EOL Announcement (January 3, 2017): End-of-Life Notification for Juniper Networks IDP/AppID Signature Releases on EOL products. Please see TSB17019 for more information.
24 new signatures:
HIGH | IMAP:OUTLOOK-RCE | IMAP: Microsoft Outlook Client Code Execution |
HIGH | APP:MISC:ESKIMOROLL-KERBEROS-PE | APP: ESKIMOROLL Kerberos Privilege Escalation |
HIGH | MS-RPC:RPC-OVF | MSRPC: Microsoft Windows DCOM RPC Interface Buffer Overrun |
HIGH | HTTP:STC:MOZILLA:CVE-2014-1513 | HTTP: Mozilla Firefox CVE-2014-1513 Remote Code Execution |
HIGH | HTTP:STC:SAFARI:CVE-2017-2446 | HTTP: Apple Safari CVE-2017-2446 Remote Code Execution |
HIGH | HTTP:MISC:GENERIC-DIR-TRAVERSAL | HTTP: Generic Directory Traversal Detected |
CRITICAL | APP:REMOTE:ESTEEMAUDIT-RCE | HTTP: Microsoft Windows Empty RDP Cookie Negotiation Attempt |
HIGH | HTTP:HPE-INTELLIGENT-CENTER-ID | HTTP: HPE Intelligent Management Center FileDownloadServlet Information Disclosure |
MEDIUM | DNS:CVE-2017-0171-DOS | DNS: Windows DNS CVE-2017-0171 Denial Of Service |
HIGH | HTTP:STC:MANTIS-PASS-RESET | HTTP: Mantis Bug Tracker confirm_hash Remote Password Reset |
HIGH | HTTP:STC:ADOBE:CVE-2017-3071-CE | HTTP: Adobe Flash CVE-2017-3071 Remote Code Execution |
HIGH | HTTP:STC:ADOBE:CVE-2017-3068-CE | HTTP: Adobe Flash CVE-2017-3068 Remote Code Execution |
HIGH | HTTP:STC:CHROME:CVE-2017-5030 | HTTP: Google Chrome CVE-2017-5030 Remote Code Execution |
HIGH | HTTP:STC:CHROME:CVE-2016-5198 | HTTP: Google Chrome CVE-2016-5198 Remote Code Execution |
HIGH | HTTP:STC:CHROME:CVE-2016-5200 | HTTP: Google Chrome CVE-2016-5200 Remote Code Execution |
HIGH | HTTP:STC:IE:CVE-2017-0134-RCE | HTTP: Microsoft Edge CVE-2017-0134 Remote Code Execution |
HIGH | HTTP:INTEL-AMT-PE | HTTP: Intel Active Management Technology Remote Privilege Escalation |
HIGH | HTTP:STC:APPLE-SAFARI-PARAM-UAF | HTTP: Apple Safari parameter name Use After Free |
HIGH | HTTP:STC:APPLE-CVE-2016-4622-CE | HTTP: Apple Safari CVE-2016-4622 Remote Code Execution |
HIGH | HTTP:STC:APPLE-TYPARRAY-BUF-NEU | HTTP: Apple TypeArray Buffer Neutering |
HIGH | HTTP:STC:APPLE-SAFARI-OOB | HTTP: Apple Safari CVE-2017-2447 Out Of Bounds |
HIGH | HTTP:STC:CVE-2017-2464-MC | HTTP: Apple Safari CVE-2017-2464 Memory Corruption |
HIGH | HTTP:STC:APPLE-SFRI-PWN2OWN-UAF | HTTP: Apple Safari Pwn2Own Use After Free |
HIGH | SMTP:OUTLOOK:OUTLOOK-CE | SMTP: Outlook Client Code Execution |
11 updated signatures:
MEDIUM | SCADA:ICCP:INVALID-TPDU | SCADA: Invalid TPDU Code |
INFO | CHAT:MSN:HTTP:MSNFTP-INVITE | CHAT: MSN over HTTP File Transfer Invitation Message |
MEDIUM | HTTP:STC:ACTIVEX:MAGNETOSOFT-OV | HTTP: Magnetosoft Networkresources Unsafe ActiveX Overflow |
HIGH | HTTP:STC:ADOBE:CVE-2017-3055-CE | HTTP: Adobe Acrobat Reader CVE-2017-3055 Remote Code Execution |
INFO | SMB:SMBV1-REQ | SMB: SMBv1 Request Detected |
INFO | P2P:XUNLEI:DOWNLOAD | P2P: Xunlei Download |
HIGH | HTTP:STC:IE:CVE-2017-0141-AV | HTTP: Microsoft Edge CVE-2017-0141 Access Violation |
HIGH | DNS:ISC-BIND-CNAME-DNAME-DOS | DNS: ISC BIND Referral CNAME and DNAME Assertion Failure Denial of Service |
HIGH | HTTP:STC:IE:CVE-2017-0015-MC | HTTP: Microsoft Edge CVE-2017-0015 Memory Corruption |
HIGH | HTTP:STC:IE:CVE-2016-3386-RCE | HTTP: Microsoft Edge CVE-2016-3386 Remote Code Execution |
MEDIUM | SCADA:ICCP:BUFFER-SIZE | SCADA: Wrong Buffer Size |
2 renamed signatures:
HTTP:STC:APPLE_SAFARI-IO | -> | HTTP:STC:CVE-2017-2464-MC |
APP:GENERIC-DIR-TRAV | -> | APP:HP-PROTECTOR-DIR-TRAV |
This signature prevents triggering of executable code on the client's side to send an email to other users.
