SOPHOS IPS Signature Update Release Notes
Version : 7.16.70 Release Date : 28th January 2020 IPS Signature Update
Release Information
Upgrade Applicable on IPS Signature Release Version 7.16.69 Sophos Appliance Models XG-550, XG-750, XG-650
Upgrade Information Upgrade type: Automatic
Compatibility Annotations: None
Introduction The Release Note document for IPS Signature Database Version 7.16.70 includes support for the new signatures. The following sections describe the release in detail.
New IPS Signatures The Sophos Intrusion Prevention System shields the network from known attacks by matching the network traffic against the signatures in the IPS Signature Database. These signatures are developed to significantly increase detection performance and reduce the false alarms.
Report false positives at [email protected], along with the application details.
January 2020 Page 2 of 51 IPS Signature Update
This IPS Release includes Five Hundred and Seven(507) signatures to address Three Hundred and Sixty Four(364) vulnerabilities. New signatures are added for the following vulnerabilities:
Name CVE–ID Category Severity
BROWSER-FIREFOX Mozilla Firefox CVE- 2010-3765 CVE-2010- Browsers 4 document.write And 3765 DOM Insertions Memory Corruption
BROWSER-FIREFOX (Published Exploit) Mozilla Firefox CVE-2010- Browsers 4 document.write And 3765 DOM Insertions Memory Corruption
BROWSER-IE Microsoft Internet Explorer CVE-2008- ActiveX Navigate Browsers 4 4258 Handling Code Execution
BROWSER-IE Microsoft Internet Explorer CVE- CVE-2012- 2012-4969 Browsers 4 4969 execCommand Use After Free
BROWSER-IE Microsoft Internet Explorer CVE- CVE-2013- Browsers 4 2013-3163 Use After 3163 Free (Published Exploit)
BROWSER-IE Microsoft Internet Explorer CVE-2010- Browsers 4 HtmlDlgHelper Memory 3329 Corruption
January 2020 Page 3 of 51 IPS Signature Update
BROWSER-IE Microsoft Internet Explorer Image CVE-2008- Processing Argument Browsers 4 0078 Handling Memory Corruption
BROWSER-IE Microsoft Internet Explorer CVE-2013- runtimeStyle Handling Browsers 4 3882 Memory Corruption (Published Exploit)
BROWSER-IE Microsoft Internet Explorer VML CVE-2013- Processing Integer Browsers 4 2551 Underflow (Published Exploit)
BROWSER-IE Microsoft Internet Explorer XML Processing Memory Browsers 4 Corruption (Published Exploit)
BROWSER-OTHER Apple Safari parent.close Code Browsers 4 Execution (Published Exploit)
BROWSER-OTHER Apple Safari Right-to-Left Text CVE-2010- Rendering Use After Browsers 4 0049 Free Vulnerability (Published Exploit)
BROWSER-OTHER Apple Safari WebKit Selections CVE-2010- Browsers 4 Use After Free 1812 (Published Exploit)
BROWSER-OTHER Browsers 4 Opera Browser file URI
January 2020 Page 4 of 51 IPS Signature Update
Handling Buffer Overflow
BROWSER-PLUGINS Adobe Download CVE-2009- Manager getPlus Browsers 4 3958 ActiveX Control Buffer Overflow
BROWSER-PLUGINS Advantech WebAccess SCADA CVE-2014-0767 CVE-2014- Browsers 4 webvact.ocx 0767 AccessCode Buffer Overflow II
BROWSER-PLUGINS Advantech WebAccess SCADA CVE-2014-0767 CVE-2014- Browsers 4 webvact.ocx 0767 AccessCode Buffer Overflow I
BROWSER-PLUGINS Attachmate Reflection CVE-2014- FTP Client ActiveX Browsers 4 0603 GetGlobalSettings Memory Corruption
BROWSER-PLUGINS Attachmate Reflection CVE-2014- FTP Client ActiveX Browsers 4 0606 GetSiteProperties3 Memory Corruption
BROWSER-PLUGINS CA Multiple Products CVE-2008- ActiveX Control ListCtrl Browsers 4 1472 AddColumn Buffer Overflow
BROWSER-PLUGINS CVE-2011- Browsers 4 Citrix Access Gateway
January 2020 Page 5 of 51 IPS Signature Update
Plug-in ActiveX Code 2882 Execution
BROWSER-PLUGINS Citrix Access Gateway CVE-2011- Plug-in for Windows Browsers 4 2592 nsepacom ActiveX Control Buffer Overflow
BROWSER-PLUGINS Flexera InstallShield CVE-2011- ISGrid2.dll Browsers 4 3174 DoFindReplace Heap Buffer Overflows
BROWSER-PLUGINS IBM Lotus Domino CVE- CVE-2007- 2007-4474 Web Access Browsers 5 4474 ActiveX Control Buffer Overflow
BROWSER-PLUGINS IBM Lotus iNotes CVE-2012- Browsers 4 dwa85W.dll ActiveX 2175 Control Buffer Overflow
BROWSER-PLUGINS Macrovision CVE-2008- InstallShield Update Browsers 4 2470 Service Agent ActiveX Memory Corruption
BROWSER-PLUGINS Macrovision CVE-2007- InstallShield Update Browsers 4 6654 Service isusweb.dll Remote Buffer Overflow
BROWSER-PLUGINS Microsoft Access CVE-2010- Browsers 4 Wizard ActiveX Control 1881 Memory Corruption
January 2020 Page 6 of 51 IPS Signature Update
BROWSER-PLUGINS Microsoft Agent CVE- CVE- 2007- Browsers 5 2007-3040 Crafted URL 3040 Stack Buffer Overflow
BROWSER-PLUGINS Microsoft Agent CVE- CVE-2007- Browsers 5 2007-3040 Crafted URL 3040 Stack Buffer Overflow
BROWSER-PLUGINS Microsoft Visual Studio MSMASK32.OCX CVE-2008- Browsers 4 ActiveX Control Buffer 3704 Overflow (Published Exploit)
BROWSER-PLUGINS Microsoft Windows CVE-2008- Media Encoder 9 Browsers 4 3008 ActiveX Control Buffer Overflow
BROWSER-PLUGINS Microsoft WMI CVE-2010- Administrative Tools Browsers 4 3973 ActiveX Control Multiple Vulnerabilities I
BROWSER-PLUGINS Microsoft WMI CVE-2010- Administrative Tools Browsers 4 3973 ActiveX Control Multiple Vulnerabilities
BROWSER-PLUGINS Novell iPrint Client ExecuteRequest debug Browsers 4 Parameter Buffer Overflow
BROWSER-PLUGINS Browsers 4
January 2020 Page 7 of 51 IPS Signature Update
Novell iPrint Client GetDriverSettings Stack Buffer Overflow
BROWSER-PLUGINS Novell iPrint Client nipplib.dll ActiveX CVE-2008- Browsers 4 Control 2436 IppCreateServerRef Buffer Overflow
BROWSER-PLUGINS Novell ZENworks CVE-2011- LaunchHelp.dll ActiveX Browsers 4 2657 Control LaunchProcess Code Execution
BROWSER-PLUGINS Orbit Downloader URL CVE-2008- Browsers 4 Processing Stack Buffer 1602 Overflow
