Juniper Networks
Solutions
Products & Services
Company
Partners
Support
Education

Update Details

Security Intelligence Center
Print

Update #3091 (08/14/2018)

10 deprecated signatures:

HIGHDOS:WINDOWS:WINNUKE-NETBIOSDOS: WinNuke (netbios) Removal Date: 08/23/2018 Reason For Deprecation: Very old cve sig for EOS products.
LOWSCAN:CYBERCOP:FINGER-QUERYSCAN: Cybercop Finger Query Removal Date: 08/23/2018 Reason For Deprecation: This signature is for End of support products.
HIGHIP:SRC-ROUTE-OFIGMP: Source Route Overflow Removal Date: 08/23/2018 Reason For Deprecation: This signature is for End of support products.
HIGHDOS:IP:IGMP-OVERSIZEDOS: IGMP Oversize Removal Date: 08/23/2018 Reason For Deprecation: This signature is for End of support products.
HIGHNETBIOS:DOS:RFPOISONNETBIOS RFPoision DOS Attack Removal Date: 08/23/2018 Reason For Deprecation: Very old cve sig for EOS products.
MEDIUMFINGER:USER:ROOTFINGER: User "root" Removal Date: 08/23/2018 Reason For Deprecation: Very old cve sig for EOS products.
MEDIUMHTTP:STC:CLSID:ACTIVEX:WH32-OFHTTP: WinHelp32.exe Remote Buffer Overrun Removal Date: 08/23/2018 Reason For Deprecation: Very old cve sig for EOS products.
MEDIUMSMB:MS-WIN-2000-LANMAN-UDP-DOSSMB: Microsoft Windows 2000 Lanman UDP Denial of Service Removal Date: 08/23/2018 Reason For Deprecation: Very old cve sig for EOS products.
MEDIUMFINGER:USER:SLASH-FILEFINGER: / File Query Removal Date: 08/23/2018 Reason For Deprecation: This signature is for End of support products.
INFOSCAN:MISC:HTTP:FINGER-PROBESCAN: Finger Probe Removal Date: 08/23/2018 Reason For Deprecation: This signature is for End of support products.

Customers are suggested to remove the deprecated signatures from the IDP policy, if they are explicitly configured, other than Dynamic groups

20 new signatures:

HIGHHTTP:STC:IE:CVE-2018-8266-MCHTTP: Microsoft Scripting Engine CVE-2018-8266 Memory Corruption
HIGHHTTP:STC:DL:MS-CVE-2018-8405-PEHTTP: Microsoft Windows DirectX Graphics Kernel Elevation of Privilege Vulnerability
HIGHHTTP:STC:IE:CVE-2018-8383-CEHTTP: Microsoft Edge CVE-2018-8383 Spoofing Vulnerability
HIGHHTTP:STC:IE:CVE-2018-8372-RCEHTTP: Microsoft Scripting Engine CVE-2018-8372 Memory Corruption
HIGHHTTP:STC:DL:CVE-2018-8376-RCEHTTP: Microsoft Powerpoint CVE-2018-8376 Remote code Execution
HIGHHTTP:STC:IE:CVE-2018-8387-RCEHTTP: Microsoft Edge CVE-2018-8387 Remote code Execution
HIGHHTTP:STC:ADOBE:CVE2018-12776-CEHTTP: Adobe Acrobat Pro CVE-2018-12776 Remote Code Execution
HIGHHTTP:STC:IE:CVE-2018-8324-RCEHTTP:Microsoft Edge CVE-2018-8324 Remote Code Execution
HIGHMS-RPC:CVE-2018-8845-HEAP-OVERMS-RPC: Advantech WebAccess viewdll1 Heap Buffer Overflow
HIGHHTTP:STC:CVE-2018-8344-CEHTTP: Microsoft Graphics CVE-2018-8344 Remote Code Execution
HIGHHTTP:STC:IE:CVE-2018-8384-MCHTTP: Microsoft Scripting Engine CVE-2018-8384 Memory Corruption
HIGHRPC:DCERPC:ARB-FILE-DELRPC: Advantech WebAccess webvrpcs Arbitrary File Deletion
HIGHHTTP:STC:DL:MS-CVE-2018-8345-CEHTTP: Microsoft Windows CVE-2018-8345 Remote Code Execution
HIGHHTTP:STC:DL:MS-CVE-2018-8406-PEHTTP: Microsoft Windows CVE-2018-8406 Elevation of Privilege
HIGHHTTP:STC:IE:CVE-2018-8389-MCHTTP: Microsoft Internet Explorer CVE-2018-8389 Memory Corruption Vulnerability
HIGHHTTP:STC:IE:CVE-2018-8355-MCHTTP: Microsoft Edge CVE-2018-8355 Chakra Scripting Engine Memory Corruption
INFOHTTP:STC:IE:CVE-2018-8403-MCHTTP: Microsoft Browser CVE-2018-8403 Memory Corruption Vulnerability
HIGHHTTP:STC:CVE-2018-8414RCEHTTP: Microsoft Windows Shell CVE-2018-8414 Remote Code Execution
HIGHHTTP:STC:DL:CVE-2018-8401-EOPHTTP:DirectX Graphics Kernel CVE-2018-8401 Elevation of Privilege
HIGHHTTP:STC:IE:CVE-2018-8353-MCHTTP: Microsoft Scripting Engine CVE-2018-8353 Memory Corruption

