IPS Signature Release Note V9.17.78
Total Page:16
File Type:pdf, Size:1020Kb
SOPHOS IPS Signature Update Release Notes Version : 9.17.78 Release Date : 13th January 2020 IPS Signature Update Release Information Upgrade Applicable on IPS Signature Release Version 9.17.77 CR250i, CR300i, CR500i-4P, CR500i-6P, CR500i-8P, CR500ia, CR500ia-RP, CR500ia1F, CR500ia10F, CR750ia, CR750ia1F, CR750ia10F, CR1000i-11P, CR1000i-12P, CR1000ia, CR1000ia10F, CR1500i-11P, CR1500i-12P, CR1500ia, CR1500ia10F Sophos Appliance Models CR25iNG, CR25iNG-6P, CR35iNG, CR50iNG, CR100iNG, CR200iNG/XP, CR300iNG/XP, CR500iNG- XP, CR750iNG-XP, CR2500iNG, CR25wiNG, CR25wiNG-6P, CR35wiNG, CRiV1C, CRiV2C, CRiV4C, CRiV8C, CRiV12C, XG85 to XG450, SG105 to SG650 Upgrade Information Upgrade type: Automatic Compatibility Annotations: None Introduction The Release Note document for IPS Signature Database Version 9.17.78 includes support for the new signatures. The following sections describe the release in detail. New IPS Signatures The Sophos Intrusion Prevention System shields the network from known attacks by matching the network traffic against the signatures in the IPS Signature Database. These signatures are developed to significantly increase detection performance and reduce the false alarms. Report false positives at [email protected], along with the application details. January 2020 Page 2 of 118 IPS Signature Update This IPS Release includes One Thousand, Two Hundred and Forty Three(1243) signatures to address Nine Hundred and Sixty Three(963) vulnerabilities. New signatures are added for the following vulnerabilities: Name CVE–ID Category Severity BROWSER-CHROME Google Chrome CVE- Browsers 1 2020-6418 Type Confusion BROWSER-CHROME V8 JavaScript engine Out- Browsers 2 of-Memory denial of service attempt BROWSER-IE Aurigma Image Uploader ActiveX Browsers 2 Control DoS BROWSER-IE Internet EXplorer Scripting CVE-2017- Browsers 1 Engine Memory 8729 Corruption Vulnerability BROWSER-IE Internet Explorer Scripting CVE-2017- Browsers 1 Engine Memory 11839 Corruption Vulnerability BROWSER-IE Internet Explorer Scripting CVE-2017- Browsers 2 Engine Memory 11839 Corruption Vulnerability BROWSER-IE Internet Explorer Scripting CVE-2017- Browsers 1 Engine Memory 8645 Corruption Vulnerability BROWSER-IE Internet CVE-2018- Browsers 1 Explorer Scripting January 2020 Page 3 of 118 IPS Signature Update Engine Memory 0840 Corruption Vulnerability BROWSER-IE Internet Explorer Scripting CVE-2018- Browsers 2 Engine Memory 0840 Corruption Vulnerability BROWSER-IE Microsoft ChakraCore Scripting CVE-2017- Browsers 1 Engine Memory 11799 Corruption Attempt BROWSER-IE Microsoft ChakraCore scripting CVE-2017- Browsers 1 engine memory 11799 corruption attempt BROWSER-IE Microsoft CVE-2019- Edge Address Bar Browsers 3 6251 Spoofing Vulnerability BROWSER-IE Microsoft Edge Anonymous CVE-2018- Browsers 2 Function Type 0774 Confusion BROWSER-IE Microsoft CVE-2016- Edge CTextBlock out of Browsers 1 0083 bounds read attempt BROWSER-IE Microsoft CVE-2017- Edge CVE-2017-0093 Browsers 2 0093 asm.js Type Confusion BROWSER-IE Microsoft Edge CVE-2017-0135 CVE-2017- Browsers 2 Same Origin Policy 0135 Bypass CVE-2017- BROWSER-IE Microsoft Browsers 