BROWSER-PLUGINS Samsung iPOLiS CVE- 2014-3912 Device CVE-2014- Browsers 4 Manager 3912 FindConfigChildeKeyList Buffer Overflow II
BROWSER-PLUGINS Samsung iPOLiS CVE- 2014-3912 Device CVE-2014- Browsers 4 Manager 0767 FindConfigChildeKeyList Buffer Overflow I
BROWSER-PLUGINS Symantec Products CVE-2007- ActiveX Control Browsers 4 2955 NavComUI.dll Code Execution
January 2020 Page 8 of 51 IPS Signature Update
BROWSER-PLUGINS Trend Micro OfficeScan Browsers 4 objRemoveCtrl ActiveX Control Buffer Overflow
BROWSER-PLUGINS Unitronics VisiLogic CVE-2015- OPLC IDE TeePreviewer Browsers 4 6478 ChartLink Memory Corruption
BROWSER-PLUGINS WinZip FileView ActiveX Browsers 4 Control Unsafe Method Exposure
BROWSER-PLUGINS Yahoo Messenger CVE-2007- Browsers 4 AudioConf ActiveX 1680 Control Buffer Overflow
BROWSER-PLUGINS Yahoo! Music Jukebox Browsers 4 ActiveX Control Buffer Overflow
BROWSER-PLUGINS Yahoo Toolbar CVE- CVE-2007- 2007-6535 YShortcut Browsers 4 6535 ActiveX clsid access Vulnerability
FILE-FLASH Adobe Flash Player Memory CVE-2011- Multimedia 4 Corruption (Published 0609 Exploit)
FILE-FLASH Adobe Flash Player OpenType Font CVE-2012- Parsing Integer Multimedia 4 1535 Overflow (Published Exploit)
January 2020 Page 9 of 51 IPS Signature Update
FILE-FLASH Adobe Flash Player Shader Memory CVE-2014- Multimedia 4 Corruption (Published 0515 Exploit)
FILE-IDENTIFY Microsoft Application Office Word File 4 and Software Download Request
FILE-IDENTIFY OMRON CVE-2019- Application CX-One CX-Programmer 4 6556 and Software Program Use after Free
FILE-IMAGE Adobe Acrobat CVE-2018- ImageConversion JPEG Multimedia 4 12855 Parsing Out-Of-Bounds Read
FILE-IMAGE Adobe Photoshop CS4 ABR File CVE-2010- Multimedia 4 Processing Buffer 1296 Overflow
FILE-IMAGE GIMP XWD CVE-2012- File Handling Stack Multimedia 4 5576 Buffer Overflow
FILE-IMAGE libpng CVE-2011- png_decompress_chunk Multimedia 4 3026 Integer Overflow
FILE-IMAGE Microsoft Windows CVE-2014- CVE-2014- Multimedia 4 0301 DirectShow JPEG 0301 Double Free
FILE-JAVA IBM Java CVE-2012- Application com.ibm.rmi.util.ProxyU 4 4820 and Software til Sandbox Breach
January 2020 Page 10 of 51 IPS Signature Update
FILE-JAVA IBM Java java.lang.ClassLoader.d CVE-2012- Application 4 efineClass Sandbox 4823 and Software Breach
FILE-JAVA Sun Java Web CVE-2008- Application Start JNLP java-vm-args 4 3111 and Software Heap Buffer Overflow
FILE-JAVA Sun Java Web CVE-2008- Application Start JNLP vm args Stack 4 3111 and Software Overflow
FILE-MULTIMEDIA Adobe Acrobat CVE- 2017-11249 CVE-2017- Multimedia 4 ImageConversion EMF 11249 Parsing Out-Of-Bounds Read
FILE-MULTIMEDIA Adobe Acrobat CVE-2017- ImageConversion EMF Multimedia 4 16416 EmfPlus Heap-based Buffer Overflow
FILE-MULTIMEDIA Adobe Acrobat CVE-2017- Multimedia 4 ImageConversion EMF 11308 Integer Overflow
FILE-MULTIMEDIA Adobe Acrobat CVE-2017- ImageConversion EMF Multimedia 4 11227 Parsing Integer Overflow
FILE-MULTIMEDIA Apple QuickTime and CVE-2005- Multimedia 4 iTunes Heap Memory 4092 Corruption (HTTP QuickTime MOV File
January 2020 Page 11 of 51 IPS Signature Update
Transfer)
FILE-MULTIMEDIA Apple QuickTime and CVE-2005- Multimedia 4 iTunes Heap Memory 4092 Corruption
FILE-MULTIMEDIA Apple QuickTime FPX Multimedia 4 File Requested
FILE-MULTIMEDIA Apple QuickTime Image CVE-2009- Description Atom Sign Multimedia 4 0955 Extension Memory Corruption
FILE-MULTIMEDIA Apple QuickTime Image CVE-2008- Multimedia 4 Descriptor Atom Parsing 0033 Memory Corruption
FILE-MULTIMEDIA Apple QuickTime MOV CVE-2005- Multimedia 4 File String Handling 2753 Integer Overflow
FILE-MULTIMEDIA Apple QuickTime Obji CVE-2008- Multimedia 4 Atom Parsing Stack 1022 Buffer Overflow
FILE-MULTIMEDIA Apple QuickTime Panorama Sample CVE-2007- Multimedia 4 Atoms Movie File 4675 Handling Buffer Overflow
FILE-MULTIMEDIA CVE-2012- Multimedia 4 Apple QuickTime PICT 0671 File Processing Memory
January 2020 Page 12 of 51 IPS Signature Update
Corruption
FILE-MULTIMEDIA Apple QuickTime PICT CVE-2007- Multimedia 4 Image Poly Structure 4676 Memory Corruption
FILE-MULTIMEDIA Apple QuickTime Plugin CVE-2012- Multimedia 4 SetLanguage Buffer 0666 Overflow
FILE-MULTIMEDIA Apple QuickTime QTVR CVE-2012- Multimedia 4 QTVRStringAtom 0667 Parsing Buffer Overflow
FILE-MULTIMEDIA Apple QuickTime Multimedia 4 Streaming Debug Error Logging Buffer Overflow
FILE-MULTIMEDIA Apple QuickTime TeXML CVE-2012- Multimedia 4 Color String Parsing 0663 Buffer Overflow
FILE-MULTIMEDIA Apple QuickTime TeXML CVE-2012- Style Element Text Multimedia 4 3752 Specification Buffer Overflow
FILE-MULTIMEDIA Apple QuickTime TeXML CVE-2013- Multimedia 4 textBox Element 1015 Memory Corruption
FILE-MULTIMEDIA Apple Quicktime Text CVE-2012- Multimedia 4 Track Descriptors Heap 0664 Buffer Overflow
January 2020 Page 13 of 51 IPS Signature Update
FILE-MULTIMEDIA CVE-2009- FFmpeg 4xm Processing Multimedia 4 0385 Memory Corruption
FILE-MULTIMEDIA Microsoft Graphics Device Interface CVE-2019- Multimedia 4 DoGdiCommentMultiFo 0614 rmats Information Disclosure
FILE-MULTIMEDIA Nullsoft Winamp Advanced Module Multimedia 4 Format File Buffer Overflow
FILE-MULTIMEDIA Nullsoft Winamp AVI CVE-2011- Multimedia 4 Stream Count Integer 3834 Overflow
FILE-MULTIMEDIA Nullsoft Winamp Midi Multimedia 4 File Header Handling Buffer Overflow
FILE-MULTIMEDIA Nullsoft Winamp RIFF CVE-2011- Multimedia 4 INFO Record Heap 3834 Buffer Overflow
FILE-MULTIMEDIA RealNetworks CVE- 2007-5081 RealPlayer CVE-2007- Multimedia 4 RealMedia File Format 5081 Processing Heap Corruption Attempt
FILE-MULTIMEDIA RealNetworks Multimedia 4 RealPlayer IVR Handling
January 2020 Page 14 of 51 IPS Signature Update
Heap Buffer Overflow (Published Exploit)