isg-3.5.141652, idp-5.1.110161014, idp-4.0.0, idp-4.0.110090709, idp-4.0.110090831, idp-4.1.0, mx-16.1, vmx-11.4, idp-4.2.0, idp-5.0.0, isg-3.0.0, isg-3.1.134269, isg-3.1.135801, isg-3.4.0, isg-3.5.0, j-series-9.5, idp-4.2.110100823, idp-4.2.110101203, idp-5.1.0, idp-4.1.110110609, idp-4.1.110110719, mx-11.4, vmx-16.1, isg-3.4.139899, idp-5.0.110121210, srx-12.1, srx-branch-12.1, isg-3.4.140032, idp-5.0.110130325, vsrx-12.1, vsrx-15.1, isg-3.5.141597, idp-5.1.110160603
This signatures can be used to detect anomalous behavior within the Kerberos protocol.
isg-3.5.141652, idp-5.1.110161014, idp-4.0.0, idp-4.0.110090709, idp-4.0.110090831, idp-4.1.0, mx-16.1, vmx-11.4, idp-4.2.0, idp-5.0.0, isg-3.0.0, isg-3.1.134269, isg-3.1.135801, isg-3.4.0, isg-3.5.0, j-series-9.5, idp-4.2.110100823, idp-4.2.110101203, idp-5.1.0, idp-4.1.110110609, idp-4.1.110110719, mx-11.4, vmx-16.1, isg-3.4.139899, idp-5.0.110121210, srx-12.1, srx-branch-12.1, isg-3.4.140032, idp-5.0.110130325, vsrx-12.1, vsrx-15.1, isg-3.5.141597, idp-5.1.110160603
This signature detects attempts to exploit a known vulnerability in the RPC in Microsoft Windows. A successful attack can lead to a buffer overflow and arbitrary remote code execution.
isg-3.5.141652, idp-5.1.110161014, idp-4.0.0, idp-4.0.110090709, idp-4.0.110090831, idp-4.1.0, mx-16.1, vmx-11.4, idp-4.2.0, idp-5.0.0, isg-3.0.0, isg-3.1.134269, isg-3.1.135801, isg-3.4.0, isg-3.5.0, j-series-9.5, idp-4.2.110100823, idp-4.2.110101203, idp-5.1.0, idp-4.1.110110609, idp-4.1.110110719, mx-11.4, vmx-16.1, isg-3.4.139899, idp-5.0.110121210, srx-12.1, srx-branch-12.1, isg-3.4.140032, idp-5.0.110130325, vsrx-12.1, vsrx-15.1, isg-3.5.141597, idp-5.1.110160603
his signature detects an attempt to exploit a known vulnerability against HP DataProtector application. Successful exploitation could allow an attacker to execute arbitrary codes into the context of the running application.
isg-3.5.141652, idp-5.1.110161014, idp-4.1.110110719, idp-4.0.0, idp-4.0.110090709, idp-4.0.110090831, idp-4.1.0, mx-16.1, vmx-11.4, idp-4.2.0, idp-5.0.0, vmx-16.1, isg-3.4.0, isg-3.5.0, isg-3.4.139899, j-series-9.5, srx-12.1, srx-branch-12.1, idp-4.2.110100823, idp-5.0.110130325, mx-11.4, isg-3.4.140032, idp-4.2.110101203, vsrx-12.1, idp-5.1.0, idp-5.0.110121210, vsrx-15.1, idp-4.1.110110609, isg-3.5.141597, idp-5.1.110160603
This signature detects attempts to exploit a known vulnerability against Mozilla Firefox. A successful attack can lead to arbitrary code execution.