1 updated signature:

HIGHHTTP:STC:ACTIVEX:ICONICS-WEBHMIHTTP: ICONICS IcoSetServer Unsafe ActiveX Control


Details of the signatures included within this bulletin:

HTTP:STC:ACTIVEX:ICONICS-WEBHMI - HTTP: ICONICS IcoSetServer Unsafe ActiveX Control

Severity: HIGH

Description:

This signature detects attempts to use unsafe ActiveX controls used by ICONICS WebHMI. An attacker can create a malicious Web site containing Web pages with dangerous ActiveX controls, which if accessed by a victim, allows the attacker to gain control of the victim's client browser.

Supported On:

idp-5.1.110161014, DI-Client, DI-Worm, idp-4.0.0, idp-4.0.110090709, idp-4.0.110090831, idp-4.1.0, mx-16.1, idp-4.2.0, srx-17.3, vmx-17.4, isg-3.5.141818, vsrx-17.4, srx-branch-17.4, srx-17.4, isg-3.1.134269, isg-3.1.135801, isg-3.4.0, vsrx3bsd-18.2, isg-3.5.0, j-series-9.5, idp-4.2.110100823, idp-4.2.110101203, idp-5.1.0, idp-4.1.110110609, idp-4.1.110110719, mx-11.4, idp-5.0.0, srx-18.2, isg-3.4.139899, idp-5.0.110121210, srx-12.1, srx-branch-12.1, isg-3.4.140032, idp-5.0.110130325, vsrx-12.1, isg-3.0.0, idp-5.1.110170603, vsrx-15.1

References:

  • bugtraq: 47704
  • url: http://www.iconics.com/
  • bugtraq: 49406
  • url: http://www.us-cert.gov/control_systems/pdf/ICSA-11-182-01.pdf

Affected Products:

  • Iconics,_inc. webhmi_activex_control

HTTP:STC:ADOBE:CVE2018-12776-CE - HTTP: Adobe Acrobat Pro CVE-2018-12776 Remote Code Execution

Severity: HIGH

Description:

This signature detects attempts to exploit a known vulnerability against Adobe Acrobat Pro. A successful attack can lead to arbitrary code execution.

