Juniper Networks
Solutions
Products & Services
Company
Partners
Support
Education

Update Details

Security Intelligence Center
Print

Update #3005 (11/14/2017)

22 new signatures:

HIGHHTTP:STC:ADOBE:CVE-2017-16395CEHTTP: Adobe Acrobat Reader CVE-2017-16395 Remote Code Execution
HIGHHTTP:STC:ADOBE:CVE-2017-16387CEHTTP: Adobe Acrobat CVE-2017-16387 Remote Code Execution
HIGHHTTP:STC:ADOBE:CVE-2017-16383CEHTTP: Adobe Acrobat CVE-2017-16383 Remote Code Execution
MEDIUMHTTP:STC:ADOBE:CVE-2017-16371IDHTTP: Adobe Pdf CVE-2017-16371 Sensitive Information Leak
HIGHHTTP:STC:IE:CVE-2017-11837-MCHTTP: Microsoft Edge CVE-2017-11837 Scripting Engine Memory Corruption
HIGHHTTP:STC:DL:CVE-2017-11878-MCHTTP: Microsoft Excel CVE-2017-11878 Memory Corruption
HIGHHTTP:STC:IE:CVE-2017-11861-MCHTTP: Microsoft Edge CVE-2017-11861 Scripting Engine Memory Corruption
HIGHHTTP:STC:IE:CVE-2017-11858-MCHTTP: Microsoft Edge CVE-2017-11858 Scripting Engine Memory Corruption
HIGHHTTP:STC:IE:CVE-2017-11869-MCHTTP: Microsoft IE CVE-2017-11869 Scripting Engine Memory Corruption
HIGHHTTP:STC:IE:CVE-2017-11873-MCHTTP: Microsoft Edge CVE-2017-11873 Scripting Engine Memory Corruption
MEDIUMHTTP:STC:ADOBE:CVE-2017-16403IDHTTP: Adobe Emf CVE-2017-16403 Information Disclosure
HIGHHTTP:STC:IE:MS-EDGE-JS-MC-2HTTP: Microsoft Edge JIT JavaScript Memory Corruption
HIGHHTTP:STC:IE:CVE-2017-11856-MCHTTP: Microsoft Internet Explorer CVE-2017-11856 Memory Corruption
HIGHHTTP:STC:IE:CVE-2017-11846-MCHTTP: Microsoft Edge CVE-2017-11846 Scripting Engine Memory Corruption
MEDIUMHTTP:STC:IE:CVE-2017-11791-IDHTTP: Microsoft Edge CVE-2017-11791 Scripting Engine Information Disclosure
HIGHHTTP:STC:IE:CVE-2017-11843-MCHTTP: Microsoft browsers CVE-2017-11843 Memory Corruption
HIGHHTTP:STC:IE:CVE-2017-11840-RCEHTTP: Microsoft Edge CVE-2017-11840 Remote Code Execution
HIGHHTTP:STC:DL:CVE-2017-11847-PEHTTP: Microsoft Windows CVE-2017-11847 Kernel Privilege Escalation
HIGHHTTP:STC:IE:CVE-2017-11841-MCHTTP: Microsoft Edge CVE-2017-11841 Memory Corruption
HIGHHTTP:STC:DL:CVE-2017-11854-RCEHTTP: Microsoft Word CVE-2017-11854 Remote Code Execution
HIGHHTTP:STC:IE:CVE-2017-11845-MCHTTP: Microsoft Edge CVE-2017-11845 Memory Corruption
HIGHHTTP:STC:IE:CVE-2017-11855-MCHTTP: Microsoft Internet Explorer CVE-2017-11855 Memory Corruption

5 updated signatures:

HIGHHTTP:MISC:MS-IE-AS4HTTP: Microsoft Internet Explorer Asynchronous NULL Object Access (4)
HIGHHTTP:STC:ACTIVEX:IRFILEIOSRVCHTTP: HP LoadRunner lrFileIOService Unsafe ActiveX Control Input Validation Error
HIGHHTTP:STC:CHROME:WEBKIT-OOHTTP: Apple Safari and Google Chrome Webkit Object Outline Memory Corruption
HIGHHTTP:STC:ORBIT-DL-URLHTTP: Orbit Downloader Long URL Stack Buffer Overflow
MEDIUMHTTP:STC:ACTIVEX:EBCRYPT-PRNGHTTP: EB Design ebCrypt Unsafe Activex Control


Details of the signatures included within this bulletin:

HTTP:MISC:MS-IE-AS4 - HTTP: Microsoft Internet Explorer Asynchronous NULL Object Access (4)

Severity: HIGH

Description:

This signature detects attempts to exploit a known vulnerability against Microsoft Internet Explorer. A successful attack can lead to arbitrary code execution.

