SOPHOS IPS Signature Update Release Notes
Version : 7.16.71 Release Date : 30th January 2020 IPS Signature Update
Release Information
Upgrade Applicable on IPS Signature Release Version 7.16.70 Sophos Appliance Models XG-550, XG-750, XG-650
Upgrade Information Upgrade type: Automatic
Compatibility Annotations: None
Introduction The Release Note document for IPS Signature Database Version 7.16.71 includes support for the new signatures. The following sections describe the release in detail.
New IPS Signatures The Sophos Intrusion Prevention System shields the network from known attacks by matching the network traffic against the signatures in the IPS Signature Database. These signatures are developed to significantly increase detection performance and reduce the false alarms.
Report false positives at [email protected], along with the application details.
January 2020 Page 2 of 97 IPS Signature Update
This IPS Release includes Nine Hundred and Sixty Four(964) signatures to address Seven Hundred and Forty(740) vulnerabilities. New signatures are added for the following vulnerabilities:
Name CVE–ID Category Severity
BROWSER-CHROME Google Chrome Browser CVE-2008- Browsers 2 CVE-2008-5750 Remote 5750 Parameter Injection
BROWSER-CHROME Google Chrome CVE-2019- FileReader CVE-2019- Browsers 2 5786 5786 Use After Free (Published Exploit)
BROWSER-CHROME Google Chrome CVE-2019- Browsers 1 FileReader CVE-2019- 5786 5786 Use After Free
BROWSER-FIREFOX Mozilla Firefox CSS CVE-2006- Browsers 2 Letter-Spacing Heap 1730 Overflow
BROWSER-FIREFOX Mozilla Firefox CVE- 2006-2778 CVE-2006- Browsers 2 crypto.signText 2778 Function Buffer Overflow
BROWSER-IE Aurora CVE-2010- Memory Corruption Enc Browsers 1 0249 Exp CVE-2010-0249
BROWSER-IE Aurora CVE-2010- Memory Corruption Exp Browsers 1 0249 CVE-2010-0249
January 2020 Page 3 of 97 IPS Signature Update
BROWSER-IE Aurora CVE-2010- Memory Corruption Exp Browsers 1 0249 Sml CVE-2010-0249
BROWSER-IE Microsoft Chakra Scripting Engine CVE-2019- Browsers 2 CVE-2019-0806 0806 Memory Corruption
BROWSER-IE Microsoft Chakra Scripting Engine CVE-2019- Browsers 2 CVE-2019-0810 0810 Memory Corruption
BROWSER-IE Microsoft Chakra Scripting Engine CVE-2019- Browsers 2 CVE-2019-0812 0812 Memory Corruption
BROWSER-IE Microsoft CVE-2018- Edge App-v vbs Browsers 2 8495 Command
BROWSER-IE Microsoft Edge Browser CVE- CVE-2018- 2018-8618 Chakra Browsers 1 8618 Script Type Confusion Exploit
BROWSER-IE Microsoft Edge Chakra CVE-2018- 0780 CVE-2018- Browsers 1 AsmJSByteCodeGenerat 0780 or EmitCall Type Confusion I
BROWSER-IE Microsoft Edge Chakra CVE-2018- CVE-2018- Browsers 1 8583 Scripting Engine 8583 Memory Corruption
BROWSER-IE Microsoft CVE-2019- Browsers 1
January 2020 Page 4 of 97 IPS Signature Update
Edge Chakra CVE-2019- 1003 1003 Remote Code Execution
BROWSER-IE Microsoft Edge Chakra CVE-2019- CVE-2019- Browsers 1 1005 Remote Code 1005 Execution
BROWSER-IE Microsoft Edge Chakra CVE-2019- CVE-2019- Browsers 1 1024 Remote Code 1024 Execution
BROWSER-IE Microsoft Edge Chakra CVE-2019- CVE-2019- Browsers 1 1051 Remote Code 1051 Execution
BROWSER-IE Microsoft Edge Chakra CVE-2019- CVE-2019- Browsers 1 1052 Remote Code 1052 Execution
BROWSER-IE Microsoft Edge Chakra Eval CVE- CVE-2019- Browsers 2 2019-0592 Memory 0952 Corruption
BROWSER-IE Microsoft Edge Chakra Eval CVE- CVE-2019- Browsers 2 2019-0609 Memory 0609 Corruption
BROWSER-IE Microsoft Edge Chakra CVE-2019- NewScObjectNoCtor Browsers 2 0567 InitProto Type Confusion
CVE-2017- BROWSER-IE Microsoft Browsers 2 Edge CVE-2017-8755 8755
January 2020 Page 5 of 97 IPS Signature Update
Denial of Service
BROWSER-IE Microsoft CVE-2018- Edge CVE-2018-8456 Browsers 2 8456 Type Confusion
BROWSER-IE Microsoft Edge CVE-2018-8629 CVE-2018- Browsers 2 out of bounds write 8629 attempt
BROWSER-IE Microsoft CVE-2018- Edge CVE-2018-8634 Browsers 2 8634 buffer overflow attempt
BROWSER-IE Microsoft CVE-2019- Edge CVE-2019-0539 Browsers 2 0539 remote code execution
BROWSER-IE Microsoft CVE-2019- Edge CVE-2019-0541 Browsers 2 0541 remote code execution
BROWSER-IE Microsoft CVE-2019- Edge CVE-2019-0565 Browsers 2 0565 remote code execution
BROWSER-IE Microsoft CVE-2019- Edge CVE-2019-0567 Browsers 2 0565 remote code execution
BROWSER-IE Microsoft CVE-2019- Edge CVE-2019-0590 Browsers 1 0590 Remote Code Execution
BROWSER-IE Microsoft Edge CVE-2019-0591 CVE-2019- scripting engine Browsers 2 0591 memory corruption attempt
BROWSER-IE Microsoft CVE-2019- Browsers 1
January 2020 Page 6 of 97 IPS Signature Update
Edge CVE-2019-0593 0593 Remote Code Execution
BROWSER-IE Microsoft CVE-2019- Edge CVE-2019-0606 Browsers 1 0606 Remote Code Execution
BROWSER-IE Microsoft Edge CVE-2019-0607 CVE-2019- scripting engine Browsers 2 0607 memory corruption attempt
BROWSER-IE Microsoft CVE-2019- Edge CVE-2019-0610 Browsers 1 0610 Remote Code Execution
BROWSER-IE Microsoft Edge CVE-2019-0612 CVE-2019- Browsers 2 Security Feature Bypass 0612 Vulnerability
BROWSER-IE Microsoft CVE-2019- Edge CVE-2019-0642 Browsers 1 0642 Remote Code Execution
BROWSER-IE Microsoft Edge CVE-2019-0644 CVE-2019- scripting engine Browsers 2 0644 memory corruption attempt
BROWSER-IE Microsoft Edge CVE-2019-0645 CVE-2019- Browsers 2 memory corruption 0645 attempt
BROWSER-IE Microsoft CVE-2019- Edge CVE-2019-0648 Browsers 2 0648 Information Disclosure
BROWSER-IE Microsoft CVE-2019- Browsers 2
January 2020 Page 7 of 97 IPS Signature Update
Edge CVE-2019-0652 0652 scripting engine memory corruption attempt
BROWSER-IE Microsoft Edge CVE-2019-0655 CVE-2019- scripting engine Browsers 2 0655 memory corruption attempt
BROWSER-IE Microsoft CVE-2019- Edge CVE-2019-0658 Browsers 1 0658 Information Disclosure
BROWSER-IE Microsoft CVE-2019- Edge CVE-2019-0676 Browsers 2 0676 Information Disclosure
BROWSER-IE Microsoft Edge CVE-2019-0920 CVE-2019- Browsers 2 Type Confusion 0920 Vulnerability
BROWSER-IE Microsoft CVE-2019- Edge CVE-2019-0926 Browsers 2 0926 Memory Corruption
BROWSER-IE Microsoft CVE-2019- Edge CVE-2019-0930 Browsers 2 0930 Information Disclosure
BROWSER-IE Microsoft Edge CVE-2019-0938 CVE-2019- Browsers 2 Elevation of Privilege 0938 Vulnerability
BROWSER-IE Microsoft CVE-2019- Edge CVE-2019-0940 Browsers 2 0926 Memory Corruption
BROWSER-IE Microsoft CVE-2019- Browsers 2
January 2020 Page 8 of 97 IPS Signature Update
Edge CVE-2019-0985 0985 Remote Code Execution Vulnerability
BROWSER-IE Microsoft Edge CVE-2019-0988 CVE-2019- Browsers 2 Use After Free 0988 Vulnerability
BROWSER-IE Microsoft Edge CVE-2019-0989 CVE-2019- Browsers 2 Type Confusion 0989 Vulnerability
BROWSER-IE Microsoft Edge CVE-2019-0990 CVE-2019- Browsers 2 Out Of Bound Read 0990 Vulnerability
BROWSER-IE Microsoft Edge CVE-2019-1002 CVE-2019- Browsers 2 Out Of Bound Read 1002 Vulnerability
BROWSER-IE Microsoft Edge CVE-2019-1139 CVE-2019- Browsers 2 Type Confusion 1139 Vulnerability
BROWSER-IE Microsoft Edge CVE-2019-1140 CVE-2019- Browsers 2 Type Confusion 1140 Vulnerability
BROWSER-IE Microsoft Edge CVE-2019-1196 CVE-2019- Browsers 2 Type Confusion 1196 Vulnerability
BROWSER-IE Microsoft CVE-2018- Edge DomAttrModified Browsers 2 8460 Use-After-Free
January 2020 Page 9 of 97 IPS Signature Update
BROWSER-IE Microsoft Edge Multiple Out Of CVE-2019- Browsers 2 Bound Read 0991 Vulnerability
BROWSER-IE Microsoft CVE-2018- Edge OP_Memset Type Browsers 2 8505 Confusion
BROWSER-IE Microsoft CVE-2018- Edge out of bounds Browsers 2 0777 write attempt
BROWSER-IE Microsoft Edge Scripting CVE- CVE-2019- Browsers 1 2019-1001 Remote 1001 Code Execution
BROWSER-IE Microsoft Edge Scripting CVE- CVE-2019- Browsers 1 2019-1004 Remote 1004 Code Execution
BROWSER-IE Microsoft Edge Scripting CVE- CVE-2019- Browsers 1 2019-1055 Remote 1055 Code Execution
BROWSER-IE Microsoft Edge Scripting CVE- CVE-2019- Browsers 1 2019-1063 Remote 1063 Code Execution
BROWSER-IE Microsoft Edge Scripting CVE- CVE-2019- Browsers 1 2019-1104 Remote 1104 Code Execution
BROWSER-IE Microsoft CVE-2018- Edge Scripting Engine Browsers 2 CVE-2018-0769 0769 Memory Corruption
January 2020 Page 10 of 97 IPS Signature Update
attempt
BROWSER-IE Microsoft Edge Scripting Engine CVE-2019- Browsers 2 CVE-2019-0639 0639 Memory Corruption
BROWSER-IE Microsoft Edge Scripting Engine CVE-2019- Browsers 2 CVE-2019-0680 0680 Memory Corruption
BROWSER-IE Microsoft Edge Scripting Engine CVE-2019- CVE-2019-0752 Browsers 2 0752 Memory Corruption Vulnerability
BROWSER-IE Microsoft Edge Scripting Engine CVE-2019- CVE-2019-0753 Browsers 2 0753 Memory Corruption Vulnerability
BROWSER-IE Microsoft Edge Scripting Engine CVE-2019- Browsers 2 CVE-2019-0770 0770 Memory Corruption
BROWSER-IE Microsoft Edge Scripting Engine CVE-2019- Browsers 2 CVE-2019-0771 0771 Memory Corruption
BROWSER-IE Microsoft Edge Scripting Engine CVE-2019- Browsers 2 CVE-2019-0773 0773 Memory Corruption
BROWSER-IE Microsoft CVE-2019- Browsers 2 Edge Scripting Engine 0829 CVE-2019-0829
January 2020 Page 11 of 97 IPS Signature Update
Memory Corruption
BROWSER-IE Microsoft Edge Scripting Engine CVE-2019- Browsers 2 CVE-2019-0860 0860 Memory Corruption
BROWSER-IE Microsoft Edge Scripting Engine CVE-2019- Browsers 2 CVE-2019-0861 0861 Memory Corruption
BROWSER-IE Microsoft Edge Scripting Engine CVE-2019- Browsers 2 CVE-2019-0884 0884 Memory Corruption
BROWSER-IE Microsoft Edge Scripting Engine CVE-2019- Browsers 2 CVE-2019-0911 0911 Memory Corruption
BROWSER-IE Microsoft Edge Scripting Engine CVE-2019- Browsers 2 CVE-2019-0918 0918 Memory Corruption
BROWSER-IE Microsoft Internet Explorer 11 CVE-2018- Browsers 1 CVE-2018-8619 VBScript 8619 Execution Policy Bypass
BROWSER-IE Microsoft Internet Explorer 11 CVE-2019- Browsers 2 VBScript Execution 0768 Policy Bypass
BROWSER-IE Microsoft Internet Explorer 6 CVE-2010- Browsers 2 Aurora CVE-2010-0249 0249 Memory Corruption
January 2020 Page 12 of 97 IPS Signature Update
BROWSER-IE Microsoft Internet Explorer CVE- CVE-2006- 2006-3866 VML Rect Fill Browsers 2 3866 Method Buffer Overflow
BROWSER-IE Microsoft Internet Explorer CVE- CVE-2008- 2008-2254 Invalid Browsers 2 2254 Pointer Remote Code Execution
BROWSER-IE Microsoft Internet Explorer CVE- CVE-2008- 2008-3472 HTML Browsers 2 3472 Element Cross-Domain Information Disclosure
BROWSER-IE Microsoft Internet Explorer CVE- CVE-2008- 2008-4258 ActiveX Browsers 2 4258 Navigate Handling Code Execution
BROWSER-IE Microsoft Internet Explorer CVE- CVE-2008- Browsers 2 2008-4844 Data Binding 4844 Memory Corruption
BROWSER-IE Microsoft Internet Explorer CVE- CVE-2009- Browsers 2 2009-0076 Memory 0076 Corruption
BROWSER-IE Microsoft Internet Explorer CVE- CVE-2010- 2010-0805 Tabular Data Browsers 2 0805 Control Memory Corruption
CVE-2010- BROWSER-IE Microsoft Browsers 2 Internet Explorer CVE- 3962
January 2020 Page 13 of 97 IPS Signature Update
2010-3962 Invalid Flag Reference Memory Corruption
BROWSER-IE Microsoft Internet Explorer CVE- CVE-2012- Browsers 2 2012-1526 Negative 1526 Margin Use After Free
BROWSER-IE Microsoft Internet Explorer CVE- CVE-2012- Browsers 2 2012-1875 Same ID 1875 Property Use After Free
BROWSER-IE Microsoft Internet Explorer CVE- CVE-2012- Browsers 2 2012-4782 Use After 4782 Free
BROWSER-IE Microsoft Internet Explorer CVE- CVE-2012- 2012-4792 Browsers 2 4792 applyElement Use After Free
BROWSER-IE Microsoft Internet Explorer CVE- CVE-2012- 2012-4969 Browsers 2 4969 execCommand Use After Free