Supported On:

idp-5.1.110161014, idp-4.0.0, idp-4.0.110090709, idp-4.0.110090831, idp-4.1.0, mx-16.1, idp-4.2.0, srx-17.3, vmx-17.4, isg-3.5.141818, vsrx-17.4, srx-branch-17.4, srx-17.4, isg-3.1.134269, isg-3.1.135801, isg-3.4.0, vsrx3bsd-18.2, isg-3.5.0, j-series-9.5, idp-4.2.110100823, idp-4.2.110101203, idp-5.1.0, idp-4.1.110110609, idp-4.1.110110719, mx-11.4, idp-5.0.0, srx-18.2, isg-3.4.139899, idp-5.0.110121210, srx-12.1, srx-branch-12.1, isg-3.4.140032, idp-5.0.110130325, vsrx-12.1, idp-5.1.110170603, vsrx-15.1

References:

  • cve: CVE-2018-12776

HTTP:STC:IE:CVE-2018-8324-RCE - HTTP:Microsoft Edge CVE-2018-8324 Remote Code Execution

Severity: HIGH

Description:

This signature detects attempts to exploit a known vulnerability against Microsoft Edge. A successful attack can lead to arbitrary code execution.

Supported On:

idp-5.1.110161014, idp-4.0.0, idp-4.0.110090709, idp-4.0.110090831, idp-4.1.0, mx-16.1, idp-4.2.0, srx-17.3, vmx-17.4, isg-3.5.141818, vsrx-17.4, srx-branch-17.4, srx-17.4, isg-3.1.134269, isg-3.1.135801, isg-3.4.0, vsrx3bsd-18.2, isg-3.5.0, j-series-9.5, idp-4.2.110100823, idp-4.2.110101203, idp-5.1.0, idp-4.1.110110609, idp-4.1.110110719, mx-11.4, idp-5.0.0, srx-18.2, isg-3.4.139899, idp-5.0.110121210, srx-12.1, srx-branch-12.1, isg-3.4.140032, idp-5.0.110130325, vsrx-12.1, idp-5.1.110170603, vsrx-15.1

References:

  • cve: CVE-2018-8324

MS-RPC:CVE-2018-8845-HEAP-OVER - MS-RPC: Advantech WebAccess viewdll1 Heap Buffer Overflow

Severity: HIGH

Description:

This signature detects attempts to access a known vulnerable in the Advantech WebAccess viewdll1. A successful attack can lead to a buffer overflow and arbitrary remote code execution within the context of the server.

Supported On:

idp-5.1.110161014, idp-4.1.110110719, mx-11.4, mx-16.1, srx-17.3, vmx-17.4, isg-3.5.141818, vsrx-17.4, srx-branch-17.4, srx-17.4, idp-5.1.110170603, vsrx3bsd-18.2, srx-18.2, j-series-9.5, srx-12.1, srx-branch-12.1, idp-4.2.110100823, idp-5.0.110130325, idp-4.2.110101203, vsrx-12.1, idp-5.1.0, idp-5.0.110121210, vsrx-15.1, idp-4.1.110110609

References:

  • bugtraq: 104190
  • cve: CVE-2018-8845

Affected Products:

  • Advantech webaccess 8.2_20170817
  • Advantech webaccess_dashboard 2.0.15
  • Advantech webaccess%2fnms 2.0.3
  • Advantech webaccess 8.3.0

HTTP:STC:CVE-2018-8344-CE - HTTP: Microsoft Graphics CVE-2018-8344 Remote Code Execution

Severity: HIGH

Description:

This signature detects attempts to exploit a known Integer Overflow vulnerability against Microsoft Windows 10. A Successful exploitation of this vulnerability could achieve Remote Code Execution.

Supported On:

idp-5.1.110161014, idp-4.0.0, idp-4.0.110090709, idp-4.0.110090831, idp-4.1.0, mx-16.1, idp-4.2.0, srx-17.3, vmx-17.4, idp-5.0.0, vsrx-17.4, srx-branch-17.4, srx-17.4, isg-3.1.134269, isg-3.1.135801, isg-3.4.0, vsrx3bsd-18.2, isg-3.5.0, j-series-9.5, idp-4.2.110100823, idp-4.2.110101203, idp-5.1.0, idp-4.1.110110609, idp-4.1.110110719, mx-11.4, isg-3.5.141818, srx-18.2, isg-3.4.139899, idp-5.0.110121210, srx-12.1, srx-branch-12.1, isg-3.4.140032, idp-5.0.110130325, vsrx-12.1, isg-3.0.0, idp-5.1.110170603, vsrx-15.1

References:

  • cve: CVE-2018-8344

HTTP:STC:IE:CVE-2018-8384-MC - HTTP: Microsoft Scripting Engine CVE-2018-8384 Memory Corruption

Severity: HIGH

Description:

This signature detects an attempt to exploit type confusion vulnerability in Microsoft Scripting Engine. Successful exploitation could lead to Remote Code Execution.

