Update Details

Update #2773 (08/30/2016)

11 new signatures:

MEDIUM	HTTP:MOIN-FILE-UPLOAD	HTTP: MoinMoin Arbitrary File Upload Attempt Detected
MEDIUM	HTTP:PHP:PHPMYADMIN:VAR-INJECT	HTTP: phpMyAdmin session_to_unset session variable injection attempt detected
HIGH	HTTP:STC:ADOBE:CVE-2016-4140-CE	HTTP: Adobe Flash Player CVE-2016-4140 Code Execution
HIGH	HTTP:STC:CLSID:SCHNEIDER-HVAC	HTTP: Schneider Electric SoMachine HVAC AxEditGrid Unsafe ActiveX Control
MEDIUM	HTTP:PHP:EXIF-INVALID-TAG	HTTP: PHP Exif Invalid Tag Data Buffer Overflow Attempt
MEDIUM	HTTP:WEBAPP-ZIP-DOS	HTTP: SERVER WEBAPP Empty Zip File Upload Attempt
HIGH	HTTP:STC:FOXIT-READER-HOF	HTTP: Foxit Reader CVE-2016-3740 Heap Overflow
HIGH	SMB:EXPLOIT:ADOBE-FLASH-DLL-CE	SMB: Adobe Flash Player apphelp.dll and dbghelp.dll Dll-load Exploit Attempt
MEDIUM	HTTP:DOS:DJANGO-FRAMEWORK-DOS	HTTP: Django Web Framework Denial of Service
HIGH	HTTP:TRIHED-VTSCADA-WAP	HTTP: Trihedral VTScada WAP Filter Bypass
MEDIUM	HTTP:MAL-REDIRECT-EXP-112	HTTP:MAL-REDIRECT Infection-112

14 updated signatures:

MEDIUM	HTTP:STC:MOZILLA:MOZ-GRID-DOS	HTTP: Mozilla Products Moz Grid DOS
HIGH	HTTP:MISC:APSTRUTS-DEV-EXEC	HTTP: Apache Struts 2 Developer Mode OGNL Execution
HIGH	APP:HPOV:NNMRPTCONG-TEMPL	APP: HP OpenView Network Node Manager nnmRptConfig.exe Template Buffer Overflow
HIGH	HTTP:STC:DL:CVE-2016-3304-CE	HTTP: Microsoft Windows CVE-2016-3304 Remote Code Execution
HIGH	HTTP:STC:IE:CVE-2016-3326-UAF	HTTP: Microsoft Edge CVE-2016-3326 Use After Free
MEDIUM	HTTP:STC:IE:CVE-2016-3327-ID	HTTP: Microsoft Internet Explorer CVE-2016-3327 Information Disclosure
MEDIUM	HTTP:STC:DL:CVE-2016-3316-ID	HTTP: Microsoft Office CVE-2016-3316 Infomation DIsclosure
HIGH	HTTP:STC:DL:PPT-2000-BOF	HTTP: Microsoft Office PowerPoint 2000 File Parsing Buffer Overflow
HIGH	DOS:MULTIVENDOR-TCP-TIMESTAMP	DOS: Multi Vendor TCP Timestamp Option Denial of Service
HIGH	HTTP:STC:ADOBE:SWF-NEWFUNC	HTTP: Adobe Flash Player newfunction Memory Corruption
HIGH	HTTP:MISC:SEAGATE-NAS-RCE	HTTP: Seagate Business NAS Pre-Authentication Remote Code Execution
HIGH	HTTP:STC:ADOBE:PDF-3D-WH	HTTP: Adobe Acrobat and Reader Universal 3D Format Image Width and Height Buffer Overflow
MEDIUM	HTTP:SCRIPT-INJ-EXP-111	HTTP:SCRIPT-INJ Infection-111
CRITICAL	HTTP:STC:MOZILLA:QUERYINT-OF	HTTP: Metasploit Firefox QueryInterface Buffer Overflow

Details of the signatures included within this bulletin:

HTTP:STC:DL:CVE-2016-3304-CE - HTTP: Microsoft Windows CVE-2016-3304 Remote Code Execution

Severity: HIGH

Description:

This signature detects attempts to exploit a known vulnerability against GDI shared library of Microsoft Windows. A successful attack can lead to arbitrary code execution.

Supported On:

idp-4.0.0, idp-4.0.110090709, idp-4.0.110090831, idp-4.1.0, idp-4.2.0, idp-5.0.0, mx-9.4, isg-3.1.134269, isg-3.1.135801, isg-3.4.0, isg-3.5.0, srx-9.2, srx-branch-9.4, j-series-9.5, idp-4.2.110100823, srx-10.0, srx-branch-10.0, idp-4.2.110101203, idp-5.1.0, idp-4.1.110110609, srx-11.4, srx-branch-11.4, idp-4.1.110110719, mx-11.4, isg-3.4.139899, idp-5.0.110121210, srx-12.1, srx-branch-12.1, isg-3.4.140032, idp-5.0.110130325, vsrx-12.1, vsrx-15.1, isg-3.5.141455, idp-5.1.110151117, isg-3.5.141597, idp-5.1.110160603

References:

cve: CVE-2016-3304

HTTP:MISC:APSTRUTS-DEV-EXEC - HTTP: Apache Struts 2 Developer Mode OGNL Execution

Severity: HIGH

Description:

This signature detects attempts to exploit a known vulnerability against Apache Strusts 2. A successful attack can lead to arbitrary code execution.

Supported On:

idp-4.0.0, idp-4.0.110090709, idp-4.0.110090831, idp-4.1.0, idp-4.2.0, idp-5.0.0, mx-9.4, isg-3.0.0, isg-3.1.134269, isg-3.1.135801, isg-3.4.0, isg-3.5.0, srx-9.2, srx-branch-9.4, j-series-9.5, idp-4.2.110100823, srx-10.0, srx-branch-10.0, idp-4.2.110101203, idp-5.1.0, idp-4.1.110110609, srx-11.4, srx-branch-11.4, idp-4.1.110110719, mx-11.4, isg-3.4.139899, idp-5.0.110121210, srx-12.1, srx-branch-12.1, isg-3.4.140032, idp-5.0.110130325, vsrx-12.1, vsrx-15.1, isg-3.5.141455, idp-5.1.110151117, isg-3.5.141597, idp-5.1.110160603

References:

Affected Products:

apache struts 2.0.0
apache struts 2.0.14
apache struts 2.0.1
apache struts 2.2.1
apache struts 2.0.6
apache struts 2.0.7
apache struts 2.2.3
apache struts 2.0.4
apache struts 2.0.5
apache struts 2.2.1.1
apache struts 2.1.8.1
apache struts 2.1.8
apache struts 2.0.8
apache struts 2.0.9
apache struts 2.1.6
apache struts 2.1.5
apache struts 2.1.4
apache struts 2.1.3
apache struts 2.0.12
apache struts 2.1.2
apache struts 2.0.13
apache struts 2.1.1
apache struts 2.0.10
apache struts 2.1.0
apache struts 2.0.11.2
apache struts 2.0.11
apache struts 2.0.2
apache struts 2.0.11.1
apache struts 2.0.3

APP:HPOV:NNMRPTCONG-TEMPL - APP: HP OpenView Network Node Manager nnmRptConfig.exe Template Buffer Overflow

Severity: HIGH

Description:

This signature detects attempts to exploit a known vulnerability against HP OpenView Network Node Manager (NNM) CGI program nnmRptConfig.exe. A successful attack can lead to arbitrary code execution.

Supported On:

References:

cve: CVE-2009-3848
bugtraq: 37296

Affected Products:

HP OpenView Network Node Manager 7.53
HP OpenView Network Node Manager 7.01
HP OpenView Network Node Manager 7.50
HP OpenView Network Node Manager 7.51
HP OpenView Network Node Manager 7.50.0 HP-UX 11.X
HP OpenView Network Node Manager 7.50.0 Solaris
HP OpenView Network Node Manager 7.50.0 Windows 2000/XP
HP OpenView Network Node Manager 7.50.0 Linux
HP OpenView Network Node Manager 7.50.0

HTTP:STC:IE:CVE-2016-3327-ID - HTTP: Microsoft Internet Explorer CVE-2016-3327 Information Disclosure

Severity: MEDIUM

Description:

This signature detects an attempt to exploit a known Vulnerability in the Microsoft Internet Explorer. A successful attack can lead to information disclosure.

Supported On:

srx-branch-11.4, mx-11.4, idp-4.1.0, mx-9.4, srx-9.2, srx-branch-9.4, j-series-9.5, srx-12.1, srx-branch-12.1, srx-10.0, srx-branch-10.0, vsrx-12.1, vsrx-15.1, idp-5.1.110160603, isg-3.5.141455, idp-5.1.110151117, isg-3.5.141597, srx-11.4

References:

cve: CVE-2016-3327

HTTP:STC:MOZILLA:MOZ-GRID-DOS - HTTP: Mozilla Products Moz Grid DOS

Severity: MEDIUM

Description:

This signature detects attempts to exploit a known vulnerability against Mozilla Products. A successful attack can result in a denial-of-service condition.