BROWSER-IE Microsoft Internet Explorer cve- 2015-6086 CVE-2015- Browsers 2 InitFromString Function 6086 Out of Bounds Memory Access
BROWSER-IE Microsoft CVE-2018- Internet Explorer CVE- Browsers 2 2018-8544 VBScript 8544 Engine Remote Code
January 2020 Page 14 of 97 IPS Signature Update
Execution Attempt
BROWSER-IE Microsoft Internet Explorer CVE- CVE-2018- 2018-8563 DirectX Browsers 2 8563 information disclosure attempt
BROWSER-IE Microsoft Internet Explorer CVE- CVE-2018- 2018-8624 Chakra Browsers 1 8624 Engine Memory Corruption
BROWSER-IE Microsoft Internet Explorer CVE- CVE-2018- Browsers 2 2018-8625 use after 8625 free attempt
BROWSER-IE Microsoft Internet Explorer CVE- CVE-2018- 2018-8631 Browsers 2 8631 Jscript.Encode out-of- bounds read attempt
BROWSER-IE Microsoft Internet Explorer CVE- CVE-2019- 2019-0768 Security Browsers 2 0768 Feature Bypass Vulnerability
BROWSER-IE Microsoft Internet Explorer Divide Browsers 1 By Zero Vulnerability
BROWSER-IE Microsoft CVE-2018- Internet Explorer import Browsers 2 8491 key Use-After-Free
BROWSER-IE Microsoft CVE-2010- Browsers 1 Internet Explorer Invalid 3962 Flag Reference Memory
January 2020 Page 15 of 97 IPS Signature Update
Corruption
BROWSER-IE Microsoft Internet Explorer invalid CVE-2010- object access memory Browsers 2 0249 corruption attempt CVE-2010-0249
BROWSER-IE Microsoft Internet Explorer CVE-2018- Browsers 2 Jscript.Encode out-of- 8631 bounds read attempt
BROWSER-IE Microsoft Internet Explorer (Meta) CVE-2010- Browsers 2 CVE-2010-0249 Aurora 0249 Memory Corruption
BROWSER-IE Microsoft Internet Explorer sign CVE-2012- Browsers 2 extension vulnerability 2523 exploitation attempt
BROWSER-IE Microsoft Internet Explorer CVE-2008- XHTML element Browsers 2 2257 Memory Corruption Vulnerability
BROWSER-IE Microsoft Windows OLE CVE- CVE-2014- 2014-6332 Automation Browsers 1 6332 Array Remote Code Execution
BROWSER-IE Microsoft Windows OLE CVE- CVE-2014- 2014-6332 Automation Browsers 2 6332 Array Remote Code Execution
BROWSER-OTHER CVE-2010- Browsers 2
January 2020 Page 16 of 97 IPS Signature Update
Multiple Browser CVE- 3257 2010-3257 WebKit Stale Pointer Use-after-free Code Execution
BROWSER-PLUGINS Advantech Webaccess webvrpcs Directory CVE-2017- Browsers 1 Traversal Remote Code 16720 Execution CVE-2017- 16720
BROWSER-PLUGINS Advantech Webaccess webvrpcs Directory CVE-2019- Browsers 1 Traversal Remote Code 13552 Execution CVE-2019- 13552
BROWSER-PLUGINS IBM SPSS SamplePower CVE- CVE-2012- Browsers 2 2012-5945 ActiveX clsid 5945 Access
BROWSER-PLUGINS Novell CVE-2011-4185 CVE-2011- Browsers 2 iPrint ActiveX clsid 4185 access
BROWSER-PLUGINS Novell iPrint ActiveX CVE-2010- Browsers 2 function call access CVE- 4321 2010-4321
BROWSER-PLUGINS SAP GUI CVE-2007-4475 EAI CVE-2007- Browsers 1 WebViewer3D ActiveX 4475 Stack Buffer Overflow
FILE-FLASH Adobe Flash CVE-2009- Multimedia 2 Player ActionScript 1869 intrf_count integer
January 2020 Page 17 of 97 IPS Signature Update
overflow attempt
FILE-FLASH Adobe Flash CVE-2018- Player AVM type Multimedia 2 15981 confusion attempt
FILE-FLASH Adobe Flash Player CVE-2011-0611 CVE-2011- ActionScript callMethod Multimedia 2 0611 Type Confusion Code Execution
FILE-FLASH Adobe Flash CVE-2014- Player CVE-2014-0534 Multimedia 2 0534 Security Bypass
FILE-FLASH Adobe Flash CVE-2014- Player CVE-2014-0544 Multimedia 2 0544 Security Bypass
FILE-FLASH Adobe Flash Player CVE-2015-5552 CVE-2015- Application 1 Remote Code Execution 5552 and Software Vulnerability
FILE-FLASH Adobe Flash Player CVE-2018-12824 CVE-2018- Multimedia 2 Information Disclosure 12827 Vulnerability
FILE-FLASH Adobe Flash Player CVE-2018-15982 CVE-2018- Multimedia 2 Arbitrary Code Injection 15982 Vulnerability
FILE-FLASH Adobe Flash CVE-2008- Player CVE-2018-15982 Multimedia 2 2992 Use After Free II
FILE-FLASH Adobe Flash CVE-2008- Player CVE-2018-15982 Multimedia 2 2992 Use After Free I
January 2020 Page 18 of 97 IPS Signature Update
FILE-FLASH Adobe Flash CVE-2008- Player CVE-2018-15982 Multimedia 2 2992 Use After Free
FILE-FLASH Adobe Flash CVE-2019- Player CVE-2019-7845 Multimedia 2 7845 Use After Free
FILE-FLASH Adobe Flash Player MP4 CVE-2017- CVE-2017- Multimedia 2 2984 Heap Buffer 2984 Overflow
FILE-FLASH Adobe Flash CVE-2018- Player out of bounds Multimedia 2 15978 read attempt
FILE-FLASH Adobe CVE-2013- Reader CVE-2013-5324 Multimedia 2 5324 Remote Code Execution
FILE-IMAGE Adobe Acrobat CVE-2018- ImageConversion JPEG Multimedia 2 12855 Parsing Out-Of-Bounds Read
FILE-IMAGE Adobe Acrobat Reader CVE- CVE-2018- Multimedia 2 2018-15936 Arbitrary 15936 Code Execution
FILE-IMAGE Adobe Acrobat Reader EMF CVE-2018- Multimedia 2 CVE-2018-15947 15947 Memory Disclosure
FILE-IMAGE Adobe Acrobat Reader GIF CVE-2018- Multimedia 2 CVE-2018-15931 15931 Information Disclosure
January 2020 Page 19 of 97 IPS Signature Update
FILE-IMAGE Adobe Acrobat Reader GIF CVE-2018- Multimedia 2 CVE-2018-15932 Out Of 15932 Bounds
FILE-IMAGE Adobe Acrobat Reader JPEG CVE-2018- Multimedia 2 CVE-2018-12855 12855 Memory Leak
FILE-IMAGE LibTIFF CVE- CVE-2006- 2006-2026 Cleanup Multimedia 2 2026 Functions Double Free
FILE-IMAGE LibTIFF CVE-2018- JBIGDecode CVE-2018- Multimedia 2 18557 15Heap Buffer Overflow
FILE-IMAGE LibTIFF CVE-2018- JBIGDecode Heap Buffer Multimedia 2 18557 Overflow
FILE-JAVA Oracle Java CVE-2010-4462 CVE-2010- Application XGetSamplePtrFromSnd 2 4462 and Software Memory Corruption Attempt
FILE-MULTIMEDIA Adobe Acrobat Professional EMF malformed Multimedia 1 EMR_COMMENT record out of bounds access attempt
FILE-MULTIMEDIA Microsoft Graphics Device Interface CVE-2019- Multimedia 2 DoGdiCommentMultiFo 0614 rmats Information Disclosure
January 2020 Page 20 of 97 IPS Signature Update
FILE-MULTIMEDIA RealNetworks CVE-2005- Application RealPlayer CVE-2005- 2 2629 and Software 2629 Data Packet Stack Overflow
FILE-MULTIMEDIA CVE-2004- Winamp IN_CDDA.dll Multimedia 3 1119 Buffer Overflow
FILE-OFFICE DDE Office Tools 1 Command Execution
FILE-OFFICE EMF CVE-2007- Office Tools 1 corruption attempt 5746
FILE-OFFICE LibreOffice CVE-2018- Macro Event Remote Office Tools 2 16858 Code Execution
FILE-OFFICE Microsoft Excel malformed OBJ CVE-2008- Office Tools 2 Record Arbitrary Code 4264 Execution
FILE-OFFICE Microsoft Office Art CVE-2009- CVE-2009- Office Tools 2 2528 Property Table 2528 Memory Corruption
FILE-OFFICE Microsoft CVE-2018- Office CVE-2018-8628 Office Tools 2 8628 Use After Free
FILE-OFFICE Microsoft CVE-2019- Office CVE-2019-0560 Office Tools 2 0560 Information Disclosure
FILE-OFFICE Microsoft CVE-2019- Office CVE-2019-0699 Office Tools 1 0669 Remote Code Execution
January 2020 Page 21 of 97 IPS Signature Update
FILE-OFFICE Microsoft CVE-2019- Office CVE-2019-0801 Office Tools 2 0801 Remote Code Execution
FILE-OFFICE Microsoft Office Excel CVE-2010- CVE-2010- Office Tools 2 1252 String Variable 1252 Code Execution
FILE-OFFICE Microsoft Office Excel CVE-2010- CVE-2010- 2562 Pivot Item Index Office Tools 2 2562 Boundary Error Memory Corruption
FILE-OFFICE Microsoft Office Excel CVE-2019- CVE-2019- Office Tools 2 1112 Information 1112 Disclosure
FILE-OFFICE Microsoft Office Excel Information CVE-2018- Office Tools 1 Disclosure Vulnerability 4901 CVE-2019-1110
FILE-OFFICE Microsoft Office Excel Note CVE-2018- Record Information Office Tools 2 8382 Disclosure CVE-2018- 8382
FILE-OFFICE Microsoft Office Excel SST record CVE-2009- Office Tools 2 remote code execution 0561 attempt
FILE-OFFICE Microsoft CVE-2010- Office MSO.DLL Office Tools 1 0243 Memory Corruption
CVE-2019- FILE-OFFICE Microsoft Office Tools 2 Office Word CVE-2019- 0561
January 2020 Page 22 of 97 IPS Signature Update
0561 Information Disclosure
FILE-OFFICE Microsoft Office Word File FIB CVE-2009- Office Tools 1 Processing Memory 3135 Corruption
FILE-OFFICE MS XML CVE-2019-0793 Remote CVE-2019- Office Tools 2 Code Execution 0793 Vulnerability
FILE-OTHER 7-Zip RAR CVE-2018-10115 Solid CVE-2018- Application 2 Compression Remote 10115 and Software Code Execution
FILE-OTHER Acrobat Reader CVE-2018-12833 CVE-2018- Application 2 Information Disclosure 12833 and Software Vulnerability
FILE-OTHER Acrobat Reader CVE-2018-12838 CVE-2018- Application 2 Information Disclosure 12838 and Software Vulnerability
FILE-OTHER Acrobat Reader CVE-2018-12845 CVE-2018- Application 2 Information Disclosure 12845 and Software Vulnerability
FILE-OTHER Acrobat Reader CVE-2018-12856 CVE-2018- Application 2 Information Disclosure 12856 and Software Vulnerability
FILE-OTHER Acrobat Reader CVE-2018-15935 CVE-2018- Application 2 Information Disclosure 15935 and Software Vulnerability
January 2020 Page 23 of 97 IPS Signature Update
FILE-OTHER Acrobat Reader CVE-2018-15948 CVE-2018- Application 2 Information Disclosure 15948 and Software Vulnerability
FILE-OTHER Acrobat Reader CVE-2019-7140 CVE-2019- Application 2 Out-of-Bound Read 7140 and Software Vulnerability
FILE-OTHER Acrobat Reader CVE-2019-7143 CVE-2019- Application 2 Out-of-Bound Read 7143 and Software Vulnerability
FILE-OTHER Acrobat Reader CVE-2019-7785 CVE-2019- Application 2 Use After Free 7785 and Software Vulnerability
FILE-OTHER Acrobat Reader CVE-2019-7787 CVE-2019- Application 2 Out-of-Bound Read 7787 and Software Vulnerability
FILE-OTHER Acrobat Reader CVE-2019-7788 CVE-2019- Application 2 Use After Free 7788 and Software Vulnerability
FILE-OTHER Acrobat Reader CVE-2019-7791 CVE-2019- Application 2 Use After Free 7791 and Software Vulnerability
FILE-OTHER Acrobat Reader CVE-2019-7798 CVE-2019- Application 2 Out-of-Bound Read 7798 and Software Vulnerability
CVE-2019- Application FILE-OTHER Acrobat 2 Reader CVE-2019-7799 7799 and Software
January 2020 Page 24 of 97 IPS Signature Update
Out-of-Bound Read Vulnerability
FILE-OTHER Acrobat Reader CVE-2019-7810 CVE-2019- Application 2 Out Of Bound Read 7810 and Software Vulnerability
FILE-OTHER Acrobat Reader CVE-2019-7819 CVE-2019- Application 2 Use After Free 7819 and Software Vulnerability
FILE-OTHER Acrobat Reader CVE-2019-7824 CVE-2019- Application 2 Buffer Error 7824 and Software Vulnerability
FILE-OTHER Acrobat Reader CVE-2019-7825 CVE-2019- Application 2 Out-of-Bound Read 7825 and Software Vulnerability
FILE-OTHER Adobe Acrobat and Reader CVE-2018- Application docID Stack Buffer 1 4901 and Software Overflow leak CVE- 2018-4901
FILE-OTHER Adobe Acrobat and Reader CVE-2018- Application docID Stack Buffer 2 4901 and Software Overflow leak CVE- 2018-4901
FILE-OTHER Adobe Acrobat And Reader EPS CVE-2018- Application CVE-2018-12841 2 12841 and Software Arbitrary Code Execution
FILE-OTHER Adobe CVE-2019- Application 2
January 2020 Page 25 of 97 IPS Signature Update
Acrobat and Reader 7794 and Software JPEG2000 Parsing Out of Bounds Read
FILE-OTHER Adobe Acrobat CVE-2018- CVE-2018- Application 2 15986 Memory 15986 and Software Corruption
FILE-OTHER Adobe.Acrobat CVE- CVE-2018- Application 2 2018-16002 Out of 16002 and Software Bounds Read
FILE-OTHER Adobe Acrobat CVE-2018-5061 CVE-2018- Application ImageConversion EMF 2 5061 and Software EmfPlusDrawBeziers Out-Of-Bounds Read
FILE-OTHER Adobe CVE-2018- Application Acrobat EMF out-of- 2 16022 and Software bounds read attempt
FILE-OTHER Adobe Acrobat pro CVE-2018- CVE-2018- Application 1 4916 Out Of Bounds 4916 and Software Read Attempt
FILE-OTHER Adobe Acrobat Pro tiff parser CVE-2018- Application 2 out of bounds read 19705 and Software attempt