FILE-MULTIMEDIA RealNetworks CVE-2010- RealPlayer RecordClip Multimedia 4 3749 Parameter Injection Code Execution
FILE-MULTIMEDIA RealNetworks CVE-2013- Multimedia 4 RealPlayer RMP File 6877 Heap Buffer Overflow
FILE-MULTIMEDIA RealNetworks CVE-2013- Multimedia 4 RealPlayer RMP File 6877 Stack Buffer Overflow
FILE-MULTIMEDIA RealNetworks CVE-2012- Multimedia 4 RealPlayer URL Parsing 5691 Stack Buffer Overflow
FILE-MULTIMEDIA VideoLAN VLC real.c CVE-2008- ReadRealIndex Real Multimedia 4 5276 Demuxer Integer Overflow
FILE-MULTIMEDIA VLC Media Player RTSP CVE-2013- Multimedia 4 Plugin Stack Buffer 6933 Overflow
FILE-OFFICE Adobe Acrobat CVE-2017- Office Tools 4 ImageConversion JPEG 2960 Out-of-Bounds Read
CVE-2017- FILE-OFFICE Adobe Office Tools 4 Acrobat 2966
January 2020 Page 15 of 51 IPS Signature Update
ImageConversion TIFF Heap-based Buffer Overflow
FILE-OFFICE Microsoft CVE-2013- Access CVE-2013-3157 Office Tools 4 3157 Memory Corruption
FILE-OFFICE Microsoft DirectPlay Office File CVE-2012- Office Tools 4 Handling Invalid 1537 Memory Free
FILE-OFFICE Microsoft Excel BIFF File Format CVE-2007- Office Tools 4 Named Graph Record 0215 Parsing Stack Overflow
FILE-OFFICE Microsoft Excel Data Validation CVE-2008- Office Tools 4 Record Processing Code 0111 Execution
FILE-OFFICE Microsoft Excel Embedded Office Tools 4 Shockwave Flash Object Code Execution
FILE-OFFICE Microsoft Excel Malformed Office Tools 4 FNGROUPCOUNT Value Code Execution
FILE-OFFICE Microsoft Excel Malformed CVE-2008- Office Tools 4 Formula Parsing Code 0115 Execution
FILE-OFFICE Microsoft Excel Malformed CVE-2007- Office Tools 4 IMDATA Record Buffer 0027 Overflow
January 2020 Page 16 of 51 IPS Signature Update
FILE-OFFICE Microsoft Excel OBJECTLINK CVE-2012- Office Tools 4 Record Memory 0142 Corruption
FILE-OFFICE Microsoft Excel SerAuxErrBar CVE-2012- Office Tools 4 Heap Memory 1885 Corruption
FILE-OFFICE Microsoft CVE-2011- Excel Substream Parsing Office Tools 4 0097 Integer Overflow
FILE-OFFICE Microsoft Excel Type Mismatch CVE-2012- Office Tools 4 Series Record Parsing 1847 Memory Corruption
FILE-OFFICE Microsoft Excel Workspace Index CVE-2007- Office Tools 4 Value Memory 3890 Corruption
FILE-OFFICE Microsoft CVE-2016- Office CVE-2016-7264 Office Tools 4 7264 Out of Bounds Read
FILE-OFFICE Microsoft CVE-2010- Office Excel ADO Object Office Tools 4 1253 Parsing Code Execution
FILE-OFFICE Microsoft Office Excel Featheader CVE-2009- Office Tools 4 Record Memory 3129 Corruption
FILE-OFFICE Microsoft Office Excel MDXSET CVE-2010- Office Tools 4 Record Heap Buffer 0261 Overflow
January 2020 Page 17 of 51 IPS Signature Update
FILE-OFFICE Microsoft Office Excel MDXTUPLE CVE-2010- Office Tools 4 Record Heap Buffer 0260 Overflow
FILE-OFFICE Microsoft CVE-2011- Office Excel Out of Office Tools 4 1987 Bounds Array Indexing
FILE-OFFICE Microsoft CVE-2011- Office Excel Record Out Office Tools 4 1990 of Bounds Index
FILE-OFFICE Microsoft Office Excel Record CVE-2010- Office Tools 4 Parsing Integer 3230 Overflow
FILE-OFFICE Microsoft CVE-2010- Office Excel String Office Tools 4 1252 Variable Code Execution
FILE-OFFICE Microsoft Office Excel SxView CVE-2010- Office Tools 4 Record Parsing Memory 0821 Corruption
FILE-OFFICE Microsoft CVE-2010- Office MSO.DLL Office Tools 4 0243 Memory Corruption
FILE-OFFICE Microsoft Office PICT Filter Map CVE-2008- Office Tools 4 Structure Memory 3021 Corruption
FILE-OFFICE Microsoft Office PICT Image CVE-2010- Office Tools 4 Converter Integer 3946 Overflow
January 2020 Page 18 of 51 IPS Signature Update
FILE-OFFICE Microsoft Office PowerPoint 2000 CVE-2009- Office Tools 4 File Parsing Buffer 1131 Overflow
FILE-OFFICE Microsoft Office PowerPoint 95 CVE-2009- Office Tools 4 Format Sound Object 1128 Buffer Overflow
FILE-OFFICE Microsoft CVE-2010- Office PowerPoint Office Tools 4 2573 Integer Underflow
FILE-OFFICE Microsoft Office PowerPoint PP7 CVE-2009- Office Tools 4 Component Long String 1129 Buffer Overflow
FILE-OFFICE Microsoft Office PowerPoint PP7 CVE-2009- Office Tools 4 File Handling Memory 0225 Corruption
FILE-OFFICE Microsoft Office Project Memory CVE-2009- Office Tools 4 Validation Code 0102 Execution
FILE-OFFICE Microsoft CVE-2012- Office RTF Mismatch Office Tools 4 0183 Memory Corruption
FILE-OFFICE Microsoft CVE-2010- Office RTF Stack Buffer Office Tools 4 3333 Overflow
FILE-OFFICE Microsoft Office Visio DXF File CVE-2010- Office Tools 4 Inserting Buffer 1681 Overflow
January 2020 Page 19 of 51 IPS Signature Update
FILE-OFFICE Microsoft Office Word RTF File CVE-2012- Office Tools 4 listid Memory 2528 Corruption
FILE-OFFICE Microsoft Office Works File CVE-2008- Converter WPS File Office Tools 4 0108 Field Length Stack Overflow
FILE-OFFICE Microsoft PowerPoint PPT File Parsing Memory Office Tools 4 Corruption (Published Exploit)
FILE-OFFICE Microsoft PowerPoint Office Tools 4 TextHeaderAtom Memory Corruption
FILE-OFFICE Microsoft Powerpoint CVE-2008- TxMasterStyle10Atom Office Tools 4 1455 Processing Code Execution
FILE-OFFICE Microsoft Visio Insecure CVE-2010- Office Tools 4 MFC71xxx.DLL Library 3148 Loading
FILE-OFFICE Microsoft Word Cascading Style CVE-2008- Office Tools 4 Sheet Processing Code 1434 Execution
FILE-OFFICE Microsoft Word mso.dll Office Tools 4 LsCreateLine Memory Corruption (Published
January 2020 Page 20 of 51 IPS Signature Update
Exploit)
FILE-OFFICE Microsoft Word RTF CVE-2014- Office Tools 4 listoverridecount 1761 Memory Corruption
FILE-OFFICE Microsoft Word RTF Stylesheet CVE-2008- Office Tools 4 Control Word Memory 4031 Corruption
FILE-OFFICE Microsoft Works File Converter CVE-2007- WPS File Section Length Office Tools 4 0216 Headers Memory Corruption
