Juniper Networks
Solutions
Products & Services
Company
Partners
Support
Education

Update Details

Security Intelligence Center
Print

Update #3036 (02/13/2018)

15 new signatures:

HIGHHTTP:STC:DL:CVE-2018-0756-EOPHTTP: Microsoft Windows Kernel CVE-2018-0756 Elevation of Privileges
HIGHHTTP:STC:DL:CVE-2018-0742-EOPHTTP: Windows Kernel CVE-2018-0742 Elevation of Privileges
HIGHHTTP:STC:DL:CVE-2018-0844-EOPHTTP: Microsoft CVE-2018-0844 Common Log File System Driver Elevation of Privileges
HIGHHTTP:STC:DL:CVE-2018-0846-EOPHTTP: Microsoft CVE-2018-0846 Common Log File System Driver Elevation of Privileges
HIGHHTTP:STC:DL:CVE-2018-0841-RCEHTTP: Microsoft Excel CVE-2018-0841 Remote Code Execution
HIGHHTTP:STC:IE:CVE-2018-0858-MCHTTP: Microsoft Scripting Engine CVE-2018-0858 Memory Corruption
HIGHHTTP:STC:IE:CVE-2018-0838-MCHTTP: Microsoft Scripting Engine CVE-2018-0838 Memory Corruption
HIGHHTTP:STC:IE:CVE-2018-0834-MCHTTP: Microsoft Scripting Engine CVE-2018-0834 Memory Corruption
HIGHHTTP:STC:DL:CVE-2018-0825-RCEHTTP: Microsoft Windows StructuredQuery CVE-2018-0825 Remote Code Execution
HIGHHTTP:STC:IE:CVE-2018-0860-MCHTTP: Microsoft Scripting Engine CVE-2018-0860 Memory Corruption
HIGHHTTP:STC:IE:CVE-2018-0835-MCHTTP: Microsoft Edge Script Engine CVE-2018-0835 Memory Corruption
HIGHHTTP:STC:DL:CVE-2018-0842-RCEHTTP: Microsoft Windows Kernel CVE-2018-0842 Remote Code Execution
HIGHHTTP:STC:IE:CVE-2018-0866-MCHTTP: Microsoft Browsers CVE-2018-0866 Scripting Engine Memory Corruption
HIGHHTTP:STC:IE:CVE-2018-0840-MCHTTP: Microsoft Browsers CVE-2018-0840 Scripting Engine Memory Corruption
HIGHHTTP:STC:IE:CVE-2018-0837-MCHTTP: Microsoft Edge CVE-2018-0837 Script Engine Memory Corruption

1 updated signature:

HIGHHTTP:STC:IE:CVE-2017-11893-RCEHTTP: Microsoft Edge CVE-2017-11893 Remote Code Execution


Details of the signatures included within this bulletin:

HTTP:STC:DL:CVE-2018-0756-EOP - HTTP: Microsoft Windows Kernel CVE-2018-0756 Elevation of Privileges

Severity: HIGH

Description:

This signature detects attempts to exploit a known vulnerability against Windows Kernel. A successful attack can lead to elevation of privileges.

Supported On:

isg-3.5.141652, idp-5.1.110161014, idp-4.0.0, idp-4.0.110090709, idp-4.0.110090831, idp-4.1.0, mx-16.1, idp-4.2.0, srx-17.3, vmx-17.4, idp-5.0.0, vsrx-17.4, srx-branch-17.4, srx-17.4, isg-3.1.134269, isg-3.1.135801, isg-3.4.0, isg-3.5.0, j-series-9.5, idp-4.2.110100823, idp-4.2.110101203, idp-5.1.0, idp-4.1.110110609, idp-4.1.110110719, mx-11.4, isg-3.5.141818, isg-3.4.139899, idp-5.0.110121210, srx-12.1, srx-branch-12.1, isg-3.4.140032, idp-5.0.110130325, vsrx-12.1, isg-3.0.0, idp-5.1.110170603, vsrx-15.1

References:

  • cve: CVE-2018-0756

HTTP:STC:DL:CVE-2018-0742-EOP - HTTP: Windows Kernel CVE-2018-0742 Elevation of Privileges

Severity: HIGH

Description:

This signature detects attempts to exploit a known vulnerability against Windows Kernel. A successful attack can lead to elevation of privileges.