Supported On:

References:

cve: CVE-2006-1730
cve: CVE-2006-1738
bugtraq: 17516

Affected Products:

Mozilla Browser 1.3.1
Mozilla Browser 1.4.0 B
Mozilla Thunderbird 1.0.6
SuSE Linux Personal 10.1
SuSE Linux Professional 10.1
Mozilla Thunderbird 1.5.0
Mozilla Thunderbird 0.9.0
Mozilla Thunderbird 1.0.0
Mozilla Browser 1.7.8
Red Hat Enterprise Linux ES 3
Slackware Linux 10.2.0
Mozilla Firefox 1.0.3
Mozilla Browser 1.7.7
Mozilla Thunderbird 1.0.5
Mozilla Firefox 1.0.2
SuSE UnitedLinux 1.0.0
Mozilla Browser 0.9.35
Mozilla Browser 0.9.48
Mozilla Browser 1.5.0
Red Hat Fedora Core1
Mozilla Browser 1.8.0 Alpha 4
Mozilla Browser 1.8.0 Alpha 3
Mozilla Browser 1.8.0 Alpha 1
Mozilla Browser 1.7.0 Rc2
Mozilla Browser 1.7.0 Rc1
Mozilla Browser 1.7.0 Beta
Mozilla Browser 1.7.0 Alpha
Mozilla Browser 1.5.1
SuSE Linux Professional 10.0.0 OSS
SuSE Linux Personal 10.0.0 OSS
Mozilla Browser 0.9.7
Mozilla Browser 0.9.5
Red Hat Fedora Core2
Mozilla Browser 0.9.4
Mozilla Browser 0.9.3
Mozilla Browser 0.9.2 .1
Mozilla Browser 0.9.2
Red Hat Desktop 4.0.0
SuSE SUSE Linux Enterprise Server 8
SuSE Linux Personal 9.3.0 X86 64
Mozilla Firefox 1.5.0
HP HP-UX B.11.31
Mozilla Browser 1.4.1
Mozilla Thunderbird 1.0.7
Red Hat Enterprise Linux WS 2.1 IA64
Red Hat Enterprise Linux AS 2.1 IA64
Red Hat Enterprise Linux ES 2.1 IA64
Mozilla Browser 1.4.0
Sun Solaris 9 Sparc
Mozilla Browser 1.4.4
Mozilla Browser 1.0.0
SuSE Linux Personal 9.2.0 X86 64
Mozilla Browser 0.8.0
Mozilla Browser 1.2.0 Alpha
Mozilla Browser 1.2.1
Mozilla Browser 1.3.0
Red Hat Linux 7.3.0
Red Hat Linux 7.3.0 I386
Mozilla Browser 1.4.2
Red Hat Linux 9.0.0 I386
Mozilla Firefox 0.10.1
Slackware Linux 10.1.0
Mozilla Firefox 1.0.6
Mozilla Browser M15
Mozilla Browser M16
Mozilla Browser 1.2.0 Beta
Mozilla Browser 1.0.1
Mozilla Firefox 1.0.0
Mozilla Browser 1.1.0 Alpha
Netscape 7.2.0
Mozilla Browser 1.7.3
Mozilla Thunderbird 0.8.0
Mozilla Firefox Preview Release
Mandriva Linux Mandrake 2006.0.0
Mandriva Linux Mandrake 2006.0.0 X86 64
Mozilla Firefox 1.5.0 Beta 2
Mozilla Browser 1.1.0
Red Hat Enterprise Linux AS 2.1
Debian Linux 3.1.0 Amd64
HP HP-UX B.11.11
Debian Linux 3.1.0 Alpha
Debian Linux 3.1.0 Arm
HP HP-UX B.11.00
Debian Linux 3.1.0 Ia-32
Ubuntu Ubuntu Linux 4.1.0 Ia32
Ubuntu Ubuntu Linux 4.1.0 Ppc
Debian Linux 3.1.0 Mips
Debian Linux 3.1.0 Mipsel
Debian Linux 3.1.0 Ppc
Debian Linux 3.1.0 S/390
Debian Linux 3.1.0 Sparc
Mozilla Firefox 0.10.0
Mozilla Browser 1.7.11
Mozilla Firefox 1.5.0 Beta 1
Mozilla Firefox 1.0.1
SuSE Linux Desktop 1.0.0
Red Hat Fedora Core4
Red Hat Advanced Workstation for the Itanium Processor 2.1.0 IA64
Mozilla Browser 1.7.6
Red Hat Enterprise Linux AS 3
Sun Solaris 10 X86
Red Hat Enterprise Linux WS 3
Mozilla SeaMonkey 1.0
Mozilla Thunderbird 1.0.1
Mozilla Browser 0.9.8
Mozilla Browser 1.2.0
Sun Solaris 8 Sparc
Sun Solaris 8 X86
Mozilla Browser 1.7.10
Red Hat Enterprise Linux ES 2.1
Mozilla Firefox 0.9.0
Mozilla Browser 1.0.2
Debian Linux 3.1.0
Red Hat Fedora Core3
SuSE Linux Professional 9.1.0
SuSE Linux Professional 9.2.0
SuSE Linux Professional 9.3.0
SuSE Linux Professional 9.3.0 X86 64
SuSE Linux Professional 9.2.0 X86 64
SuSE Linux Professional 9.1.0 X86 64
Debian Linux 3.1.0 Hppa
SuSE Linux Personal 9.1.0
Ubuntu Ubuntu Linux 4.1.0 Ia64
Mozilla Browser 1.7.12
Mandriva Corporate Server 3.0.0
Debian Linux 3.1.0 Ia-64
Debian Linux 3.1.0 M68k
SuSE SUSE Linux Enterprise Server 9
Slackware Linux -Current
SCO Unixware 7.1.4
SuSE Novell Linux Desktop 9.0.0
Mozilla Browser 1.7.2
Mozilla Firefox 0.9.3
Mozilla Thunderbird 0.7.3
Mozilla Thunderbird 0.6.0
Mozilla Browser 1.7.0
Gentoo Linux
Red Hat Desktop 3.0.0
Ubuntu Ubuntu Linux 5.0.0 4 Powerpc
Ubuntu Ubuntu Linux 5.0.0 4 I386
Ubuntu Ubuntu Linux 5.0.0 4 Amd64
Mozilla Firefox 0.9.2
Mozilla Thunderbird 0.7.2
Mozilla Thunderbird 0.7.0
Mozilla Firefox 1.0.7
Sun Java Desktop System (JDS) 2.0.0
Slackware Linux 10.0.0
Mozilla Thunderbird 1.5.0.1
Mozilla Firefox 1.5.0.1
Red Hat Fedora Core5
Mozilla SeaMonkey 1.0 Dev
SCO Unixware 7.1.3
SuSE Linux Personal 9.3.0
Mozilla Firefox 0.9.1
Mozilla Browser 1.1.0 Beta
Mozilla Browser 0.9.9
Mozilla Browser 1.0.0 RC1
Red Hat Enterprise Linux WS 2.1
Mozilla Browser 1.7.1
Red Hat Advanced Workstation for the Itanium Processor 2.1.0
Ubuntu Ubuntu Linux 5.10.0 Amd64
Sun Solaris 9 X86
Ubuntu Ubuntu Linux 5.10.0 Powerpc
Red Hat Enterprise Linux AS 4
Red Hat Enterprise Linux ES 4
Red Hat Enterprise Linux WS 4
Mozilla Thunderbird 1.5.0 Beta 2
Mozilla Browser 1.7.9
Mozilla Firefox 1.0.5
Mozilla Browser 1.7.4
Mozilla Browser 1.7.5
Mozilla Thunderbird 0.7.1
Ubuntu Ubuntu Linux 5.10.0 I386
SuSE Linux Personal 9.1.0 X86 64
Mozilla Browser 0.9.6
HP HP-UX B.11.23
Mandriva Corporate Server 3.0.0 X86 64
Mozilla Firefox 0.8.0
Netscape Browser 8.0.4
SuSE Linux Personal 9.2.0
Mozilla Browser 1.8.0 Alpha 2
SuSE Linux Professional 10.0.0
Mozilla Browser 0.9.4 .1
Mozilla Browser 1.0.0 RC2
Mozilla Browser 1.6.0
Mozilla Browser 1.7.0 Rc3
Mozilla Firefox 0.9.0 Rc
Red Hat Linux 7.3.0 I686
Mozilla Firefox 1.0.4
Mozilla Browser 1.4.0 A
Mozilla Thunderbird 1.0.2

HTTP:STC:IE:CVE-2016-3326-UAF - HTTP: Microsoft Edge CVE-2016-3326 Use After Free

Severity: HIGH

Description:

This signature detects an attempt to exploit an Use-After-Free Vulnerability in Microsoft Edge. Successful exploitation could allow an attacker to execute arbitrary code into the application's context.

Supported On:

References:

cve: CVE-2016-3326

HTTP:PHP:EXIF-INVALID-TAG - HTTP: PHP Exif Invalid Tag Data Buffer Overflow Attempt

Severity: MEDIUM

Description:

This signature detects attempts to exploit a known vulnerability in the Exif module of PHP. Successful exploitation would cause the PHP interpreter to crash, leading to a denial of service condition.