isg-3.5.141652, idp-5.1.110161014, idp-4.0.0, idp-4.0.110090709, idp-4.0.110090831, idp-4.1.0, mx-16.1, vmx-11.4, idp-4.2.0, idp-5.0.0, isg-3.1.134269, isg-3.1.135801, isg-3.4.0, isg-3.5.0, j-series-9.5, idp-4.2.110100823, idp-4.2.110101203, idp-5.1.0, idp-4.1.110110609, idp-4.1.110110719, mx-11.4, vmx-16.1, isg-3.4.139899, idp-5.0.110121210, srx-12.1, srx-branch-12.1, isg-3.4.140032, idp-5.0.110130325, vsrx-12.1, vsrx-15.1, isg-3.5.141597, idp-5.1.110160603
This signature detects attempts to exploit a known vulnerability against Apple Safari. A successful attack can lead to arbitrary code execution.
isg-3.5.141652, idp-5.1.110161014, idp-4.0.0, idp-4.0.110090709, idp-4.0.110090831, idp-4.1.0, mx-16.1, vmx-11.4, idp-4.2.0, idp-5.0.0, isg-3.1.134269, isg-3.1.135801, isg-3.4.0, isg-3.5.0, j-series-9.5, idp-4.2.110100823, idp-4.2.110101203, idp-5.1.0, idp-4.1.110110609, idp-4.1.110110719, mx-11.4, vmx-16.1, isg-3.4.139899, idp-5.0.110121210, srx-12.1, srx-branch-12.1, isg-3.4.140032, idp-5.0.110130325, vsrx-12.1, vsrx-15.1, isg-3.5.141597, idp-5.1.110160603
This signature detects attempts to use unsafe ActiveX controls in the Magnetosoft Networkresources. An attacker can create a malicious Web site containing Web pages with dangerous ActiveX controls, which if accessed by a victim, allows the attacker to gain control of the victim's client browser.
isg-3.5.141652, idp-5.1.110161014, DI-Client, idp-4.1.110110719, DI-Worm, idp-4.0.0, idp-4.0.110090709, idp-4.0.110090831, idp-4.1.0, mx-16.1, vmx-11.4, idp-4.2.0, idp-5.0.0, isg-3.0.0, isg-3.1.134269, isg-3.1.135801, isg-3.4.0, isg-3.5.0, isg-3.4.139899, j-series-9.5, srx-12.1, srx-branch-12.1, idp-4.2.110100823, idp-5.0.110130325, mx-11.4, isg-3.4.140032, idp-4.2.110101203, vsrx-12.1, idp-5.1.0, idp-5.0.110121210, vsrx-15.1, idp-4.1.110110609, vmx-16.1, isg-3.5.141597, idp-5.1.110160603
This signature detects a generic directory traversal attempt from client request.
srx-branch-12.1, isg-3.5.141652, vmx-16.1, mx-11.4, idp-5.1.110161014, idp-4.1.0, mx-16.1, vmx-11.4, vsrx-12.1, vsrx-15.1, idp-5.1.110160603, j-series-9.5, isg-3.5.141597, srx-12.1
Esteemaudit is a Remote Desktop Protocol (RDP) exploit. By exploiting this vulnerability, a threat actor can target a remote RDP Service and eventually take control of the compromised system.
isg-3.5.141652, idp-5.1.110161014, idp-4.0.0, idp-4.0.110090709, idp-4.0.110090831, idp-4.1.0, mx-16.1, vmx-11.4, idp-4.2.0, idp-5.0.0, isg-3.0.0, isg-3.1.134269, isg-3.1.135801, isg-3.4.0, isg-3.5.0, j-series-9.5, idp-4.2.110100823, idp-4.2.110101203, idp-5.1.0, idp-4.1.110110609, idp-4.1.110110719, mx-11.4, vmx-16.1, isg-3.4.139899, idp-5.0.110121210, srx-12.1, srx-branch-12.1, isg-3.4.140032, idp-5.0.110130325, vsrx-12.1, vsrx-15.1, isg-3.5.141597, idp-5.1.110160603
An information disclosure vulnerability has been reported in the Service Operation Manager Module of HPE Intelligent Management Center. Successful exploitation could allow an attacker to disclose sensitive information under the context of SYSTEM from the target host.