2 Edge CVE-2017-11811 11811 January 2020 Page 4 of 118 IPS Signature Update DoLoopBodyStart Out of Bounds Read I BROWSER-IE Microsoft Edge CVE-2017-11811 CVE-2017- Browsers 2 DoLoopBodyStart Out 11811 of Bounds Read II BROWSER-IE Microsoft CVE-2017- Edge CVE-2017-8635 Browsers 2 8635 Remote Code Execution BROWSER-IE Microsoft Edge CVE-2017-8646 Browsers 1 Remote Code Execution BROWSER-IE Microsoft CVE-2017- Edge CVE-2017-8652 Browsers 1 8652 Use After Free BROWSER-IE Microsoft CVE-2017- Edge CVE-2017-8656 Browsers 2 8656 Remote Code Exec BROWSER-IE Microsoft CVE-2017- Edge CVE-2017-8657 Browsers 2 8657 Out Of Bounds BROWSER-IE Microsoft Edge CVE-2018-0835 CVE-2018- Browsers 1 EnsureNonNativeArray 0835 Type Confusion I BROWSER-IE Microsoft Edge CVE-2018-0835 CVE-2018- Browsers 2 EnsureNonNativeArray 0835 Type Confusion I BROWSER-IE Microsoft Edge Chakra Eval CVE- CVE-2017- Browsers 1 2017-8636 Integer 8636 Overflow January 2020 Page 5 of 118 IPS Signature Update BROWSER-IE Microsoft Edge Chakra JIT CVE-2018- BoundFunction Browsers 2 8139 NewInstance out of bounds read attempt BROWSER-IE Microsoft CVE-2017- Edge Chakra code Browsers 2 8670 execution attempt BROWSER-IE Microsoft Edge Chakra scripting CVE-2019- Browsers 1 engine type confusion 0539 attempt BROWSER-IE Microsoft Edge Chakra CVE-2017- Browsers 1 setPrototypeOf use- 8751 after-free attempt BROWSER-IE Microsoft Edge JavaScript string CVE-2017- Browsers 2 object type confusion 0201 attempt BROWSER-IE Microsoft Edge JavascriptProxy CVE-2017- Browsers 2 SetPropertyTrap type 0094 confusion attempt BROWSER-IE Microsoft Edge JavascriptProxy CVE-2017- Browsers 2 SetPropertyTrap type 0094 confusion attempt BROWSER-IE Microsoft Edge Scripting Engine CVE-2018- CVE-2018-0770 Browsers 1 0770 Memory Corruption Vulnerability BROWSER-IE Microsoft CVE-2018- Browsers 2 January 2020 Page 6 of 118 IPS Signature Update Edge Scripting Engine 0770 CVE-2018-0770 Memory Corruption Vulnerability BROWSER-IE Microsoft Edge Scripting Engine CVE-2018- Browsers 1 Map Prototype Memory 8288 Corruption Attempt BROWSER-IE Microsoft Edge Scripting Engine CVE-2017- Browsers 1 Memory Corruption 0134 Vulnerability BROWSER-IE Microsoft Edge Scripting Engine CVE-2017- Browsers 1 Memory Corruption 8740 Vulnerability BROWSER-IE Microsoft Edge Scripting Engine CVE-2018- Browsers 1 Memory Corruption 0837 Vulnerability BROWSER-IE Microsoft Edge Scripting Engine CVE-2017- Browsers 1 array memory 11811 corruption attempt BROWSER-IE Microsoft Edge Scripting Engine CVE-2018- Browsers 1 memory corruption 0834 attempt BROWSER-IE Microsoft Edge Scripting Engine CVE-2018- Browsers 1 memory corruption 0834 attempt BROWSER-IE Microsoft CVE-2018- Browsers 2 Edge anonymous 0774 function type confusion January 2020 Page 7 of 118 IPS Signature Update attempt BROWSER-IE Microsoft CVE-2017- Edge defineGetter Type Browsers 1 11914 Confusion Attempt BROWSER-IE Microsoft CVE-2017- Edge memory Browsers 1 11870 corruption attempt BROWSER-IE Microsoft CVE-2017- Edge memory Browsers 2 11870 corruption attempt BROWSER-IE Microsoft CVE-2017- Edge memory Browsers 1 8640 corruption attempt BROWSER-IE Microsoft Edge object CVE-2019- Browsers 1 manipulation use-after- 0567 free