Supported On:

References:

cve: CVE-2011-0708

Affected Products:

php 4.4.0
php 3.0.10
php 4.0 (beta1)
php 5.0.0 (rc2)
php 4.4.2
php 4.1.0
php 3.0.12
php 4.2
php 4.4.4
php 4.1.2
php 3.0.14
php 4.3.8
php 3.0.16
php 3.0.9
php 3.0.18
php 5.0.0 (beta3)
php 5.0.2
php 4.2.3
php 4.4.1
php 5.0.4
php 4.2.1
php 5.3.4
php 5.3.2
php 4.0.1
php 5.2.15
php 5.3.0
php 4.0.3
php 5.2.17
php 3.0
php 4.0.5
php 5.2.11
php 5.1.3
php 2.0b10
php 5.2.2
php 5.2.13
php 5.2.0
php 4.3.10
php 4.3.7
php 5.2.6
php 4.3.5
php 5.0.0 (beta2)
php 5.2.4
php 4.4.9
php 3.0.6
php 4.3.3
php 4.0 (beta_4_patch1)
php 3.0.4
php 4.3.1
php 4.0 (beta2)
php 5.1.2
php 5.2.8
php 4.0 (beta3)
php 5.1.5
php 4.0 (beta4)
php 5.0.0 (rc3)
php 3.0.2
php 4.4.7
php 3.0.11
php 3.0.17
php 5.1.1
php 4.1.1
php 3.0.13
php 4.4.3
php 4.1.3
php 3.0.15
php 4.3
php 4.3.9
php 5.0.0 (beta4)
php 5.0.0 (rc1)
php 5.0.1
php 3.0.8
php 5.0.3
php 4.2.2
php 5.0.5
php 4.2.0
php 4.2.4
php 4.0.0
php 5.3.3
php 4.0.2
php 5.0.0 (beta1)
php 5.2.14
php 5.3.1
php 4.0.4
php up to 5.3.5
php 5.2.16
php 4.0.6
php 5.2.3
php 5.2.10
php 4.4.5
php 2.0
php 5.2.4 (:windows)
php 5.2.1
php 4.3.11
php 5.2.12
php 5.1.0
php 5.2.7
php 4.3.6
php 5.2.5
php 4.4.8
php 4.4.6
php 3.0.7
php 4.0.7
php 4.3.4
php 3.0.5
php 4.3.2
php 5.2.9
php 5.1.4
php 3.0.3
php 4.3.0
php 1.0
php 5.1.6
php 3.0.1

HTTP:WEBAPP-ZIP-DOS - HTTP: SERVER WEBAPP Empty Zip File Upload Attempt

Severity: MEDIUM

Description:

This signature detects attempts to exploit a known vulnerability against Web Application Server ZIP file parser. A successful attack can result in a denial-of-service condition.

Supported On:

References:

bugtraq: 46354
cve: CVE-2011-0421

Affected Products:

php 4.4.0
php 3.0.10
php 4.0 (beta1)
php 5.0.0 (rc2)
php 4.4.2
php 4.1.0
php 3.0.12
php 4.2
php 4.4.4
php 4.1.2
php 3.0.14
php 4.3.8
php 3.0.16
php 3.0.9
php 3.0.18
php 5.0.0 (beta3)
php 5.0.2
php 4.2.3
php 4.4.1
php 5.0.4
php 4.2.1
php 5.3.4
php 5.3.2
php 4.0.1
php 5.2.15
php 5.3.0
php 4.0.3
php 5.2.17
php 3.0
php 4.0.5
php 5.2.11
php 5.1.3
php 2.0b10
php 5.2.2
php 5.2.13
php 5.2.0
php 4.3.10
php 4.3.7
php 5.2.6
php 4.3.5
php 5.0.0 (beta2)
php 5.2.4
php 4.4.9
php 3.0.6
php 4.3.3
php 4.0 (beta_4_patch1)
php 3.0.4
php 4.3.1
php 4.0 (beta2)
php 5.1.2
php 5.2.8
php 4.0 (beta3)
php 5.1.5
php 4.0 (beta4)
php 5.0.0 (rc3)
php 3.0.2
php 4.4.7
php 3.0.11
php 3.0.17
php 5.1.1
php 4.1.1
php 3.0.13
php 4.4.3
php 4.1.3
php 3.0.15
php 4.3
php 4.3.9
php 5.0.0 (beta4)
php 5.0.0 (rc1)
php 5.0.1
php 3.0.8
php 5.0.3
php 4.2.2
php 5.0.5
php 4.2.0
php 4.2.4
php 4.0.0
php 5.3.3
php 4.0.2
php 5.0.0 (beta1)
php 5.2.14
php 5.3.1
php 4.0.4
php up to 5.3.5
php 5.2.16
php 4.0.6
php 5.2.3
php 5.2.10
php 4.4.5
php 2.0
php 5.2.4 (:windows)
php 5.2.1
php 4.3.11
php 5.2.12
php 5.1.0
php 5.2.7
php 4.3.6
php 5.2.5
php 4.4.8
php 4.4.6
php 3.0.7
php 4.0.7
php 4.3.4
php 3.0.5
php 4.3.2
php 5.2.9
php 5.1.4
php 3.0.3
php 4.3.0
php 1.0
php 5.1.6
php 3.0.1

HTTP:STC:DL:PPT-2000-BOF - HTTP: Microsoft Office PowerPoint 2000 File Parsing Buffer Overflow

Severity: HIGH

Description:

This signature detects attempts to exploit a known vulnerability in the Microsoft Office PowerPoint 2000 File. A successful attack can lead to a buffer overflow and arbitrary remote code execution within the context of the server.

Supported On:

srx-branch-11.4, idp-4.1.110110719, idp-4.0.0, mx-11.4, isg-3.4.140032, idp-4.1.0, idp-4.2.0, idp-5.0.0, mx-9.4, idp-5.0.110130325, isg-3.1.135801, isg-3.4.0, isg-3.5.0, idp-4.0.110090831, srx-9.2, srx-branch-9.4, j-series-9.5, srx-12.1, srx-branch-12.1, idp-4.2.110100823, srx-10.0, srx-branch-10.0, idp-4.0.110090709, idp-4.2.110101203, vsrx-12.1, idp-5.1.0, idp-5.0.110121210, isg-3.4.139899, isg-3.1.134269, vsrx-15.1, idp-4.1.110110609, idp-5.1.110160603, isg-3.5.141455, idp-5.1.110151117, isg-3.5.141597, srx-11.4

References:

cve: CVE-2009-1131
bugtraq: 34841

Affected Products:

Microsoft PowerPoint 2000 SR1
Microsoft PowerPoint 2000 SP2
Microsoft PowerPoint 2000 SP3

DOS:MULTIVENDOR-TCP-TIMESTAMP - DOS: Multi Vendor TCP Timestamp Option Denial of Service

Severity: HIGH

Description:

This signature detects attempts to exploit a known vulnerability against TCP implementations of multiple vendors. A successful attack can result in a denial-of-service condition.

Supported On:

References:

cve: CVE-2005-0356
bugtraq: 13676
bugtraq: 16295

Affected Products:

Cisco CiscoWorks LMS 1.3.0
FreeBSD 4.11.0 -RELENG
FreeBSD 4.11.0 -RELEASE-P3
FreeBSD 4.10.0 -RELEASE-P8
FreeBSD 1.1.5 .1
FreeBSD 2.0.0
FreeBSD 2.0.5
FreeBSD 2.1.0
FreeBSD 2.1.5
FreeBSD 2.1.6
FreeBSD 2.1.7 .1
FreeBSD 2.2.2
FreeBSD 2.2.8
FreeBSD 3.0.0
Cisco Secure ACS for Windows NT 3.0.3
Cisco Secure ACS for Windows NT 3.1.1
FreeBSD 5.2.0
Cisco Secure ACS for Windows NT 2.6.4
Cisco Secure ACS for Windows NT 2.6.3
Cisco Secure ACS for Windows NT 2.6.2
Cisco Secure ACS for Windows NT 2.6.0
Avaya Intuity Audix R5
F5 BigIP 9.0.2
F5 BigIP 9.0.3
F5 BigIP 9.0.4
F5 BigIP 9.0.0
F5 BigIP 9.0.1
F5 BigIP 9.0.5
FreeBSD 4.0.0 Alpha
FreeBSD 5.0.0 Alpha
FreeBSD 3.3.0
FreeBSD 4.0.0 .X
Cisco Call Manager 2.0.0
Cisco Call Manager 1.0.0
Cisco Unity Server 2.0.0
Cisco Unity Server 2.1.0
Cisco Unity Server 2.2.0
Cisco Unity Server 2.3.0
Cisco Unity Server 2.4.0
FreeBSD 4.5.0 -RELEASE
FreeBSD 4.5.0 -Stablepre2002-03-07
FreeBSD 3.3.0 X
Cisco Unity Server 3.0.0
Cisco Unity Server 3.1.0
FreeBSD 4.3.0 -RELEASE
FreeBSD 4.3.0 -STABLE
FreeBSD 3.5.1 -STABLE
FreeBSD 3.5.1 -Stablepre2001-07-20
Cisco Intelligent Contact Manager 5.0.0
Microsoft Windows 2000 Professional
Microsoft Windows 2000 Server SP1
Microsoft Windows 2000 Professional SP1
Microsoft Windows 2000 Advanced Server SP1
Cisco Call Manager 3.2.0
FreeBSD 4.3.0 -RELENG
FreeBSD 4.4.0 -RELENG
FreeBSD 4.4.0 -STABLE
FreeBSD 4.5.0 -STABLE
Cisco Secure ACS for Windows NT 2.1.0
Cisco Secure ACS for Windows NT 2.3.0
Cisco Secure ACS for Windows NT 2.4.0
Cisco Secure ACS for Windows NT 2.5.0
Microsoft Windows Server 2003 Enterprise Edition
Microsoft Windows Server 2003 Datacenter Edition
Microsoft Windows Server 2003 Web Edition
Microsoft Windows Server 2003 Enterprise Edition Itanium
Microsoft Windows Server 2003 Datacenter Edition Itanium
Microsoft Windows XP 64-bit Edition Version 2003 SP1
F5 BigIP 4.2.0
F5 BigIP 4.3.0
F5 BigIP 4.5.0
F5 BigIP 4.4.0
Cisco Conference Connection
Microsoft Windows 2000 Professional SP3
Microsoft Windows 2000 Server SP3
Microsoft Windows 2000 Advanced Server SP3
Microsoft Windows 2000 Datacenter Server SP3
OpenBSD 3.5
FreeBSD -Current
FreeBSD 4.4.0
OpenBSD 3.1
Cisco Secure Access Control Server 3.2.0 (2)
Cisco Secure Access Control Server 3.2.0
Cisco Secure Access Control Server 3.2.0 (3)
Cisco Secure ACS Solution Engine
F5 BigIP 4.5.12
Cisco Call Manager 3.3.0
Cisco Unity Server 3.2.0
Cisco Unity Server 3.3.0
Cisco Unity Server 4.0.0
F5 BigIP 4.6.0
Cisco E-Mail Manager
F5 BigIP 4.6.2
Cisco Secure ACS for Unix 2.3.5 .1
Microsoft Windows Server 2003 Standard Edition
FreeBSD 4.2.0 -STABLE
FreeBSD 3.5.0 -STABLE
FreeBSD 3.5.0 -Stablepre122300
FreeBSD 4.2.0 -Stablepre122300
FreeBSD 4.2.0 -RELEASE
FreeBSD 3.5.1 -RELEASE
Avaya Interactive Response 1.2.1
Avaya Interactive Response 1.3.0
FreeBSD 4.5.0
OpenBSD 3.3
Cisco Secure ACS for Windows NT 3.0.0 .1
Microsoft Windows XP Embedded
Microsoft Windows XP Embedded SP1
F5 BigIP 4.5.10
F5 BigIP 4.5.11
FreeBSD 2.2.6
Cisco Call Manager 3.0.0
FreeBSD 3.5.0
FreeBSD 5.1.0
Hitachi AlaxalA AX
Hitachi GR4000
Hitachi GR3000
Hitachi GS4000
IETF RFC 1323 : TCP Extensions for High Performance
Cisco Secure ACS for Windows Server 3.2.0
Cisco AP1200
Cisco MeetingPlace
Cisco Interactive Voice Response
Cisco Remote Monitoring Suite Option
Cisco Web Collaboration Option
FreeBSD 3.1.0
Cisco Support Tools
FreeBSD 2.2.3
FreeBSD 2.2.4
FreeBSD 2.2.5
Cisco CiscoWorks CD1 1st Edition
Cisco CiscoWorks Common Management Foundation 2.0.0
Cisco CiscoWorks Common Management Foundation 2.1.0
Cisco CiscoWorks CD1 2nd Edition
ALAXALA Networks AX7800R Null
ALAXALA Networks AX7800S Null
ALAXALA Networks AX5400S Null
FreeBSD 4.10.0
FreeBSD 4.10.0 -RELENG
FreeBSD 5.2.0 -RELENG
FreeBSD 4.10.0 -RELEASE
FreeBSD 4.9.0 -RELENG
Cisco CiscoWorks
Cisco CSS11500 Content Services Switch 7.30.0 (00.09)S
Cisco CSS11500 Content Services Switch 7.20.0 (03.10)S
Cisco CSS11500 Content Services Switch 7.30.0 (00.08)S
Cisco CSS11500 Content Services Switch 7.10.0 (05.07)S
Cisco CSS11500 Content Services Switch 7.20.0 (03.09)S
Cisco IP Contact Center Express
Cisco CiscoWorks Access Control List Manager 1.6.0
Cisco CiscoWorks Access Control List Manager 1.5.0
Cisco CiscoWorks VPN/Security Management Solution
Microsoft Windows 2000 Advanced Server
Cisco Secure Access Control Server 3.2.1
Microsoft Windows XP Home SP1
Microsoft Windows XP Professional SP1
FreeBSD 5.3.0 -RELEASE
FreeBSD 5.3.0 -STABLE
Cisco MGX 8230 1.2.10
Cisco MGX 8250 1.2.10
Cisco MGX 8250 1.2.11
Cisco MGX 8230 1.2.11
FreeBSD 4.9.0
FreeBSD 5.1.0 -RELEASE
FreeBSD 5.2.0 -RELEASE
FreeBSD 5.2.1 -RELEASE
FreeBSD 3.2.0
Cisco CiscoWorks Windows/WUG
Microsoft Windows XP 64-bit Edition SP1
F5 BigIP 4.0.0
Yamaha RT300i
Yamaha RT105
Yamaha RTX1000
Yamaha RTX1100
Yamaha RTX1500
Yamaha RT250i
Yamaha RTV700
Yamaha RT57i
FreeBSD 4.1.0
Nortel Networks WLAN Access Point 7220.0.0
Nortel Networks WLAN Access Point 7250.0.0
Nortel Networks CallPilot 703T
Nortel Networks CallPilot 702T
Nortel Networks CallPilot 201I
Nortel Networks CallPilot 200I
Nortel Networks Contact Center
Nortel Networks BCM 200
Nortel Networks BCM 400
Nortel Networks BCM 1000
Nortel Networks SRG 1.0.0
Avaya Intuity AUDIX
Nortel Networks Optical Metro 5100
Nortel Networks Optical Metro 5200
Nortel Networks Universal Signaling Point 5200
Nortel Networks Universal Signaling Point Compact/Lite
Nortel Networks Ethernet Routing Switch 1612
Nortel Networks Ethernet Routing Switch 1624
Nortel Networks Ethernet Routing Switch 1648
Nortel Networks Communications Server 1000
Nortel Networks Optical Metro 5000
FreeBSD 4.8.0 -PRERELEASE
Cisco Call Manager 3.3.0 (3)
Cisco CSS11050 Content Services Switch
Cisco CSS11150 Content Services Switch
Cisco CSS11800 Content Services Switch
Cisco CSS11501 Content Services Switch
Cisco CSS11503 Content Services Switch
Cisco CSS11506 Content Services Switch
Cisco Secure ACS for Windows NT 2.42.0
Cisco Secure Access Control Server
Cisco CiscoWorks Common Services 2.2.0
Yamaha RTX2000
FreeBSD 4.6.2
Microsoft Windows XP Professional
Microsoft Windows XP Home
OpenBSD 3.6
FreeBSD 2.X
FreeBSD 3.X
FreeBSD 2.1.0 X
FreeBSD 2.2.0 X
FreeBSD 3.1.0 X
FreeBSD 3.2.0 X
Cisco Unity Server 2.46.0
FreeBSD 3.4.0 X
FreeBSD 3.5.0 X
Cisco CiscoWorks Windows
Cisco Intelligent Contact Manager
FreeBSD 4.1.1
F5 BigIP 4.5.6
F5 BigIP 4.5.9
Cisco MGX
Cisco Call Manager
Cisco Unity Server
Cisco CSS11000 Content Services Switch
Cisco AP350
FreeBSD 5.4.0 -RELENG
FreeBSD 4.1.1 -RELEASE
FreeBSD 3.5.0 -Stablepre050201
FreeBSD 4.2.0 -Stablepre050201
FreeBSD 5.1.0 -RELEASE/Alpha
Microsoft Windows XP 64-bit Edition Version 2003
Microsoft Windows XP Media Center Edition
Microsoft Windows XP Tablet PC Edition
Microsoft Windows XP 64-bit Edition
SCO Unixware 7.1.3
Avaya Interactive Response
FreeBSD 4.2.0
FreeBSD 4.1.1 -STABLE
Microsoft Windows 2000 Datacenter Server SP1
Cisco CSS11500 Content Services Switch
Cisco CiscoWorks 1105 Hosting Solution Engine
Cisco CiscoWorks 1105 Wireless LAN Solution Engine
Cisco SN 5428 Storage Router SN5428-2.5.1-K9
Cisco SN 5428 Storage Router SN5428-3.2.1-K9
Cisco SN 5428 Storage Router SN5428-3.2.2-K9
Cisco SN 5428 Storage Router SN5428-3.3.1-K9
Cisco SN 5428 Storage Router SN5428-3.3.2-K9
Cisco SN 5428 Storage Router SN5428-2-3.3.1-K9
Cisco SN 5428 Storage Router SN5428-2-3.3.2-K9
FreeBSD 4.0.0 -RELENG
FreeBSD 4.9.0 -PRERELEASE
FreeBSD 5.1.0 -RELENG
FreeBSD 5.1.0 -RELEASE-P5
FreeBSD 5.0.0 -RELENG
FreeBSD 5.0.0 -RELEASE-P14
FreeBSD 4.8.0 -RELENG
Cisco Secure Access Control Server 3.1.0
FreeBSD 4.7.0 -RELENG
Cisco Secure Access Control Server 3.3.0 (1)
FreeBSD 4.6.0 -RELEASE-P20
FreeBSD 4.6.0 -RELENG
FreeBSD 4.5.0 -RELEASE-P32
FreeBSD 4.5.0 -RELENG
FreeBSD 4.4.0 -RELEASE-P42
FreeBSD 4.3.0 -RELEASE-P38
FreeBSD 3.0.0 -RELENG
FreeBSD 2.1.6 .1
OpenBSD 3.0
SCO Unixware 7.1.4
FreeBSD 4.6.0
FreeBSD 4.6.0 -RELEASE
FreeBSD 3.5.1
Microsoft Windows 2000 Datacenter Server
OpenBSD 3.2
Cisco Personal Assistant 1.4.0 (1)
Cisco Personal Assistant 1.4.0 (2)
Cisco Personal Assistant 1.3.0 (1)
Cisco Personal Assistant 1.3.0 (2)
Cisco Personal Assistant 1.3.0 (3)
Cisco Personal Assistant 1.3.0 (4)
Cisco SN 5420 Storage Router 1.1.0 (2)
SCO Open Server 6.0.0
Microsoft Windows 2000 Advanced Server SP2
Microsoft Windows 2000 Datacenter Server SP2
Microsoft Windows 2000 Professional SP2
Microsoft Windows 2000 Server SP2
Cisco Secure ACS for Unix 2.3.6 .1
Cisco Secure ACS for Unix 2.0.0
Cisco Secure ACS for Windows NT 3.0.0
Cisco Secure ACS for Unix 2.3.0
Cisco CiscoWorks Common Management Foundation 2.2.0
FreeBSD 4.7.0
FreeBSD 4.7.0 -RELEASE
FreeBSD 5.3.0
Blue Coat Systems CacheOS Null
Blue Coat Systems SGOS
Cisco Secure Access Control Server 3.3.0
Cisco Agent Desktop
FreeBSD 3.4.0
Microsoft Windows XP Tablet PC Edition SP1
FreeBSD 5.4.0 -PRERELEASE
FreeBSD 4.11.0 -STABLE
FreeBSD 4.3.0
Cisco Secure Access Control Server 3.2.0 (1)
Cisco Secure Access Control Server 3.0.0
FreeBSD 5.3.0 -RELENG
FreeBSD 4.8.0 -RELEASE-P7
FreeBSD 2.2.0
FreeBSD 4.8.0
Cisco IP Contact Center Enterprise
FreeBSD 4.7.0 -RELEASE-P17
FreeBSD 5.4.0 -RELEASE
Cisco Secure Access Control Server 3.2.0 (1.20)
Cisco Secure Access Control Server 3.2.2
Cisco Call Manager 4.0.0
Microsoft Windows 2000 Server
Cisco Emergency Responder 1.1.0
Cisco Conference Connection 1.1.0 (1)
Cisco Conference Connection 1.2.0
Microsoft Windows 2000 Advanced Server SP4
Microsoft Windows 2000 Datacenter Server SP4
Microsoft Windows 2000 Professional SP4
Microsoft Windows 2000 Server SP4
Cisco CiscoWorks CD1 3rd Edition
FreeBSD 4.10-PRERELEASE
Cisco CiscoWorks CD1 4th Edition
Cisco CiscoWorks CD1 5th Edition
Cisco SN 5420 Storage Router 1.1.0 (5)
Cisco SN 5420 Storage Router 1.1.0 (7)
Cisco Personal Assistant
FreeBSD 4.0.0
Microsoft Windows XP Media Center Edition SP1
Cisco Emergency Responder
Avaya CVLAN
Cisco SN 5420 Storage Router 1.1.0 (3)
Cisco SN 5420 Storage Router 1.1.3
Cisco SN 5420 Storage Router 1.1.0 (4)
Cisco Call Manager 3.1.0
Cisco Call Manager 3.1.0 (2)
OpenBSD 3.4
Microsoft Windows Server 2003 Standard x64 Edition
Cisco Secure Access Control Server 3.3.1
Cisco Secure Access Control Server 3.3.2
Cisco Secure ACS Solution Engine 3.3.2
Cisco Secure ACS Solution Engine 3.3.1
Cisco Secure ACS Solution Engine 3.3.0
Cisco CiscoWorks Windows
FreeBSD 5.0.0
Cisco SN5400 series storage routers
Cisco Call Manager 3.1.0 (3a)
FreeBSD 4.7.0 -STABLE
FreeBSD 4.6.0 -STABLE