Supported On:

idp-5.1.110161014, idp-4.0.0, idp-4.0.110090709, idp-4.0.110090831, idp-4.1.0, mx-16.1, idp-4.2.0, srx-17.3, vmx-17.4, isg-3.5.141818, vsrx-17.4, srx-branch-17.4, srx-17.4, isg-3.1.134269, isg-3.1.135801, isg-3.4.0, vsrx3bsd-18.2, isg-3.5.0, j-series-9.5, idp-4.2.110100823, idp-4.2.110101203, idp-5.1.0, idp-4.1.110110609, idp-4.1.110110719, mx-11.4, idp-5.0.0, srx-18.2, isg-3.4.139899, idp-5.0.110121210, srx-12.1, srx-branch-12.1, isg-3.4.140032, idp-5.0.110130325, vsrx-12.1, idp-5.1.110170603, vsrx-15.1

References:

  • cve: CVE-2018-8384

HTTP:STC:DL:MS-CVE-2018-8345-CE - HTTP: Microsoft Windows CVE-2018-8345 Remote Code Execution

Severity: HIGH

Description:

This signature detects an attempt to exploit a known vulnerability in Microsoft Windows. Successful exploitation could allow an attacker to execute arbitrary code into the users's context.

Supported On:

idp-5.1.110161014, idp-4.0.0, idp-4.0.110090709, idp-4.0.110090831, idp-4.1.0, mx-16.1, idp-4.2.0, srx-17.3, vmx-17.4, idp-5.0.0, vsrx-17.4, srx-branch-17.4, srx-17.4, isg-3.1.134269, isg-3.1.135801, isg-3.4.0, vsrx3bsd-18.2, isg-3.5.0, j-series-9.5, idp-4.2.110100823, idp-4.2.110101203, idp-5.1.0, idp-4.1.110110609, idp-4.1.110110719, mx-11.4, isg-3.5.141818, srx-18.2, isg-3.4.139899, idp-5.0.110121210, srx-12.1, srx-branch-12.1, isg-3.4.140032, idp-5.0.110130325, vsrx-12.1, isg-3.0.0, idp-5.1.110170603, vsrx-15.1

References:

  • cve: CVE-2018-8345

HTTP:STC:DL:MS-CVE-2018-8406-PE - HTTP: Microsoft Windows CVE-2018-8406 Elevation of Privilege

Severity: HIGH

Description:

This signature detects an attempt to exploit a known vulnerability in Microsoft Windows. Successful exploitation could allow an attacker to run processes in an elevated context.

Supported On:

idp-5.1.110161014, idp-4.0.0, idp-4.0.110090709, idp-4.0.110090831, idp-4.1.0, mx-16.1, idp-4.2.0, srx-17.3, vmx-17.4, idp-5.0.0, vsrx-17.4, srx-branch-17.4, srx-17.4, isg-3.1.134269, isg-3.1.135801, isg-3.4.0, vsrx3bsd-18.2, isg-3.5.0, j-series-9.5, idp-4.2.110100823, idp-4.2.110101203, idp-5.1.0, idp-4.1.110110609, idp-4.1.110110719, mx-11.4, isg-3.5.141818, srx-18.2, isg-3.4.139899, idp-5.0.110121210, srx-12.1, srx-branch-12.1, isg-3.4.140032, idp-5.0.110130325, vsrx-12.1, isg-3.0.0, idp-5.1.110170603, vsrx-15.1

References:

  • cve: CVE-2018-8406

HTTP:STC:IE:CVE-2018-8389-MC - HTTP: Microsoft Internet Explorer CVE-2018-8389 Memory Corruption Vulnerability

Severity: HIGH

Description:

This signature detects an attempt to exploit an memory corruption vulnerability in Microsoft Internet Explorer. Successful exploitation could allow an attacker to execute arbitrary code into the users's context.