Supported On:

isg-3.5.141652, idp-5.1.110161014, idp-4.0.0, idp-4.0.110090709, idp-4.0.110090831, idp-4.1.0, mx-16.1, idp-4.2.0, srx-17.3, vmx-17.4, isg-3.5.141818, vsrx-17.4, srx-branch-17.4, isg-3.0.0, idp-5.1.110170603, isg-3.1.135801, isg-3.4.0, isg-3.5.0, j-series-9.5, idp-4.2.110100823, idp-4.2.110101203, idp-5.1.0, idp-4.1.110110609, idp-4.1.110110719, mx-11.4, idp-5.0.0, isg-3.4.139899, idp-5.0.110121210, srx-12.1, srx-branch-12.1, isg-3.4.140032, idp-5.0.110130325, vsrx-12.1, srx-17.4, isg-3.1.134269, vsrx-15.1

HTTP:STC:IE:CVE-2017-11837-MC - HTTP: Microsoft Edge CVE-2017-11837 Scripting Engine Memory Corruption

Severity: HIGH

Description:

This signature detects attempts to exploit a known vulnerability against Microsoft Edge. A successful attack can lead to arbitrary code execution.

Supported On:

isg-3.5.141652, idp-5.1.110161014, idp-4.0.0, idp-4.0.110090709, idp-4.0.110090831, idp-4.1.0, mx-16.1, idp-4.2.0, srx-17.3, vmx-17.4, isg-3.5.141818, vsrx-17.4, srx-branch-17.4, srx-17.4, isg-3.1.134269, isg-3.1.135801, isg-3.4.0, isg-3.5.0, j-series-9.5, idp-4.2.110100823, idp-4.2.110101203, idp-5.1.0, idp-4.1.110110609, idp-4.1.110110719, mx-11.4, idp-5.0.0, isg-3.4.139899, idp-5.0.110121210, srx-12.1, srx-branch-12.1, isg-3.4.140032, idp-5.0.110130325, vsrx-12.1, idp-5.1.110170603, vsrx-15.1

References:

  • cve: CVE-2017-11837

HTTP:STC:DL:CVE-2017-11878-MC - HTTP: Microsoft Excel CVE-2017-11878 Memory Corruption

Severity: HIGH

Description:

This signature detects attempts to exploit a known vulnerability against Microsoft Excel. A successful attack can lead to arbitrary code execution.

Supported On:

isg-3.5.141652, idp-5.1.110161014, mx-11.4, idp-4.1.0, mx-16.1, srx-17.3, vmx-17.4, isg-3.5.141818, vsrx-17.4, srx-branch-17.4, srx-17.4, idp-5.1.110170603, j-series-9.5, srx-12.1, srx-branch-12.1, vsrx-12.1, vsrx-15.1

References:

  • cve: CVE-2017-11878

HTTP:STC:IE:CVE-2017-11861-MC - HTTP: Microsoft Edge CVE-2017-11861 Scripting Engine Memory Corruption

Severity: HIGH

Description:

This signature detects attempts to exploit a known vulnerability against Microsoft Edge. A successful attack can lead to arbitrary code execution.

Supported On:

isg-3.5.141652, idp-5.1.110161014, idp-4.0.0, idp-4.0.110090709, idp-4.0.110090831, idp-4.1.0, mx-16.1, idp-4.2.0, srx-17.3, vmx-17.4, isg-3.5.141818, vsrx-17.4, srx-branch-17.4, srx-17.4, isg-3.1.134269, isg-3.1.135801, isg-3.4.0, isg-3.5.0, j-series-9.5, idp-4.2.110100823, idp-4.2.110101203, idp-5.1.0, idp-4.1.110110609, idp-4.1.110110719, mx-11.4, idp-5.0.0, isg-3.4.139899, idp-5.0.110121210, srx-12.1, srx-branch-12.1, isg-3.4.140032, idp-5.0.110130325, vsrx-12.1, idp-5.1.110170603, vsrx-15.1

References:

  • cve: CVE-2017-11861

HTTP:STC:IE:CVE-2017-11858-MC - HTTP: Microsoft Edge CVE-2017-11858 Scripting Engine Memory Corruption

Severity: HIGH

Description:

This signature detects attempts to exploit a known vulnerability against Microsoft Edge. A successful attack can lead to arbitrary code execution.

Supported On:

isg-3.5.141652, idp-5.1.110161014, idp-4.0.0, idp-4.0.110090709, idp-4.0.110090831, idp-4.1.0, mx-16.1, idp-4.2.0, srx-17.3, vmx-17.4, isg-3.5.141818, vsrx-17.4, srx-branch-17.4, srx-17.4, isg-3.1.134269, isg-3.1.135801, isg-3.4.0, isg-3.5.0, j-series-9.5, idp-4.2.110100823, idp-4.2.110101203, idp-5.1.0, idp-4.1.110110609, idp-4.1.110110719, mx-11.4, idp-5.0.0, isg-3.4.139899, idp-5.0.110121210, srx-12.1, srx-branch-12.1, isg-3.4.140032, idp-5.0.110130325, vsrx-12.1, idp-5.1.110170603, vsrx-15.1

References:

  • cve: CVE-2017-11858

HTTP:STC:IE:CVE-2017-11869-MC - HTTP: Microsoft IE CVE-2017-11869 Scripting Engine Memory Corruption

Severity: HIGH

Description:

This signature detects attempts to exploit a known vulnerability against Microsoft IE. A successful attack can lead to arbitrary code execution.