HTTP:STC:ADOBE:PDF-3D-WH - HTTP: Adobe Acrobat and Reader Universal 3D Format Image Width and Height Buffer Overflow

Severity: HIGH

Description:

This signature detects attempts to exploit a known vulnerability in Adobe Acrobat and Reader. A successful attack can lead to a buffer overflow and arbitrary remote code execution within the context of the client.

Supported On:

References:

Affected Products:

Red Hat Desktop Extras 4
Adobe Acrobat 9.3.4
Red Hat Enterprise Linux Supplementary 5 Server
Red Hat Enterprise Linux Desktop Supplementary 6
Adobe Reader 9.1.2
Red Hat Enterprise Linux Workstation Supplementary 6
Adobe Acrobat Professional 8.1.6
Adobe Acrobat Professional 9.1.2
Adobe Acrobat Standard 8.1.6
Adobe Reader 8.1.6
Adobe Acrobat Professional 9.2
Adobe Acrobat 9.3.4
Adobe Reader 9.2
Adobe Acrobat Professional 8.0
Adobe Acrobat Professional 8.2
Adobe Acrobat Standard 8.2
Adobe Acrobat Standard 9.3
Adobe Acrobat 9.3
Adobe Reader 9.3
Adobe Acrobat Professional 9.3
Adobe Reader 8.2
Adobe Acrobat Professional 8.1.3
Adobe Reader 8.1.3
Adobe Reader 9
Adobe Acrobat Standard 9
Adobe Acrobat Standard 8.1.3
Adobe Acrobat Standard 9.2
Adobe Reader 8.0
Adobe Acrobat Professional 8.1.7
Adobe Acrobat Standard 8.0
Adobe Reader 8.1.7
Adobe Acrobat Standard 8.1.7
Adobe Acrobat 9.3.3
Adobe Acrobat 9.4.1
Adobe Acrobat Professional 9.4.1
Adobe Acrobat Standard 9.4.1
Adobe Reader 9.4.1
Adobe Reader 9.3.2
Adobe Acrobat Standard 9.3.2
Adobe Acrobat Professional 9.3.2
Adobe Acrobat 9.3.2
Adobe Acrobat 8.2.2
Adobe Acrobat Professional 8.2.2
Adobe Acrobat Standard 8.2.2
Adobe Reader 8.2.2
Adobe Acrobat 8.2.4
Adobe Acrobat 8.2.5
Adobe Acrobat Professional 8.2.5
Adobe Acrobat Standard 8.2.5
Adobe Reader 8.2.5
Adobe Reader 9.4
Red Hat Enterprise Linux Server Supplementary 6
Adobe Acrobat Standard 9.1.2
Adobe Acrobat 9.1.1
SuSE SUSE Linux Enterprise Desktop 10 SP3
Adobe Acrobat Standard 9.3.4
Adobe Acrobat Professional 9.3.4
Adobe Reader 9.3.4
Adobe Reader 8.2.4
Adobe Acrobat Standard 9.3.4
Adobe Acrobat Professional 8.2.4
Adobe Acrobat Professional 8.1.2
Adobe Reader 9.1
Adobe Acrobat Professional 9.1
Adobe Acrobat Standard 9.1
Adobe Reader 9.3.3
Adobe Acrobat 9.3.3
Adobe Acrobat Professional 9.3.3
Adobe Acrobat Standard 9.3.3
Adobe Reader 9.3.1
Adobe Reader 8.2.1
Adobe Acrobat Standard 8.2.1
Adobe Acrobat Professional 8.2.1
Adobe Acrobat Professional 9.3.1
Adobe Acrobat Standard 9.3.1
Adobe Acrobat Professional 9 Extended
Adobe Reader 8.1.5
Adobe Reader 9.1.1
Red Hat Enterprise Linux Desktop Supplementary 5 Client
SuSE SUSE Linux Enterprise Desktop 11 SP1
Adobe Reader 8.2.3
Adobe Acrobat 8.2.3
Adobe Reader 9.1.3
Adobe Acrobat Professional 9.1.3
Adobe Acrobat Standard 9.1.3
Gentoo Linux
Adobe Acrobat 8.1.5
Adobe Reader 8.1.1
Adobe Acrobat Professional 8.1.1
Adobe Reader 8.1.2
Red Hat Enterprise Linux Extras 4
Adobe Reader 8.1.2 Security Update 1
Adobe Acrobat Professional 8.1.2 Security Update 1
Adobe Acrobat Standard 8.2.4
Adobe Reader 9.3.4
Adobe Reader 8.1
Adobe Acrobat Professional 8.1
Adobe Acrobat Standard 8.1
Adobe Reader 8.1.4
Adobe Acrobat Professional 8.1.4
Adobe Acrobat Standard 8.1.4
Adobe Acrobat Standard 9.4
Adobe Acrobat Professional 9.4
Adobe Acrobat 9.4
Adobe Acrobat Standard 8.1.1
Adobe Acrobat Standard 8.1.2
SuSE openSUSE 11.3
SuSE openSUSE 11.2
Adobe Acrobat Professional 9
Adobe Acrobat 9.3.1
Adobe Acrobat 9.2
Adobe Acrobat 10.0
Adobe Acrobat Professional 10.0
Adobe Acrobat Standard 10.0
Adobe Reader 10.0
Red Hat Enterprise Linux WS Extras 4
Red Hat Enterprise Linux ES Extras 4
Red Hat Enterprise Linux AS Extras 4

HTTP:TRIHED-VTSCADA-WAP - HTTP: Trihedral VTScada WAP Filter Bypass

Severity: HIGH

Description:

A filter bypass vulnerability has been reported in the web interface of Trihedral VTScada. Successful exploitation allows the attacker to read arbitrary files.

Supported On:

References:

HTTP:SCRIPT-INJ-EXP-111 - HTTP:SCRIPT-INJ Infection-111

Severity: MEDIUM

Description:

This signature detects an attempt to download exploits from malicious exploit kits that may compromise a computer through various vendor vulnerabilities. Exploit kits are very specific type of toolkits which are being used by cybercriminals to deliver other pieces of malware.