FILE-OFFICE OpenOffice EMF File EMR_BITBLT CVE-2007- Office Tools 4 Record Integer 5746 Overflow
FILE-OTHER CVE-2015- Application 4 2015_6130_Flag Set 6130 and Software
FILE-OTHER ACD Systems ACDSee Application Products XBM File 4 and Software Handling Buffer Overflow
FILE-OTHER Adobe Acrobat and Reader CVE-2019- Application 4 JPEG2000 Parsing Out 7794 and Software of Bounds Read
FILE-OTHER Adobe Acrobat CVE-2018-5061 CVE-2018- Application ImageConversion EMF 4 5061 and Software EmfPlusDrawBeziers Out-Of-Bounds Read
January 2020 Page 21 of 51 IPS Signature Update
FILE-OTHER Adobe Acrobat EMF CVE-2018- CVE-2018- Application 5067 EmfPlusDrawLines 4 5067 and Software Count Heap Buffer Overflow
FILE-OTHER Adobe Acrobat pro CVE-2018- CVE-2018- Application 4 4908 Out Of Bounds 4908 and Software Read Attempt
FILE-OTHER Adobe Acrobat pro CVE-2018- CVE-2018- Application 4 4914 Out Of Bounds 4914 and Software Read Attempt
FILE-OTHER Adobe Acrobat XPS CVE-2018- CVE-2018- Application 4 5056 Processing Format 5056 and Software String
FILE-OTHER Adobe Shockwave Director CVE-2010- Application 4 pamm Chunk Memory 4084 and Software Corruption
FILE-OTHER Adobe Shockwave Director CVE-2010- Application 4 tSAC Chunk Parsing 2866 and Software Memory Corruption
FILE-OTHER Adobe Shockwave Player Lnam CVE-2010- Application 4 Chunk Processing Buffer 3655 and Software Overflow
FILE-OTHER Cisco WebEx Recording CVE-2012- Application Format Player atas32.dll 4 1337 and Software 0xBB Subrecords Integer Overflow
January 2020 Page 22 of 51 IPS Signature Update
FILE-OTHER Cisco WebEx Recording CVE-2012- Application 4 Format Player atas32.dll 1336 and Software Integer Overflow
FILE-OTHER Cisco WebEx Recording CVE-2012- Application Format Player 4 1335 and Software atdl2006.dll Buffer Overflow
FILE-OTHER Cisco WebEx Recording Application Format Player 4 and Software atdl2006.dll Integer Overflow
FILE-OTHER ClamAV CVE-2019- Application OLE2 uniq_add Out-Of- 4 1788 and Software Bounds Write
FILE-OTHER Corel PDF CVE-2013- Application Fusion XPS Stack Buffer 4 3248 and Software Overflow
FILE-OTHER GNU Libextractor CVE-2018- CVE-2018- Application 4 16430 ZIP File Comment 16430 and Software Out-of-Bounds Read
FILE-OTHER Kingsoft Writer Font Names CVE-2013- Application 4 Buffer Overflow 3934 and Software (Published Exploit)
CVE-2019- FILE-OTHER Microsoft 0891,mapp Database Windows Jet Database unknown,ve Management 4 CVE-2019-0891 Remote ndor System Code Execution Microsoft,v uln Code Exec,sfoscat
January 2020 Page 23 of 51 IPS Signature Update
33,sigtype poc,service http,service imap, service pop3, service ftp- data
CVE-2019- 1242,vendo r Microsoft,v uln Code Exec,sfoscat FILE-OTHER Microsoft 33,sigtype Database Windows Jet Database poc,mapp Management 4 CVE-2019-1242 Remote unknown,se System Code Execution rvice http,service imap, service pop3, service ftp- data
FILE-OTHER OMRON CX- One CX-Motion CVE- CVE-2018- Application 4 2018-7514 sscanf Stack- 7514 and Software based Buffer Overflow
FILE-OTHER OMRON CX- CVE-2018- Application One CX-Protocol CSCU 4 19027 and Software Type Confusion
FILE-OTHER OMRON CX- One SBA File Parsing CVE-2018- Application wcscpy Stack-based 4 7514 and Software Buffer Overflow CVE- 2018-7514
CVE-2012- Application FILE-OTHER Oracle 4 Outside In FlashPix 1744 and Software
January 2020 Page 24 of 51 IPS Signature Update
Image Processing Heap Buffer Overflow (Published Exploit)
FILE-OTHER WECON LeviStudio DataLogTool CVE-2019- Application 4 INI Parser Stack-based 6537 and Software Buffer Overflow
FILE-PDF Adobe Acrobat CVE-2010- Application and Reader CoolType.dll 4 2883 and Software Stack Buffer Overflow
FILE-PDF Adobe Acrobat and Reader CVE-2017- CVE-2017- Application 4 16374 JPEG2000 Parsing 16374 and Software Out of Bounds Read
FILE-PDF Adobe Acrobat CVE-2017- Application and Reader JPEG2000 4 2946 and Software Out of Bounds Read
FILE-PDF Adobe Acrobat and Reader JPEG2000 CVE-2017- Application Parsing Heap-based 4 3055 and Software Buffer Overflow CVE- 2017-3055
FILE-PDF Adobe Acrobat and Reader JPEG2000 CVE-2017- Application 4 Parsing Out of Bounds 3045 and Software Read
FILE-PDF Adobe Acrobat and Reader JPEG2000 CVE-2018- Application 4 Parsing Out of Bounds 4990 and Software Read
FILE-PDF Adobe Acrobat CVE-2009- Application and Reader JpxDecode 4 3955 and Software Memory Corruption
January 2020 Page 25 of 51 IPS Signature Update
FILE-PDF Adobe Acrobat and Reader U3D CVE-2012- Application 4 Texture Parsing Buffer 2049 and Software Overflow
FILE-PDF Adobe Acrobat CVE-2011- Application and Reader U3D 4 2462 and Software Uninitialized Variable
FILE-PDF Adobe Acrobat and Reader XFA CVE-2013- Application oneOfChild Remote 4 0640 and Software Code Execution (Published Exploit)
FILE-PDF Adobe Acrobat CVE-2019- Application Reader CVE-2019-7827 4 7827 and Software Heap Overflow Attempt
FILE-PDF Adobe Reader and Acrobat CVE-2009- Application 4 media.newPlayer Code 4324 and Software Execution
FILE-PDF Adobe Reader and Acrobat RMA CVE-2012- Application 4 Objects Memory 4157 and Software Corruption
FILE-PDF Adobe Reader CVE-2008- Application and Acrobat util.printf 4 2992 and Software Stack Buffer Overflow
FILE-PDF Adobe Reader CVE-2012- Application and Acrobat WKT String 4 2050 and Software Buffer Overflow
FILE-PDF Adobe Reader CVE-2019- Application CVE-2019-7795 Out Of 4 7795 and Software Bounds Read
January 2020 Page 26 of 51 IPS Signature Update
FILE-PDF Adobe Reader CVE-2019- Application CVE-2019-7804 Out Of 4 7804 and Software Bounds Read
FILE-PDF Adobe Reader CVE-2019- Application CVE-2019-7822 Out Of 4 7822 and Software Bounds Read
FILE-PDF Adobe Reader DC JPEG2000 CVE-2016- CVE-2016- Application 4 7854 Out-of-Bounds 7854 and Software Read