Supported On:

isg-3.5.141652, idp-5.1.110161014, idp-4.0.0, idp-4.0.110090709, idp-4.0.110090831, idp-4.1.0, mx-16.1, idp-4.2.0, srx-17.3, vmx-17.4, idp-5.0.0, vsrx-17.4, srx-branch-17.4, srx-17.4, isg-3.1.134269, isg-3.1.135801, isg-3.4.0, isg-3.5.0, j-series-9.5, idp-4.2.110100823, idp-4.2.110101203, idp-5.1.0, idp-4.1.110110609, idp-4.1.110110719, mx-11.4, isg-3.5.141818, isg-3.4.139899, idp-5.0.110121210, srx-12.1, srx-branch-12.1, isg-3.4.140032, idp-5.0.110130325, vsrx-12.1, isg-3.0.0, idp-5.1.110170603, vsrx-15.1

References:

  • cve: CVE-2018-0742

HTTP:STC:DL:CVE-2018-0844-EOP - HTTP: Microsoft CVE-2018-0844 Common Log File System Driver Elevation of Privileges

Severity: HIGH

Description:

This signature attempts to capture an out of bound vulnerabilityexists in Windows Common Log File System Driver. Successful exploitation of this vulnerability can achieve Elevation of Privilege.

Supported On:

isg-3.5.141652, idp-5.1.110161014, idp-4.0.0, idp-4.0.110090709, idp-4.0.110090831, idp-4.1.0, mx-16.1, idp-4.2.0, srx-17.3, vmx-17.4, idp-5.0.0, vsrx-17.4, srx-branch-17.4, srx-17.4, isg-3.1.134269, isg-3.1.135801, isg-3.4.0, isg-3.5.0, j-series-9.5, idp-4.2.110100823, idp-4.2.110101203, idp-5.1.0, idp-4.1.110110609, idp-4.1.110110719, mx-11.4, isg-3.5.141818, isg-3.4.139899, idp-5.0.110121210, srx-12.1, srx-branch-12.1, isg-3.4.140032, idp-5.0.110130325, vsrx-12.1, isg-3.0.0, idp-5.1.110170603, vsrx-15.1

References:

  • cve: CVE-2018-0844

HTTP:STC:DL:CVE-2018-0846-EOP - HTTP: Microsoft CVE-2018-0846 Common Log File System Driver Elevation of Privileges

Severity: HIGH

Description:

This signature attempts to capture an out of bound write vulnerabilityexists in Windows Common Log File System Driver. Successful exploitation of this vulnerability can achieve Elevation of Privileges.

Supported On:

isg-3.5.141652, idp-5.1.110161014, idp-4.0.0, idp-4.0.110090709, idp-4.0.110090831, idp-4.1.0, mx-16.1, idp-4.2.0, srx-17.3, vmx-17.4, idp-5.0.0, vsrx-17.4, srx-branch-17.4, srx-17.4, isg-3.1.134269, isg-3.1.135801, isg-3.4.0, isg-3.5.0, j-series-9.5, idp-4.2.110100823, idp-4.2.110101203, idp-5.1.0, idp-4.1.110110609, idp-4.1.110110719, mx-11.4, isg-3.5.141818, isg-3.4.139899, idp-5.0.110121210, srx-12.1, srx-branch-12.1, isg-3.4.140032, idp-5.0.110130325, vsrx-12.1, isg-3.0.0, idp-5.1.110170603, vsrx-15.1

References:

  • cve: CVE-2018-0846

HTTP:STC:DL:CVE-2018-0841-RCE - HTTP: Microsoft Excel CVE-2018-0841 Remote Code Execution

Severity: HIGH

Description:

This signature detects an attempt to exploit a Code Execution vulnerability in Excel. Successful exploitation could allow an attacker to achieve Remote Code Execution.

Supported On:

isg-3.5.141652, idp-5.1.110161014, mx-11.4, idp-4.1.0, mx-16.1, srx-17.3, vmx-17.4, isg-3.5.141818, vsrx-17.4, srx-branch-17.4, srx-17.4, idp-5.1.110170603, j-series-9.5, srx-12.1, srx-branch-12.1, vsrx-12.1, vsrx-15.1

References:

  • cve: CVE-2018-0841

HTTP:STC:IE:CVE-2017-11893-RCE - HTTP: Microsoft Edge CVE-2017-11893 Remote Code Execution

Severity: HIGH

Description:

This signature detects attempts to exploit a known vulnerability against Microsoft Edge. A successful attack can lead to arbitrary code execution.