Supported On:

vsrx-15.1, srx-12.1

HTTP:STC:ADOBE:SWF-NEWFUNC - HTTP: Adobe Flash Player newfunction Memory Corruption

Severity: HIGH

Description:

This signature detects attempts to exploit a known memory corruption vulnerability in Adobe Flash Player and the "authplay.dll" file that ships with Adobe Reader and Acrobat products. A remote attacker can exploit this by enticing a user to download and view a malicious Flash file. A successful attack can allow a remote attacker to inject and execute arbitrary code on the affected system.

Supported On:

References:

cve: CVE-2010-1297
bugtraq: 40586
url: http://www.adobe.com/support/security/advisories/apsa10-01.html

Affected Products:

Red Hat Desktop Extras 4
Apple Mac OS X 10.5.1
Apple Mac OS X Server 10.5.1
Apple Mac OS X Server 10.5
HP Systems Insight Manager C.05.00.02
Adobe Flex 3.0
Sun OpenSolaris Build Snv 99
Red Hat Enterprise Linux Supplementary 5 Server
Adobe Flash Player 9.0.159.0
Adobe Flash Player 10.0.45.2
Adobe Reader 9.1.2
Adobe Acrobat Standard 9.1.2
Sun OpenSolaris Build Snv 101A
Adobe Acrobat Professional 9.1.2
Adobe Flash Player 9.0.28.0
Adobe Flash Player 9.0.31.0
Adobe Flash Player Plugin 9.0.31 .0
Adobe Reader 9.2
HP Systems Insight Manager 5.0
HP Systems Insight Manager 5.0 SP1
HP Systems Insight Manager 5.0 SP2
HP Systems Insight Manager 5.0 SP3
Adobe Flash Player 10.0.12 .36
Sun OpenSolaris Build Snv 103
Sun OpenSolaris Build Snv 50
Apple Mac OS X 10.5.2
Apple Mac OS X Server 10.5.2
Adobe Flash Player Plugin 9.0.45.0
Adobe Flash Player Plugin 9.0.112.0
Sun OpenSolaris Build Snv 48
Adobe Flash Player Plugin 10.0.12.10
Adobe Acrobat Standard 9.3
Adobe Acrobat 9.3
Adobe Reader 9.3
Adobe Acrobat Professional 9.3
Apple Mac OS X Server 10.5.0
Apple Mac OS X 10.5
Apple Mac OS X 10.6
Apple Mac OS X Server 10.6
Adobe Reader 9
Adobe Acrobat Standard 9
Adobe Acrobat Professional 9.2
Adobe Acrobat Standard 9.2
Sun OpenSolaris Build Snv 49
Adobe Flash Player 10.0.12 .35
Adobe Reader 9.1.3
Sun OpenSolaris Build Snv 78
Red Hat Enterprise Linux Desktop Supplementary 5 Client
Adobe Flash Player 10.0.22.87
Adobe Acrobat Professional 9.1
Adobe Flash Player 10.1.51.66
Sun OpenSolaris Build Snv 102
Adobe Reader 9.3.2
Adobe Acrobat Standard 9.3.2
Adobe Acrobat Professional 9.3.2
Adobe Acrobat 9.3.2
HP Systems Insight Manager 5.3
HP Systems Insight Manager 5.3 Update 1
Adobe Flash Player 9.0.262
Adobe Flash Player 9.0.45.0
SuSE openSUSE 11.0
Sun OpenSolaris Build Snv 22
Sun OpenSolaris Build Snv 92
Sun OpenSolaris Build Snv 19
Adobe Flash Player Plugin 9.0.124.0
Sun OpenSolaris Build Snv 85
Adobe Acrobat 9.1.1
Apple Mac OS X Server 10.5.3
Adobe Flash Player 9.0.151 .0
Sun OpenSolaris Build Snv 64
Sun OpenSolaris Build Snv 91
SuSE SUSE Linux Enterprise Desktop 11
Sun OpenSolaris Build Snv 110
Sun OpenSolaris Build Snv 111
Adobe Flash Player 9.0.124.0
Sun OpenSolaris Build Snv 90
Apple Mac OS X 10.6.3
Apple Mac OS X Server 10.6.3
Apple Mac OS X Server 10.6.4
Adobe Flash Player 10
Sun OpenSolaris Build Snv 93
Apple Mac OS X 10.6.2
Apple Mac OS X Server 10.6.2
Sun Solaris 10 Sparc
Adobe Flash Player 9
Adobe AIR 1.5.3.9130
Sun OpenSolaris Build Snv 36
Sun OpenSolaris Build Snv 54
Sun OpenSolaris Build Snv 74
Sun OpenSolaris Build Snv 51
SuSE SUSE Linux Enterprise Desktop 10 SP3
Sun OpenSolaris Build Snv 101
Adobe Flash CS3 Professional
Adobe Flash Player 9.0.48.0
Adobe Flash Player 9.0.115.0
Sun OpenSolaris Build Snv 100
Adobe Flash Player Plugin 9.0.16
Adobe Flash Player Plugin 9.0.18d60
Sun OpenSolaris Build Snv 57
Adobe Flash Player 10.0.32 18
Sun OpenSolaris Build Snv 84
Sun Solaris 10 X86
Adobe Reader 9.1
Sun OpenSolaris Build Snv 108
Adobe Acrobat Standard 9.1
Sun OpenSolaris Build Snv 80
Sun OpenSolaris Build Snv 01
Sun OpenSolaris
Apple Mac OS X 10.5.0
Adobe Reader 9.3.1
Sun OpenSolaris Build Snv 28
Adobe Acrobat Professional 9.3.1
HP Systems Insight Manager 5.0 SP5
HP Systems Insight Manager 5.0 SP6
HP Systems Insight Manager 5.1 SP1
Apple Mac OS X 10.5.7
Apple Mac OS X Server 10.5.7
Adobe Flash CS5 Professional
Sun OpenSolaris Build Snv 89
Sun OpenSolaris Build Snv 02
Adobe Acrobat Standard 9.3.1
Adobe Reader 9.1.1
Sun OpenSolaris Build Snv 95
Sun OpenSolaris Build Snv 37
Sun OpenSolaris Build Snv 38
SuSE SUSE Linux Enterprise 11 SP1
Sun OpenSolaris Build Snv 87
Adobe Flex 4.0
Adobe Flash Player 10.0.42.34
SuSE SUSE Linux Enterprise Desktop 11 SP1
Adobe Flash Player 9.0.246.0
Sun OpenSolaris Build Snv 86
Apple Mac OS X 10.6.1
Sun OpenSolaris Build Snv 56
Sun OpenSolaris Build Snv 94
Sun OpenSolaris Build Snv 45
Sun OpenSolaris Build Snv 111A
Adobe Acrobat Professional 9.1.3
Adobe Acrobat Standard 9.1.3
Gentoo Linux
Sun OpenSolaris Build Snv 71
Adobe Acrobat 9.3.1
HP Systems Insight Manager 5.2 SP2
Sun OpenSolaris Build Snv 41
Sun OpenSolaris Build Snv 96
Adobe Flash Player 9.0.47.0
SuSE SUSE Linux Enterprise 10 SP3
Adobe Flash CS4 Professional
Apple Mac OS X 10.5.6
Apple Mac OS X Server 10.5.6
Adobe Flash Player 9.0.260.0
Sun OpenSolaris Build Snv 81
Adobe Flash Player Plugin 9.0.28 .0
Adobe Flash Player Plugin 9.0.20 .0
HP Systems Insight Manager 6.0.0.96
Sun OpenSolaris Build Snv 47
Sun OpenSolaris Build Snv 83
Red Hat Enterprise Linux Extras 4
Sun OpenSolaris Build Snv 82
Sun OpenSolaris Build Snv 109
Sun OpenSolaris Build Snv 35
Sun OpenSolaris Build Snv 98
Apple Mac OS X 10.5.4
Apple Mac OS X Server 10.5.4
HP Systems Insight Manager C 05.00.02
Adobe Flash Player 10.0.15 .3
Adobe Flash Player 9.0.152 .0
Sun OpenSolaris Build Snv 67
Sun OpenSolaris Build Snv 39
Sun OpenSolaris Build Snv 68
Sun OpenSolaris Build Snv 76
Sun OpenSolaris Build Snv 77
Apple Mac OS X 10.6.4
Apple Mac OS X 10.5.5
Apple Mac OS X Server 10.5.5
Apple Mac OS X 10.5.8
Apple Mac OS X Server 10.5.8
Sun OpenSolaris Build Snv 59
Sun OpenSolaris Build Snv 104
Sun OpenSolaris Build Snv 105
SuSE openSUSE 11.2
Adobe Acrobat Professional 9
Apple Mac OS X 10.5.3
Sun OpenSolaris Build Snv 58
Apple Mac OS X Server 10.6.1
Sun OpenSolaris Build Snv 88
Adobe Flash Player 9.0.246 0
Sun OpenSolaris Build Snv 29
Adobe Acrobat 9.2
Sun OpenSolaris Build Snv 61
Sun OpenSolaris Build Snv 106
Sun OpenSolaris Build Snv 107
SuSE openSUSE 11.1
Pardus Linux 2009
Red Hat Enterprise Linux WS Extras 4
Red Hat Enterprise Linux ES Extras 4
Red Hat Enterprise Linux AS Extras 4

HTTP:PHP:PHPMYADMIN:VAR-INJECT - HTTP: phpMyAdmin session_to_unset session variable injection attempt detected

Severity: MEDIUM

Description:

This signature detects attempts to exploit a known vulnerability against phpMyAdmin. A successful attack can lead to arbitrary code execution.