isg-3.5.141652, idp-5.1.110161014, idp-4.0.0, idp-4.0.110090709, idp-4.0.110090831, idp-4.1.0, mx-16.1, vmx-11.4, idp-4.2.0, idp-5.0.0, isg-3.0.0, isg-3.1.134269, isg-3.1.135801, isg-3.4.0, isg-3.5.0, j-series-9.5, idp-4.2.110100823, idp-4.2.110101203, idp-5.1.0, idp-4.1.110110609, idp-4.1.110110719, mx-11.4, vmx-16.1, isg-3.4.139899, idp-5.0.110121210, srx-12.1, srx-branch-12.1, isg-3.4.140032, idp-5.0.110130325, vsrx-12.1, vsrx-15.1, isg-3.5.141597, idp-5.1.110160603
Windows DNS Server allows a denial of service vulnerability when Microsoft Windows Server are configured to answer version queries.
isg-3.5.141652, idp-5.1.110161014, idp-4.0.0, idp-4.0.110090709, idp-4.0.110090831, idp-4.1.0, mx-16.1, vmx-11.4, idp-4.2.0, idp-5.0.0, isg-3.0.0, isg-3.1.134269, isg-3.1.135801, isg-3.4.0, isg-3.5.0, j-series-9.5, idp-4.2.110100823, idp-4.2.110101203, idp-5.1.0, idp-4.1.110110609, idp-4.1.110110719, mx-11.4, vmx-16.1, isg-3.4.139899, idp-5.0.110121210, srx-12.1, srx-branch-12.1, isg-3.4.140032, idp-5.0.110130325, vsrx-12.1, vsrx-15.1, isg-3.5.141597, idp-5.1.110160603
A remote password reset vulnerability has been reported in Mantis Bug Tracker. Successful exploitation results in the attacker being able to change the password for arbitrary accounts.
isg-3.5.141652, idp-5.1.110161014, idp-4.0.0, idp-4.0.110090709, idp-4.0.110090831, idp-4.1.0, mx-16.1, vmx-11.4, idp-4.2.0, idp-5.0.0, isg-3.0.0, isg-3.1.134269, isg-3.1.135801, isg-3.4.0, isg-3.5.0, j-series-9.5, idp-4.2.110100823, idp-4.2.110101203, idp-5.1.0, idp-4.1.110110609, idp-4.1.110110719, mx-11.4, vmx-16.1, isg-3.4.139899, idp-5.0.110121210, srx-12.1, srx-branch-12.1, isg-3.4.140032, idp-5.0.110130325, vsrx-12.1, vsrx-15.1, isg-3.5.141597, idp-5.1.110160603
This signature detects attempts to exploit a known vulnerability against Adobe Acrobat Reader. A successful attack can lead to arbitrary code execution.
srx-branch-12.1, isg-3.5.141652, vmx-16.1, mx-11.4, idp-5.1.110161014, idp-4.1.0, mx-16.1, vmx-11.4, vsrx-12.1, vsrx-15.1, idp-5.1.110160603, j-series-9.5, isg-3.5.141597, srx-12.1
This signature detects a TPDU buffer size that is too small or too big. OSI Transport Class 0 (TP0) specifies the amount of user data that can be carried on any particular transport primitive. If the protocol specifications form the basis for local buffer management, too much or too little data could lead to a buffer overflow attack.
isg-3.5.141652, idp-5.1.110161014, idp-4.0.0, idp-4.0.110090709, idp-4.0.110090831, idp-4.1.0, mx-16.1, vmx-11.4, idp-4.2.0, idp-5.0.0, isg-3.0.0, isg-3.1.134269, isg-3.1.135801, isg-3.4.0, isg-3.5.0, j-series-9.5, idp-4.2.110100823, idp-4.2.110101203, idp-5.1.0, idp-4.1.110110609, idp-4.1.110110719, mx-11.4, vmx-16.1, isg-3.4.139899, idp-5.0.110121210, srx-12.1, srx-branch-12.1, isg-3.4.140032, idp-5.0.110130325, vsrx-12.1, vsrx-15.1, isg-3.5.141597, idp-5.1.110160603
This signature detects a download request through Xunlei. Xunlei is a Chinese peer-to-peer file sharing program.
isg-3.5.141652, idp-5.1.110161014, idp-4.0.0, idp-4.0.110090709, idp-4.0.110090831, idp-4.1.0, mx-16.1, vmx-11.4, idp-4.2.0, idp-5.0.0, isg-3.0.0, isg-3.1.134269, isg-3.1.135801, isg-3.4.0, isg-3.5.0, j-series-9.5, idp-4.2.110100823, idp-4.2.110101203, idp-5.1.0, idp-4.1.110110609, idp-4.1.110110719, mx-11.4, vmx-16.1, isg-3.4.139899, idp-5.0.110121210, srx-12.1, srx-branch-12.1, isg-3.4.140032, idp-5.0.110130325, vsrx-12.1, vsrx-15.1, isg-3.5.141597, idp-5.1.110160603
This signature detects attempts to exploit a known vulnerability in ISC BIND9. Successful exploitation leads to denial-of-service conditions.