Supported On:

isg-3.5.141652, idp-5.1.110161014, idp-4.0.0, idp-4.0.110090709, idp-4.0.110090831, idp-4.1.0, mx-16.1, idp-4.2.0, srx-17.3, vmx-17.4, isg-3.5.141818, vsrx-17.4, srx-branch-17.4, srx-17.4, isg-3.1.134269, isg-3.1.135801, isg-3.4.0, isg-3.5.0, j-series-9.5, idp-4.2.110100823, idp-4.2.110101203, idp-5.1.0, idp-4.1.110110609, idp-4.1.110110719, mx-11.4, idp-5.0.0, isg-3.4.139899, idp-5.0.110121210, srx-12.1, srx-branch-12.1, isg-3.4.140032, idp-5.0.110130325, vsrx-12.1, idp-5.1.110170603, vsrx-15.1

References:

  • cve: CVE-2017-11869

HTTP:STC:IE:CVE-2017-11873-MC - HTTP: Microsoft Edge CVE-2017-11873 Scripting Engine Memory Corruption

Severity: HIGH

Description:

This signature detects attempts to exploit a known vulnerability against Microsoft Edge. A successful attack can lead to arbitrary code execution.

Supported On:

isg-3.5.141652, idp-5.1.110161014, idp-4.0.0, idp-4.0.110090709, idp-4.0.110090831, idp-4.1.0, mx-16.1, idp-4.2.0, srx-17.3, vmx-17.4, isg-3.5.141818, vsrx-17.4, srx-branch-17.4, srx-17.4, isg-3.1.134269, isg-3.1.135801, isg-3.4.0, isg-3.5.0, j-series-9.5, idp-4.2.110100823, idp-4.2.110101203, idp-5.1.0, idp-4.1.110110609, idp-4.1.110110719, mx-11.4, idp-5.0.0, isg-3.4.139899, idp-5.0.110121210, srx-12.1, srx-branch-12.1, isg-3.4.140032, idp-5.0.110130325, vsrx-12.1, idp-5.1.110170603, vsrx-15.1

References:

  • cve: CVE-2017-11873

HTTP:STC:ADOBE:CVE-2017-16395CE - HTTP: Adobe Acrobat Reader CVE-2017-16395 Remote Code Execution

Severity: HIGH

Description:

This signature detects attempts to exploit a known vulnerability against Adobe Acrobat Reader. A successful attack can lead to arbitrary code execution.

Supported On:

isg-3.5.141652, idp-5.1.110161014, idp-4.0.0, idp-4.0.110090709, idp-4.0.110090831, idp-4.1.0, mx-16.1, idp-4.2.0, srx-17.3, vmx-17.4, idp-5.0.0, vsrx-17.4, srx-branch-17.4, srx-17.4, isg-3.1.134269, isg-3.1.135801, isg-3.4.0, isg-3.5.0, j-series-9.5, idp-4.2.110100823, idp-4.2.110101203, idp-5.1.0, idp-4.1.110110609, idp-4.1.110110719, mx-11.4, isg-3.5.141818, isg-3.4.139899, idp-5.0.110121210, srx-12.1, srx-branch-12.1, isg-3.4.140032, idp-5.0.110130325, vsrx-12.1, isg-3.0.0, idp-5.1.110170603, vsrx-15.1

References:

  • cve: CVE-2017-16395

HTTP:STC:ACTIVEX:IRFILEIOSRVC - HTTP: HP LoadRunner lrFileIOService Unsafe ActiveX Control Input Validation Error

Severity: HIGH

Description:

This signature detects attempts to use unsafe ActiveX controls in the HP LoadRunner. An attacker can create a malicious Web site containing Web pages with dangerous ActiveX controls, which if accessed by a victim, allows the attacker to gain control of the victim's client browser.

Supported On:

isg-3.5.141652, idp-5.1.110161014, DI-Client, DI-Worm, idp-4.0.0, idp-4.0.110090709, idp-4.0.110090831, idp-4.1.0, mx-16.1, idp-4.2.0, srx-17.3, vmx-17.4, isg-3.5.141818, vsrx-17.4, srx-branch-17.4, isg-3.0.0, isg-3.1.134269, isg-3.1.135801, isg-3.4.0, isg-3.5.0, j-series-9.5, idp-4.2.110100823, idp-4.2.110101203, idp-5.1.0, idp-4.1.110110609, idp-4.1.110110719, mx-11.4, idp-5.0.0, isg-3.4.139899, idp-5.0.110121210, srx-12.1, srx-branch-12.1, isg-3.4.140032, idp-5.0.110130325, vsrx-12.1, srx-17.4, idp-5.1.110170603, vsrx-15.1

References:

  • cve: CVE-2013-2370

Affected Products:

  • Hp loadrunner 11.0.0.0
  • Hp loadrunner 9.0.0
  • Hp loadrunner 9.51
  • Hp loadrunner 11.50
  • Hp loadrunner 9.52
  • Hp loadrunner up to 11.51
  • Hp loadrunner 9.50.0

HTTP:STC:ADOBE:CVE-2017-16403ID - HTTP: Adobe Emf CVE-2017-16403 Information Disclosure

Severity: MEDIUM

Description:

This signature detects attempts to exploit a known vulnerability against Adobe reader/Acrobat pro. A successful attack can lead to Information Disclosure.