FILE-PDF Adobe Reader Mobile JavaScript CVE-2014- Application 4 Interface Java Code 0514 and Software Execution
FILE-PDF Adobe Reader U3D Application CLODMeshDeclaration 4 and Software Shading Count Buffer Overflow
FILE-PDF CoolPDF Reader Image Stream CVE-2012- Application Processing Buffer 4 4914 and Software Overflow (Published Exploit)
FILE-PDF Foxit Multiple Products PNG To PDF Application 4 Conversion Heap Buffer and Software Overflow
FILE-PDF Sophos Anti- Application Virus PDF Handling 4 and Software Stack Buffer Overflow
FILE-PDF Xpdf Splash CVE-2009- Application DrawImage Integer 4 3604 and Software Overflow
January 2020 Page 27 of 51 IPS Signature Update
INDICATOR-SHELLCODE Application Metasploit AutoPwn2 4 and Software Pre-Exploit Firstpass
MALWARE-CNC ET Malware EXPLOIT Possible Communicatio 4 ETERNALBLUE MS17- n 010 Echo Request (set)
MALWARE-CNC ET EXPLOIT Possible Malware ETERNALCHAMPION Communicatio 4 MS17-010 Sync Request n (set)
MALWARE-CNC ET Malware EXPLOIT Possible Communicatio 4 ETERNALROMANCE n MS17-010
MALWARE-CNC First Malware Pass Flag for WannaCry Communicatio 4 Ransomware n
Operating OS-WINDOWS CVE-2015- System and 4 2015_6086_Flag Set 6086 Services
OS-WINDOWS DCERPC CVE-2007-1748 NCACN- Operating CVE-2007- IP-TCP dns System and 4 1748 R_DnssrvEnumRecords Services Overflow Attempt
Operating OS-WINDOWS System and 4 Malicious URL Flag Set Services
OS-WINDOWS Operating Microsoft Client Service CVE-2006- System and 4 for NetWare Memory 4688 Services Corruption
January 2020 Page 28 of 51 IPS Signature Update
OS-WINDOWS Operating Microsoft DirectX SAMI CVE-2007- System and 4 File Parsing Code 3901 Services Execution
OS-WINDOWS Microsoft Graphics Operating CVE-2018- Component CVE-2018- System and 4 8472 8472 Information Services Disclosure
OS-WINDOWS Operating Microsoft Hyperlink CVE-2016- System and 4 Object Library 0059 Services Information Disclosure
OS-WINDOWS Operating Microsoft License CVE-2009- System and 4 Logging Server RPC Call 2523 Services Buffer Overflow
OS-WINDOWS Microsoft Office Bad Operating CVE-2014- Index CVE-2014-6334 System and 4 6334 Memory Corruption Services (Published Exploit)
OS-WINDOWS Operating Microsoft Outlook RWZ CVE-2018- System and 4 Integer Overflow CVE- 8582 Services 2018-8582
OS-WINDOWS Operating Microsoft Silverlight CVE-2010- System and 4 Pointer Handling 0019 Services Memory Corruption
OS-WINDOWS Operating Microsoft SQL Server CVE-2008- System and 4 Backup Restoring 0107 Services Memory Corruption
January 2020 Page 29 of 51 IPS Signature Update
OS-WINDOWS Microsoft Step-by-Step Operating CVE-2006- Interactive Training System and 4 3448 Crafted Bookmark Link Services File Buffer Overflow
OS-WINDOWS Microsoft Windows and Operating CVE-2013- Office TIFF Handling GDI System and 4 3906 Memory Corruption Services (Published Exploit)
OS-WINDOWS Operating Microsoft Windows AVI CVE-2009- System and 4 File Chunk Length 1546 Services Integer Overflow
OS-WINDOWS Operating Microsoft Windows CVE-2012- System and 4 Briefcase Integer 1528 Services Overflow
OS-WINDOWS Operating Microsoft Windows CVE-2012- System and 4 Briefcase Integer 1527 Services Underflow
OS-WINDOWS Operating Microsoft Windows CVE-2010- System and 4 Cinepak Codec Code 2553 Services Execution
OS-WINDOWS Microsoft Windows Operating CVE-2010- Common Control System and 4 2746 Library Heap Buffer Services Overflow
OS-WINDOWS Operating CVE-2012- Microsoft Windows System and 4 0158 Common Controls Services MSCOMCTL.OCX Stack
January 2020 Page 30 of 51 IPS Signature Update
Buffer Overflow
OS-WINDOWS Microsoft Windows Operating CVE-2012- Common Controls System and 4 0158 MSCOMCTL.OCX Stack Services Buffer Overflow
OS-WINDOWS Operating Microsoft Windows C CVE-2012- System and 4 Runtime Library Heap 0150 Services Buffer Overflow
OS-WINDOWS Microsoft Windows Operating CVE-2011- CVE-2011-0032 System and 4 0032 DirectShow Insecure Services Library Loading
OS-WINDOWS Microsoft Windows Operating CVE-2018-0825 CVE-2018- System and 4 Malformed Shortcut File 0825 Services With Comment Buffer Overflow Attempt
OS-WINDOWS Microsoft Windows Operating CVE-2014- DirectShow JPEG System and 4 0301 Double Free CVE-2014- Services 0301
OS-WINDOWS Microsoft Windows Fax Operating Services Cover Page System and 4 Editor Heap Buffer Services Overflow (Published Exploit)
OS-WINDOWS Operating CVE-2018- Microsoft Windows System and 4 8344 Font Subsetting Integer Services Overflow CVE-2018-
January 2020 Page 31 of 51 IPS Signature Update
8344
OS-WINDOWS Microsoft Windows GDI Operating CVE-2008- EMF Image File System and 4 1087 Handling Stack Services Overflow
OS-WINDOWS Operating Microsoft Windows CVE-2009- System and 4 GDIplus WMF Integer 2500 Services Overflow
OS-WINDOWS Operating Microsoft Windows GDI CVE-2008- System and 4 WMF File HeaderSize 2249 Services Buffer Overflow
OS-WINDOWS Microsoft Windows Operating CVE-2018- Graphics CVE-2018- System and 2 8596 8596 Device Interface Services Information Disclosure
OS-WINDOWS Microsoft Windows Operating CVE-2018- Graphics Device CVE- System and 4 8424 2018-8424 Interface Services Information Disclosure
OS-WINDOWS Microsoft Windows Operating CVE-2018- Graphics Device System and 4 8596 Interface Information Services Disclosure
OS-WINDOWS Microsoft Windows Operating Graphics Rendering CVE-2010- System and 4 Engine Thumbnail 3970 Services Image Stack Buffer Overflow
January 2020 Page 32 of 51 IPS Signature Update
OS-WINDOWS Microsoft Windows HLP Operating CVE-2007- File Handling Heap System and 4 1912 Buffer Overflow Services (Published Exploit)
CVE-2019- 9513,vendo r Microsoft,v uln Denial OS-WINDOWS Of Microsoft Windows Microsoft IIS Service,sfos 4 HTTP2 Resource Loop web server cat Denial of Service 40,sigtype generic,ma pp unknown,se rvice http