isg-3.5.141652, idp-5.1.110161014, idp-4.0.0, idp-4.0.110090709, idp-4.0.110090831, idp-4.1.0, mx-16.1, vmx-11.4, idp-4.2.0, idp-5.0.0, isg-3.0.0, isg-3.1.134269, isg-3.1.135801, isg-3.4.0, isg-3.5.0, j-series-9.5, idp-4.2.110100823, idp-4.2.110101203, idp-5.1.0, idp-4.1.110110609, idp-4.1.110110719, mx-11.4, vmx-16.1, isg-3.4.139899, idp-5.0.110121210, srx-12.1, srx-branch-12.1, isg-3.4.140032, idp-5.0.110130325, vsrx-12.1, vsrx-15.1, isg-3.5.141597, idp-5.1.110160603
This signature detects an invalid TPDU code. ISO 8073 specifies a limited set of TPDU codes. It is possible that an invalid TPDU code can cause mis-operation by the local implementation.
isg-3.5.141652, idp-5.1.110161014, idp-4.0.0, idp-4.0.110090709, idp-4.0.110090831, idp-4.1.0, mx-16.1, vmx-11.4, idp-4.2.0, idp-5.0.0, isg-3.0.0, isg-3.1.134269, isg-3.1.135801, isg-3.4.0, isg-3.5.0, j-series-9.5, idp-4.2.110100823, idp-4.2.110101203, idp-5.1.0, idp-4.1.110110609, idp-4.1.110110719, mx-11.4, vmx-16.1, isg-3.4.139899, idp-5.0.110121210, srx-12.1, srx-branch-12.1, isg-3.4.140032, idp-5.0.110130325, vsrx-12.1, vsrx-15.1, isg-3.5.141597, idp-5.1.110160603
This signature detects a MSN Messenger Live Person to Person File Transfer Invite message over HTTP.
isg-3.5.141652, idp-5.1.110161014, idp-4.0.0, idp-4.0.110090709, idp-4.0.110090831, idp-4.1.0, mx-16.1, vmx-11.4, idp-4.2.0, idp-5.0.0, isg-3.0.0, isg-3.1.134269, isg-3.1.135801, isg-3.4.0, isg-3.5.0, j-series-9.5, idp-4.2.110100823, idp-4.2.110101203, idp-5.1.0, idp-4.1.110110609, idp-4.1.110110719, mx-11.4, vmx-16.1, isg-3.4.139899, idp-5.0.110121210, srx-12.1, srx-branch-12.1, isg-3.4.140032, idp-5.0.110130325, vsrx-12.1, vsrx-15.1, isg-3.5.141597, idp-5.1.110160603
This signature detects attempts to exploit a known vulnerability against Adobe Flash Player. A successful attack can lead to arbitrary code execution.
isg-3.5.141652, srx-branch-12.1, vmx-16.1, mx-11.4, idp-5.1.110161014, idp-4.1.0, mx-16.1, vmx-11.4, vsrx-12.1, vsrx-15.1, idp-5.1.110160603, j-series-9.5, isg-3.5.141597, srx-12.1
This signature detects attempts to exploit a known vulnerability against Google Chrome. A successful attack can lead to remote code execution.
isg-3.5.141652, idp-5.1.110161014, idp-4.0.0, idp-4.0.110090709, idp-4.0.110090831, idp-4.1.0, mx-16.1, vmx-11.4, idp-4.2.0, idp-5.0.0, isg-3.1.134269, isg-3.1.135801, isg-3.4.0, isg-3.5.0, j-series-9.5, idp-4.2.110100823, idp-4.2.110101203, idp-5.1.0, idp-4.1.110110609, idp-4.1.110110719, mx-11.4, vmx-16.1, isg-3.4.139899, idp-5.0.110121210, srx-12.1, srx-branch-12.1, isg-3.4.140032, idp-5.0.110130325, vsrx-12.1, vsrx-15.1, isg-3.5.141597, idp-5.1.110160603
This signature detects attempts to exploit a known vulnerability against Google Chrome. A successful attack can lead to arbitrary code execution.