Supported On:

idp-5.1.110161014, idp-4.0.0, idp-4.0.110090709, idp-4.0.110090831, idp-4.1.0, mx-16.1, idp-4.2.0, srx-17.3, vmx-17.4, isg-3.5.141818, vsrx-17.4, srx-branch-17.4, srx-17.4, isg-3.1.134269, isg-3.1.135801, isg-3.4.0, vsrx3bsd-18.2, isg-3.5.0, j-series-9.5, idp-4.2.110100823, idp-4.2.110101203, idp-5.1.0, idp-4.1.110110609, idp-4.1.110110719, mx-11.4, idp-5.0.0, srx-18.2, isg-3.4.139899, idp-5.0.110121210, srx-12.1, srx-branch-12.1, isg-3.4.140032, idp-5.0.110130325, vsrx-12.1, idp-5.1.110170603, vsrx-15.1

References:

  • cve: CVE-2018-8389

HTTP:STC:IE:CVE-2018-8355-MC - HTTP: Microsoft Edge CVE-2018-8355 Chakra Scripting Engine Memory Corruption

Severity: HIGH

Description:

Signature attempts to detect attack against known vulnerability in Microsoft Edge Chakra scripting engine. Successful exploitation could lead to remote code execution.

Supported On:

idp-5.1.110161014, idp-4.0.0, idp-4.0.110090709, idp-4.0.110090831, idp-4.1.0, mx-16.1, idp-4.2.0, srx-17.3, vmx-17.4, isg-3.5.141818, vsrx-17.4, srx-branch-17.4, srx-17.4, isg-3.1.134269, isg-3.1.135801, isg-3.4.0, vsrx3bsd-18.2, isg-3.5.0, j-series-9.5, idp-4.2.110100823, idp-4.2.110101203, idp-5.1.0, idp-4.1.110110609, idp-4.1.110110719, mx-11.4, idp-5.0.0, srx-18.2, isg-3.4.139899, idp-5.0.110121210, srx-12.1, srx-branch-12.1, isg-3.4.140032, idp-5.0.110130325, vsrx-12.1, idp-5.1.110170603, vsrx-15.1

References:

  • cve: CVE-2018-8355

HTTP:STC:IE:CVE-2018-8403-MC - HTTP: Microsoft Browser CVE-2018-8403 Memory Corruption Vulnerability

Severity: INFO

Description:

Signature attempts to detect attack against known vulnerability in Microsoft Browser. Successful exploitation could lead to remote code execution.

Supported On:

idp-5.1.110161014, idp-4.0.0, idp-4.0.110090709, idp-4.0.110090831, idp-4.1.0, mx-16.1, idp-4.2.0, srx-17.3, vmx-17.4, idp-5.0.0, vsrx-17.4, srx-branch-17.4, isg-3.0.0, idp-5.1.110170603, isg-3.1.135801, isg-3.4.0, vsrx3bsd-18.2, isg-3.5.0, j-series-9.5, idp-4.2.110100823, idp-4.2.110101203, idp-5.1.0, idp-4.1.110110609, idp-4.1.110110719, mx-11.4, isg-3.5.141818, srx-18.2, isg-3.4.139899, idp-5.0.110121210, srx-12.1, srx-branch-12.1, isg-3.4.140032, idp-5.0.110130325, vsrx-12.1, srx-17.4, isg-3.1.134269, vsrx-15.1

References:

  • cve: CVE-2018-8403

HTTP:STC:CVE-2018-8414RCE - HTTP: Microsoft Windows Shell CVE-2018-8414 Remote Code Execution

Severity: HIGH

Description:

This signature detects attempts to exploit a known vulnerability against Microsoft Windows. A successful attack can lead to arbitrary code execution.