attempt BROWSER-IE Microsoft Edge prototype CVE-2019- JsBuiltInEngineInterface Browsers 1 0568 ExtensionObject use- after-free attempt BROWSER-IE Microsoft Edge resource entry Browsers 1 same-origin-policy bypass attempt BROWSER-IE Microsoft Edge scripting engine CVE-2018- Browsers 1 integer overflow 0758 attempt BROWSER-IE Microsoft CVE-2018- Browsers 1 Edge scripting engine 0769 memory corruption January 2020 Page 8 of 118 IPS Signature Update attempt BROWSER-IE Microsoft Edge scripting engine CVE-2018- Browsers 1 memory corruption 0838 attempt BROWSER-IE Microsoft Edge scripting engine CVE-2018- Browsers 1 memory corruption 0933 attempt BROWSER-IE Microsoft Edge scripting engine CVE-2018- Browsers 1 memory corruption 0934 attempt BROWSER-IE Microsoft CVE-2018- Edge scripting engine Browsers 1 0860 type confusion attempt BROWSER-IE Microsoft Edge scripting engine CVE-2017- uninitialized pointers Browsers 1 11809 memory corruption attempt BROWSER-IE Microsoft Health and Support Browsers 1 Center iframe injection attempt BROWSER-IE Microsoft Internet Explorer 8 Beta Browsers 2 1 - ieframe.dll Script Injection BROWSER-IE Microsoft Internet Explorer COM Browsers 1 Object Instantiation Memory Corruption January 2020 Page 9 of 118 IPS Signature Update BROWSER-IE Microsoft Internet Explorer CSS Browsers 1 Import Cross-Domain Restriction Bypass BROWSER-IE Microsoft Internet Explorer CVE- 2007-5348 GDI VML Browsers 2 gradient Size Heap Overflow BROWSER-IE Microsoft Internet Explorer CVE- CVE-2018- 2018-0891 and Edge Browsers 2 0891 Substring New Out of Bounds Read I BROWSER-IE Microsoft Internet Explorer CVE- CVE-2018- 2018-0891 and Edge Browsers 2 0891 Substring New Out of Bounds Read II BROWSER-IE Microsoft Internet Explorer Cross Browsers 1 Frame Scripting Restriction Bypass BROWSER-IE Microsoft Internet Explorer Divide Browsers 1 By Zero Vulnerability BROWSER-IE Microsoft Internet Explorer File Browsers 1 Download Extension Spoofing BROWSER-IE Microsoft Internet Explorer HHCtrl.ocx Image Browsers 2 Property Heap Corruption January 2020 Page 10 of 118 IPS Signature Update BROWSER-IE Microsoft Internet Explorer HTML Browsers 1 Help Remote Code Execution BROWSER-IE Microsoft Internet Explorer Browsers 1 MHTML XXE external entity attempt BROWSER-IE Microsoft Internet Explorer Browsers 1 Redirect Memory Corruption BROWSER-IE Microsoft Internet Explorer Script Engine Stack Exhaustion Browsers 4 Denial of Service attempt BROWSER-IE Microsoft Internet Explorer Security Zone Bypass Browsers 1 and Address Spoofing (Published Exploit) BROWSER-IE Microsoft Internet Explorer Status Browsers 2 Bar URL Spoofing BROWSER-IE Microsoft Internet Explorer Time Browsers 1 Element Memory Corruption BROWSER-IE Microsoft Internet Explorer CVE-2018- VBScript Engine Remote Browsers 1 8552 Code Execution Vulnerability January 2020 Page 11 of 118 IPS Signature Update BROWSER-IE Microsoft Internet Explorer VML Browsers 1 vgx.dll Use After Free BROWSER-IE Microsoft Internet Explorer XML Processing Memory Browsers 1 Corruption (Published Exploit) BROWSER-IE Microsoft Internet Explorer XML Browsers 1 Processing Memory Corruption BROWSER-IE Microsoft Internet Explorer daxctle.ocx Spline Browsers 1 Method