: BETA
DESCRIPTION: A remote code execution vulnerability exists when Microsoft Edge improperly accesses an object in memory. This vulnerability may corrupt memory in such a way that an attacker could execute arbitrary code in the context of the current user. Microsoft has released a patch for this vulnerability.
REFERENCE: URLREF
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2017-8731
REFERENCE: CVE
CVE-2017-8731
EDGE:MEMORY-CORRUPTION-RCE-43
UPDATE-TYPE: New Signature
CLASSIFICATION: BETA
DESCRIPTION: A remote code execution vulnerability exists when Microsoft Edge improperly accesses an object in memory. This vulnerability may corrupt memory in such a way that an attacker could execute arbitrary code in the context of the current user. Microsoft has released a patch for this vulnerability.
REFERENCE: URLREF
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2017-8734
REFERENCE: CVE
CVE-2017-8734
EDGE:MEMORY-CORRUPTION-RCE-44
UPDATE-TYPE: New Signature
CLASSIFICATION: BETA
DESCRIPTION: A remote code execution vulnerability exists when Microsoft Edge renders certain objects in memory. Microsoft has released a patch for this vulnerability.
REFERENCE: URLREF
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2017-8757
REFERENCE: CVE
CVE-2017-8757
EDGE:SCRIPT-ENG-MEM-CORRUPT-40
UPDATE-TYPE: New Signature
CLASSIFICATION: BETA
DESCRIPTION: A remote code execution vulnerability exists in the way that the Scripting Engine renders when handling objects in memory in Microsoft browsers. This vulnerability may corrupt memory in such a way that an attacker could execute arbitrary code in the context of the current user. Microsoft has released a patch for this vulnerability.
REFERENCE: URLREF
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2017-8738
REFERENCE: CVE
CVE-2017-8738
EDGE:SCRIPT-ENG-MEM-CORRUPT-41
UPDATE-TYPE: New Signature
CLASSIFICATION: BETA
DESCRIPTION: A remote code execution vulnerability exists when Microsoft Edge renders certain objects in memory. Microsoft has released a patch for this vulnerability.
REFERENCE: URLREF
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2017-8753
REFERENCE: CVE
CVE-2017-8753
IE:MEMORY-CORRUPTION-RCE-330
UPDATE-TYPE: New Signature
CLASSIFICATION: BETA
DESCRIPTION: A remote code injection vulnerability exists when Microsoft Internet Explorer incorrectly accesses certain objects in memory. Microsoft has released a patch for this vulnerability.
REFERENCE: URLREF
https://portal.msrc.microsoft.com/en-us/security-guidance/advisory/cve-2017-8747
REFERENCE: CVE
CVE-2017-8747
IE:MEMORY-CORRUPTION-RCE-331
UPDATE-TYPE: New Signature
CLASSIFICATION: BETA
DESCRIPTION: A remote code injection vulnerability exists when Microsoft Internet Explorer incorrectly accesses certain objects in memory. Microsoft has released a patch for this vulnerability.
REFERENCE: URLREF
https://portal.msrc.microsoft.com/en-us/security-guidance/advisory/cve-2017-8749
REFERENCE: CVE
CVE-2017-8749
IE:MEMORY-CORRUPTION-RCE-332
UPDATE-TYPE: New Signature
CLASSIFICATION: BETA
DESCRIPTION: A remote code injection vulnerability exists when Microsoft browsers incorrectly access certain objects in memory. Microsoft has released a patch for this vulnerability.
REFERENCE: URLREF
https://portal.msrc.microsoft.com/en-us/security-guidance/advisory/cve-2017-8750
REFERENCE: CVE
CVE-2017-8750
MS:DOTNET-REMOTE-CODE-VULN
UPDATE-TYPE: New Signature
CLASSIFICATION: BETA
DESCRIPTION: A remote code execution vulnerability exists when Microsoft .NET Framework processes untrusted input. Microsoft has released a patch for this vulnerability.
REFERENCE: URLREF
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2017-8759
REFERENCE: CVE
CVE-2017-8759
MS:PDF-LIBRARY-2
UPDATE-TYPE: New Signature
CLASSIFICATION: BETA
DESCRIPTION: A remote code execution vulnerability exists when Microsoft Windows PDF Library improperly handles objects in memory. Microsoft has released a patch for this vulnerability. This signature tests for the "pdf.download" FlowTag being set before generating an event on network traffic. This FlowTag is defined by the HTTP:PDF-FILE-DOWNLOAD signature, which is required for this signature to generate an event.
REFERENCE: URLREF
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2017-8728
REFERENCE: CVE
CVE-2017-8728
MS:PDF-LIBRARY-3
UPDATE-TYPE: New Signature
CLASSIFICATION: BETA
DESCRIPTION: A remote code execution vulnerability exists when Microsoft Windows PDF Library improperly handles objects in memory. Microsoft has released a patch for this vulnerability. This signature tests for the "pdf.download" FlowTag being set before generating an event on network traffic. This FlowTag is defined by the HTTP:PDF-FILE-DOWNLOAD signature, which is required for this signature to generate an event.
REFERENCE: URLREF
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2017-8737
REFERENCE: CVE
CVE-2017-8737
0 REPLIES 0