FILE-OTHER Adobe Acrobat Reader CVE- CVE-2018- Application 2 2018-12775 Out Of 12775 and Software Bounds
FILE-OTHER Adobe CVE-2018- Application 2 Acrobat Reader CVE- 12835 and Software 2018-12835 Out Of
January 2020 Page 26 of 97 IPS Signature Update
Bounds Write
FILE-OTHER Adobe Acrobat Reader CVE- CVE-2018- Application 2 2018-15956 15956 and Software Information Disclosure
FILE-OTHER Adobe Acrobat Reader CVE- CVE-2019- Application 2 2019-7116 PostScript 7116 and Software Out Of Bounds Read
FILE-OTHER Adobe Acrobat Reader CVE- CVE-2019- Application 2 2019-7125 Arbitrary 7125 and Software Code Execution
FILE-OTHER Adobe Acrobat Reader EMF CVE-2018- Application 2 CVE-2018-12842 Buffer 12842 and Software Overflow
FILE-OTHER Adobe Acrobat XPS CVE-2018- CVE-2018- Application 3 5019 Font Parsing Out- 5019 and Software of-Bounds Read
FILE-OTHER Adobe Flah CVE-2019- Application Player CVE-2019-7096 2 7096 and Software GIF Use After Free
FILE-OTHER Adobe InDesign Unsafe CVE-2019- Application 2 Hyperlink Processing 7107 and Software Remote Code Execution
FILE-OTHER Adobe CVE-2018- Application Reader CVE-2018-12878 2 12878 and Software Out Of Bounds Write
CVE-2018- Application FILE-OTHER Adobe 2 Reader CVE-2018-15937 15937 and Software
January 2020 Page 27 of 97 IPS Signature Update
Out Of Bounds Write
FILE-OTHER Adobe CVE-2018- Application Reader CVE-2018-15938 2 15938 and Software Out Of Bounds Write
FILE-OTHER Adobe CVE-2018- Application Reader CVE-2018-15994 2 15994 and Software Use After Free
FILE-OTHER Adobe CVE-2018- Application Reader CVE-2018-15997 2 15997 and Software Information Disclosure
FILE-OTHER Adobe CVE-2018- Application Reader CVE-2018-16008 2 16008 and Software Use After Free
FILE-OTHER Adobe CVE-2018- Application Reader CVE-2018-16026 2 16026 and Software Use After Free
FILE-OTHER Adobe CVE-2019- Application Reader CVE-2019-7145 2 7145 and Software Out Of Bounds Read
FILE-OTHER Adobe CVE-2019- Application Reader CVE-2019-7803 2 7803 and Software Out Of Bounds Read
FILE-OTHER Adobe CVE-2019- Application Reader CVE-2019-7818 2 7818 and Software Out Of Bounds Read
FILE-OTHER Adobe CVE-2019- Application Reader CVE-2019-7821 2 7821 and Software Use After Free
FILE-OTHER Adobe CVE-2019- Application Reader CVE-2019-7828 2 7828 and Software Heap Overflow
January 2020 Page 28 of 97 IPS Signature Update
FILE-OTHER Adobe CVE-2019- Application Reader CVE-2019-7829 2 7829 and Software Out Of Bounds Read
FILE-OTHER Adobe CVE-2019- Application Reader CVE-2019-8019 2 8019 and Software Type Confusion
FILE-OTHER Adobe CVE-2019- Application Reader CVE-2019-8095 2 8095 and Software Out Of Bounds Read
FILE-OTHER Adobe CVE-2019- Application Reader CVE-2019-8098 2 8098 and Software Out Of Bounds Read
FILE-OTHER Adobe Reader EMF CVE-2018- CVE-2018- Application 2 15990 Remote Code 15990 and Software Execution
FILE-OTHER Adobe CVE-2018- Application Reader EMF CVE-2018- 2 16006 and Software 16006 Use After Free
FILE-OTHER Adobe CVE-2018- Application Reader EMF CVE-2018- 2 16014 and Software 16014 Use After Free
FILE-OTHER Adobe Reader EMF CVE-2018- CVE-2018- Application 2 16016 Out Of Bounds 16016 and Software Write
FILE-OTHER Adobe CVE-2018- Application Reader EMF CVE-2018- 2 16019 and Software 16019 Out Of Bounds
FILE-OTHER Adobe CVE-2018- Application Reader EMF CVE-2018- 2 16021 and Software 16021 Heap Overflow
January 2020 Page 29 of 97 IPS Signature Update
FILE-OTHER Adobe CVE-2018- Application Reader XPS CVE-2018- 2 16015 and Software 16015 Out Of Bounds
FILE-OTHER Adobe CVE-2018- Application Reader XPS CVE-2018- 2 19703 and Software 19703 Out Of Bounds
FILE-OTHER ClamAV CVE-2019- Application OLE2 uniq_add Out-of- 2 1788 and Software Bounds Write
FILE-OTHER Foxit Reader JavaScript CVE- CVE-2018- Application 2018-3939 2 3939 and Software createTemplate Use After Free
FILE-OTHER GNU Libextractor CVE-2018- CVE-2018- Application 2 16430 ZIP File Comment 16430 and Software Out-of-Bounds Read
FILE-OTHER Google CVE-2018- Application Golang Get Command 2 7187 and Software Injection
FILE-OTHER Google CVE-2018- Application Golang Get Remote 2 16873 and Software Command Execution
FILE-OTHER IBM Informix Dynamic Server SET CVE-2011- Application 2 ENVIRONMENT Stack 1033 and Software Buffer Overflow CVE- 2011-1033
FILE-OTHER Libmspack Project CVE-2018- Application 2 cabd_sys_read_block 18584 and Software Off By One
January 2020 Page 30 of 97 IPS Signature Update
FILE-OTHER Malwarebytes Anti- CVE-2019- Application 1 Malware URI Handler 6739 and Software Remote Code Execution
FILE-OTHER Microsoft Graphics Device CVE-2019- Application Interface CVE-2019- 2 0616 and Software 0616 Information Disclosure
FILE-OTHER Microsoft Internet Explorer CVE- CVE-2012- Application 2012-1524 Attribute 2 1524 and Software Remove Remote Code Execution
FILE-OTHER Microsoft Internet Explorer CVE- CVE-2016- Application 2016-7272 Malformed 2 7272 and Software Ico Integer Overflow Attempt
FILE-OTHER Microsoft .NET CVE-2018- Application Resources file remote 2 8172 and Software code execution attempt CVE-2018-8172
FILE-OTHER Microsoft Outlook CVE-2019-1199 CVE-2019- Application 2 Use-After-Free 1199 and Software Vulnerability
CVE-2019- 0891,vendo FILE-OTHER Microsoft r Database Windows Jet Database Microsoft,v Management 1 CVE-2019-0891 Remote uln Code System Code Execution Exec,sfoscat 33,sigtype poc,mapp unknown,se
January 2020 Page 31 of 97 IPS Signature Update
rvice http,service imap,servic e pop3,servic e ftp-data
CVE-2019- 1242,vendo r Microsoft,v uln Code Exec,sfoscat FILE-OTHER Microsoft 33,sigtype Database Windows Jet Database poc,mapp Management 1 CVE-2019-1242 Remote unknown,se System Code Execution rvice http,service imap,servic e pop3,servic e ftp-data
FILE-OTHER Microsoft Windows CVE-2018- Application Malformed .themepack 2 8413 and Software Theme API Remote Code Execution
FILE-OTHER Microsoft Windows VBScript CVE-2019- Application 2 Engine VbsErase 0667 and Software Memory Corruption
FILE-OTHER Nullsoft Winamp Player Application Computer Name 1 and Software Handling Buffer Overflow
FILE-OTHER OMRON CX- CVE-2018- Application 2 One CX-Programmer 18993 and Software cdmapi32 Stack-based
January 2020 Page 32 of 97 IPS Signature Update
Buffer Overflow
FILE-OTHER OMRON CX- One CX-Protocol CVE-2018- Application 3 CMessage Type 19027 and Software Confusion
FILE-OTHER OMRON CX- CVE-2018- Application One CX-Protocol CSCU 2 19027 and Software Type Confusion
FILE-OTHER OMRON CX- One SBA File Parsing CVE-2018- Application wcscpy Stack-based 2 7514 and Software Buffer Overflow CVE- 2018-7514
FILE-OTHER Oracle CVE- 2018-3147 Outside In CVE-2018- Application Excel GelFrame 2 3147 and Software OfficeArtRecLen Out-of- bounds Read
FILE-OTHER Oracle Java CVE- CVE- Application 3 Arbitrary File Deletion 1 2019-2449 and Software
FILE-OTHER Oracle Java CVE- CVE- Application 3 Arbitrary File Deletion 2 2019-2449 and Software
FILE-OTHER Oracle Java CVE- CVE- Application 3 Arbitrary File Deletion 3 2019-2449 and Software
FILE-OTHER Oracle Java CVE-2019- Application 3 Arbitrary File Deletion 4 2449 and Software
FILE-OTHER Oracle Outside In Excel CVE-2018- Application PropertySetStream Out- 2 3010 and Software of-bounds Write CVE- 2018-3010
FILE-OTHER Perl Archive CVE-2018- Application 2
January 2020 Page 33 of 97 IPS Signature Update
Zip Arbitrary File 10860 and Software Overwrite
FILE-OTHER Python SSL X.509 CVE-2019-5010 CVE-2019- Application DistributionPoint 3 5010 and Software Extension NULL Pointer Dereference
FILE-OTHER RARLAB CVE-2018- Application WinRAR ACE Remote 1 20250 and Software Code Execution
FILE-OTHER RealNetworks CVE-2004- Application 3 RealPlayer CVE-2004- 0258 and Software 0258 Buffer Overflow
FILE-OTHER ReSIProcate CVE-2018-12584 Application CVE- 3 preparseNewBytes and Software Heap Buffer Overflow
FILE-OTHER Schneider Electric VAMPSET CVE-2014- Application 1 COMTRADE Records 8390 and Software Buffer Overflow
FILE-OTHER VMware CVE-2019- Application Fusion Guest VM 2 5514 and Software Remote Code Execution
FILE-OTHER WECON LeviStudio CVE-2019- CVE-2019- Application 6537 DataLogTool INI 2 6537 and Software Parser Stack-based Buffer Overflow
FILE-OTHER WECON LeviStudio DataLogTool CVE-2019- Application 2 Edit Stack-based Buffer 6537 and Software Overflow
January 2020 Page 34 of 97 IPS Signature Update
FILE-PDF Acrobat Reader CVE-2018-12852 CVE-2018- Application 2 Use-After-Free 12852 and Software Vulnerability
FILE-PDF Acrobat Reader CVE-2018-15924 CVE-2018- Application 2 Use-After Free 15924 and Software Vulnerability
FILE-PDF Acrobat Reader CVE-2018-15925 CVE-2018- Application 2 Information Disclosure 15925 and Software Vulnerability
FILE-PDF Acrobat Reader CVE-2019-7760 CVE-2019- Application 2 Use After Free 7760 and Software Vulnerability
FILE-PDF Acrobat Reader CVE-2019-7761 CVE-2019- Application 2 Use After Free 7761 and Software Vulnerability
FILE-PDF Acrobat Reader CVE-2019-7769 CVE-2019- Application 2 Out-of-Bound Read 7769 and Software Vulnerability
FILE-PDF Acrobat Reader CVE-2019-7770 CVE-2019- Application 1 Out-of-Bound Read 7770 and Software Vulnerability
FILE-PDF Acrobat Reader CVE-2019-7772 CVE-2019- Application 2 Use After Free 7772 and Software Vulnerability
CVE-2019- Application FILE-PDF Acrobat 2 Reader CVE-2019-7773 7773 and Software
January 2020 Page 35 of 97 IPS Signature Update
Out of Bound Read Vulnerability
FILE-PDF Acrobat Reader CVE-2019-7777 CVE-2019- Application 2 Out-of-Bound Read 7777 and Software Vulnerability
FILE-PDF Acrobat Reader CVE-2019-7780 CVE-2019- Application 2 Out-of-Bound Read 7780 and Software Vulnerability
FILE-PDF Acrobat Reader CVE-2019-7781 CVE-2019- Application 2 Use After Free 7781 and Software Vulnerability
FILE-PDF Acrobat Reader CVE-2019-7782 CVE-2019- Application 2 Use After Free 7782 and Software Vulnerability
FILE-PDF Acrobat Reader CVE-2019-7783 CVE-2019- Application 2 Use After Free 7783 and Software Vulnerability
FILE-PDF Acrobat Reader CVE-2019-7790 CVE-2019- Application 2 Out of Bound Read 7790 and Software Vulnerability
FILE-PDF Acrobat Reader CVE-2019-7807 CVE-2019- Application 2 Use After Free 7807 and Software Vulnerability
FILE-PDF Acrobat Reader CVE-2019-7812 CVE-2019- Application 2 Out-of-Bound Read 7812 and Software Vulnerability
January 2020 Page 36 of 97 IPS Signature Update
FILE-PDF Acrobat Reader CVE-2019-7817 CVE-2019- Application 2 Use After Free 7817 and Software Vulnerability
FILE-PDF Acrobat Reader CVE-2019-7830 CVE-2019- Application 2 Use After Free 7830 and Software Vulnerability
FILE-PDF Acrobat Reader CVE-2019-7832 CVE-2019- Application 2 Use After Free 7832 and Software Vulnerability
FILE-PDF Acrobat Reader CVE-2019-7833 CVE-2019- Application 2 Use After Free 7833 and Software Vulnerability
FILE-PDF Acrobat Reader CVE-2019-7834 CVE-2019- Application 2 Use After Free 7834 and Software Vulnerability
FILE-PDF Acrobat Reader CVE-2019-7835 CVE-2019- Application 2 Use After Free 7835 and Software Vulnerability
FILE-PDF Acrobat Reader CVE-2019-7836 CVE-2019- Application 2 Use After Free 7836 and Software Vulnerability
FILE-PDF Adobe Acrobat CVE-2018- Application And Reader CVE-2018- 2 12831 and Software 12831 Use After Free
FILE-PDF Adobe Acrobat CVE-2018- Application 4 and Reader CVE-2018- 15979 and Software 15979 PDF GoToE
January 2020 Page 37 of 97 IPS Signature Update
Information Disclosure
FILE-PDF Adobe Acrobat and Reader JPEG2000 CVE-2018- Application 3 Parsing Out of Bounds 15953 and Software Read CVE-2018-15953