Supported On:

isg-3.5.141652, idp-5.1.110161014, idp-4.0.0, idp-4.0.110090709, idp-4.0.110090831, idp-4.1.0, mx-16.1, idp-4.2.0, srx-17.3, vmx-17.4, idp-5.0.0, vsrx-17.4, srx-branch-17.4, srx-17.4, isg-3.1.134269, isg-3.1.135801, isg-3.4.0, isg-3.5.0, j-series-9.5, idp-4.2.110100823, idp-4.2.110101203, idp-5.1.0, idp-4.1.110110609, idp-4.1.110110719, mx-11.4, isg-3.5.141818, isg-3.4.139899, idp-5.0.110121210, srx-12.1, srx-branch-12.1, isg-3.4.140032, idp-5.0.110130325, vsrx-12.1, isg-3.0.0, idp-5.1.110170603, vsrx-15.1

References:

  • cve: CVE-2017-16403

HTTP:STC:ORBIT-DL-URL - HTTP: Orbit Downloader Long URL Stack Buffer Overflow

Severity: HIGH

Description:

A buffer overflow vulnerability exists in Orbit Downloader. The vulnerability is caused due to insufficient boundary checking in the URL string processing. An attacker may exploit this vulnerability by enticing a target user to open a malicious long URL. Successful exploitation might lead to injection and execution of arbitrary code in the security context of the currently logged in user. If code execution is successful, the behaviour of the target will depend on the intention of the injected code. Otherwise, Orbit Downloader may terminate abnormally.

Supported On:

isg-3.5.141652, idp-5.1.110161014, idp-4.0.0, idp-4.0.110090709, idp-4.0.110090831, idp-4.1.0, mx-16.1, idp-4.2.0, srx-17.3, vmx-17.4, isg-3.5.141818, vsrx-17.4, srx-branch-17.4, srx-17.4, isg-3.1.134269, isg-3.1.135801, isg-3.4.0, isg-3.5.0, j-series-9.5, idp-4.2.110100823, idp-4.2.110101203, idp-5.1.0, idp-4.1.110110609, idp-4.1.110110719, mx-11.4, idp-5.0.0, isg-3.4.139899, idp-5.0.110121210, srx-12.1, srx-branch-12.1, isg-3.4.140032, idp-5.0.110130325, vsrx-12.1, idp-5.1.110170603, vsrx-15.1

References:

  • cve: CVE-2009-0187
  • bugtraq: 33894

Affected Products:

  • Orbit downloader orbit_downloader 2.8.2
  • Orbit downloader orbit_downloader 2.8.3
  • Orbit downloader orbit_downloader 2.8.4

HTTP:STC:ACTIVEX:EBCRYPT-PRNG - HTTP: EB Design ebCrypt Unsafe Activex Control

Severity: MEDIUM

Description:

This signature detects attempts to use unsafe ActiveX controls in the EB Design ebCrypt. An attacker can create a malicious Web site containing Web pages with dangerous ActiveX controls, which if accessed by a victim, allows the attacker to gain control of the victim's client browser.

Supported On:

isg-3.5.141652, idp-5.1.110161014, DI-Client, DI-Worm, idp-4.0.0, idp-4.0.110090709, idp-4.0.110090831, idp-4.1.0, mx-16.1, idp-4.2.0, srx-17.3, vmx-17.4, isg-3.5.141818, vsrx-17.4, srx-branch-17.4, isg-3.0.0, isg-3.1.134269, isg-3.1.135801, isg-3.4.0, isg-3.5.0, j-series-9.5, idp-4.2.110100823, idp-4.2.110101203, idp-5.1.0, idp-4.1.110110609, idp-4.1.110110719, mx-11.4, idp-5.0.0, isg-3.4.139899, idp-5.0.110121210, srx-12.1, srx-branch-12.1, isg-3.4.140032, idp-5.0.110130325, vsrx-12.1, srx-17.4, idp-5.1.110170603, vsrx-15.1

References:

  • bugtraq: 25787
  • cve: CVE-2007-5110

Affected Products:

  • Eb design pty ltd ebcrypt 2.0

HTTP:STC:ADOBE:CVE-2017-16387CE - HTTP: Adobe Acrobat CVE-2017-16387 Remote Code Execution

Severity: HIGH

Description:

This signature detects attempts to exploit a known vulnerability against Adobe Acrobat. A successful attack can lead to arbitrary code execution.