Supported On:

isg-3.5.141652, idp-5.1.110161014, idp-4.0.0, idp-4.0.110090709, idp-4.0.110090831, idp-4.1.0, mx-16.1, idp-4.2.0, srx-17.3, vmx-17.4, isg-3.5.141818, vsrx-17.4, srx-branch-17.4, srx-17.4, isg-3.1.134269, isg-3.1.135801, isg-3.4.0, isg-3.5.0, j-series-9.5, idp-4.2.110100823, idp-4.2.110101203, idp-5.1.0, idp-4.1.110110609, idp-4.1.110110719, mx-11.4, idp-5.0.0, isg-3.4.139899, idp-5.0.110121210, srx-12.1, srx-branch-12.1, isg-3.4.140032, idp-5.0.110130325, vsrx-12.1, idp-5.1.110170603, vsrx-15.1

References:

  • cve: CVE-2017-11893
  • bugtraq: 102081

Affected Products:

  • Microsoft edge -

HTTP:STC:IE:CVE-2018-0858-MC - HTTP: Microsoft Scripting Engine CVE-2018-0858 Memory Corruption

Severity: HIGH

Description:

This signature detects an attempt to exploit an Use-After-Free Vulnerability in Microsoft Scripting Engine. Successful exploitation could allow an attacker to execute arbitrary code into the application's context.

Supported On:

isg-3.5.141652, idp-5.1.110161014, idp-4.0.0, idp-4.0.110090709, idp-4.0.110090831, idp-4.1.0, mx-16.1, idp-4.2.0, srx-17.3, vmx-17.4, isg-3.5.141818, vsrx-17.4, srx-branch-17.4, srx-17.4, isg-3.1.134269, isg-3.1.135801, isg-3.4.0, isg-3.5.0, j-series-9.5, idp-4.2.110100823, idp-4.2.110101203, idp-5.1.0, idp-4.1.110110609, idp-4.1.110110719, mx-11.4, idp-5.0.0, isg-3.4.139899, idp-5.0.110121210, srx-12.1, srx-branch-12.1, isg-3.4.140032, idp-5.0.110130325, vsrx-12.1, idp-5.1.110170603, vsrx-15.1

References:

  • cve: CVE-2018-0858

HTTP:STC:IE:CVE-2018-0838-MC - HTTP: Microsoft Scripting Engine CVE-2018-0838 Memory Corruption

Severity: HIGH

Description:

This signature detects an attempt to exploit a Memory Corruption vulnerability in IE. Successful exploitation could allow an attacker to achieve Remote Code Execution.

Supported On:

isg-3.5.141652, idp-5.1.110161014, idp-4.0.0, idp-4.0.110090709, idp-4.0.110090831, idp-4.1.0, mx-16.1, idp-4.2.0, srx-17.3, vmx-17.4, isg-3.5.141818, vsrx-17.4, srx-branch-17.4, srx-17.4, isg-3.1.134269, isg-3.1.135801, isg-3.4.0, isg-3.5.0, j-series-9.5, idp-4.2.110100823, idp-4.2.110101203, idp-5.1.0, idp-4.1.110110609, idp-4.1.110110719, mx-11.4, idp-5.0.0, isg-3.4.139899, idp-5.0.110121210, srx-12.1, srx-branch-12.1, isg-3.4.140032, idp-5.0.110130325, vsrx-12.1, idp-5.1.110170603, vsrx-15.1

References:

  • cve: CVE-2018-0838

HTTP:STC:IE:CVE-2018-0834-MC - HTTP: Microsoft Scripting Engine CVE-2018-0834 Memory Corruption

Severity: HIGH

Description:

This signature detects an attempt to exploit an Memory Corruption Vulnerability in Microsoft Scripting Engine. Successful exploitation could allow an attacker to execute arbitrary code in the context of current user.

Supported On:

isg-3.5.141652, idp-5.1.110161014, idp-4.0.0, idp-4.0.110090709, idp-4.0.110090831, idp-4.1.0, mx-16.1, idp-4.2.0, srx-17.3, vmx-17.4, isg-3.5.141818, vsrx-17.4, srx-branch-17.4, srx-17.4, isg-3.1.134269, isg-3.1.135801, isg-3.4.0, isg-3.5.0, j-series-9.5, idp-4.2.110100823, idp-4.2.110101203, idp-5.1.0, idp-4.1.110110609, idp-4.1.110110719, mx-11.4, idp-5.0.0, isg-3.4.139899, idp-5.0.110121210, srx-12.1, srx-branch-12.1, isg-3.4.140032, idp-5.0.110130325, vsrx-12.1, idp-5.1.110170603, vsrx-15.1

References:

  • cve: CVE-2018-0834

HTTP:STC:DL:CVE-2018-0825-RCE - HTTP: Microsoft Windows StructuredQuery CVE-2018-0825 Remote Code Execution

Severity: HIGH

Description:

This signature attempts to capture an integer overflow exists in the StructuredQuery. Successful exploitation of this vulnerability can achieve Remote Code Execution.