OS-WINDOWS Operating Microsoft Windows JET System and 4 Database Engine Code Services Execution
OS-WINDOWS Operating Microsoft Windows CVE-2009- System and 4 Kernel GDI32 Polyline 0081 Services Buffer Overflow
OS-WINDOWS Operating Microsoft Windows CVE-2015- System and 4 Media Center MCL Code 2509 Services Execution
OS-WINDOWS Operating Microsoft Windows CVE-2015- System and 4 Media Device Manager 2369 Services Insecure Library Loading
OS-WINDOWS Operating Microsoft Windows 4 System and MFC Document Title
January 2020 Page 33 of 51 IPS Signature Update
Updating Buffer Services Overflow
OS-WINDOWS Operating Microsoft Windows OLE CVE-2013- System and 4 Automation Integer 1313 Services Overflow
OS-WINDOWS Operating Microsoft Windows OLE CVE-2007- System and 4 Automation Remote 0065 Services Code Execution
OS-WINDOWS Operating Microsoft Windows OLE CVE-2016- System and 4 CVE-2016-0091 Code 0091 Services Execution
OS-WINDOWS Operating Microsoft Windows OLE CVE-2016- System and 4 CVE-2016-0153 Code 0153 Services Execution
OS-WINDOWS Microsoft Windows Operating CVE-2010- OpenType Font System and 4 2741 Validation Integer Services Overflow
OS-WINDOWS Microsoft Windows Plug Operating and Play Registry Key CVE-2005- System and 4 Access Buffer Overflow 2120 Services (MSRPC DCERPC PnP bind attempt)
OS-WINDOWS Operating Microsoft Windows CVE-2009- System and 4 Print Spooler Service 0228 Services Buffer Overflow
OS-WINDOWS Operating 4
January 2020 Page 34 of 51 IPS Signature Update
Microsoft Windows System and Server Service Buffer Services Overrun
OS-WINDOWS Microsoft Windows Operating CVE-2008- Server Service RPC System and 4 4250 Request Handling Buffer Services Overflow
OS-WINDOWS Operating Microsoft Windows CVE-2005- System and 4 Shell MSHTA Script 0063 Services Execution
OS-WINDOWS Microsoft Windows Operating CVE-2018- Shell SettingContent-ms System and 4 8414 Remote Code Execution Services CVE-2018-8414
OS-WINDOWS Operating Microsoft Windows System and 4 SMB2 Search Firstpass Services
OS-WINDOWS Microsoft Windows Operating SMB Authentication CVE-2008- System and 4 Reflection Remote Code 4037 Services Execution (Published Exploit)
OS-WINDOWS Microsoft Windows Operating CVE-2008- SMB Authentication System and 4 4037 Reflection Remote Code Services Execution
OS-WINDOWS Operating Microsoft Windows CVE-2009- System and 4 SMB Negotiate Protocol 3676 response DoS attempt Services empty SMB 2 CVE-2009-
January 2020 Page 35 of 51 IPS Signature Update
3676
OS-WINDOWS Microsoft Windows Operating SMB Response Handling System and 4 Buffer Overflow Services (Longfilename)
OS-WINDOWS Operating Microsoft Windows CVE-2017- System and 4 SMB v1 CVE-2017- 11772 Services 11772 Firstpass
OS-WINDOWS Operating Microsoft Windows System and 4 SMBv1 Search Firstpass Services
OS-WINDOWS Microsoft Windows Operating srvsvc Memory CVE-2005- System and 4 Allocation Denial of 3644 Services Service(MSRPC) CVE- 2005-3644
OS-WINDOWS Microsoft Windows Operating CVE-2012- WinVerifyTrust PE System and 4 0151 Validation Security Services Bypass
OS-WINDOWS Microsoft Windows Operating CVE-2013- WinVerifyTrust PE System and 4 3900 Validation Security Services Bypass
OS-WINDOWS Microsoft Windows Operating Workstation Service CVE-2006- System and 4 NetrWkstaUserEnum 6723 Services Denial of Service (Published Exploit)
January 2020 Page 36 of 51 IPS Signature Update
OS-WINDOWS Microsoft XML Core Operating CVE-2008- Services parseError System and 4 4029 DOM Object Services Information Disclosure
OS-WINDOWS Windows Operating Kernel CVE-2019-0767 CVE-2019- System and 2 Information Disclosure 0767 Services Vulnerability
POLICY-OTHER GNU Operating wget CVE-2016-4971 CVE-2016- System and 4 HTTP Redirect Arbitrary 4971 Services File Overwrite
PROTOCOL-FTP Freefloat FTP Server FTP 4 Invalid Command Buffer Overflow
Operating PROTOCOL-OTHER HTTP System and 4 POST request Services
PROTOCOL-SCADA Advantech WebAccess CVE-2014- Industrial SCADA webeye.ocx 4 8388 Control System ip_addr Parameter Buffer Overflow
PROTOCOL-SCADA OMRON CX-One CX- CVE-2018- Industrial FLnet Version Heap- 4 8834 Control System based Buffer Overflow CVE-2018-8834
PROTOCOL-VOIP Digium Asterisk SIP Terminated VoIP and CVE-2013- Channel ACK with SDP Instant 4 5641 Denial of Service Messaging (Published Exploit)
January 2020 Page 37 of 51 IPS Signature Update
SERVER-APACHE Apache httpd CVE- Apache HTTP 2019-0190 mod_ssl TLS 1 Server Renegotiation Denial of Service
SERVER-APACHE CVE-2015- Apache HTTP Apache Qpid Sequence 4 0203 Server Set Denial of Service
SERVER-APACHE Apache Tomcat CVE-2012- Apache HTTP 4 Chunked Transfer 3544 Server Denial Of Service I
SERVER-APACHE Apache Tomcat CVE- CVE-2013- Apache HTTP 2013-4322 Large 4 4322 Server Chunked Transfer Denial Of Service
CVE-2019- 9515,vendo r SERVER-APACHE Apache,vul Apache Traffic Server n Denial Of Apache HTTP 4 HTTP2 Settings Flood Service,sfos Server Denial of Service cat 30,sigtype generic,serv ice http
SERVER-MAIL Dovecot Submission-Login CVE-2019- Other Mail Service Authentication 4 11499 Server Message Denial of Service
SERVER-MAIL Dovecot Submission-Login CVE-2019- Other Mail 4 Service NULL Pointer 11494 Server Dereference
January 2020 Page 38 of 51 IPS Signature Update
SERVER-MAIL Exim SPA CVE-2005- Other Mail Authentication Buffer 4 0022 Server Overflow
SERVER-MAIL IBM Lotus Notes CVE-2007-5405 CVE-2007- Other Mail 4 Applix Graphics Parsing 5405 Server Buffer Overflow
SERVER-MAIL Mercury Mail Transport System CVE-2007- Other Mail 4 SMTP AUTH CRAM-MD5 4440 Server Buffer Overflow
SERVER-MAIL Postfix SMTP Server CVE-2011- CVE-2011- Other Mail 1720 SASL AUTH Handle 4 1720 Server Reuse Memory Corruption