Supported On:

isg-3.5.141652, idp-5.1.110161014, mx-11.4, idp-4.1.0, mx-16.1, srx-17.3, vmx-17.4, isg-3.5.141818, vsrx-17.4, srx-branch-17.4, srx-17.4, idp-5.1.110170603, j-series-9.5, srx-12.1, srx-branch-12.1, vsrx-12.1, vsrx-15.1

References:

  • cve: CVE-2017-16387

HTTP:STC:CHROME:WEBKIT-OO - HTTP: Apple Safari and Google Chrome Webkit Object Outline Memory Corruption

Severity: HIGH

Description:

This signature detects attempts to exploit a known memory corruption vulnerability in Webkit, the HTML rendering engine used in Apple's Safari and Google's Chrome Web browser. It is due to memory corruption during the rendering of HTML object outlines. This can be exploited by enticing a user to open a specially crafted Web page. A successful attack can result in memory corruption which can crash the browser or could lead to arbitrary code execution.

Supported On:

isg-3.5.141652, idp-5.1.110161014, idp-4.0.0, idp-4.0.110090709, idp-4.0.110090831, idp-4.1.0, mx-16.1, idp-4.2.0, srx-17.3, vmx-17.4, isg-3.5.141818, vsrx-17.4, srx-branch-17.4, srx-17.4, isg-3.1.134269, isg-3.1.135801, isg-3.4.0, isg-3.5.0, j-series-9.5, idp-4.2.110100823, idp-4.2.110101203, idp-5.1.0, idp-4.1.110110609, idp-4.1.110110719, mx-11.4, idp-5.0.0, isg-3.4.139899, idp-5.0.110121210, srx-12.1, srx-branch-12.1, isg-3.4.140032, idp-5.0.110130325, vsrx-12.1, idp-5.1.110170603, vsrx-15.1

References:

  • cve: CVE-2010-1813
  • bugtraq: 43078

Affected Products:

  • Apple safari 4
  • Apple safari 4 For Windows
  • Apple safari 4.0.5
  • Apple safari 4.0.5 For Windows
  • Apple safari 4.1.2 for Windows
  • Apple safari 5.0.2 for Windows
  • Apple iphone 3.0.1
  • Apple ios 2.0
  • Apple safari 4.0.3 For Windows
  • Apple safari 4.0.3
  • Apple safari 4.0.1
  • Apple ios 4.0.2
  • Apple ios 3.2.1
  • Apple ios 3.2
  • Apple ipod_touch 2.0.2
  • Apple ios 4.2 beta
  • Apple iphone 2.0.2
  • Apple ios 4.0.1
  • Apple safari 4.1
  • Apple safari 5.0
  • Apple safari 5.0 For Windows
  • Apple iphone 3.0
  • Apple safari 4.0.2
  • Apple safari 4.0.2 For Windows
  • Google chrome 5.0.375.1
  • Apple iphone 2.2
  • Apple ipod_touch 2.2
  • Apple iphone 2.2.1
  • Apple safari 5.0.1 for Windows
  • Apple ipod_touch 2.2.1
  • Apple ipod_touch 3.0
  • Google chrome 5.0.375.12
  • Apple safari 4.0.4 For Windows
  • Apple safari 4.0.4
  • Apple ipad
  • Google chrome 5.0.375.11
  • Apple ipod_touch 2.0.1
  • Apple iphone 2.1 - Iphone
  • Apple iphone 2.1 - Ipodtouch
  • Apple iphone 2.2.1 - Iphone
  • Apple iphone 2.2.1 - Ipodtouch
  • Apple iphone 2.2 - Iphone
  • Apple iphone 2.2 - Ipodtouch
  • Apple iphone 3.0.1 - Iphone
  • Apple iphone 3.0.1 - Ipodtouch
  • Apple iphone 3.0 - Iphone
  • Apple iphone 3.0 - Ipodtouch
  • Apple iphone 3.1.2 - Iphone
  • Apple iphone 3.1.2 - Ipodtouch
  • Apple iphone 3.1.3 - Iphone
  • Apple iphone 3.1.3 - Ipodtouch
  • Apple iphone 3.1 - Iphone
  • Apple iphone 3.1 - Ipodtouch
  • Apple iphone 3.2
  • Apple iphone 3.2.1
  • Apple iphone 3.2.1 - Ipad
  • Apple iphone 3.2 - Iphone
  • Apple iphone 3.2 - Ipodtouch
  • Apple iphone 4.0
  • Apple iphone 4.0.1
  • Apple iphone 4.0.1 - Iphone
  • Apple iphone 4.0 - Iphone
  • Apple iphone 4.0 - Ipodtouch
  • Apple ipod_touch 2.1
  • Apple iphone 3.1
  • Apple ipod_touch 3.1.1
  • Apple ios 3.2.2
  • Apple ipad 3.2
  • Apple ipad 3.2.1
  • Google chrome 5.0.375.0
  • Apple safari 5.0.1
  • Apple safari 4.1.1
  • Apple iphone 2.1
  • Apple ipad 3.2.2
  • Google chrome 5.0.375.10
  • Apple ios 4
  • Apple iphone 2.0.1
  • Apple ipad
  • Apple iphone 2.0
  • Apple ipod_touch 2.0
  • Apple iphone 3.1.2
  • Apple iphone 3.1.3
  • Apple ipod_touch 3.1.2
  • Apple ipod_touch 3.1.3
  • Apple safari 4 Beta

HTTP:STC:ADOBE:CVE-2017-16383CE - HTTP: Adobe Acrobat CVE-2017-16383 Remote Code Execution

Severity: HIGH

Description:

This signature detects attempts to exploit a known vulnerability against Adobe Acrobat Pro. A successful attack can lead to arbitrary code execution.