FILE-PDF Adobe Acrobat and Reader JPEG2000 CVE-2018- Application 2 Parsing Out of Bounds 15953 and Software Read
FILE-PDF Adobe Acrobat and Reader PDF xml- CVE-2019- Application 3 stylesheet Information 7089 and Software Disclosure
FILE-PDF Adobe Acrobat and Reader Text Field CVE-2019- Application 2 Value Remote Code 7125 and Software Execution
FILE-PDF Adobe Acrobat CVE-2018-15946 CVE-2018- Application ImageConversion 2 15946 and Software EmfPlusDrawBeziers Information Disclosure
FILE-PDF Adobe Acrobat EMF EMR_ALPHABLEND CVE-2018- Application 3 CVE-2018-12789 Out- 12789 and Software of-Bounds Read
FILE-PDF Adobe Acrobat JavaScript CVE-2009- CVE-2009- Application 2 0927 getIcon Method 0927 and Software Buffer Overflow
FILE-PDF Adobe Acrobat Pro CVE-2018-16024 CVE-2018- Application 2 XSLT out-of-bounds 16024 and Software Read Vulnerability
January 2020 Page 38 of 97 IPS Signature Update
FILE-PDF Adobe Acrobat Reader AnnotsString CVE-2018- Application 2 memory corruption 16018 and Software attempt
FILE-PDF Adobe Acrobat Reader CVE-2009-3953 U3D CVE-2009- Application 2 CLODMeshDeceleration 3953 and Software Code Execution Vulnerability
FILE-PDF Adobe Acrobat CVE-2018- Application Reader CVE-2018-15922 2 15922 and Software Information Disclosure
FILE-PDF Adobe Acrobat Reader CVE-2018-19717 CVE-2018- Application 2 Remote Code Execution 19717 and Software Vulnerability
FILE-PDF Adobe Acrobat CVE-2019- Application Reader CVE-2019-7113 2 7113 and Software PDF Heap Overflow
FILE-PDF Adobe Acrobat CVE-2019- Application Reader CVE-2019-7114 2 7114 and Software Out Of Bounds Read
FILE-PDF Adobe Acrobat CVE-2019- Application Reader CVE-2019-7119 2 7119 and Software GIF Memory Corruption
FILE-PDF Adobe Acrobat Reader CVE-2019-7121 CVE-2019- Application 2 IFF Information 7121 and Software Disclosure
FILE-PDF Adobe Acrobat CVE-2019- Application Reader CVE-2019-7776 2 7776 and Software Out Of Bounds Read
January 2020 Page 39 of 97 IPS Signature Update
FILE-PDF Adobe Acrobat CVE-2019- Application Reader CVE-2019-7789 3 7789 and Software Out Of Bounds Read
FILE-PDF Adobe Acrobat CVE-2019- Application Reader CVE-2019-7800 2 7800 and Software Heap Overflow Attempt
FILE-PDF Adobe Acrobat CVE-2019- Application Reader CVE-2019-7811 2 7811 and Software Out Of Bounds Read
FILE-PDF Adobe Acrobat CVE-2019- Application Reader CVE-2019-7827 2 7827 and Software Heap Overflow Attempt
FILE-PDF Adobe Acrobat Reader pattern object CVE-2014- Application 2 memory corruption 0495 and Software attempt
FILE-PDF Adobe Acrobat Reader (Unix) Shell CVE-2004- Application 2 Metacharacter Code 0630 and Software Execution
FILE-PDF Adobe Reader and Acrobat CVE-2009- CVE-2009- Application 2 4324 media.newPlayer 4324 and Software Code Execution
FILE-PDF Adobe Reader CVE-2019- Application Buffer Error 1 8048 and Software Vulnerability
FILE-PDF Adobe Reader CVE-2008-2992 CVE-2008- Application 2 Util.Printf Remote Code 2992 and Software Execution
FILE-PDF Adobe Reader CVE-2013- Application 2 CVE-2013-5332 Remote
January 2020 Page 40 of 97 IPS Signature Update
Code Execution 5332 and Software
FILE-PDF Adobe Reader CVE-2014- Application CVE-2014-8489 Remote 2 8489 and Software Code Execution
FILE-PDF Adobe Reader CVE-2018- Application CVE-2018-16005 2 16005 and Software Information Disclosure
FILE-PDF Adobe Reader CVE-2018- Application CVE-2018-16009 2 16009 and Software Information Disclosure
FILE-PDF Adobe Reader CVE-2018- Application CVE-2018-16023 Out Of 2 16023 and Software Bounds
FILE-PDF Adobe Reader CVE-2018- Application CVE-2018-16029 Use 2 16029 and Software After Free
FILE-PDF Adobe Reader CVE-2018- Application CVE-2018-16031 Out Of 2 5014 and Software Bounds Read
FILE-PDF Adobe Reader CVE-2018- Application CVE-2018-16033 Out Of 2 16033 and Software Bounds
FILE-PDF Adobe Reader CVE-2018- Application CVE-2018-16036 Use 2 16036 and Software After Free
FILE-PDF Adobe Reader CVE-2018- Application CVE-2018-16041 Out Of 2 16041 and Software Bounds
FILE-PDF Adobe Reader CVE-2018- Application CVE-2018-16045 2 16045 and Software Privilege Escalation
January 2020 Page 41 of 97 IPS Signature Update
FILE-PDF Adobe Reader CVE-2018- Application CVE-2018-19701 2 19701 and Software Information Disclosure
FILE-PDF Adobe Reader CVE-2018- Application CVE-2018-19716 Heap 2 19716 and Software Overflow
FILE-PDF Adobe Reader CVE-2019- Application CVE-2019-7758 Out Of 2 7758 and Software Bounds Read
FILE-PDF Adobe Reader CVE-2019- Application CVE-2019-7762 Use 2 7762 and Software After Free
FILE-PDF Adobe Reader CVE-2019- Application CVE-2019-7763 Use 2 7763 and Software After Free
FILE-PDF Adobe Reader CVE-2019- Application CVE-2019-7765 Use 2 7765 and Software After Free
FILE-PDF Adobe Reader CVE-2019- Application CVE-2019-7767 Use 2 7767 and Software After Free
FILE-PDF Adobe Reader CVE-2019- Application CVE-2019-7768 Use 2 7768 and Software After Free
FILE-PDF Adobe Reader CVE-2019- Application CVE-2019-7774 Out Of 2 7774 and Software Bounds
FILE-PDF Adobe Reader CVE-2019- Application CVE-2019-7775 Out Of 2 7775 and Software Bounds Read
FILE-PDF Adobe Reader CVE-2019- Application 2 CVE-2019-7778 Out Of
January 2020 Page 42 of 97 IPS Signature Update
Bounds Read 7778 and Software
FILE-PDF Adobe Reader CVE-2019- Application CVE-2019-7786 Use 2 7786 and Software After Free
FILE-PDF Adobe Reader CVE-2019- Application CVE-2019-7792 Use 1 7792 and Software After Free
FILE-PDF Adobe Reader CVE-2019- Application CVE-2019-7793 Out Of 2 7793 and Software Bounds Read
FILE-PDF Adobe Reader CVE-2019- Application CVE-2019-7795 Out Of 2 7795 and Software Bounds Read
FILE-PDF Adobe Reader CVE-2019- Application CVE-2019-7797 Use 2 7797 and Software After Free
FILE-PDF Adobe Reader CVE-2019- Application CVE-2019-7802 Out Of 2 7802 and Software Bounds Read
FILE-PDF Adobe Reader CVE-2019- Application CVE-2019-7804 Out Of 2 7804 and Software Bounds Read
FILE-PDF Adobe Reader CVE-2019- Application CVE-2019-7805 Use 2 7805 and Software After Free
FILE-PDF Adobe Reader CVE-2019- Application CVE-2019-7808 Use 2 7808 and Software After Free
FILE-PDF Adobe Reader CVE-2019- Application CVE-2019-7809 Use 2 7809 and Software After Free
January 2020 Page 43 of 97 IPS Signature Update
FILE-PDF Adobe Reader CVE-2019- Application CVE-2019-7813 Use 2 7813 and Software After Free
FILE-PDF Adobe Reader CVE-2019- Application CVE-2019-7814 Use 2 7814 and Software After Free
FILE-PDF Adobe Reader CVE-2019- Application CVE-2019-7822 Out Of 2 7822 and Software Bounds Read
FILE-PDF Adobe Reader CVE-2019- Application CVE-2019-7831 Use 2 7831 and Software After Free
FILE-PDF Adobe Reader CVE-2019- Application CVE-2019-7841 Out Of 2 7841 and Software Bounds Read
FILE-PDF Adobe Reader CVE-2019- Application CVE-2019-8012 Out Of 2 8012 and Software Bounds Read
FILE-PDF Adobe Reader CVE-2019- Application CVE-2019-8015 Heap 2 8015 and Software Overflow
FILE-PDF Adobe Reader CVE-2019- Application CVE-2019-8018 Out Of 2 8018 and Software Bounds Read
FILE-PDF Adobe Reader CVE-2019- Application CVE-2019-8021 Out Of 2 8021 and Software Bounds Read
FILE-PDF Adobe Reader CVE-2019- Application CVE-2019-8022 Out Of 2 8022 and Software Bounds Read
FILE-PDF Adobe Reader CVE-2019- Application 2 CVE-2019-8023 Out Of
January 2020 Page 44 of 97 IPS Signature Update
Bounds Read 8023 and Software
FILE-PDF Adobe Reader CVE-2019- Application CVE-2019-8024 Use 2 8024 and Software After Free
FILE-PDF Adobe Reader CVE-2019- Application CVE-2019-8026 Use 2 8026 and Software After Free
FILE-PDF Adobe Reader CVE-2019- Application CVE-2019-8027 Out Of 1 8027 and Software Bounds Read
FILE-PDF Adobe Reader CVE-2019- Application CVE-2019-8038 Use 2 8038 and Software After Free
FILE-PDF Adobe Reader CVE-2019- Application CVE-2019-8050 Heap 2 8050 and Software Overflow
FILE-PDF Adobe Reader CVE-2019- Application CVE-2019-8051 Use 2 8051 and Software After Free
FILE-PDF Adobe Reader CVE-2019- Application CVE-2019-8056 Use 1 8056 and Software After Free
FILE-PDF Adobe Reader CVE-2019- Application CVE-2019-8061 Use 2 8061 and Software After Free
FILE-PDF Adobe Reader CVE-2019- Application Double Free 1 8044 and Software Vulnerability
FILE-PDF Adobe Reader CVE-2019- Application Heap Overflow 1 8014 and Software Vulnerability
January 2020 Page 45 of 97 IPS Signature Update
FILE-PDF Adobe Reader CVE-2019- Application Heap Overflow 1 8042 and Software Vulnerability
FILE-PDF Adobe Reader CVE-2019- Application Heap Overflow 1 8046 and Software Vulnerability
FILE-PDF Adobe Reader CVE-2018- Application JavaScript CVE-2018- 2 16025 and Software 16025 Use After Free
FILE-PDF Adobe Reader JavaScript resolveNode CVE-2018- Application 2 use-after-free 19710 and Software Vulnerability
FILE-PDF Adobe Reader CVE-2019- Application out-of-bounds memory 1 8010 and Software read attempt
FILE-PDF Adobe Reader CVE-2019- Application out-of-bounds memory 1 8020 and Software read attempt
FILE-PDF Adobe Reader CVE-2019- Application out-of-bounds memory 1 8032 and Software read attempt
FILE-PDF Adobe Reader CVE-2019- Application out-of-bounds memory 1 8043 and Software read attempt
FILE-PDF Adobe Reader CVE-2019- Application out-of-bounds memory 1 8102 and Software read attempt
FILE-PDF Adobe Reader CVE-2018- Application PDF CVE-2018-16047 2 16047 and Software Information Disclosure
January 2020 Page 46 of 97 IPS Signature Update
FILE-PDF Adobe Reader CVE-2019- Application PDF CVE-2019-7089 2 7089 and Software Information Disclosure
FILE-PDF Adobe Reader CVE-2019- Application Untrusted Pointer 1 8006 and Software Deference
FILE-PDF Adobe Reader CVE-2019- Application Use-After-Free 1 8028 and Software Vulnerability
FILE-PDF Adobe Reader CVE-2019- Application Use-After-Free 1 8033 and Software Vulnerability
FILE-PDF Adobe Reader CVE-2019- Application Use-After-Free 1 8036 and Software Vulnerability
FILE-PDF Adobe Reader CVE-2019- Application Use-After-Free 1 8053 and Software Vulnerability
FILE-PDF Adobe Reader CVE-2019- Application Use-After-Free 1 8054 and Software Vulnerability
FILE-PDF Adobe Reader CVE-2019- Application Use-After-Free 1 8055 and Software Vulnerability
FILE-PDF Adobe Reader CVE-2019- Application Use-After-Free 1 8057 and Software Vulnerability
FILE-PDF Adobe Reader CVE-2019- Application Use-After-Free 1 8058 and Software Vulnerability
FILE-PDF Adobe Reader CVE-2019- Application 1 Use-After-Free
January 2020 Page 47 of 97 IPS Signature Update
Vulnerability 8059 and Software
FILE-PDF Foxit Reader and PhantomPDF XFA CVE-2018- Application 2 xdpContent Information 3956 and Software Disclosure
FILE-PDF Foxit Reader CVE-2018- Application Annotation Delay Use- 2 4901 and Software After-Free
FILE-PDF Foxit Reader CVE-2018-14295 PDF CVE-2018- Application 3 Parsing Shading Pattern 14295 and Software Integer Overflow
FILE-PDF Foxit Reader CVE-2018-14304 CVE-2018- Application 3 Annotations noteIcon 14304 and Software Use After Free
FILE-PDF Foxit Reader CVE-2018-3850 CVE-2018- Application 3 JavaScript XFA Use After 3850 and Software Free
FILE-PDF Foxit Reader JavaScript CVE-2018- Application 1 getPageNumWords Use 3964 and Software After Free
FILE-PDF Foxit Reader JavaScript mailForm Use CVE-2018- Application 2 After Free CVE-2018- 15953 and Software 3924
FILE-PDF Foxit Reader JavaScript mailForm Use CVE-2018- Application 2 After Free CVE-2018- 3924 and Software 3924
FILE-PDF Foxit Reader CVE-2019- Application 2