Supported On:

References:

cve: CVE-2011-2505
cve: CVE-2011-2506

Affected Products:

phpmyadmin 3.0.0 (rc1)
phpmyadmin 3.3.10.0
phpmyadmin 3.4.2.0
phpmyadmin 3.1.1 (rc1)
phpmyadmin 3.3.10.1
phpmyadmin 3.0.1.1
phpmyadmin 3.2.2 (rc1)
phpmyadmin 3.3.2.0
phpmyadmin 3.1.5 (rc1)
phpmyadmin 3.3.5.1
phpmyadmin 3.2.1 (rc1)
phpmyadmin 3.2.0 (beta1)
phpmyadmin 3.1.3.1
phpmyadmin 3.2.0 (rc1)
phpmyadmin 3.1.0 (beta1)
phpmyadmin 3.0.0 (beta)
phpmyadmin 3.3.8.1
phpmyadmin 3.3.0.0
phpmyadmin 3.1.3.2
phpmyadmin 3.1.4 (rc2)
phpmyadmin 3.3.5.0
phpmyadmin 3.4.1.0
phpmyadmin 3.1.2 (rc1)
phpmyadmin 3.3.9.1
phpmyadmin 3.3.9.2
phpmyadmin 3.3.6
phpmyadmin 3.3.9.0
phpmyadmin 3.1.3 (rc1)
phpmyadmin 3.3.7
phpmyadmin 3.3.1.0
phpmyadmin 3.0.0 (alpha)
phpmyadmin 3.3.3.0
phpmyadmin 3.4.3.0
phpmyadmin 3.4.0.0
phpmyadmin 3.3.8
phpmyadmin 3.0.1 (rc1)
phpmyadmin 3.3.4.0

HTTP:STC:ADOBE:CVE-2016-4140-CE - HTTP: Adobe Flash Player CVE-2016-4140 Code Execution

Severity: HIGH

Description:

This signature detects attempts to exploit a known vulnerability against Adobe Flash Player. A successful attack can lead to arbitrary code execution.

Supported On:

References:

cve: CVE-2016-4140

HTTP:STC:CLSID:SCHNEIDER-HVAC - HTTP: Schneider Electric SoMachine HVAC AxEditGrid Unsafe ActiveX Control

Severity: HIGH

Description:

This signature detects HTTP traffic containing vulnerable AxEditGrid ActiveX control. Malicious Web sites can utilize these control objects to execute code through the target's browser.

Supported On:

idp-4.0.110090709, idp-4.0.110090831, idp-4.1.0, idp-4.2.0, idp-5.0.0, mx-9.4, isg-3.1.134269, isg-3.1.135801, isg-3.4.0, isg-3.5.0, srx-9.2, srx-branch-9.4, j-series-9.5, idp-4.2.110100823, srx-10.0, srx-branch-10.0, idp-4.2.110101203, idp-5.1.0, idp-4.1.110110609, srx-11.4, srx-branch-11.4, idp-4.1.110110719, mx-11.4, isg-3.4.139899, idp-5.0.110121210, srx-12.1, srx-branch-12.1, isg-3.4.140032, idp-5.0.110130325, vsrx-12.1, vsrx-15.1, isg-3.5.141455, idp-5.1.110151117, isg-3.5.141597, idp-5.1.110160603

References:

cve: CVE-2016-4529

HTTP:MOIN-FILE-UPLOAD - HTTP: MoinMoin Arbitrary File Upload Attempt Detected

Severity: MEDIUM

Description:

This signature detects attempts to exploit a known vulnerability against MoinMoin. Attackers can upload arbitrary files on the targeted system and gain unauthorized remote access.

Supported On:

References:

bugtraq: 57082
cve: CVE-2012-6081

Affected Products:

moinmo moinmoin 1.6.0 (beta1)
moinmo moinmoin 1.0
moinmo moinmoin 1.6.1
moinmo moinmoin 1.3.5 (rc1)
moinmo moinmoin 1.1
moinmo moinmoin 1.7.3
moinmo moinmoin 1.8.7
moinmo moinmoin 1.5.5 (a)
moinmo moinmoin 1.5.2
moinmo moinmoin 1.2
moinmo moinmoin 1.5.0 (beta1)
moinmo moinmoin 1.5.0 (beta2)
moinmo moinmoin 1.9.4
moinmo moinmoin 1.7.0 (rc3)
moinmo moinmoin 1.8.1
moinmo moinmoin 0.2
moinmo moinmoin 1.5.4
moinmo moinmoin 0.9
moinmo moinmoin 1.8.3
moinmo moinmoin 1.5.3 (rc2)
moinmo moinmoin 1.6.0 (rc1)
moinmo moinmoin 1.5.7
moinmo moinmoin 0.8
moinmo moinmoin 1.9.1
moinmo moinmoin 1.5.0 (beta5)
moinmo moinmoin 1.3.1
moinmo moinmoin 1.6.4
moinmo moinmoin 1.5.6
moinmo moinmoin 1.2.2
moinmo moinmoin 1.6.0 (rc2)
moinmo moinmoin 0.11
moinmo moinmoin 1.9.3
moinmo moinmoin 1.4
moinmo moinmoin 1.5.0 (rc1)
moinmo moinmoin 1.8.6
moinmo moinmoin 0.5
moinmo moinmoin 1.9.2
moinmo moinmoin 1.8.0
moinmo moinmoin 0.4
moinmo moinmoin 1.2.1
moinmo moinmoin 1.3.4
moinmo moinmoin 0.7
moinmo moinmoin 1.5.8
moinmo moinmoin 1.8.2
moinmo moinmoin 1.3.3
moinmo moinmoin 1.7.0 (rc2)
moinmo moinmoin 1.5.0 (beta4)
moinmo moinmoin 1.8.8
moinmo moinmoin 1.3.2
moinmo moinmoin 0.1
moinmo moinmoin 1.2.3
moinmo moinmoin 0.10
moinmo moinmoin 0.6
moinmo moinmoin 1.2.4
moinmo moinmoin up to 1.9.5
moinmo moinmoin 1.5.5a
moinmo moinmoin 1.5.3 (rc1)
moinmo moinmoin 1.7.1
moinmo moinmoin 1.7.0 (beta2)
moinmo moinmoin 1.3.0
moinmo moinmoin 0.3
moinmo moinmoin 1.8.4
moinmo moinmoin 1.5.0 (beta6)
moinmo moinmoin 1.5.5 (rc1)
moinmo moinmoin 1.5.0 (beta3)
moinmo moinmoin 1.6.2
moinmo moinmoin 1.7.0 (rc1)
moinmo moinmoin 1.6.0 (beta2)
moinmo moinmoin 1.6.3
moinmo moinmoin 1.7.2
moinmo moinmoin 1.5.1
moinmo moinmoin 1.7.0 (beta1)
moinmo moinmoin 1.9.0

HTTP:STC:DL:CVE-2016-3316-ID - HTTP: Microsoft Office CVE-2016-3316 Infomation DIsclosure

Severity: MEDIUM

Description:

This signature detects attempts to exploit a known vulnerability against Microsoft Office. A successful attack can lead to information disclosure.

Supported On:

References:

cve: CVE-2016-3316

HTTP:MISC:SEAGATE-NAS-RCE - HTTP: Seagate Business NAS Pre-Authentication Remote Code Execution

Severity: HIGH

Description:

This signature detects attempts to exploit a known vulnerability against Seagate Business Network Attached Storage. A successful attack can lead to arbitrary code execution.

Supported On:

References:

cve: CVE-2014-8687

HTTP:STC:FOXIT-READER-HOF - HTTP: Foxit Reader CVE-2016-3740 Heap Overflow

Severity: HIGH

Description:

This signature detects attempts to exploit a known vulnerability in the Foxit Reader. A successful attack can lead to a buffer overflow and arbitrary code execution within the context of the Foxit Reader.

Supported On:

References:

cve: CVE-2016-3740

SMB:EXPLOIT:ADOBE-FLASH-DLL-CE - SMB: Adobe Flash Player apphelp.dll and dbghelp.dll Dll-load Exploit Attempt

Severity: HIGH

Description:

This signature detects attempts to exploit a known vulnerability against Adobe Flash Player. A successful attack can lead to arbitrary code execution.

Supported On:

srx-branch-11.4, idp-4.1.110110719, mx-11.4, mx-9.4, idp-5.0.110130325, srx-9.2, srx-branch-9.4, j-series-9.5, srx-12.1, srx-branch-12.1, isg-3.4.140032, srx-10.0, srx-branch-10.0, vsrx-12.1, idp-5.0.110121210, isg-3.4.139899, vsrx-15.1, idp-4.1.110110609, idp-5.1.110160603, isg-3.5.141455, idp-5.1.110151117, isg-3.5.141597, srx-11.4

References:

cve: CVE-2016-4140

HTTP:DOS:DJANGO-FRAMEWORK-DOS - HTTP: Django Web Framework Denial of Service

Severity: MEDIUM

Description:

This signature detects attempts to exploit a known vulnerability against DJango Framework. A successful attack can result in a denial-of-service condition.