Supported On:

isg-3.5.141652, idp-5.1.110161014, idp-4.0.0, idp-4.0.110090709, idp-4.0.110090831, idp-4.1.0, mx-16.1, idp-4.2.0, srx-17.3, vmx-17.4, isg-3.5.141818, vsrx-17.4, srx-branch-17.4, srx-17.4, isg-3.1.134269, isg-3.1.135801, isg-3.4.0, isg-3.5.0, j-series-9.5, idp-4.2.110100823, idp-4.2.110101203, idp-5.1.0, idp-4.1.110110609, idp-4.1.110110719, mx-11.4, idp-5.0.0, isg-3.4.139899, idp-5.0.110121210, srx-12.1, srx-branch-12.1, isg-3.4.140032, idp-5.0.110130325, vsrx-12.1, idp-5.1.110170603, vsrx-15.1

References:

  • cve: CVE-2017-16383

HTTP:STC:IE:MS-EDGE-JS-MC-2 - HTTP: Microsoft Edge JIT JavaScript Memory Corruption

Severity: HIGH

Description:

This signature detects a Web page containing specific JavaScript code. This code can cause memory corruption within Microsoft Edge. A successful attack can lead to arbitrary code execution.

Supported On:

isg-3.5.141652, idp-5.1.110161014, idp-4.0.0, idp-4.0.110090709, idp-4.0.110090831, idp-4.1.0, mx-16.1, idp-4.2.0, srx-17.3, vmx-17.4, isg-3.5.141818, vsrx-17.4, srx-branch-17.4, srx-17.4, isg-3.1.134269, isg-3.1.135801, isg-3.4.0, isg-3.5.0, j-series-9.5, idp-4.2.110100823, idp-4.2.110101203, idp-5.1.0, idp-4.1.110110609, idp-4.1.110110719, mx-11.4, idp-5.0.0, isg-3.4.139899, idp-5.0.110121210, srx-12.1, srx-branch-12.1, isg-3.4.140032, idp-5.0.110130325, vsrx-12.1, idp-5.1.110170603, vsrx-15.1

References:

  • cve: CVE-2017-11802
  • bugtraq: 101130

HTTP:STC:IE:CVE-2017-11856-MC - HTTP: Microsoft Internet Explorer CVE-2017-11856 Memory Corruption

Severity: HIGH

Description:

An Out-of-Bounds Write vulnerability has been found in Microsoft Internet Explorer. Successful exploitation of this vulnerability could achieve Remote Code Execution.

Supported On:

isg-3.5.141652, idp-5.1.110161014, idp-4.0.0, idp-4.0.110090709, idp-4.0.110090831, idp-4.1.0, mx-16.1, idp-4.2.0, srx-17.3, vmx-17.4, isg-3.5.141818, vsrx-17.4, srx-branch-17.4, srx-17.4, isg-3.1.134269, isg-3.1.135801, isg-3.4.0, isg-3.5.0, j-series-9.5, idp-4.2.110100823, idp-4.2.110101203, idp-5.1.0, idp-4.1.110110609, idp-4.1.110110719, mx-11.4, idp-5.0.0, isg-3.4.139899, idp-5.0.110121210, srx-12.1, srx-branch-12.1, isg-3.4.140032, idp-5.0.110130325, vsrx-12.1, idp-5.1.110170603, vsrx-15.1

References:

  • cve: CVE-2017-11856

HTTP:STC:ADOBE:CVE-2017-16371ID - HTTP: Adobe Pdf CVE-2017-16371 Sensitive Information Leak

Severity: MEDIUM

Description:

This signature detects attempts to exploit a known vulnerability against Adobe Reader. A successful attack can lead to sensitive data exposure.

Supported On:

isg-3.5.141652, idp-5.1.110161014, mx-11.4, idp-4.1.0, mx-16.1, srx-17.3, vmx-17.4, isg-3.5.141818, vsrx-17.4, srx-branch-17.4, srx-17.4, idp-5.1.110170603, j-series-9.5, srx-12.1, srx-branch-12.1, vsrx-12.1, vsrx-15.1

References:

  • cve: CVE-2017-16371

HTTP:STC:IE:CVE-2017-11846-MC - HTTP: Microsoft Edge CVE-2017-11846 Scripting Engine Memory Corruption

Severity: HIGH

Description:

This signature detects attempts to exploit a known vulnerability against Microsoft Edge. Successful exploitation can lead to Remote Code Execution.