January 2020 Page 48 of 97 IPS Signature Update
JavaScript popUpMenu 6730 and Software Use After Free
INDICATOR- OBFUSCATION CVE-2014- Application Malicious CVE-2014- 2 6332 and Software 6332 Payload VBS Obfuscation
INDICATOR- OBFUSCATION Operating Microsoft Windows OLE CVE-2014- System and 2 Automation Array 6332 Services Remote Code Execution (Published Exploit)
INDICATOR- OBFUSCATION Operating Microsoft Windows OLE CVE-2014- System and 2 CVE-2014-6332 6332 Services Automation Array RCE III
INDICATOR- OBFUSCATION Operating CVE-2014- Microsoft Windows OLE System and 2 6332 CVE-2014-6332 Services Automation Array RCE II
INDICATOR- OBFUSCATION Operating CVE-2014- Microsoft Windows OLE System and 2 6332 CVE-2014-6332 Services Automation Array RCE I
INDICATOR- OBFUSCATION Operating Microsoft Windows OLE CVE-2014- System and 2 CVE-2014-6332 6332 Services Automation Array RCE IV
January 2020 Page 49 of 97 IPS Signature Update
INDICATOR- OBFUSCATION Operating Microsoft Windows OLE CVE-2014- System and 2 CVE-2014-6332 6332 Services Automation Array RCE IX
INDICATOR- OBFUSCATION Operating Microsoft Windows OLE CVE-2014- System and 2 CVE-2014-6332 6332 Services Automation Array RCE VIII
INDICATOR- OBFUSCATION Operating Microsoft Windows OLE CVE-2014- System and 2 CVE-2014-6332 6332 Services Automation Array RCE VII
INDICATOR- OBFUSCATION Operating Microsoft Windows OLE CVE-2014- System and 2 CVE-2014-6332 6332 Services Automation Array RCE VI
INDICATOR- OBFUSCATION Operating CVE-2014- Microsoft Windows OLE System and 2 6332 CVE-2014-6332 Services Automation Array RCE V
INDICATOR- OBFUSCATION Microsoft Windows OLE CVE-2014- Application 2 CVE-2014-6332 6332 and Software Automation Array RCE XIII
INDICATOR- CVE-2014- Application 2 OBFUSCATION
January 2020 Page 50 of 97 IPS Signature Update
Microsoft Windows OLE 6332 and Software CVE-2014-6332 Automation Array RCE XII
INDICATOR- OBFUSCATION Microsoft Windows OLE CVE-2014- Application 2 CVE-2014-6332 6332 and Software Automation Array RCE XI
INDICATOR- OBFUSCATION Microsoft Windows OLE CVE-2014- Application 2 CVE-2014-6332 6332 and Software Automation Array RCE XIV
INDICATOR- OBFUSCATION CVE-2014- Application Microsoft Windows OLE 2 6332 and Software CVE-2014-6332 Automation Array RCE X
INDICATOR- OBFUSCATION Microsoft Windows OLE CVE-2014- Application 2 CVE-2014-6332 6332 and Software Automation Array RCE XV
INDICATOR- OBFUSCATION Microsoft Windows OLE Operating CVE-2014- CVE-2014-6332 System and 2 6332 Automation Array Services Remote Code Execution III
Operating INDICATOR- CVE-2014- System and 2 OBFUSCATION 6332 Microsoft Windows OLE Services
January 2020 Page 51 of 97 IPS Signature Update
CVE-2014-6332 Automation Array Remote Code Execution II
INDICATOR- OBFUSCATION Microsoft Windows OLE Operating CVE-2014- CVE-2014-6332 System and 2 6332 Automation Array Services Remote Code Execution I
INDICATOR- OBFUSCATION Microsoft Windows OLE Operating CVE-2014- CVE-2014-6332 System and 2 6332 Automation Array Services Remote Code Execution VI
INDICATOR- OBFUSCATION Microsoft Windows OLE Operating CVE-2014- CVE-2014-6332 System and 2 6332 Automation Array Services Remote Code Execution V
INDICATOR- OBFUSCATION Microsoft Windows OLE Operating CVE-2014- CVE-2014-6332 System and 2 6332 Automation Array Services (Unicode) Remote Code Execution IV
MALWARE-CNC Malware Win.Trojan.Kwampirs Communicatio 2 outbound connection n attempt
MISC Microsoft Misc 5
January 2020 Page 52 of 97 IPS Signature Update
Windows Encrypted DCERPC request attempt
OS-LINUX GnuTLS Operating CVE-2019- Certificate Verification System and 1 3829 verify_crt Use after Free Services
OS-LINUX GnuTLS Operating CVE-2019- Certificate Verification System and 2 3829 verify_crt Use after Free Services
OS-LINUX Linux Kernel Operating Netfilter iptables- CVE-2019- System and 2 restore Stack-based 11360 Services Buffer Overflow
OS-LINUX Red Hat 389 CVE-2018-1089 Operating CVE-2018- Directory Server ns- System and 2 1089 slapd ldapsearch Buffer Services Overflow
OS-LINUX Red Hat 389 Directory Server CVE- Operating CVE-2018- 02018-14624 System and 1 14624 vslapd_log_emergency_ Services error Denial of Service
OS-LINUX Red Hat 389 Operating Directory Server CVE- CVE-2018- System and 1 2018-14648 do_search 14648 Services Denial of Service
OS-OTHER BusyBox Operating Project CVE-2018- CVE-2018- System and 2 1000517 BusyBox wget 1000517 Services Buffer Overflow
OS-OTHER Evernote For Operating CVE-2019- Mac Embedded Link System and 2 10038 Directory Traversal Services
January 2020 Page 53 of 97 IPS Signature Update
OS-OTHER GNU Bash Operating Environment Variable CVE-2014- System and 1 Handling Command 6271 Services Execution
Operating OS-WINDOWS ActiveX CVE-2019- System and 1 Data Objects Execution 0888 Services
Operating OS-WINDOWS ActiveX CVE-2019- System and 2 Data Objects Execution 0888 Services
OS-WINDOWS Microsoft Forefront Operating Threat Management CVE-2011- System and 2 Gateway Client Remote 1889 Services Code Execution CVE- 2011-1889
OS-WINDOWS Operating Microsoft GDI WMF CVE-2008- System and 2 CVE-2008-3014 Image 3014 Services File Buffer Overflow
OS-WINDOWS Microsoft Graphics Operating CVE-2018- Component CVE-2018- System and 2 8472 8472 Information Services Disclosure
OS-WINDOWS Microsoft Graphics Operating CVE-2019- Components CVE-2019- System and 2 0822 0822 Remote Code Services Execution
OS-WINDOWS Microsoft Graphics Operating CVE-2019- Device Interface CVE- System and 2 0602 2019-0602 Information Services Disclosure
January 2020 Page 54 of 97 IPS Signature Update
OS-WINDOWS Microsoft Graphics Operating CVE-2019- Device Interface CVE- System and 2 0619 2019-0619 Information Services Disclosure
OS-WINDOWS Microsoft Graphics Operating CVE-2019- Device Interface CVE- System and 1 0961 2019-0961 Information Services Disclosure
OS-WINDOWS Microsoft Graphics Operating CVE-2019- Device Interface CVE- System and 2 1010 2019-1010 Information Services Disclosure
OS-WINDOWS Microsoft Graphics Operating CVE-2019- Device Interface System and 3 0802 wEmrText Information Services Disclosure
OS-WINDOWS Operating Microsoft Hyperlink CVE-2016- System and 1 Object Library 0059 Services Information Disclosure
OS-WINDOWS Microsoft JET Database Operating CVE-2018- Engine CVE-2018-8392 System and 2 8392 Heap-based Buffer Services Overflow
OS-WINDOWS Operating Microsoft Outlook RWZ CVE-2018- System and 2 Integer Overflow CVE- 8582 Services 2018-8582
OS-WINDOWS Operating 2 Microsoft Remote System and
January 2020 Page 55 of 97 IPS Signature Update
Administration Protocol Services Heap Buffer Overflow CVE-2012-1852
OS-WINDOWS Microsoft SMB JET Operating Database CVE-2017- CVE-2017- System and 2 8717 Engine Excel 8717 Services Component Buffer Overflow
OS-WINDOWS Operating Microsoft Visual Studio CVE-2019- System and 2 Vscontent XXE Injection 0537 Services CVE-2019-0537
OS-WINDOWS Operating Microsoft Windows CVE-2010- System and 2 Cinepak Codec Code 2553 Services Execution
OS-WINDOWS Microsoft Windows Operating CVE-2009- CVE-2009-2526 SMBv2 System and 2 2526 Infinite Loop Denial of Services Service
OS-WINDOWS Microsoft Windows Operating CVE-2018- CVE-2018-0825 System and 2 0825 StructuredQuery Services Remote Code Execution
OS-WINDOWS Operating Microsoft Windows CVE-2018- System and 1 CVE-2018-8413 Theme 8413 Services API Code Execution
OS-WINDOWS Operating CVE-2019- Microsoft Windows System and 2 0665 CVE-2019-0665 VBScript Services Engine Remote Code
January 2020 Page 56 of 97 IPS Signature Update
Execution Vulnerability
OS-WINDOWS Microsoft Windows Operating CVE-2019- CVE-2019-0667 VBScript System and 2 0667 Engine Remote Code Services Execution Vulnerability
OS-WINDOWS Microsoft Windows Operating CVE-2019- CVE-2019-0752 Code System and 2 0752 Execution (Published Services Exploit)
OS-WINDOWS Operating Microsoft Windows CVE-2019- System and 1 CVE-2019-1071 1071 Services Information Disclosure
OS-WINDOWS Operating Microsoft Windows CVE-2019- System and 2 CVE-2019-1073 1073 Services Information Disclosure
OS-WINDOWS Operating Microsoft Windows CVE-2019- System and 3 CVE-2019-1108 1108 Services Information Disclosure
OS-WINDOWS Operating Microsoft Windows CVE-2019- System and 2 DHCP Client CVE-2019- 0547 Services 0547 Code Execution
OS-WINDOWS Operating Microsoft Windows CVE-2019- System and 1 DHCP Client CVE-2019- 0726 Services 0726 Code Execution
Operating OS-WINDOWS CVE-2019- System and 2 Microsoft Windows 0726 DHCP Client CVE-2019- Services
January 2020 Page 57 of 97 IPS Signature Update
0726 Code Execution
OS-WINDOWS Microsoft Windows CVE-2019- Application DHCP Client 1 0697 and Software DhcpExtractFullOptions Code Execution
OS-WINDOWS Microsoft Windows Operating CVE-2019- DHCP Server System and 1 0626 UncodeOption Heap Services Buffer Overflow
OS-WINDOWS Microsoft Windows Operating CVE-2017- DHCPv6 Client System and 1 14494 ParseDhcpv6Options Services Code Execution
OS-WINDOWS Operating Microsoft Windows System and 3 Encrypted DCERPC Services request attempt
OS-WINDOWS Microsoft Windows EOT Operating CVE-2018- Font CVE-2018-0755 System and 2 0755 Engine Information Services Disclosure
OS-WINDOWS Microsoft Windows EOT Operating CVE-2018- Font CVE-2018-0761 System and 2 0761 Engine Parsing Services Information Disclosure
OS-WINDOWS Operating Microsoft Windows CVE-2019- System and 2 Event Viewer 0948 Services Information Disclosure
January 2020 Page 58 of 97 IPS Signature Update
OS-WINDOWS Microsoft Windows Operating CVE-2018- Font Subsetting Integer System and 2 8344 Overflow CVE-2018- Services 8344
OS-WINDOWS Operating Microsoft Windows GDI CVE-2019- System and 2 CVE-2019-0758 0758 Services Information Disclosure
OS-WINDOWS Operating Microsoft Windows GDI CVE-2019- System and 2 CVE-2019-0882 0882 Services Information Disclosure
OS-WINDOWS Operating Microsoft Windows GDI CVE-2019- System and 1 CVE-2019-0903 Remote 0903 Services Code Execution
OS-WINDOWS Operating Microsoft Windows GDI CVE-2008- System and 1 WMF File HeaderSize 2249 Services Buffer Overflow
OS-WINDOWS Microsoft Windows Operating CVE-2018- Graphics Component System and 3 8239 CVE-2018-8239 Services Information Disclosure
OS-WINDOWS Microsoft Windows Operating Graphics CVE-2018- CVE-2018- System and 3 8595 Device Interface 8595 Services EMR_HEADER Information Disclosure
Operating OS-WINDOWS CVE-2018- System and 2 Microsoft Windows 8596 Graphics CVE-2018- Services
January 2020 Page 59 of 97 IPS Signature Update
8596 Device Interface Information Disclosure
OS-WINDOWS Microsoft Windows Operating CVE-2018- Graphics Device CVE- System and 3 8424 2018-8424 Interface Services Information Disclosure
OS-WINDOWS Microsoft Windows Operating CVE-2018- Graphics Device System and 2 8596 Interface Information Services Disclosure
CVE-2019- 9513,mapp unknown,ve ndor OS-WINDOWS Microsoft,v Web Services Microsoft Windows uln Denial and 2 HTTP2 Resource Loop Of Applications Denial of Service Service,sfos cat 50,sigtype poc,service http
OS-WINDOWS Microsoft Windows Jet Operating CVE-2019- Database CVE-2019- System and 2 1243 1243 Remote Code Services Execution
OS-WINDOWS Microsoft Windows JET Operating CVE-2019- Database Engine System and 2 0577 CreateLvSMLocs Code Services Execution
Operating OS-WINDOWS CVE-2019- System and 2 Microsoft Windows JET 0575 Database Engine Services
January 2020 Page 60 of 97 IPS Signature Update
Physical Index Out-of- Bounds Read CVE-2019- 0575