Supported On:

isg-3.5.141652, idp-5.1.110161014, idp-4.0.0, idp-4.0.110090709, idp-4.0.110090831, idp-4.1.0, mx-16.1, idp-4.2.0, srx-17.3, vmx-17.4, idp-5.0.0, vsrx-17.4, srx-branch-17.4, srx-17.4, isg-3.1.134269, isg-3.1.135801, isg-3.4.0, isg-3.5.0, j-series-9.5, idp-4.2.110100823, idp-4.2.110101203, idp-5.1.0, idp-4.1.110110609, idp-4.1.110110719, mx-11.4, isg-3.5.141818, isg-3.4.139899, idp-5.0.110121210, srx-12.1, srx-branch-12.1, isg-3.4.140032, idp-5.0.110130325, vsrx-12.1, isg-3.0.0, idp-5.1.110170603, vsrx-15.1

References:

  • cve: CVE-2018-0825

HTTP:STC:IE:CVE-2018-0860-MC - HTTP: Microsoft Scripting Engine CVE-2018-0860 Memory Corruption

Severity: HIGH

Description:

This signature detects an attempt to exploit an Use-After-Free Vulnerability in Microsoft Scripting Engine. Successful exploitation could allow an attacker to execute arbitrary code into the application's context.

Supported On:

isg-3.5.141652, idp-5.1.110161014, idp-4.0.0, idp-4.0.110090709, idp-4.0.110090831, idp-4.1.0, mx-16.1, idp-4.2.0, srx-17.3, vmx-17.4, isg-3.5.141818, vsrx-17.4, srx-branch-17.4, srx-17.4, isg-3.1.134269, isg-3.1.135801, isg-3.4.0, isg-3.5.0, j-series-9.5, idp-4.2.110100823, idp-4.2.110101203, idp-5.1.0, idp-4.1.110110609, idp-4.1.110110719, mx-11.4, idp-5.0.0, isg-3.4.139899, idp-5.0.110121210, srx-12.1, srx-branch-12.1, isg-3.4.140032, idp-5.0.110130325, vsrx-12.1, idp-5.1.110170603, vsrx-15.1

References:

  • cve: CVE-2018-0860

HTTP:STC:IE:CVE-2018-0835-MC - HTTP: Microsoft Edge Script Engine CVE-2018-0835 Memory Corruption

Severity: HIGH

Description:

This signature detects an attempt to exploit an Memory Corruption Vulnerability in Microsoft Internet Explorer. Successful exploitation could allow an attacker to execute arbitrary code in the context of current user.

Supported On:

isg-3.5.141652, idp-5.1.110161014, idp-4.0.0, idp-4.0.110090709, idp-4.0.110090831, idp-4.1.0, mx-16.1, idp-4.2.0, srx-17.3, vmx-17.4, isg-3.5.141818, vsrx-17.4, srx-branch-17.4, srx-17.4, isg-3.1.134269, isg-3.1.135801, isg-3.4.0, isg-3.5.0, j-series-9.5, idp-4.2.110100823, idp-4.2.110101203, idp-5.1.0, idp-4.1.110110609, idp-4.1.110110719, mx-11.4, idp-5.0.0, isg-3.4.139899, idp-5.0.110121210, srx-12.1, srx-branch-12.1, isg-3.4.140032, idp-5.0.110130325, vsrx-12.1, idp-5.1.110170603, vsrx-15.1

References:

  • cve: CVE-2018-0835

HTTP:STC:DL:CVE-2018-0842-RCE - HTTP: Microsoft Windows Kernel CVE-2018-0842 Remote Code Execution

Severity: HIGH

Description:

This signature detects attempts to exploit a known vulnerability against Microsoft Windows Kernel. A successful attack can lead to arbitrary code execution.