Supported On:

isg-3.5.141652, idp-5.1.110161014, idp-4.0.0, idp-4.0.110090709, idp-4.0.110090831, idp-4.1.0, mx-16.1, idp-4.2.0, srx-17.3, vmx-17.4, isg-3.5.141818, vsrx-17.4, srx-branch-17.4, srx-17.4, isg-3.1.134269, isg-3.1.135801, isg-3.4.0, isg-3.5.0, j-series-9.5, idp-4.2.110100823, idp-4.2.110101203, idp-5.1.0, idp-4.1.110110609, idp-4.1.110110719, mx-11.4, idp-5.0.0, isg-3.4.139899, idp-5.0.110121210, srx-12.1, srx-branch-12.1, isg-3.4.140032, idp-5.0.110130325, vsrx-12.1, idp-5.1.110170603, vsrx-15.1

References:

  • cve: CVE-2017-11846

HTTP:STC:IE:CVE-2017-11791-ID - HTTP: Microsoft Edge CVE-2017-11791 Scripting Engine Information Disclosure

Severity: MEDIUM

Description:

This signature detects attempts to exploit a known vulnerability in the Microsoft Edge. A successful attack can lead to unauthorized information disclosure.

Supported On:

isg-3.5.141652, idp-5.1.110161014, idp-4.0.0, idp-4.0.110090709, idp-4.0.110090831, idp-4.1.0, mx-16.1, idp-4.2.0, srx-17.3, vmx-17.4, isg-3.5.141818, vsrx-17.4, srx-branch-17.4, srx-17.4, isg-3.1.134269, isg-3.1.135801, isg-3.4.0, isg-3.5.0, j-series-9.5, idp-4.2.110100823, idp-4.2.110101203, idp-5.1.0, idp-4.1.110110609, idp-4.1.110110719, mx-11.4, idp-5.0.0, isg-3.4.139899, idp-5.0.110121210, srx-12.1, srx-branch-12.1, isg-3.4.140032, idp-5.0.110130325, vsrx-12.1, idp-5.1.110170603, vsrx-15.1

References:

  • cve: CVE-2017-11791

HTTP:STC:IE:CVE-2017-11843-MC - HTTP: Microsoft browsers CVE-2017-11843 Memory Corruption

Severity: HIGH

Description:

This signature detects attempts to exploit a known vulnerability against Microsoft browsers. A successful attack can lead to remote code execution.

Supported On:

isg-3.5.141652, idp-5.1.110161014, idp-4.0.0, idp-4.0.110090709, idp-4.0.110090831, idp-4.1.0, mx-16.1, idp-4.2.0, srx-17.3, vmx-17.4, isg-3.5.141818, vsrx-17.4, srx-branch-17.4, srx-17.4, isg-3.1.134269, isg-3.1.135801, isg-3.4.0, isg-3.5.0, j-series-9.5, idp-4.2.110100823, idp-4.2.110101203, idp-5.1.0, idp-4.1.110110609, idp-4.1.110110719, mx-11.4, idp-5.0.0, isg-3.4.139899, idp-5.0.110121210, srx-12.1, srx-branch-12.1, isg-3.4.140032, idp-5.0.110130325, vsrx-12.1, idp-5.1.110170603, vsrx-15.1

References:

  • cve: CVE-2017-11843

HTTP:STC:IE:CVE-2017-11840-RCE - HTTP: Microsoft Edge CVE-2017-11840 Remote Code Execution

Severity: HIGH

Description:

This signature detects attempts to exploit a known vulnerability against Microsoft Edge. A successful attack can lead to remote code execution.

Supported On:

isg-3.5.141652, idp-5.1.110161014, idp-4.0.0, idp-4.0.110090709, idp-4.0.110090831, idp-4.1.0, mx-16.1, idp-4.2.0, srx-17.3, vmx-17.4, isg-3.5.141818, vsrx-17.4, srx-branch-17.4, srx-17.4, isg-3.1.134269, isg-3.1.135801, isg-3.4.0, isg-3.5.0, j-series-9.5, idp-4.2.110100823, idp-4.2.110101203, idp-5.1.0, idp-4.1.110110609, idp-4.1.110110719, mx-11.4, idp-5.0.0, isg-3.4.139899, idp-5.0.110121210, srx-12.1, srx-branch-12.1, isg-3.4.140032, idp-5.0.110130325, vsrx-12.1, idp-5.1.110170603, vsrx-15.1

References:

  • cve: CVE-2017-11840

HTTP:STC:DL:CVE-2017-11847-PE - HTTP: Microsoft Windows CVE-2017-11847 Kernel Privilege Escalation

Severity: HIGH

Description:

This signature detects attempts to exploit a known vulnerability in the Windows Kernel Mode drivers. A successful attack may result in a privilege escalation.

Supported On:

isg-3.5.141652, idp-5.1.110161014, idp-4.0.0, idp-4.0.110090709, idp-4.0.110090831, idp-4.1.0, mx-16.1, idp-4.2.0, srx-17.3, vmx-17.4, isg-3.5.141818, vsrx-17.4, srx-branch-17.4, srx-17.4, isg-3.1.134269, isg-3.1.135801, isg-3.4.0, isg-3.5.0, j-series-9.5, idp-4.2.110100823, idp-4.2.110101203, idp-5.1.0, idp-4.1.110110609, idp-4.1.110110719, mx-11.4, idp-5.0.0, isg-3.4.139899, idp-5.0.110121210, srx-12.1, srx-branch-12.1, isg-3.4.140032, idp-5.0.110130325, vsrx-12.1, idp-5.1.110170603, vsrx-15.1

References:

  • cve: CVE-2017-11847

HTTP:STC:IE:CVE-2017-11841-MC - HTTP: Microsoft Edge CVE-2017-11841 Memory Corruption

Severity: HIGH

Description:

This signature detects attempts to exploit a known vulnerability against Microsoft Edge. A successful attack can lead to remote code execution.