isg-3.5.141652, idp-5.1.110161014, idp-4.0.0, idp-4.0.110090709, idp-4.0.110090831, idp-4.1.0, mx-16.1, vmx-11.4, idp-4.2.0, idp-5.0.0, isg-3.1.134269, isg-3.1.135801, isg-3.4.0, isg-3.5.0, j-series-9.5, idp-4.2.110100823, idp-4.2.110101203, idp-5.1.0, idp-4.1.110110609, idp-4.1.110110719, mx-11.4, vmx-16.1, isg-3.4.139899, idp-5.0.110121210, srx-12.1, srx-branch-12.1, isg-3.4.140032, idp-5.0.110130325, vsrx-12.1, vsrx-15.1, isg-3.5.141597, idp-5.1.110160603
This signature detects attempts to exploit a known vulnerability against Google Chrome. A successful attack can lead to arbitrary code execution.
isg-3.5.141652, idp-5.1.110161014, idp-4.0.0, idp-4.0.110090709, idp-4.0.110090831, idp-4.1.0, mx-16.1, vmx-11.4, idp-4.2.0, idp-5.0.0, isg-3.1.134269, isg-3.1.135801, isg-3.4.0, isg-3.5.0, j-series-9.5, idp-4.2.110100823, idp-4.2.110101203, idp-5.1.0, idp-4.1.110110609, idp-4.1.110110719, mx-11.4, vmx-16.1, isg-3.4.139899, idp-5.0.110121210, srx-12.1, srx-branch-12.1, isg-3.4.140032, idp-5.0.110130325, vsrx-12.1, vsrx-15.1, isg-3.5.141597, idp-5.1.110160603
This signature detects an attempt to exploit an Use-After-Free Vulnerability in Microsoft Edge. Successful exploitation could allow an attacker to execute arbitrary code into the application's context.
isg-3.5.141652, idp-5.1.110161014, idp-4.0.0, idp-4.0.110090709, idp-4.0.110090831, idp-4.1.0, mx-16.1, vmx-11.4, idp-4.2.0, idp-5.0.0, isg-3.1.134269, isg-3.1.135801, isg-3.4.0, isg-3.5.0, j-series-9.5, idp-4.2.110100823, idp-4.2.110101203, idp-5.1.0, idp-4.1.110110609, idp-4.1.110110719, mx-11.4, vmx-16.1, isg-3.4.139899, idp-5.0.110121210, srx-12.1, srx-branch-12.1, isg-3.4.140032, idp-5.0.110130325, vsrx-12.1, vsrx-15.1, isg-3.5.141597, idp-5.1.110160603
This signature detects attempts to exploit a known vulnerability against Microsoft Edge. A successful attack can lead to arbitrary code execution.
isg-3.5.141652, idp-5.1.110161014, idp-4.0.0, idp-4.0.110090709, idp-4.0.110090831, idp-4.1.0, mx-16.1, vmx-11.4, idp-4.2.0, idp-5.0.0, isg-3.1.134269, isg-3.1.135801, isg-3.4.0, isg-3.5.0, j-series-9.5, idp-4.2.110100823, idp-4.2.110101203, idp-5.1.0, idp-4.1.110110609, idp-4.1.110110719, mx-11.4, vmx-16.1, isg-3.4.139899, idp-5.0.110121210, srx-12.1, srx-branch-12.1, isg-3.4.140032, idp-5.0.110130325, vsrx-12.1, vsrx-15.1, isg-3.5.141597, idp-5.1.110160603
This signature detects attempts to exploit a known vulnerability in Intel Active Management Technology (AMT) and the Intel Standard Manageability (ISM) and Intel Small Business Technology (SBT) variants. Successful exploitation allows an unprivileged attacker to gain administrative privileges over the management component of the target system.
isg-3.5.141652, idp-5.1.110161014, idp-4.0.0, idp-4.0.110090709, idp-4.0.110090831, idp-4.1.0, mx-16.1, vmx-11.4, idp-4.2.0, idp-5.0.0, isg-3.0.0, isg-3.1.134269, isg-3.1.135801, isg-3.4.0, isg-3.5.0, j-series-9.5, idp-4.2.110100823, idp-4.2.110101203, idp-5.1.0, idp-4.1.110110609, idp-4.1.110110719, mx-11.4, vmx-16.1, isg-3.4.139899, idp-5.0.110121210, srx-12.1, srx-branch-12.1, isg-3.4.140032, idp-5.0.110130325, vsrx-12.1, vsrx-15.1, isg-3.5.141597, idp-5.1.110160603
This signature detects an attempt to exploit an Use-After-Free Vulnerability in Apple's Safari. Successful exploitation could allow an attacker to execute arbitrary code into the application's context.