OS-WINDOWS Operating Microsoft Windows CVE-2019- System and 1 NTLM Message Integrity 1040 Services Check Tampering
OS-WINDOWS Operating Microsoft Windows OLE CVE-2016- System and 1 CVE-2016-0091 Code 0091 Services Execution
OS-WINDOWS Operating Microsoft Windows CVE-2010- System and 2 Print Spooler Service 2729 Services Arbitrary File Upload
OS-WINDOWS Operating Microsoft Windows RDP System and 1 CVE-2019-0708 Remote Services Code Execution
OS-WINDOWS Microsoft Windows RDP Operating CVE-2012- DisconnectProviderUlti System and 2 0002 matum Use After Free Services CVE-2012-0002
OS-WINDOWS Microsoft Windows Operating Remote Desktop CVE-2019- System and 2 Protocol Server 1224 Services Information Disclosure Vulnerability
OS-WINDOWS Operating Microsoft Windows CVE-2019- System and 1 Remote Desktop 1181 Services CVE-2019-1181 Services Remote Code Execution
January 2020 Page 61 of 97 IPS Signature Update
Vulnerability
OS-WINDOWS Microsoft Windows Operating Remote Desktop CVE-2019- System and 1 Services CVE-2019-1182 1182 Services Remote Code Execution Vulnerability
CVE-2019- 1181,mapp unknown,m app unknown,m app OS-WINDOWS unknown,m Microsoft Windows app Operating Remote Desktop unknown,,v System and 1 Services DVC endor Services Decompression Heap Microsoft,v Buffer Overflow uln Overflow,sf oscat 44,sigtype poc,mapp unknown,se rvice rdp
CVE-2019- 1181,mapp unknown,m app unknown,m OS-WINDOWS app Microsoft Windows unknown,m Operating Remote Desktop app System and 1 Services DVC unknown,ve Services Decompression Heap ndor Buffer Overflow Microsoft,v uln Overflow,sf oscat 44,sigtype poc,service
January 2020 Page 62 of 97 IPS Signature Update
rdp
CVE-2019- 1181,mapp unknown,m app unknown,m OS-WINDOWS app Microsoft Windows unknown,ve Operating Remote Desktop ndor System and 1 Services DVC Microsoft,v Services Decompression Heap uln Buffer Overflow Overflow,sf oscat 44,sigtype poc,mapp unknown,se rvice rdp
OS-WINDOWS Microsoft Windows Operating Remote Desktop CVE-2019- System and 1 Services Remote Code 0708 Services Execution (Decrypted Traffic)
OS-WINDOWS Microsoft Windows Operating CVE-2019- Remote Desktop System and 1 0708 Services Remote Code Services Execution
OS-WINDOWS Microsoft Windows Operating CVE-2008- Server Service RPC System and 2 4250 Request Handling Buffer Services Overflow
OS-WINDOWS Microsoft Windows Operating CVE-2018- Shell SettingContent-ms System and 1 8414 Remote Code Execution Services CVE-2018-8414
January 2020 Page 63 of 97 IPS Signature Update
OS-WINDOWS Microsoft Windows Operating SMB Negotiate Protocol CVE-2009- System and 2 response DoS attempt 3676 Services empty SMB 2 CVE-2009- 3676
OS-WINDOWS Microsoft Windows Operating CVE-2017- SMB Server SMBv1 CVE- System and 2 0143 2017-0143 Memory Services Corruption
OS-WINDOWS Microsoft Windows Operating CVE-2017- SMB Server SMBv1 CVE- System and 2 0147 2017-0147 Information Services Disclosure
OS-WINDOWS Microsoft Windows Operating CVE-2019- SMB Server SMBv2 System and 1 0630 Smb2UpdateLeaseFileN Services ame Code Execution
OS-WINDOWS Microsoft Windows Operating VBScript Engine CVE- CVE-2019- System and 2 2019-0861 Remote 0862 Services Code Execution Vulnerability
OS-WINDOWS VBScipt Operating CVE-2019-0794 Remote CVE-2019- System and 2 Code Execution 0794 Services Vulnerability
PROTOCOL-DNS HAProxy CVE-2018- CVE-2018- 20103 dns_read_name DNS 3 20103 Compressed Name Denial of Service
January 2020 Page 64 of 97 IPS Signature Update
PROTOCOL-DNS Nginx CVE-2016-0742 DNS CVE-2016- DNS 2 Resolver Denial of 0742 Service
PROTOCOL-DNS PowerDNS Recursive CVE-2018- DNS 2 Out of Bounds Read 16855 Denial of Service
PROTOCOL-DNS Samba CVE-2018-1140 AD DC CVE-2018- DNS 3 Null Pointer 1140 Dereference
PROTOCOL-FTP Multiple Vendors OPIE Off-by- CVE-2010- FTP 2 one Stack Buffer 1938 Overflow
PROTOCOL-OTHER Operating OMRON CX-One CX- CVE-2018- System and 2 Protocol Trace Type 19027 Services Confusion
PROTOCOL-OTHER Operating OpenLDAP CVE-2013- CVE-2013- System and 2 4449 rwm Overlay 4449 Services Denial of Service II
PROTOCOL-SCADA Advantech WebAccess CVE-2018- Industrial SCADA WADashboard 3 15706 Control System readFile Directory Traversal
PROTOCOL-SCADA LAquis SCADA CVE- CVE-2018- Industrial 2018-18996 Web Server 3 18996 Control System relatorionome NOME Command Injection
January 2020 Page 65 of 97 IPS Signature Update
PROTOCOL-SCADA LAquis SCADA LGX CVE-2018- Industrial 2 Report CVE-2018-18988 18988 Control System Arbitrary File Write
PROTOCOL-SCADA LAquis SCADA LGX CVE-2018- Industrial 2 Report File Parsing Out- 18986 Control System Of-Bounds Write
PROTOCOL-SCADA LAquis SCADA Web Server CVE-2018- FTP 1 acompanhamentotela 18992 TAGALTERE Command Injection
PROTOCOL-SCADA LAquis SCADA Web Server CVE-2018-18992 CVE-2018- Industrial 3 acompanhamentotela 18992 Control System PAGINA Command Injection
PROTOCOL-SCADA LAquis SCADA Web CVE-2018- FTP 2 Server Directory 18990 Traversal
PROTOCOL-SCADA OMRON CX-One CX- CVE-2018- Industrial Position CVE-2018- 3 18993 Control System 18993 cdmapi32 Stack- based Buffer Overflow
PROTOCOL-SCADA OMRON CX-One CX- CVE-2019- Industrial 3 Programmer Program 6556 Control System Use after Free
CVE-2018- Industrial PROTOCOL-SCADA 2 Schneider Electric IIoT 7835 Control System
January 2020 Page 66 of 97 IPS Signature Update
Monitor downloadCSV Directory Traversal
PROTOCOL-TFTP Atftp CVE-2019- Application TFTP Server Error 1 11365 and Software Packet Denial Of Service
PROTOCOL-TFTP Cisco Prime Infrastructure CVE-2018- FTP 1 swimtemp TFTP 15379 Arbitrary File Upload
PROTOCOL-TFTP HPE Intelligent Management Center PLAT tftpserver CVE-2018- FTP 1 fread Stack Buffer 7074 Overflow CVE-2018- 7074
PROTOCOL-VOIP Digium Asterisk CVE-2017- VoIP and CVE-2017- 14100 app_minivm Instant 2 14100 Caller-ID Command Messaging Execution
PROTOCOL-VOIP To VoIP and header multiple To Instant 1 headers Messaging
SERVER-APACHE Apache ActiveMQ CVE- CVE-2018- Apache HTTP 2018-8006 Web 1 8006 Server Console QueueFilter Cross-Site Scripting
SERVER-APACHE Apache ActiveMQ CVE- CVE-2018- Apache HTTP 2018-8006 Web 2 8006 Server Console QueueFilter Cross-Site Scripting
SERVER-APACHE CVE-2018- Apache HTTP 2
January 2020 Page 67 of 97 IPS Signature Update
Apache CVE-2018-1306 1306 Server Pluto PortletV3AnnotatedDe mo MultipartPortlet Arbitrary File Upload
SERVER-APACHE Apache httpd CVE- CVE-2018- Apache HTTP 2018-8011 mod_md 2 8011 Server Null Pointer Dereference
SERVER-APACHE Apache httpd CVE- Apache HTTP 2019-0190 mod_ssl TLS 3 Server Renegotiation Denial of Service
SERVER-APACHE Apache HTTP Server CVE-2012- Apache HTTP 2 mod_rpaf x-forwarded- 3526 Server for Denial of Service
SERVER-APACHE CVE-2019- Apache HTTP Apache Solr Config API 1 0192 Server Insecure Deserialization
SERVER-APACHE Apache Struts 2 CVE-2018- Apache HTTP namespace Expression 2 11776 Server Language Injection CVE- 2018-11776
SERVER-APACHE Apache Subversion CVE-2018- Apache HTTP 1 mod_dav_svn Denial of 11803 Server Service
SERVER-APACHE Apache Tomcat CVE- CVE-2018- Apache HTTP 3 2018-11784 Default 11784 Server Servlet Open Redirect
January 2020 Page 68 of 97 IPS Signature Update
SERVER-APACHE Apache Tomcat HTTP2 CVE-2019- Apache HTTP Connection Window 2 10072 Server Exhaustion Denial Of Service
SERVER-APACHE Apache Traffic Server ESI Plugin Cookie CVE-2018- Apache HTTP 2 Header Information 8040 Server Disclosure CVE-2018- 8040
CVE-2019- 9515,vendo r SERVER-APACHE Apache,vul Apache Traffic Server n Denial Of Apache HTTP 1 HTTP2 Settings Flood Service,sfos Server Denial of Service cat 30,sigtype generic,serv ice http
CVE-2019- 9515,,,vend or SERVER-APACHE Apache,vul Apache Traffic Server n Denial Of Other Web 1 HTTP2 Settings Flood Service,sfos Server Denial of Service cat 46,sigtype poc,service http
SERVER-IIS Microsoft CVE-2015- Microsoft IIS HTTP.sys Remote Code 1 1635 web server Execution
SERVER-IIS Microsoft IIS CVE-2008- Microsoft IIS HTMLEncode Unicode 1 0075 web server String Buffer Overflow
January 2020 Page 69 of 97 IPS Signature Update
SERVER-IIS Microsoft IIS CVE-2008- Microsoft IIS HTMLEncode Unicode 2 0075 web server String Buffer Overflow
SERVER-MAIL Dovecot Submission-Login CVE-2019- Other Mail Service Authentication 1 11499 Server Message Denial of Service
SERVER-MAIL Dovecot Submission-Login CVE-2019- Other Mail 1 Service NULL Pointer 11494 Server Dereference
SERVER-MAIL Exim CVE-2017- Other Mail 1 BDAT Use After Free 16943 Server
SERVER-MAIL Exim CVE-2019- Other Mail deliver_message 1 10149 Server Command Injection
SERVER-MAIL IBM Lotus Notes LZH Attachment Other Mail Viewer Stack Buffer 2 Server Overflow (Published Exploit)
SERVER-MAIL MailEnable HTTP CVE-2005- Exchange Mail 2 Authorization Header 1348 Server Buffer Overflow
SERVER-MAIL MailEnable SMTP CVE-2006- Other Mail 1 Service SPF Lookup 4616 Server Buffer Overflow
SERVER-MAIL Novell CVE-2013- Other Mail iPrint Client CVE-2013- 2 1091 For Windows IPP 1091 Server Response Stack Buffer
January 2020 Page 70 of 97 IPS Signature Update
Overflow II
SERVER-MAIL Novell iPrint Client CVE-2013- CVE-2013- Other Mail 1091 For Windows IPP 2 1091 Server Response Stack Buffer Overflow I
SERVER-MAIL Novell iPrint Client CVE-2013- CVE-2013- Other Mail 1091 For Windows IPP 1 1091 Server Response Stack Buffer Overflow
SERVER-MAIL Novell iPrint Client CVE-2013- CVE-2013- Other Mail 1091 For Windows IPP 2 1091 Server Response Stack Buffer Overflow
SERVER-ORACLE Oracle Application Test Suite CVE-2016- Other Web 2 server authentication 0492 Server bypass attempt
SERVER-ORACLE Oracle Database Outside CVE-2018-2992 CVE-2018- Management 3 In Excel GelFrame Out- 2992 System of-bounds Read
SERVER-ORACLE Oracle WebLogic Server Database AbstractPlatformTransa CVE-2018- Management 2 ctionManager Insecure 3191 System Deserialization CVE- 2018-3191
SERVER-ORACLE Oracle WebLogic Server CVE- Database CVE-2018- 2018-2894 Web Service Management 3 2894 Config Arbitrary File System Upload
January 2020 Page 71 of 97 IPS Signature Update
SERVER-ORACLE Oracle Database WebLogic Server CVE-2019- Management 2 FileDistributionServlet 2615 System Information Disclosure
SERVER-ORACLE Oracle Database WebLogic Server CVE-2018- Management 1 RemoteObject Insecure 3245 System Deserialization
SERVER-OTHER ABB Panel Builder 800 Comli CommandLineOptions CVE-2018- Other Web 2 Stack-based Buffer 10616 Server Overflow CVE-2018- 10616
SERVER-OTHER Adobe ColdFusion CKEditor CVE-2018- Other Web upload.cfm Unrestricted 2 15961 Server File Upload CVE-2018- 15961
SERVER-OTHER Advantech WebAccess CVE-2018- Other Web 2 Client bwswfcfg Stack- 17910 Server based Buffer Overflow
SERVER-OTHER Advantech WebAccess Other Web Node spchapi and 2 Server tv_enua Stack Buffer Overflow
SERVER-OTHER Atlassian Confluence CVE-2019- Other Web Server Widget 2 3396 Server Connector Template Injection
CVE-2019- Other Web SERVER-OTHER Cisco 1 Prime Infrastructure 1821 Server
January 2020 Page 72 of 97 IPS Signature Update
and EPNM UploadServlet Tar Directory Traversal (Published Exploit) (Decrypted Traffic)
SERVER-OTHER Cisco Prime Infrastructure and EPNM CVE-2019- Other Web UploadServlet Tar 2 1821 Server Directory Traversal (Published Exploit) (Decrypted Traffic)
SERVER-OTHER Cisco Prime Infrastructure CVE-2019- Other Web and EPNM 2 1821 Server UploadServlet Tar Directory Traversal
SERVER-OTHER Cisco Prime Infrastructure CVE-2018- Other Web swimtemp CVE-2018- 2 15379 Server 15379 TFTP Arbitrary File Upload