SERVER-MSSQL Database Microsoft SQL Server CVE-2008- Management 4 INSERT Statement 0106 System Buffer Overflow
SERVER-ORACLE Oracle Application CVE-2005- Database CVE-2005- 2371 Server Reports Management 4 2371 desname Arbitrary File System Overwriting
SERVER-ORACLE Oracle Business Transaction Database Management Management 4 FlashTunnelService System Arbitrary File Creation
SERVER-ORACLE Oracle Business Transaction Database Management Management 4 FlashTunnelService System Arbitrary File Deletion
January 2020 Page 39 of 51 IPS Signature Update
SERVER-ORACLE Oracle GlassFish Enterprise Database Server REST Interface CVE-2012- Management 4 Cross Site Request 0550 System Forgery (Published Exploit)
SERVER-ORACLE Oracle Java Runtime Bytecode Database CVE-2012- Verifier Cache Code Management 4 1723 Execution (Published System Exploit)
SERVER-ORACLE Oracle Java Runtime Database Environment CVE-2013- Management 4 storeImageArray Buffer 2465 System Overflow (Published Exploit)
SERVER-ORACLE Oracle Java Database CVE-2013- sun.tracing.ProviderSkel Management 4 2460 eton Sandbox Bypass System (Published Exploit)
SERVER-ORACLE Oracle Database Outside In CorelDRAW Management 4 File Parser Integer System Overflow
SERVER-ORACLE Oracle Database Outside In CorelDRAW CVE-2011- Management 4 File Parser Stack Buffer 2264 System Overflow
SERVER-ORACLE Oracle Database Outside In OS 2 Metafile Management 4 Parser Denial of Service System
CVE-2013- SERVER-ORACLE Oracle Database 4 Outside In OS 2 Metafile 5879 Management
January 2020 Page 40 of 51 IPS Signature Update
Parser Stack Buffer System Overflow
SERVER-ORACLE Oracle WebLogic Server CVE- Database CVE-2018- 2018-2894 Web Service Management 3 2894 Config Arbitrary File System Upload
SERVER-ORACLE Oracle Database WebLogic Server CVE-2017- Management 4 UnicastRef Insecure 3248 System Deserialization
SERVER-OTHER ABB Panel Builder 800 Comli CommandLineOptions CVE-2018- Other Web 4 Stack-based Buffer 10616 Server Overflow CVE-2018- 10616
SERVER-OTHER Adobe ColdFusion CVE-2017- CVE-2017- Other Web 4 11284 RMI Registry 11284 Server Insecure Deserialization
SERVER-OTHER CA XOsoft Multiple CVE-2010- Other Web Products 4 1223 Server xosoapapi.asmx Buffer Overflow
SERVER-OTHER Dell SonicWALL GMS- Other Web 4 Analyzer license.jsp Server Information Disclosure
SERVER-OTHER Facebook Fizz TLS 1.3 CVE-2019- Other Web Early Data Integer 4 3560 Server Overflow Denial of Service
January 2020 Page 41 of 51 IPS Signature Update
SERVER-OTHER HP ProCurve Manager CVE-2013- Other Web SNAC 4 4811 Server UpdateDomainControlle rServlet Code Execution
SERVER-OTHER CVE-2011- Other Web Interactive Data eSignal 4 3494 Server Stack Buffer Overflow
SERVER-OTHER Kubernetes API Proxy CVE-2018- Other Web Request Handling 4 1002105 Server Privilege Escalation (Decrypted Traffic)
SERVER-OTHER McAfee ePolicy Orchestrator CVE-2015- Other Web 4 XML Entity Injection 0921 Server (Decrypted Traffic)
SERVER-OTHER McAfee Web Reporter JBoss Other Web EJBInvokerServlet 4 Server Marshalled Object Code Execution
SERVER-OTHER Microsoft Windows CVE-2019- Other Web 4 DHCP Server Remote 0725 Server Code Execution
SERVER-OTHER Novell GroupWise CVE-2011- Other Web 4 Addressbook Heap 4189 Server Buffer Overflow
SERVER-OTHER Novell CVE-2010- Other Web iManager Class Name 4 1929 Server Remote Buffer Overflow
SERVER-OTHER Novell CVE-2011- Other Web 4
January 2020 Page 42 of 51 IPS Signature Update
iManager Create 4188 Server Attribute EnteredAttrName Buffer Overflow
SERVER-OTHER Novell ZENworks CVE-2011- Other Web LaunchHelp.dll ActiveX 4 2657 Server Control LaunchProcess Code Execution
SERVER-OTHER OpenSSH CVE-2016- Other Web 4 kex_input_kexinit 8858 Server Denial of Service
SERVER-OTHER OpenSSL AES-NI Integer CVE-2012- Other Web 4 Underflow (Published 2686 Server Exploit)
SERVER-OTHER OpenSSL CVE-2018- CVE-2018- Other Web 0732 Large DH 4 0732 Server Parameter Denial of Service
SERVER-OTHER OpenSSL CVE-2014- Other Web dtls1_reassemble_frag 2 0195 Server ment Invalid Fragment Buffer Overflow
SERVER-OTHER CVE-2011- Other Web OpenSSL ECDH Use 4 3210 Server After Free
SERVER-OTHER Sourcefire Snort Other Web 4 rule20275eval Buffer Server Overflow
January 2020 Page 43 of 51 IPS Signature Update
SERVER-OTHER Squid HTTP Response CVE- CVE-2016- Other Web 4 2016-3948 Processing 3948 Server Denial of Service V
SERVER-OTHER Squid Proxy ESI Response CVE-2016- Other Web 4 Processing Denial of 4555 Server Service
SERVER-OTHER Squid Proxy Other Web 4 log_uses_indirect_client Server Denial of Service
SERVER-OTHER Symantec Encryption Management Server CVE-2014- Other Web 4 Database CVE-2014- 7288 Server 7288 Backup Command Injection II
SERVER-SAMBA Samba NetDFS RPC Operating CVE-2007- netdfs_io_dfs_EnumInf System and 4 2446 o_d Handling Heap Services Overflow
SERVER-SAMBA Samba Operating CVE-2014- nmbd unstrcpy Buffer System and 4 3560 Overflow Services
SERVER-SAMBA Samba Operating smbd Flags2 Header System and 4 Parsing Denial Of Services Service vulnerability
Operating SERVER-SAMBA System and 4 TSL20070515_17 Flag Services
SERVER-WEBAPP Adobe CVE-2013- Web Services 4
January 2020 Page 44 of 51 IPS Signature Update
ColdFusion 0625 and scheduleedit.cfm Applications Authentication Bypass
SERVER-WEBAPP Cisco Web Services Unity Express RMI CVE-2018- and 4 Insecure Deserialization 15381 Applications CVE-2018-15381
SERVER-WEBAPP Dell OpenManage Network Web Services Manager MySQL CVE-2018- and 4 Improper Access 15768 Applications Control (Published Exploit)
SERVER-WEBAPP Digium Asterisk CVE- Web Services CVE-2018- 2018-7287 WebSocket and 4 7287 Frame Empty Payload Applications Denial of Service