isg-3.5.141652, idp-5.1.110161014, idp-4.0.0, idp-4.0.110090709, idp-4.0.110090831, idp-4.1.0, mx-16.1, vmx-11.4, idp-4.2.0, idp-5.0.0, isg-3.1.134269, isg-3.1.135801, isg-3.4.0, isg-3.5.0, j-series-9.5, idp-4.2.110100823, idp-4.2.110101203, idp-5.1.0, idp-4.1.110110609, idp-4.1.110110719, mx-11.4, vmx-16.1, isg-3.4.139899, idp-5.0.110121210, srx-12.1, srx-branch-12.1, isg-3.4.140032, idp-5.0.110130325, vsrx-12.1, vsrx-15.1, isg-3.5.141597, idp-5.1.110160603
This signature is written to block the SMBv1 requests.
isg-3.5.141652, idp-5.1.110161014, DI-Client, idp-4.1.110110719, DI-Worm, idp-4.0.0, mx-11.4, DI-Base, idp-4.1.0, mx-16.1, vmx-11.4, vmx-16.1, idp-5.0.0, idp-4.2.0, isg-3.5.0, isg-3.0.0, DI-Server, isg-3.1.135801, isg-3.4.0, idp-4.0.110090831, isg-3.4.139899, idp-5.0.110121210, srx-12.1, srx-branch-12.1, isg-3.4.140032, idp-5.0.110130325, idp-4.0.110090709, idp-4.2.110101203, vsrx-12.1, idp-5.1.0, j-series-9.5, isg-3.1.134269, vsrx-15.1, idp-4.1.110110609, idp-4.2.110100823, isg-3.5.141597, idp-5.1.110160603
This signature detects attempts to exploit a known vulnerability against Apple Safari. A successful attack can lead to arbitrary code execution.
isg-3.5.141652, idp-5.1.110161014, idp-4.0.0, idp-4.0.110090709, idp-4.0.110090831, idp-4.1.0, mx-16.1, vmx-11.4, idp-4.2.0, idp-5.0.0, isg-3.1.134269, isg-3.1.135801, isg-3.4.0, isg-3.5.0, j-series-9.5, idp-4.2.110100823, idp-4.2.110101203, idp-5.1.0, idp-4.1.110110609, idp-4.1.110110719, mx-11.4, vmx-16.1, isg-3.4.139899, idp-5.0.110121210, srx-12.1, srx-branch-12.1, isg-3.4.140032, idp-5.0.110130325, vsrx-12.1, vsrx-15.1, isg-3.5.141597, idp-5.1.110160603
This signature detects attempts to exploit a known vulnerability against Apple Safari. A successful attack can lead to arbitrary code execution.
isg-3.5.141652, idp-5.1.110161014, idp-4.0.0, idp-4.0.110090709, idp-4.0.110090831, idp-4.1.0, mx-16.1, vmx-11.4, idp-4.2.0, idp-5.0.0, isg-3.1.134269, isg-3.1.135801, isg-3.4.0, isg-3.5.0, j-series-9.5, idp-4.2.110100823, idp-4.2.110101203, idp-5.1.0, idp-4.1.110110609, idp-4.1.110110719, mx-11.4, vmx-16.1, isg-3.4.139899, idp-5.0.110121210, srx-12.1, srx-branch-12.1, isg-3.4.140032, idp-5.0.110130325, vsrx-12.1, vsrx-15.1, isg-3.5.141597, idp-5.1.110160603
This signature detects an attempt to exploit an out-of-bounds read vulnerability in Apple Safari. Successful exploitation could allow an attacker to execute arbitrary code into the application's context.
isg-3.5.141652, idp-5.1.110161014, idp-4.0.0, idp-4.0.110090709, idp-4.0.110090831, idp-4.1.0, mx-16.1, vmx-11.4, idp-4.2.0, idp-5.0.0, isg-3.1.134269, isg-3.1.135801, isg-3.4.0, isg-3.5.0, j-series-9.5, idp-4.2.110100823, idp-4.2.110101203, idp-5.1.0, idp-4.1.110110609, idp-4.1.110110719, mx-11.4, vmx-16.1, isg-3.4.139899, idp-5.0.110121210, srx-12.1, srx-branch-12.1, isg-3.4.140032, idp-5.0.110130325, vsrx-12.1, vsrx-15.1, isg-3.5.141597, idp-5.1.110160603
This signature detects attempts to exploit a known vulnerability against Microsoft Edge. A successful attack can lead to access violation.