SERVER-OTHER Cisco Prime Infrastructure Other Web swimtemp CVE-2018- 2 Server 15379 TFTP Arbitrary File Upload
SERVER-OTHER Cisco Software Cluster CVE-2017- Other Web Management Protocol 1 3881 Server remote code execution attempt
SERVER-OTHER Cisco Software Cluster CVE-2017- Other Web Management Protocol 2 3881 Server remote code execution attempt
January 2020 Page 73 of 97 IPS Signature Update
SERVER-OTHER dhcpcd DHCPv6 CVE-2019- CVE-2019- Other Web 2 11577 dhcp6_findna 11577 Server Buffer Overflow
SERVER-OTHER Elastic Web Services CVE-2018- Kibana server.js Local and 3 17246 File Inclusion Applications
SERVER-OTHER EmbedThis GoAhead CVE-2019- Other Web 2 parseHeaders Out Of 12822 Server Bounds Read
SERVER-OTHER Facebook Fizz TLS 1.3 CVE-2019- Other Web Early Data Integer 2 3560 Server Overflow Denial of Service
SERVER-OTHER GitLab CVE-2018- Other Web Wiki API Attachments 2 18649 Server Command Injection
SERVER-OTHER H2O CVE-2018-0608 CVE-2018- Other Web 2 WebServer Heap Buffer 0608 Server Overflow
SERVER-OTHER HPE Intelligent Management CVE-2018- Other Web 2 Center dbman Stack 7115 Server Buffer Overflow
SERVER-OTHER HPE Intelligent Management Other Web Center 2 Server TopoDebugServlet Insecure Deserialization
CVE-2018- Other Web SERVER-OTHER IBM 2 QRadar SIEM 1418 Server
January 2020 Page 74 of 97 IPS Signature Update
Authentication Bypass (Decrypted Traffic)
SERVER-OTHER IBM CVE-2018- Other Web QRadar SIEM 1 1418 Server Authentication Bypass-II
SERVER-OTHER IBM CVE-2018- Other Web QRadar SIEM 2 1418 Server Authentication Bypass-I
SERVER-OTHER IBM WebSphere Application CVE-2015- Other Web Server Commons- 1 7450 Server Collections Library Remote Code Execution
SERVER-OTHER ISC BIND deny-answer- CVE-2018- Other Web aliases Assertion Failure 2 5740 Server Denial of Service CVE- 2018-5740
SERVER-OTHER ISPConfig CVE-2018- CVE-2018- Other Web 17984 3 17984 Server user_settings.php Arbitrary File Inclusion
SERVER-OTHER ISPConfig CVE-2018- Other Web 2 user_settings.php 17984 Server Arbitrary File Inclusion
SERVER-OTHER Jenkins Core CVE-2019- Other Web FileParameterValue 1 10352 Server Directory Traversal Build
CVE-2019- Other Web SERVER-OTHER Jenkins 1 Core 10352 Server
January 2020 Page 75 of 97 IPS Signature Update
FileParameterValue Directory Traversal Config Submit
SERVER-OTHER Kubernetes API Proxy CVE-2018- Other Web Request Handling 2 1002105 Server Privilege Escalation (Decrypted Traffic)
SERVER-OTHER Kubernetes API Proxy CVE-2018- Other Web 2 Request Handling 1002105 Server Privilege Escalation
SERVER-OTHER Kubernetes Dashboard Authentication Bypass CVE-2018- Other Web 2 Information Disclosure 18264 Server Decrypted Traffic CVE- 2018-18264
SERVER-OTHER Kubernetes Dashboard Authentication Bypass CVE-2018- Other Web 2 Information Disclosure 18264 Server Encrypted Traffic CVE- 2018-18264
SERVER-OTHER Lighttpd CVE-2019- Other Web url-path-2f-decode 4 11072 Server Denial-Of-Service
SERVER-OTHER Microsoft JET Database CVE-2018- Other Web Engine CVE-2018-8423 2 8423 Server Remote Code Execution Vulnerability
SERVER-OTHER CVE-2019- Other Web 1 Microsoft Windows 0785 Server DHCP Server Failover
January 2020 Page 76 of 97 IPS Signature Update
Remote Code Execution
SERVER-OTHER Microsoft Windows CVE-2019- Other Web 2 DHCP Server Remote 0725 Server Code Execution
SERVER-OTHER Nagios CVE-2018- Other Web XI API Key Regeneration 3 15711 Server Privilege Escalation
SERVER-OTHER Network Time Protocol CVE-2018- Other Web ntpq decodearr Stack- 2 7183 Server based Buffer Overflow CVE-2018-7183
SERVER-OTHER Nginx Unit Router Process CVE-2019- Other Web 2 Heap-based Buffer 7401 Server Overflow
SERVER-OTHER Novell GroupWise CVE-2011- Other Web 3 Addressbook Heap 4189 Server Buffer Overflow
SERVER-OTHER Novell GroupWise Messenger CVE-2006- Other Web CVE-2006-0992 Accept- 1 0992 Server Language Header Buffer Overflow
SERVER-OTHER NTPsec ntpd CVE-2019-6443 CVE-2019- Other Web 2 ctl_getitem Out of 6443 Server Bounds Read
SERVER-OTHER NTPsec ntpd CVE-2019-6443 CVE-2019- Other Web 3 ctl_getitem Out of 6443 Server Bounds Read
January 2020 Page 77 of 97 IPS Signature Update
SERVER-OTHER NTPsec CVE-2019- Other Web ntpd process_control 1 6444 Server Out of Bounds Read
SERVER-OTHER NTPsec CVE-2019- Other Web ntpd write_variables 2 6445 Server Denial of Service
SERVER-OTHER OpenMRS CVE-2018- Other Web webservices.rest 2 19276 Server Insecure Object Deserialization
SERVER-OTHER OpenSSH sshd CVE- CVE-2018- Other Web 3 2018-15473 Username 15473 Server Information Disclosure
SERVER-OTHER OpenSSL CVE-2018- CVE-2018- Other Web 0732 Large DH 2 0732 Server Parameter Denial of Service
SERVER-OTHER OpenSSL CVE-2014- Other Web dtls1_reassemble_frag 2 0195 Server ment Invalid Fragment Buffer Overflow
SERVER-OTHER OpenSSL DTLS CVE-2014- Other Web handshake recursion 3 0221 Server denial of service attempt
SERVER-OTHER CVE-2014- Other Web OpenSSL Invalid Session 1 3567 Server Ticket Denial of Service
SERVER-OTHER CVE-2018- Other Web 1
January 2020 Page 78 of 97 IPS Signature Update
OpenSSL Large DH 0732 Server Parameter Denial of Service
SERVER-OTHER Perl CVE-2018-12015 CVE-2018- Other Web 3 Archive Tar Arbitrary 12015 Server File Overwrite
SERVER-OTHER Pivotal Spring Framework CVE- CVE-2018- Other Web 2018-1273 2 1273 Server isWritableProperty SpEL Injection
SERVER-OTHER PuTTY SSH Client RSA Key CVE-2019- Other Web 2 Exchange Integer 9894 Server Overflow
SERVER-OTHER Quest KACE Systems Other Web Management 2 Server run_report Command Injection
SERVER-OTHER RARLAB CVE-2018- Other Web WinRAR ACE Directory 2 20251 Server Traversal
SERVER-OTHER RealNetworks Helix CVE-2010- Other Web Server NTLM 2 1317 Server Authentication Heap Overflow
SERVER-OTHER Responsive File CVE-2018- Application Manager ajax_calls.php 3 20792 and Software get_file Directory Traversal
January 2020 Page 79 of 97 IPS Signature Update
SERVER-OTHER Responsive File CVE-2018- Other Web Manager ajax_calls.php 3 20792 Server get_file Directory Traversal
SERVER-OTHER Squid HTTP Host Header Port CVE-2013- Other Web 1 Handling Denial of 4123 Server Service
SERVER-OTHER Western Digital My Cloud CVE-2018- Other Web 2 authentication bypass 17153 Server attempt
SERVER-OTHER Xen Project XAPI Update CVE-2018- Other Web 2 Directory Traversal CVE- 14007 Server 2018-14007
SERVER-OTHER Xiph.org Icecast Server CVE- CVE-2018- Other Web 3 2018-18820 auth_url 18820 Server Stack Buffer Overflow
SERVER-OTHER Zoho ManageEngine CVE- CVE-2018- Other Web 2018-17283 OpManager 2 17283 Server setManaged SQL Injection
SERVER-OTHER Zoho ManageEngine CVE-2018- Other Web OpManager APIDBUtil 2 17243 Server getDevicesForSearchStri ng SQL Injection
SERVER-OTHER Zoho CVE-2018- Other Web ManageEngine 2 OpManager Business 18475 Server View Background Image
January 2020 Page 80 of 97 IPS Signature Update
Arbitrary File Upload
SERVER-OTHER Zoho ManageEngine CVE-2018- Other Web OpManager 2 17283 Server oputilsServlet Authentication Bypass
SERVER-WEBAPP ACME Web Services CVE-2018- mini_httpd Arbitrary and 2 18778 File Read Applications
SERVER-WEBAPP Adobe Web Services ColdFusion CFFILE CVE-2019- and 2 Upload Action 7816 Applications Unrestricted File Upload
SERVER-WEBAPP Adobe Web Services ColdFusion CFFILE CVE-2019- and 2 Upload Action 7838 Applications Unrestricted File Upload
SERVER-WEBAPP Adobe Web Services ColdFusion CKEditor CVE-2018- and 2 upload.cfm Directory 15960 Applications Traversal
SERVER-WEBAPP Adobe ColdFusion CVE-2018- Web Services 15959 CVE-2018- and 2 DataServicesCFProxy 15959 Applications Commons BeanUtils Insecure Deserialization
SERVER-WEBAPP Adobe ColdFusion CVE-2018- Web Services 15959 CVE-2018- and 3 DataServicesCFProxy 15959 Applications Commons BeanUtils Insecure Deserialization
SERVER-WEBAPP Adobe CVE-2019- Web Services 2
January 2020 Page 81 of 97 IPS Signature Update
ColdFusion CVE-2019- 7091 and 7091 JavaAdapter Applications JavaBeanAdapter Insecure Deserialization
SERVER-WEBAPP Adobe Web Services ColdFusion CVE-2019- CVE-2019- and 1 7839 Remote Code 7839 Applications Execution
SERVER-WEBAPP Advantech WebAccess Web Services CVE-2018-7503 NMS CVE-2018- and 3 DownloadAction 7503 Applications Directory Traversal (Decrypted Traffic)
SERVER-WEBAPP Advantech WebAccess Web Services CVE-2018- CVE-2018-7503 NMS and 3 7503 DownloadAction Applications Directory Traversal
SERVER-WEBAPP Advantech WebAccess Web Services CVE-2018- SCADA CVE-2018-15707 and 3 15707 bwMainLeft.asp Cross- Applications Site Scripting
SERVER-WEBAPP Allied Web Services CVE-2018- Telesis 8100L Cross Site and 2 20503 Scripting Applications
SERVER-WEBAPP CGit Web Services cgit_clone_objects CVE-2018- and 3 Function Directory 14912 Applications Traversal Attempt
SERVER-WEBAPP Cisco Web Services Adaptive Security CVE-2018- and 2 Appliance directory 0296 Applications traversal attempt
January 2020 Page 82 of 97 IPS Signature Update
SERVER-WEBAPP Cisco Web Services Elastic Services CVE-2019- and 2 Controller REST API 1867 Applications Authentication Bypass
SERVER-WEBAPP Cisco Identity Services Engine Web Services CVE-2018- LiveLogSettingsServlet and 2 15440 Stored Cross Site Applications Scripting
SERVER-WEBAPP Cisco Prime Infrastructure and EPNM Web Services CVE-2019- XmpLogFilesDownloadS and 2 1819 ervlet Directory Applications Traversal (Decrypted Traffic)
SERVER-WEBAPP Cisco Prime Infrastructure Web Services and EPNM CVE-2019- and 2 XmpLogFilesDownloadS 1819 Applications ervlet Directory Traversal
SERVER-WEBAPP Cisco Web Services Unity Express RMI CVE-2018- and 2 Insecure Deserialization 15381 Applications CVE-2018-15381
SERVER-WEBAPP Cisco Web Services Webex Teams CVE- CVE-2019- and 2 2019-1636 URI Handler 1636 Applications Remote Code Execution
SERVER-WEBAPP Web Services CVE-2017- CitrixNetScaler Heap and 1 7219 Overflow Applications
CVE-2018- SERVER-WEBAPP Web Services 2 Cockpit CMS media 15540 and
January 2020 Page 83 of 97 IPS Signature Update
CVE-2018-15540 API Applications directory traversal attempt
SERVER-WEBAPP Dell OpenManage Network Web Services CVE-2018- Manager CVE-2018- and 1 15768 15768 MySQL Improper Applications Access Control
SERVER-WEBAPP Dell OpenManage Network Web Services Manager MySQL CVE-2018- and 2 Improper Access 15768 Applications Control (Published Exploit)
SERVER-WEBAPP Drupal Core Web Services CVE-2019- file_create_filename and 2 6341 Stored Cross-Site Applications Scripting
SERVER-WEBAPP Drupal Web Services Core phar Stream CVE-2019- and 2 Wrapper Insecure 6339 Applications Deserialization
SERVER-WEBAPP Drupal Web Services Core Web Services CVE- CVE-2019- and 3 2019-6340 Remote 6340 Applications Code Execution
SERVER-WEBAPP Easy Web Services CVE-2018- File Sharing Stack Buffer and 1 9059 Overflow Applications
SERVER-WEBAPP Web Services Electronic Arts Origin CVE-2019- and 2 Client URI Handler 12828 Applications Remote Code Execution
January 2020 Page 84 of 97 IPS Signature Update
SERVER-WEBAPP Web Services Electronic Arts Origin CVE-2019- and 2 Client URI Handler 11354 Applications Template Injection
SERVER-WEBAPP Epic Web Services CVE-2016- MyChart CVE-2016- and 2 6272 6272 SQL Injection Applications
SERVER-WEBAPP F5 Web Services BIG-IP iControl API CVE-2015- and 2 arbitrary command 3628 Applications execution attempt
SERVER-WEBAPP GIT Web Services CVE-2018-11235 CVE-2018- and 3 Submodules Directory 11235 Applications Traversal II