Supported On:

idp-5.1.110161014, idp-4.0.0, idp-4.0.110090709, idp-4.0.110090831, idp-4.1.0, mx-16.1, idp-4.2.0, srx-17.3, vmx-17.4, isg-3.5.141818, vsrx-17.4, srx-branch-17.4, isg-3.0.0, isg-3.1.134269, isg-3.1.135801, isg-3.4.0, vsrx3bsd-18.2, isg-3.5.0, j-series-9.5, idp-4.2.110100823, idp-4.2.110101203, idp-5.1.0, idp-4.1.110110609, idp-4.1.110110719, mx-11.4, idp-5.0.0, srx-18.2, isg-3.4.139899, idp-5.0.110121210, srx-12.1, srx-branch-12.1, isg-3.4.140032, idp-5.0.110130325, vsrx-12.1, srx-17.4, idp-5.1.110170603, vsrx-15.1

References:

  • bugtraq: 105016
  • cve: CVE-2018-8414

HTTP:STC:DL:CVE-2018-8401-EOP - HTTP:DirectX Graphics Kernel CVE-2018-8401 Elevation of Privilege

Severity: HIGH

Description:

This signature detects attempts to exploit a known vulnerability against Microsoft Windows 10. An attacker who successfully exploited this vulnerability could run processes in an elevated context.

Supported On:

idp-5.1.110161014, idp-4.0.0, idp-4.0.110090709, idp-4.0.110090831, idp-4.1.0, mx-16.1, idp-4.2.0, srx-17.3, vmx-17.4, idp-5.0.0, vsrx-17.4, srx-branch-17.4, srx-17.4, isg-3.1.134269, isg-3.1.135801, isg-3.4.0, vsrx3bsd-18.2, isg-3.5.0, j-series-9.5, idp-4.2.110100823, idp-4.2.110101203, idp-5.1.0, idp-4.1.110110609, idp-4.1.110110719, mx-11.4, isg-3.5.141818, srx-18.2, isg-3.4.139899, idp-5.0.110121210, srx-12.1, srx-branch-12.1, isg-3.4.140032, idp-5.0.110130325, vsrx-12.1, isg-3.0.0, idp-5.1.110170603, vsrx-15.1

References:

  • cve: CVE-2018-8401

HTTP:STC:IE:CVE-2018-8353-MC - HTTP: Microsoft Scripting Engine CVE-2018-8353 Memory Corruption

Severity: HIGH

Description:

This signature detects an attempt to exploit a known vulnerability against Microsoft Scripting Engine. Successful exploitation could allow an attacker to execute arbitrary code.

Supported On:

idp-5.1.110161014, idp-4.0.0, idp-4.0.110090709, idp-4.0.110090831, idp-4.1.0, mx-16.1, idp-4.2.0, srx-17.3, vmx-17.4, isg-3.5.141818, vsrx-17.4, srx-branch-17.4, srx-17.4, isg-3.1.134269, isg-3.1.135801, isg-3.4.0, vsrx3bsd-18.2, isg-3.5.0, j-series-9.5, idp-4.2.110100823, idp-4.2.110101203, idp-5.1.0, idp-4.1.110110609, idp-4.1.110110719, mx-11.4, idp-5.0.0, srx-18.2, isg-3.4.139899, idp-5.0.110121210, srx-12.1, srx-branch-12.1, isg-3.4.140032, idp-5.0.110130325, vsrx-12.1, idp-5.1.110170603, vsrx-15.1

References:

  • cve: CVE-2018-8353

HTTP:STC:IE:CVE-2018-8266-MC - HTTP: Microsoft Scripting Engine CVE-2018-8266 Memory Corruption

Severity: HIGH

Description:

This signature detects an attempt to exploit a known vulnerability against Microsoft Scripting Engine. Successful exploitation could allow an attacker to execute arbitrary code.