SERVER-WEBAPP F5 Multiple CVE-2014-2928 Web Services CVE-2014- Products iControl API and 4 2928 hostname Remote Applications Command Execution III
SERVER-WEBAPP F5 Multiple Products Web Services iControl API hostname CVE-2014- and 4 Remote Command 2928 Applications Execution (Decrypted Traffic)
SERVER-WEBAPP HP Web Services Data Protector Multiple CVE-2011- and 4 Products FinishedCopy 3162 Applications SQL Injection
SERVER-WEBAPP HP CVE-2011- Web Services Data Protector Multiple 4 3157 and Products GetPolicies
January 2020 Page 45 of 51 IPS Signature Update
SQL Injection Applications
SERVER-WEBAPP HP Data Protector Multiple Web Services CVE-2011- Products and 4 3156 LogClientInstallation Applications SQL Injection
SERVER-WEBAPP HP Web Services Data Protector Multiple CVE-2011- and 4 Products RequestCopy 3158 Applications SQL Injection
SERVER-WEBAPP HP LoadRunner Virtual Web Services CVE-2013- User Generator and 4 4838 saveCodeRuleFile Applications Directory Traversal
SERVER-WEBAPP HP Web Services SiteScope CVE-2015- CVE-2015- and 4 2120 Log Analyzer 2120 Applications Information Disclosure
SERVER-WEBAPP HP Web Services CVE-2015- SiteScope Log Analyzer and 4 2120 Information Disclosure Applications
SERVER-WEBAPP JasPer Web Services CVE-2017- jp2_decode Out of and 4 9782 Bounds Read Applications
SERVER-WEBAPP LANDesk Web Services CVE-2012- ThinkManagement and 4 1195 Suite ServerSetup.asmx Applications Directory Traversal
SERVER-WEBAPP Web Services CVE-2014- ManageEngine CVE- and 4 6037 2014-6037 EventLog Applications Analyzer agentUpload
January 2020 Page 46 of 51 IPS Signature Update
Directory Traversal
SERVER-WEBAPP Node.js Foundation Node.js CVE-2018- Web Services 1000168 nghttp2 CVE-2018- and 4 nghttp2_frame_altsvc_f 1000168 Applications ree Null Pointer Dereference (Decrypted Traffic)
SERVER-WEBAPP Oracle Java Runtime CVE-2010- Web Services CVE-2010- 0838 CMM and 4 0838 readMabCurveData Applications Buffer Overflow
SERVER-WEBAPP PHP CVE-2012-0830 Web Services CVE-2012- php_register_variable_e and 4 0830 x Function Code Applications Execution
SERVER-WEBAPP PHP Web Services CVE-2014-1943 Fileinfo CVE-2014- and 4 Call Stack Exhaustion 1943 Applications Firstpass
SERVER-WEBAPP PHP phar_set_inode Web Services CVE-2015- Function Archive and 4 3329 Processing Stack Buffer Applications Overflow
SERVER-WEBAPP PHP Web Services php_register_variable_e CVE-2012- and 4 x Function Code 0830 Applications Execution
SERVER-WEBAPP PHP Web Services CVE-2016- TAR File Parsing and 4 4343 Uninitialized Reference Applications
January 2020 Page 47 of 51 IPS Signature Update
SERVER-WEBAPP Web Services RealNetworks CVE- and 4 RealPlayer SMIL XSS Applications
SERVER-WEBAPP Red Web Services Hat JBoss BPM Suite CVE-2017- and 4 BRMS Tasks List Cross- 2674 Applications Site Scripting
SERVER-WEBAPP Responsive FileManager Web Services CVE-2018- CVE-2018-15536 and 4 15536 ajax_calls.php Zip Applications Directory Traversal
SERVER-WEBAPP Sonatype Nexus Web Services Repository Manager CVE-2019- and 4 CVE-2019-7238 7238 Applications Expression Language Injection
SERVER-WEBAPP Web Services SonicWALL Multiple CVE-2013- and 4 Products Authentication 1359 Applications Bypass
SERVER-WEBAPP Symantec Encryption Web Services Management Server CVE-2014- and 4 Database Backup 7288 Applications Command Injection (Decrypted Traffic)
SERVER-WEBAPP Web Services Symantec IM Manager CVE-2011- and 4 Administrator Interface 0553 Applications SQL injection
Web Services SERVER-WEBAPP CVE-2014- and 4 Symantec Workspace 1649 Streaming XML-RPC Applications
January 2020 Page 48 of 51 IPS Signature Update
Arbitrary File Upload (Published Exploit)
SERVER-WEBAPP WECON LeviStudio Web Services BaseSet and 4 BgOnOffBitAddr Stack Applications Buffer Overflow
SERVER-WEBAPP Web Services WECON LeviStudio and 4 HmiSet Style Stack Applications Buffer Overflow
SERVER-WEBAPP WECON PIStudio basedll Web Services TextContent Stack- and 4 based Buffer Overflow Applications ZDI-18-1109
SERVER-WEBAPP Web Services Zenoss Core Version CVE-2014- and 4 Check Remote Code 6261 Applications Execution
SERVER-WEBAPP Zenoss CVE-2014-6261 Web Services CVE-2014- Core Version Check and 4 6261 Remote Code Execution Applications I
Malware Communicatio 4 n
January 2020 Page 49 of 51 IPS Signature Update
Name: Name of the Signature
CVE–ID: CVE Identification Number - Common Vulnerabilities and Exposures (CVE) provides reference of CVE Identifiers for publicly known information security vulnerabilities.
Category: Class type according to threat
Severity: Degree of severity - The levels of severity are described in the table below:
Severity Level Severity Criteria
1 Low
2 Moderate
3 High
4 Critical
January 2020 Page 50 of 51 IPS Signature Update
Important Notice Sophos Technologies Pvt. Ltd. has supplied this Information believing it to be accurate and reliable at the time of printing, but is presented without warranty of any kind, expressed or implied. Users must take full responsibility for their application of any products. Sophos Technologies Pvt. Ltd. assumes no responsibility for any errors that may appear in this document. Sophos Technologies Pvt. Ltd. reserves the right, without notice to make changes in product design or specifications. Information is subject to change without notice.
RESTRICTED RIGHTS
©1997 - 2020 Sophos Ltd. All rights reserved. All rights reserved. Sophos, Sophos logo are trademark of Sophos Technologies Pvt. Ltd.
Corporate Headquarters Sophos Technologies Pvt. Ltd. Reg. Office: Sophos House, Saigulshan Complex, Beside White House, Panchvati Cross Road, Ahmedabad – 380006, INDIA Phone: +91-79-66216666 Fax: +91-79-26407640 Web site: www.sophos.com
January 2020 Page 51 of 51