SERVER-WEBAPP GIT Web Services CVE-2018-11235 CVE-2018- and 3 Submodules Directory 11235 Applications Traversal I
SERVER-WEBAPP Grafana Labs Grafana Web Services CVE-2018- Direct Link Rendered and 2 19039 Image Arbitrary File Applications Read
SERVER-WEBAPP HPE Intelligent Management Web Services Center CVE-2019- and 2 AccessMgrServlet 11945 Applications className Insecure Deserialization
SERVER-WEBAPP HPE Intelligent Management Web Services Center and 2 iccSelectCommand Applications Expression Language
January 2020 Page 85 of 97 IPS Signature Update
Injection
SERVER-WEBAPP HPE Intelligent Management Web Services Center CVE-2019- and 1 IccSelectDevTypeBean 11941 Applications Expression Language Injection
SERVER-WEBAPP HPE Intelligent Management Web Services CVE-2019- Center perfSelectTask and 2 5385 Expression Language Applications Injection
SERVER-WEBAPP HPE Intelligent Management Web Services Center PrimeFaces and 2 Expression Language Applications Injection
SERVER-WEBAPP HPE Web Services Intelligent Management CVE-2017- and 1 Center WebDMServlet 12558 Applications Insecure Deserialization
SERVER-WEBAPP HPE Intelligent Management Web Services CVE-2017-12490 Center CVE-2017- and 2 getSelInsBean 12490 Applications Expression Language Injection
SERVER-WEBAPP IPFire Firewall CVE-2018- Web Services CVE-2018- 16232 Web Interface and 3 16232 backup.cgi Command Applications Injection
SERVER-WEBAPP IPFire Web Services CVE-2018- Firewall CVE-2018- and 3 16232 16232 Web Interface Applications backup.cgi Command
January 2020 Page 86 of 97 IPS Signature Update
Injection
SERVER-WEBAPP IPFire Web Services Firewall Web Interface CVE-2018- and 3 backup.cgi Command 16232 Applications Injection
SERVER-WEBAPP Web Services CVE-2018- Joomla Aist id SQL and 2 5993 Injection Applications
SERVER-WEBAPP Web Services CVE-2018- Joomla CheckList and 1 7318 Extension SQL Injection Applications
SERVER-WEBAPP Web Services Joomla Component CVE-2018- and 2 Swap Factory SQL 17384 Applications injection attempt
SERVER-WEBAPP Web Services CVE-2018- Joomla Gridbox app and 1 11690 Cross Site Scripting Applications
SERVER-WEBAPP Web Services Lighttpd Host Header CVE-2014- and 3 mod_simple_vhost 2324 Applications Directory Traversal
SERVER-WEBAPP Linksys E1500/E2500 Web Services apply.cgi submit_button and 1 page redirection Applications attempt
SERVER-WEBAPP Micro Focus Secure Messaging Web Services CVE-2018- Gateway enginelist.php and 1 12464 SQL Injection CVE-2018- Applications 12464
SERVER-WEBAPP CVE-2019- Web Services 1
January 2020 Page 87 of 97 IPS Signature Update
Microsoft Windows 9511,mapp and HTTP2 Resource Loop unknown,m Applications Denial of Service app PRIORITY unknown,ve ndor Microsoft,v uln Denial Of Service,sfos cat 50,sigtype poc,service http
CVE-2019- 9511,mapp unknown,, mapp unknown,ve SERVER-WEBAPP ndor Microsoft Windows Web Services Microsoft,v HTTP2 Resource Loop and 1 uln Denial Denial of Service Applications Of WINDOW_UPDATE Service,sfos cat 50,sigtype poc,service http
CVE-2019- 9511,mapp unknown,,v endor Microsoft,v SERVER-WEBAPP uln Denial Microsoft Windows Web Services Of HTTP2 Resource Loop and 1 Service,sfos Denial of Service Applications cat WINDOW_UPDATE 50,sigtype generic,ma pp unknown,se rvice http
January 2020 Page 88 of 97 IPS Signature Update
SERVER-WEBAPP Mitsubishi Electric CVE- Web Services CVE-2017- 2017-9638 E-Designer and 3 9638 SetupAlarm Font Stack Applications Buffer Overflow
SERVER-WEBAPP Nagios Web Services XI Autodiscovery CVE- CVE-2019- and 2 2019-9164 Job 9164 Applications Command Injection
SERVER-WEBAPP Nagios Web Services CVE-2018- XI Cmdsubsys and 2 15709 Command Injection Applications
SERVER-WEBAPP Nagios Web Services CVE-2018- XI Magpie cURL and 2 15708 Argument Injection Applications
SERVER-WEBAPP NetGain Systems Web Services Enterprise Manager CVE-2017- and 2 settings.upload 16603 Applications filename Directory Traversal
SERVER-WEBAPP Netgate pfSense ACME Web Services CVE-2019- acme_accountkeys_edit and 2 12347 .php Stored Cross-Site Applications Scripting
SERVER-WEBAPP Netgate pfSense CVE- Web Services CVE-2018- 2018-4021 and 2 4021 system_advanced_misc. Applications php Command Injection
SERVER-WEBAPP Web Services CVE-2019- Netgate pfSense and 2 8953 haproxy_listeners_edit. Applications php Stored Cross-Site
January 2020 Page 89 of 97 IPS Signature Update
Scripting
SERVER-WEBAPP Nuxeo Web Services NuxeoUnknownResourc CVE-2018- and 2 e Expression Language 16341 Applications Injection
SERVER-WEBAPP Opera Web Services XML Parser CVE-2009- CVE-2009- and 3 1234 Remote Denial of 1234 Applications Service Vulnerability
SERVER-WEBAPP Oracle Web Services Weblogic CVE-2019- CVE-2019- and 3 2725 Insecure 2725 Applications Deserialization
SERVER-WEBAPP Oracle Web Services Weblogic CVE-2019- CVE-2019- and 2 2729 Insecure 2729 Applications Deserialization
SERVER-WEBAPP Oracle Web Services WebLogic Server CVE-2019- and 1 DeploymentService 2618 Applications Directory Traversal
SERVER-WEBAPP Oracle Web Services WebLogic Server CVE-2019- and 2 DeploymentService 2618 Applications Directory Traversal
SERVER-WEBAPP Oracle Web Services Weblogic CVE-2019- and 2 UnknownMsgHeader 2649 Applications External Entity Injection
SERVER-WEBAPP Oracle Weblogic Web Services CVE-2019- WsrmServerPayloadCon and 2 2648 text External Entity Applications Injection
January 2020 Page 90 of 97 IPS Signature Update
SERVER-WEBAPP PHP Web Services CVE-2019-9022 CVE-2019- and 1 dns_get_record Out of 9022 Applications Bounds Read
SERVER-WEBAPP PHP Web Services CVE-2019-9022 CVE-2019- and 3 dns_get_record Out of 9022 Applications Bounds Read
SERVER-WEBAPP phpMyAdmin CVE- Web Services CVE-2018- 2018-19968 and 2 19968 tbl_replace.php Local Applications File Inclusion
SERVER-WEBAPP phpMyAdmin Web Services CVE-2018- Navigation-Tree Stored and 2 19970 Cross-Site Scripting CVE- Applications 2018-19970
SERVER-WEBAPP QNAP Web Services QCenter API CVE-2018- and 2 set_VM_network 0708 Applications Command Injection
SERVER-WEBAPP Quest KACE Systems Web Services Management and 3 run_cross_report SQL Applications Injection
SERVER-WEBAPP Responsive FileManager Web Services CVE-2018- CVE-2018-15535 and 3 15535 ajax_calls.php Applications Information Disclosure
Web Services SERVER-WEBAPP CVE-2018- and 3 Responsive FileManager 15536 CVE-2018-15536 Applications
January 2020 Page 91 of 97 IPS Signature Update
ajax_calls.php Zip Directory Traversal
SERVER-WEBAPP Rocket Web Services Servergraph Admin CVE-2014- and 1 Center UserRequest 3915 Applications Command Injection
SERVER-WEBAPP Ruby on Rails ActiveStorage Web Services CVE-2019- Insecure and 3 5420 Deserialization(Publishe Applications d Exploit)
SERVER-WEBAPP Web Services Schneider Electric IIoT CVE-2018- and 2 Monitor Zip Directory 7836 Applications Traversal
SERVER-WEBAPP Sonatype Nexus Web Services Repository Manager CVE-2019- and 2 CVE-2019-7238 7238 Applications Expression Language Injection
SERVER-WEBAPP SQL Web Services use of sleep function in and 1 HTTP header - likely SQL Applications injection attempt
SERVER-WEBAPP Squid Proxy cachemgr.cgi Web Services CVE- 2019- Reflected Cross-Site and 1 13345 Scripting in user_name Applications parameter
SERVER-WEBAPP Web Services Suricata TCP Handshake and 1 CVE-2018-6794 Content Applications Detection Bypass
January 2020 Page 92 of 97 IPS Signature Update
SERVER-WEBAPP Web Services ThinkPHP 5.0.23/5.1.31 CVE-2018- and 1 CVE-2018-20062 20062 Applications Remote Code Execution
SERVER-WEBAPP Typo3 Web Services CMS Phar Insecure and 2 Deserialization Applications
SERVER-WEBAPP Viber Web Services CVE-2019- for Desktop URI Handler and 1 12569 Remote Code Execution Applications
SERVER-WEBAPP WECON LeviStudio Web Services CVE-2019- InstallmentSet and 1 6537 InstallmentTrigAddOpe Applications n Stack Buffer Overflow
SERVER-WEBAPP WECON PIStudio basedll Web Services TextContent Stack- and 2 based Buffer Overflow Applications ZDI-18-1109
SERVER-WEBAPP Web Services WordPress Ninja Forms CVE-2019- and 2 Plugin Remote Code 10869 Applications Execution
SERVER-WEBAPP WordPress Responsive Web Services Thumbnail Slider and 2 arbitrary PHP file Applications upload attempt
SERVER-WEBAPP WordPress Web Services _wp_attached_file CVE- CVE-2019- and 2 2019-8942 8942 Applications wp_crop_image Directory Traversal
January 2020 Page 93 of 97 IPS Signature Update
SERVER-WEBAPP Xen Project XAPI Update Web Services CVE-2018- Directory Traversal CVE- and 1 14007 2018-14007 (Decrypted Applications Traffic)
SERVER-WEBAPP Zoho ManageEngine Web Services Applications Manager CVE-2019- and 2 CVE-2019-11448 11448 Applications Popup_SLA.jsp sid SQL Injection
SERVER-WEBAPP Zoho ManageEngine NetFlow Web Services Analyzer CVE-2019- and 2 ReportApiHandler 12196 Applications compareReport SQL Injection
SERVER-WEBAPP Zoho ManageEngine Web Services OpManager CVE-2018- and 2 BusinessViewFlashImpl 18980 Applications handleBVAction XXE Injection
SERVER-WEBAPP Zoho ManageEngine Web Services OpManager CVE-2018- and 2 DataMigrationServlet 19403 Applications Insecure Deserialization CVE-2018-19403
SERVER-WEBAPP Zoho ManageEngine Web Services OpManagerDBUtil CVE-2018- and 2 getProbeNATDetails 9087 Applications SQL Injection CVE-2018- 9087
SERVER-WEBAPP Zoho Web Services CVE-2018- 1 ManageEngine and
January 2020 Page 94 of 97 IPS Signature Update
OpManager 12998 Applications FailOverHelperServlet Cross-Site Scripting CVE- 2018-12998
SERVER-WEBAPP Zoho ManageEngine Web Services CVE-2018- OpManager and 1 20173 getGraphData SQL Applications Injection
SERVER-WEBAPP Zoho ManageEngine OpManager Web Services CVE-2018- OpManagerFailoverUtil and 2 9088 customerName SQL Applications Injection CVE-2018- 9088
SERVER-WEBAPP Zoho ManageEngine OpManager Web Services CVE-2018- RelationalMailServer and 2 18949 addMailServerSettings Applications SQL Injection CVE-2018- 18949
SERVER-WEBAPP Zoom Web Services CVE-2019- Client Information and 1 13449 Disclosure Attempt Applications
January 2020 Page 95 of 97 IPS Signature Update
Name: Name of the Signature
CVE–ID: CVE Identification Number - Common Vulnerabilities and Exposures (CVE) provides reference of CVE Identifiers for publicly known information security vulnerabilities.
Category: Class type according to threat
Severity: Degree of severity - The levels of severity are described in the table below:
Severity Level Severity Criteria
1 Low
2 Moderate
3 High
4 Critical
January 2020 Page 96 of 97 IPS Signature Update
Important Notice Sophos Technologies Pvt. Ltd. has supplied this Information believing it to be accurate and reliable at the time of printing, but is presented without warranty of any kind, expressed or implied. Users must take full responsibility for their application of any products. Sophos Technologies Pvt. Ltd. assumes no responsibility for any errors that may appear in this document. Sophos Technologies Pvt. Ltd. reserves the right, without notice to make changes in product design or specifications. Information is subject to change without notice.
RESTRICTED RIGHTS
©1997 - 2020 Sophos Ltd. All rights reserved. All rights reserved. Sophos, Sophos logo are trademark of Sophos Technologies Pvt. Ltd.
Corporate Headquarters Sophos Technologies Pvt. Ltd. Reg. Office: Sophos House, Saigulshan Complex, Beside White House, Panchvati Cross Road, Ahmedabad – 380006, INDIA Phone: +91-79-66216666 Fax: +91-79-26407640 Web site: www.sophos.com
January 2020 Page 97 of 97