Supported On:

isg-3.5.141652, idp-5.1.110161014, idp-4.0.0, idp-4.0.110090709, idp-4.0.110090831, idp-4.1.0, mx-16.1, idp-4.2.0, srx-17.3, vmx-17.4, idp-5.0.0, vsrx-17.4, srx-branch-17.4, srx-17.4, isg-3.1.134269, isg-3.1.135801, isg-3.4.0, isg-3.5.0, j-series-9.5, idp-4.2.110100823, idp-4.2.110101203, idp-5.1.0, idp-4.1.110110609, idp-4.1.110110719, mx-11.4, isg-3.5.141818, isg-3.4.139899, idp-5.0.110121210, srx-12.1, srx-branch-12.1, isg-3.4.140032, idp-5.0.110130325, vsrx-12.1, isg-3.0.0, idp-5.1.110170603, vsrx-15.1

References:

  • cve: CVE-2018-0842

HTTP:STC:IE:CVE-2018-0866-MC - HTTP: Microsoft Browsers CVE-2018-0866 Scripting Engine Memory Corruption

Severity: HIGH

Description:

This signature detects an attempt to exploit an Use-After-Free Vulnerability in Microsoft Browsers. Successful exploitation could allow an attacker to execute arbitrary code into the application's context.

Supported On:

isg-3.5.141652, idp-5.1.110161014, idp-4.0.0, idp-4.0.110090709, idp-4.0.110090831, idp-4.1.0, mx-16.1, idp-4.2.0, srx-17.3, vmx-17.4, isg-3.5.141818, vsrx-17.4, srx-branch-17.4, srx-17.4, isg-3.1.134269, isg-3.1.135801, isg-3.4.0, isg-3.5.0, j-series-9.5, idp-4.2.110100823, idp-4.2.110101203, idp-5.1.0, idp-4.1.110110609, idp-4.1.110110719, mx-11.4, idp-5.0.0, isg-3.4.139899, idp-5.0.110121210, srx-12.1, srx-branch-12.1, isg-3.4.140032, idp-5.0.110130325, vsrx-12.1, idp-5.1.110170603, vsrx-15.1

References:

  • cve: CVE-2018-0866

HTTP:STC:IE:CVE-2018-0840-MC - HTTP: Microsoft Browsers CVE-2018-0840 Scripting Engine Memory Corruption

Severity: HIGH

Description:

This signature detects an attempt to exploit a Memory Corruption vulnerability in Microsoft Browsers Scripting Engine. Successful exploitation could allow an attacker to achieve Remote Code Execution.

Supported On:

isg-3.5.141652, idp-5.1.110161014, idp-4.0.0, idp-4.0.110090709, idp-4.0.110090831, idp-4.1.0, mx-16.1, idp-4.2.0, srx-17.3, vmx-17.4, isg-3.5.141818, vsrx-17.4, srx-branch-17.4, srx-17.4, isg-3.1.134269, isg-3.1.135801, isg-3.4.0, isg-3.5.0, j-series-9.5, idp-4.2.110100823, idp-4.2.110101203, idp-5.1.0, idp-4.1.110110609, idp-4.1.110110719, mx-11.4, idp-5.0.0, isg-3.4.139899, idp-5.0.110121210, srx-12.1, srx-branch-12.1, isg-3.4.140032, idp-5.0.110130325, vsrx-12.1, idp-5.1.110170603, vsrx-15.1

References:

  • cve: CVE-2018-0840

HTTP:STC:IE:CVE-2018-0837-MC - HTTP: Microsoft Edge CVE-2018-0837 Script Engine Memory Corruption

Severity: HIGH

Description:

This signature detects an attempt to exploit an Memory Corruption Vulnerability in Microsoft Internet Explorer. Successful exploitation could allow an attacker to execute arbitrary code in the context of current user.

Supported On:

isg-3.5.141652, idp-5.1.110161014, idp-4.0.0, idp-4.0.110090709, idp-4.0.110090831, idp-4.1.0, mx-16.1, idp-4.2.0, srx-17.3, vmx-17.4, isg-3.5.141818, vsrx-17.4, srx-branch-17.4, srx-17.4, isg-3.1.134269, isg-3.1.135801, isg-3.4.0, isg-3.5.0, j-series-9.5, idp-4.2.110100823, idp-4.2.110101203, idp-5.1.0, idp-4.1.110110609, idp-4.1.110110719, mx-11.4, idp-5.0.0, isg-3.4.139899, idp-5.0.110121210, srx-12.1, srx-branch-12.1, isg-3.4.140032, idp-5.0.110130325, vsrx-12.1, idp-5.1.110170603, vsrx-15.1

References:

  • cve: CVE-2018-0837
Site Map
RSS Feeds
Careers
Accessibility
Feedback
Privacy Policy
Legal Notices
Copyright © 1999-2010 Juniper Networks, Inc. All rights reserved.
Help
|
My Account
|
Log Out