isg-3.5.141652, idp-5.1.110161014, idp-4.0.0, idp-4.0.110090709, idp-4.0.110090831, idp-4.1.0, mx-16.1, vmx-11.4, idp-4.2.0, idp-5.0.0, isg-3.1.134269, isg-3.1.135801, isg-3.4.0, isg-3.5.0, j-series-9.5, idp-4.2.110100823, idp-4.2.110101203, idp-5.1.0, idp-4.1.110110609, idp-4.1.110110719, mx-11.4, vmx-16.1, isg-3.4.139899, idp-5.0.110121210, srx-12.1, srx-branch-12.1, isg-3.4.140032, idp-5.0.110130325, vsrx-12.1, vsrx-15.1, isg-3.5.141597, idp-5.1.110160603
This signature detects attempts to exploit a known vulnerability against Apple Safari. A successful attack can lead to arbitrary code execution.
isg-3.5.141652, idp-5.1.110161014, idp-4.0.0, idp-4.0.110090709, idp-4.0.110090831, idp-4.1.0, mx-16.1, vmx-11.4, idp-4.2.0, idp-5.0.0, isg-3.1.134269, isg-3.1.135801, isg-3.4.0, isg-3.5.0, j-series-9.5, idp-4.2.110100823, idp-4.2.110101203, idp-5.1.0, idp-4.1.110110609, idp-4.1.110110719, mx-11.4, vmx-16.1, isg-3.4.139899, idp-5.0.110121210, srx-12.1, srx-branch-12.1, isg-3.4.140032, idp-5.0.110130325, vsrx-12.1, vsrx-15.1, isg-3.5.141597, idp-5.1.110160603
This signature detects an attempt to exploit an Use-After-Free Vulnerability in Apple Safari browser. Successful exploitation could allow an attacker to execute arbitrary code into the application's context.
isg-3.5.141652, idp-5.1.110161014, idp-4.0.0, idp-4.0.110090709, idp-4.0.110090831, idp-4.1.0, mx-16.1, vmx-11.4, idp-4.2.0, idp-5.0.0, isg-3.1.134269, isg-3.1.135801, isg-3.4.0, isg-3.5.0, j-series-9.5, idp-4.2.110100823, idp-4.2.110101203, idp-5.1.0, idp-4.1.110110609, idp-4.1.110110719, mx-11.4, vmx-16.1, isg-3.4.139899, idp-5.0.110121210, srx-12.1, srx-branch-12.1, isg-3.4.140032, idp-5.0.110130325, vsrx-12.1, vsrx-15.1, isg-3.5.141597, idp-5.1.110160603
This signature prevents triggering of executable code on the client's side to send an email to other users.
isg-3.5.141652, idp-5.1.110161014, idp-4.0.0, idp-4.0.110090709, idp-4.0.110090831, idp-4.1.0, mx-16.1, vmx-11.4, idp-4.2.0, idp-5.0.0, isg-3.0.0, isg-3.1.134269, isg-3.1.135801, isg-3.4.0, isg-3.5.0, j-series-9.5, idp-4.2.110100823, idp-4.2.110101203, idp-5.1.0, idp-4.1.110110609, idp-4.1.110110719, mx-11.4, vmx-16.1, isg-3.4.139899, idp-5.0.110121210, srx-12.1, srx-branch-12.1, isg-3.4.140032, idp-5.0.110130325, vsrx-12.1, vsrx-15.1, isg-3.5.141597, idp-5.1.110160603
Adobe Flash Player have an exploitable use when masking display objects. Successful exploitation could lead to arbitrary code execution.
isg-3.5.141652, srx-branch-12.1, vsrx-12.1, mx-11.4, idp-5.1.110161014, idp-4.1.0, mx-16.1, vmx-11.4, vmx-16.1, vsrx-15.1, srx-12.1, j-series-9.5, isg-3.5.141597, idp-5.1.110160603
This signature detects attempts to exploit a known vulnerability against Microsoft Edge. A successful attack can lead to arbitrary code execution.
isg-3.5.141652, idp-5.1.110161014, idp-4.0.0, idp-4.0.110090709, idp-4.0.110090831, idp-4.1.0, mx-16.1, vmx-11.4, idp-4.2.0, idp-5.0.0, isg-3.1.134269, isg-3.1.135801, isg-3.4.0, isg-3.5.0, j-series-9.5, idp-4.2.110100823, idp-4.2.110101203, idp-5.1.0, idp-4.1.110110609, idp-4.1.110110719, mx-11.4, vmx-16.1, isg-3.4.139899, idp-5.0.110121210, srx-12.1, srx-branch-12.1, isg-3.4.140032, idp-5.0.110130325, vsrx-12.1, vsrx-15.1, isg-3.5.141597, idp-5.1.110160603