Supported On:

idp-5.1.110161014, idp-4.0.0, idp-4.0.110090709, idp-4.0.110090831, idp-4.1.0, mx-16.1, idp-4.2.0, srx-17.3, vmx-17.4, isg-3.5.141818, vsrx-17.4, srx-branch-17.4, srx-17.4, isg-3.1.134269, isg-3.1.135801, isg-3.4.0, vsrx3bsd-18.2, isg-3.5.0, j-series-9.5, idp-4.2.110100823, idp-4.2.110101203, idp-5.1.0, idp-4.1.110110609, idp-4.1.110110719, mx-11.4, idp-5.0.0, srx-18.2, isg-3.4.139899, idp-5.0.110121210, srx-12.1, srx-branch-12.1, isg-3.4.140032, idp-5.0.110130325, vsrx-12.1, idp-5.1.110170603, vsrx-15.1

References:

  • cve: CVE-2018-8266

HTTP:STC:DL:MS-CVE-2018-8405-PE - HTTP: Microsoft Windows DirectX Graphics Kernel Elevation of Privilege Vulnerability

Severity: HIGH

Description:

This signature detects an attempt to exploit a known vulnerability in Microsoft Windows. Successful exploitation could allow an attacker to run processes in an elevated context.

Supported On:

idp-5.1.110161014, idp-4.0.0, idp-4.0.110090709, idp-4.0.110090831, idp-4.1.0, mx-16.1, idp-4.2.0, srx-17.3, vmx-17.4, idp-5.0.0, vsrx-17.4, srx-branch-17.4, srx-17.4, isg-3.1.134269, isg-3.1.135801, isg-3.4.0, vsrx3bsd-18.2, isg-3.5.0, j-series-9.5, idp-4.2.110100823, idp-4.2.110101203, idp-5.1.0, idp-4.1.110110609, idp-4.1.110110719, mx-11.4, isg-3.5.141818, srx-18.2, isg-3.4.139899, idp-5.0.110121210, srx-12.1, srx-branch-12.1, isg-3.4.140032, idp-5.0.110130325, vsrx-12.1, isg-3.0.0, idp-5.1.110170603, vsrx-15.1

References:

  • cve: CVE-2018-8405

HTTP:STC:IE:CVE-2018-8383-CE - HTTP: Microsoft Edge CVE-2018-8383 Spoofing Vulnerability

Severity: HIGH

Description:

This signature detects an attempt to exploit an Spoofing Vulnerability in Microsoft Internet Explorer. Successful exploitation could allow an attacker to trick a user by redirecting the user to a specially crafted website.

Supported On:

idp-5.1.110161014, idp-4.0.0, idp-4.0.110090709, idp-4.0.110090831, idp-4.1.0, mx-16.1, idp-4.2.0, srx-17.3, vmx-17.4, isg-3.5.141818, vsrx-17.4, srx-branch-17.4, srx-17.4, isg-3.1.134269, isg-3.1.135801, isg-3.4.0, vsrx3bsd-18.2, isg-3.5.0, j-series-9.5, idp-4.2.110100823, idp-4.2.110101203, idp-5.1.0, idp-4.1.110110609, idp-4.1.110110719, mx-11.4, idp-5.0.0, srx-18.2, isg-3.4.139899, idp-5.0.110121210, srx-12.1, srx-branch-12.1, isg-3.4.140032, idp-5.0.110130325, vsrx-12.1, idp-5.1.110170603, vsrx-15.1

References:

  • cve: CVE-2018-8383

HTTP:STC:IE:CVE-2018-8372-RCE - HTTP: Microsoft Scripting Engine CVE-2018-8372 Memory Corruption

Severity: HIGH

Description:

This signature detects an attempt to exploit an Memory Corruption Vulnerability in Microsoft Internet Explorer. Successful exploitation could allow an attacker to execute arbitrary code into the users's context.

Supported On:

idp-5.1.110161014, idp-4.0.0, idp-4.0.110090709, idp-4.0.110090831, idp-4.1.0, mx-16.1, idp-4.2.0, srx-17.3, vmx-17.4, isg-3.5.141818, vsrx-17.4, srx-branch-17.4, srx-17.4, isg-3.1.134269, isg-3.1.135801, isg-3.4.0, vsrx3bsd-18.2, isg-3.5.0, j-series-9.5, idp-4.2.110100823, idp-4.2.110101203, idp-5.1.0, idp-4.1.110110609, idp-4.1.110110719, mx-11.4, idp-5.0.0, srx-18.2, isg-3.4.139899, idp-5.0.110121210, srx-12.1, srx-branch-12.1, isg-3.4.140032, idp-5.0.110130325, vsrx-12.1, idp-5.1.110170603, vsrx-15.1

References:

  • cve: CVE-2018-8372

HTTP:STC:DL:CVE-2018-8376-RCE - HTTP: Microsoft Powerpoint CVE-2018-8376 Remote code Execution

Severity: HIGH

Description:

This signature detects an attempt to exploit a known vulnerability against Microsoft Powerpoint. Successful exploitation could allow an attacker to execute arbitrary code.