Supported On:

isg-3.5.141652, idp-5.1.110161014, idp-4.0.0, idp-4.0.110090709, idp-4.0.110090831, idp-4.1.0, mx-16.1, idp-4.2.0, srx-17.3, vmx-17.4, isg-3.5.141818, vsrx-17.4, srx-branch-17.4, srx-17.4, isg-3.1.134269, isg-3.1.135801, isg-3.4.0, isg-3.5.0, j-series-9.5, idp-4.2.110100823, idp-4.2.110101203, idp-5.1.0, idp-4.1.110110609, idp-4.1.110110719, mx-11.4, idp-5.0.0, isg-3.4.139899, idp-5.0.110121210, srx-12.1, srx-branch-12.1, isg-3.4.140032, idp-5.0.110130325, vsrx-12.1, idp-5.1.110170603, vsrx-15.1

References:

  • cve: CVE-2017-11841

HTTP:STC:DL:CVE-2017-11854-RCE - HTTP: Microsoft Word CVE-2017-11854 Remote Code Execution

Severity: HIGH

Description:

An Uninitialized Memory Use vulnerability has been found in Microsoft Word. Successful exploitation of this vulnerability could achieve Remote Code Execution.

Supported On:

isg-3.5.141652, idp-5.1.110161014, idp-4.0.0, idp-4.0.110090709, idp-4.0.110090831, idp-4.1.0, mx-16.1, idp-4.2.0, srx-17.3, vmx-17.4, idp-5.0.0, vsrx-17.4, srx-branch-17.4, srx-17.4, isg-3.1.134269, isg-3.1.135801, isg-3.4.0, isg-3.5.0, j-series-9.5, idp-4.2.110100823, idp-4.2.110101203, idp-5.1.0, idp-4.1.110110609, idp-4.1.110110719, mx-11.4, isg-3.5.141818, isg-3.4.139899, idp-5.0.110121210, srx-12.1, srx-branch-12.1, isg-3.4.140032, idp-5.0.110130325, vsrx-12.1, isg-3.0.0, idp-5.1.110170603, vsrx-15.1

References:

  • cve: CVE-2017-11854

HTTP:STC:IE:CVE-2017-11845-MC - HTTP: Microsoft Edge CVE-2017-11845 Memory Corruption

Severity: HIGH

Description:

This signature detects attempts to exploit a known vulnerability against Microsoft Edge. A successful attack can lead to remote code execution.

Supported On:

isg-3.5.141652, idp-5.1.110161014, idp-4.0.0, idp-4.0.110090709, idp-4.0.110090831, idp-4.1.0, mx-16.1, idp-4.2.0, srx-17.3, vmx-17.4, isg-3.5.141818, vsrx-17.4, srx-branch-17.4, srx-17.4, isg-3.1.134269, isg-3.1.135801, isg-3.4.0, isg-3.5.0, j-series-9.5, idp-4.2.110100823, idp-4.2.110101203, idp-5.1.0, idp-4.1.110110609, idp-4.1.110110719, mx-11.4, idp-5.0.0, isg-3.4.139899, idp-5.0.110121210, srx-12.1, srx-branch-12.1, isg-3.4.140032, idp-5.0.110130325, vsrx-12.1, idp-5.1.110170603, vsrx-15.1

References:

  • cve: CVE-2017-11845

HTTP:STC:IE:CVE-2017-11855-MC - HTTP: Microsoft Internet Explorer CVE-2017-11855 Memory Corruption

Severity: HIGH

Description:

This signature detects attempts to exploit a known vulnerability against Microsoft Internet Explorer. A successful attack can lead to remote code execution.

Supported On:

isg-3.5.141652, idp-5.1.110161014, idp-4.0.0, idp-4.0.110090709, idp-4.0.110090831, idp-4.1.0, mx-16.1, idp-4.2.0, srx-17.3, vmx-17.4, isg-3.5.141818, vsrx-17.4, srx-branch-17.4, srx-17.4, isg-3.1.134269, isg-3.1.135801, isg-3.4.0, isg-3.5.0, j-series-9.5, idp-4.2.110100823, idp-4.2.110101203, idp-5.1.0, idp-4.1.110110609, idp-4.1.110110719, mx-11.4, idp-5.0.0, isg-3.4.139899, idp-5.0.110121210, srx-12.1, srx-branch-12.1, isg-3.4.140032, idp-5.0.110130325, vsrx-12.1, idp-5.1.110170603, vsrx-15.1

References:

  • cve: CVE-2017-11855
Site Map
RSS Feeds
Careers
Accessibility
Feedback
Privacy Policy
Legal Notices
Copyright © 1999-2010 Juniper Networks, Inc. All rights reserved.
Help
|
My Account
|
Log Out