Supported On:

References:

cve: CVE-2013-1443

Affected Products:

djangoproject django 1.5.1
djangoproject django 1.6 (beta1)
djangoproject django 1.4.1
djangoproject django 1.4.6
djangoproject django 1.5 (alpha)
djangoproject django 1.4.2
djangoproject django 1.4.7
djangoproject django 1.5.3
djangoproject django 1.6 (beta3)
djangoproject django 1.6 (beta2)
djangoproject django 1.5.2
djangoproject django 1.5 (beta)
djangoproject django 1.4.4
djangoproject django 1.4
djangoproject django 1.4.5

HTTP:MAL-REDIRECT-EXP-112 - HTTP:MAL-REDIRECT Infection-112

Severity: MEDIUM

Description:

Supported On:

vsrx-15.1, srx-12.1

HTTP:STC:MOZILLA:QUERYINT-OF - HTTP: Metasploit Firefox QueryInterface Buffer Overflow

Severity: CRITICAL

Description:

This signature detects attempts to exploit a known vulnerability against Mozilla Firefox browser. Firefox 1.5 is affected. Attackers using Metasploit Framework can exploit this vulnerability leading to arbitrary code execution.

Supported On:

DI-Client, idp-4.0.0, idp-4.0.110090709, idp-4.0.110090831, idp-4.1.0, idp-4.2.0, idp-5.0.0, mx-9.4, isg-3.0.0, isg-3.1.134269, isg-3.1.135801, isg-3.4.0, isg-3.5.0, srx-9.2, srx-branch-9.4, j-series-9.5, idp-4.2.110100823, srx-10.0, srx-branch-10.0, idp-4.2.110101203, idp-5.1.0, idp-4.1.110110609, srx-11.4, srx-branch-11.4, idp-4.1.110110719, mx-11.4, isg-3.4.139899, idp-5.0.110121210, srx-12.1, srx-branch-12.1, isg-3.4.140032, idp-5.0.110130325, vsrx-12.1, vsrx-15.1, isg-3.5.141455, idp-5.1.110151117, isg-3.5.141597, idp-5.1.110160603

References:

cve: CVE-2006-0295
url: http://www.frsirt.com/exploits/20060208.firefox_queryinterface_mac.pm.php
bugtraq: 16476
url: http://www.mozilla.org/security/announce/mfsa2006-04.html

Affected Products:

Mozilla Browser 1.3.1
Red Hat Linux 7.3.0 I686
Mozilla Browser 1.4.0 B
Mozilla Thunderbird 1.5.0
Mozilla Thunderbird 0.9.0
Mozilla Thunderbird 1.0.0
Mozilla Browser 1.7.8
Red Hat Enterprise Linux ES 3
Mozilla Firefox 1.0.3
Mozilla Browser 1.7.7
Mozilla Thunderbird 1.0.5
Mozilla Firefox 1.0.2
Mozilla Browser 0.9.35
Mozilla Browser 0.9.48
Mozilla Browser 1.5.0
Red Hat Fedora Core1
Red Hat Desktop 3.0.0
Mozilla Browser 1.7.0 Rc1
Mozilla Browser 1.7.0 Beta
Mozilla Browser 1.7.0 Alpha
Mozilla Browser 1.5.1
SuSE Linux Professional 10.0.0 OSS
SuSE Linux Personal 10.0.0 OSS
Ubuntu Ubuntu Linux 5.0.0 4 Amd64
Mozilla Browser 0.9.7
Mozilla Browser 0.9.5
Mozilla Browser 0.9.4 .1
Mozilla Browser 0.9.4
Mozilla Browser 0.9.3
Mozilla Browser 0.9.2 .1
Mozilla Browser 0.9.2
Red Hat Desktop 4.0.0
SuSE Linux Personal 9.3.0 X86 64
Mozilla Firefox 1.5.0
HP HP-UX B.11.31
Mozilla Thunderbird 1.0.7
SGI ProPack 3.0.0 SP6
Red Hat Enterprise Linux WS 2.1 IA64
Red Hat Enterprise Linux AS 2.1 IA64
Red Hat Enterprise Linux ES 2.1 IA64
Mozilla Browser 1.4.0
Sun Solaris 9 Sparc
Mozilla Browser 1.1.0 Alpha
Mozilla Browser 1.0.0
SuSE Linux Personal 9.2.0 X86 64
SuSE Linux Personal 9.1.0
Mozilla Browser 1.2.0 Alpha
Mozilla Thunderbird 1.0.6
Sun Solaris 9 X86 Update 2
Mozilla Browser 1.2.1
Mozilla Browser 1.3.0
Red Hat Linux 7.3.0
Red Hat Linux 7.3.0 I386
Mozilla Browser 1.4.2
Red Hat Linux 9.0.0 I386
Mozilla Browser 0.8.0
Mozilla Firefox 0.10.1
Mozilla Firefox 1.0.6
Mozilla Browser 1.2.0 Beta
Mozilla Browser 1.0.1
Debian Linux 3.1.0 Ppc
Mozilla Firefox 1.0.0
Mozilla Browser 1.4.4
Mozilla Browser 1.7.3
Mozilla Thunderbird 0.8.0
Mozilla Firefox Preview Release
Mandriva Linux Mandrake 2006.0.0
Mandriva Linux Mandrake 2006.0.0 X86 64
Mozilla Firefox 1.5.0 Beta 2
Mozilla Browser 1.1.0
Red Hat Enterprise Linux AS 2.1
Debian Linux 3.1.0 Amd64
HP HP-UX B.11.11
Debian Linux 3.1.0 Alpha
Debian Linux 3.1.0 Arm
HP HP-UX B.11.00
Debian Linux 3.1.0 Ia-32
Debian Linux 3.1.0 Ia-64
Ubuntu Ubuntu Linux 4.1.0 Ppc
Debian Linux 3.1.0 Mips
Debian Linux 3.1.0 Mipsel
HP HP-UX B.11.23
Debian Linux 3.1.0 S/390
Debian Linux 3.1.0 Sparc
Mozilla Firefox 0.10.0
Mozilla Browser 1.7.11
Mozilla Firefox 1.5.0 Beta 1
Mozilla Firefox 1.0.1
Mozilla Browser 1.7.12
Red Hat Fedora Core4
Red Hat Advanced Workstation for the Itanium Processor 2.1.0 IA64
Mozilla Browser 1.7.6
Red Hat Enterprise Linux AS 3
Sun Solaris 10 X86
Red Hat Enterprise Linux WS 3
Mozilla Thunderbird 1.0.1
Mozilla Browser 0.9.8
Mozilla Browser 1.2.0
Sun Solaris 8 Sparc
Sun Solaris 8 X86
Mozilla Browser 1.7.10
Red Hat Enterprise Linux ES 2.1
SuSE Linux Personal 9.3.0
Mozilla Browser 1.0.2
Red Hat Enterprise Linux WS 2.1
Red Hat Fedora Core3
SuSE Linux Professional 9.1.0
SuSE Linux Professional 9.2.0
SuSE Linux Professional 9.3.0
SuSE Linux Professional 9.3.0 X86 64
SuSE Linux Professional 9.2.0 X86 64
SuSE Linux Professional 9.1.0 X86 64
Debian Linux 3.1.0 Hppa
Mozilla Browser 1.4.1
Ubuntu Ubuntu Linux 4.1.0 Ia64
Mandriva Corporate Server 3.0.0
Ubuntu Ubuntu Linux 4.1.0 Ia32
Debian Linux 3.1.0 M68k
Mozilla Browser 1.7.2
Mozilla Firefox 0.9.3
Mozilla Thunderbird 0.7.3
Mozilla Thunderbird 0.6.0
Mozilla Browser 1.7.0
Gentoo Linux
Mozilla Browser 1.7.0 Rc2
Ubuntu Ubuntu Linux 5.0.0 4 Powerpc
Ubuntu Ubuntu Linux 5.0.0 4 I386
Mozilla Browser 1.7.1
Mozilla Firefox 0.9.2
Mozilla Thunderbird 0.7.2
Mozilla Thunderbird 0.7.0
Mozilla Firefox 1.0.7
Sun Java Desktop System (JDS) 2.0.0
Mozilla SeaMonkey 1.0 Dev
Mozilla Firefox 0.9.0
Mozilla Firefox 0.9.1
Mozilla Browser 1.1.0 Beta
Mozilla Browser 0.9.9
Mozilla Browser 1.0.0 RC1
Mozilla Thunderbird 1.5.0 Beta 2
Red Hat Advanced Workstation for the Itanium Processor 2.1.0
Ubuntu Ubuntu Linux 5.10.0 Amd64
Sun Solaris 9 X86
Ubuntu Ubuntu Linux 5.10.0 Powerpc
Red Hat Enterprise Linux AS 4
Red Hat Enterprise Linux ES 4
Red Hat Enterprise Linux WS 4
Debian Linux 3.1.0
Mozilla Browser 1.7.9
Mozilla Firefox 1.0.5
Mozilla Browser 1.7.4
Mozilla Browser 1.7.5
Mozilla Thunderbird 0.7.1
Ubuntu Ubuntu Linux 5.10.0 I386
SuSE Linux Personal 9.1.0 X86 64
Mozilla Browser 0.9.6
Mandriva Corporate Server 3.0.0 X86 64
Mozilla Firefox 0.8.0
SuSE Linux Personal 9.2.0
SuSE Linux Professional 10.0.0
Red Hat Fedora Core2
Mozilla Browser 1.0.0 RC2
Mozilla Browser 1.6.0
Mozilla Browser 1.7.0 Rc3
Mozilla Firefox 0.9.0 Rc
Mozilla Firefox 1.0.4
Mozilla Browser 1.4.0 A
Mozilla Thunderbird 1.0.2