Supported On:

idp-5.1.110161014, idp-4.0.0, idp-4.0.110090709, idp-4.0.110090831, idp-4.1.0, mx-16.1, idp-4.2.0, srx-17.3, vmx-17.4, idp-5.0.0, vsrx-17.4, srx-branch-17.4, srx-17.4, isg-3.1.134269, isg-3.1.135801, isg-3.4.0, vsrx3bsd-18.2, isg-3.5.0, j-series-9.5, idp-4.2.110100823, idp-4.2.110101203, idp-5.1.0, idp-4.1.110110609, idp-4.1.110110719, mx-11.4, isg-3.5.141818, srx-18.2, isg-3.4.139899, idp-5.0.110121210, srx-12.1, srx-branch-12.1, isg-3.4.140032, idp-5.0.110130325, vsrx-12.1, isg-3.0.0, idp-5.1.110170603, vsrx-15.1

References:

  • cve: CVE-2018-8376

HTTP:STC:IE:CVE-2018-8387-RCE - HTTP: Microsoft Edge CVE-2018-8387 Remote code Execution

Severity: HIGH

Description:

This signature detects attempts to exploit a known vulnerability against Microsoft Edge. A successful attack can lead to arbitrary code execution.

Supported On:

idp-5.1.110161014, idp-4.0.0, idp-4.0.110090709, idp-4.0.110090831, idp-4.1.0, mx-16.1, idp-4.2.0, srx-17.3, vmx-17.4, isg-3.5.141818, vsrx-17.4, srx-branch-17.4, srx-17.4, isg-3.1.134269, isg-3.1.135801, isg-3.4.0, vsrx3bsd-18.2, isg-3.5.0, j-series-9.5, idp-4.2.110100823, idp-4.2.110101203, idp-5.1.0, idp-4.1.110110609, idp-4.1.110110719, mx-11.4, idp-5.0.0, srx-18.2, isg-3.4.139899, idp-5.0.110121210, srx-12.1, srx-branch-12.1, isg-3.4.140032, idp-5.0.110130325, vsrx-12.1, idp-5.1.110170603, vsrx-15.1

References:

  • cve: CVE-2018-8387

RPC:DCERPC:ARB-FILE-DEL - RPC: Advantech WebAccess webvrpcs Arbitrary File Deletion

Severity: HIGH

Description:

This signature detects attempts to exploit arbitrary file deletion vulnerability in Advantech WebAccess. A remote, unauthenticated attacker can exploit this vulnerability by sending a crafted request to the target system. Successful exploitation results in the deletion of arbitrary files from the target system.

Supported On:

idp-5.1.110161014, idp-4.1.110110719, mx-11.4, mx-16.1, srx-17.3, vmx-17.4, isg-3.5.141818, vsrx-17.4, srx-branch-17.4, srx-17.4, idp-5.1.110170603, vsrx3bsd-18.2, srx-18.2, j-series-9.5, srx-12.1, srx-branch-12.1, idp-4.2.110100823, idp-5.0.110130325, idp-4.2.110101203, vsrx-12.1, idp-5.1.0, idp-5.0.110121210, vsrx-15.1, idp-4.1.110110609

References:

  • cve: CVE-2018-7495

Affected Products:

  • Advantech webaccess 8.2_20170817
  • Advantech webaccess_dashboard 2.0.15
  • Advantech webaccess%2fnms 2.0.3
  • Advantech webaccess 8.3.0
Site Map
RSS Feeds
Careers
Accessibility
Feedback
Privacy Policy
Legal Notices
Copyright © 1999-2010 Juniper Networks, Inc. All rights reserved.
Help
|
My Account
|
Log Out