https://live.paloaltonetworks.com/t5/general-topics/to-what-extent-threat-updates-covers-against-the-latest-cve-s/m-p/191507#M57670 <P>hi <a href="https://live.paloaltonetworks.com/t5/user/viewprofilepage/user-id/10360">@mario.chancay</a></P> <P>&nbsp;</P> <P>some CVE may not have identifiable factors in the network packets: there may be legitimate packets that are able to buffer overflow a certain vulnerable version of client/server but are not malicious in nature, or they may not have been disclosed publicly yet</P> <P>&nbsp;</P> <P>i've tried to review these CVE but they are marked as reserved on mitre, I then tried tracing the original bug bt I don't appear to have access to chromium bugs <span class="lia-unicode-emoji" title=":winking_face:">😉</span></P> <P>My assumption is these have not been disclosed yet, to allow google to fix the bugs</P> Wed, 13 Dec 2017 12:25:51 GMT reaper 2017-12-13T12:25:51Z https://live.paloaltonetworks.com/t5/general-topics/to-what-extent-threat-updates-covers-against-the-latest-cve-s/m-p/191376#M57656 <P>Hi, we have received notifications for the following vulnerabilities and related CVE's:</P><P>&nbsp;</P><P>Multiple&nbsp;Vulnerabilities in Google Chrome Could Allow for Arbitrary Code Execution</P><UL><LI>Out of bounds write in QUIC (CVE-2017-15407)</LI><LI>Heap buffer overflow in PDFium (CVE-2017-15408)</LI><LI>Out of bounds write in Skia (CVE-2017-15409)</LI><LI>Use after free in PDFium (CVE-2017-15410, CVE-2017-15411)</LI><LI>Use after free in libXML (CVE-2017-15412)</LI><LI>Type confusion in WebAssembly (CVE-2017-15413)</LI><LI>Pointer information disclosure in IPC call (CVE-2017-15415)</LI><LI>Out of bounds read in Blink (CVE-2017-15416)</LI><LI>Cross origin information disclosure in Skia (CVE-2017-15417)</LI><LI>Use of uninitialized value in Skia (CVE-2017-15418)</LI><LI>Cross origin leak of redirect URL in Blink (CVE-2017-15419)</LI><LI>URL spoofing in Omnibox (CVE-2017-15420)</LI><LI>Integer overflow in ICU (CVE-2017-15422)</LI><LI>Issue with SPAKE implementation in BoringSSL (CVE-2017-15423)</LI><LI>URL Spoof in Omnibox (CVE-2017-15424, CVE-2017-15425, CVE-2017-15426)</LI><LI>Insufficient blocking of JavaScript in Omnibox (CVE-2017-15427)</LI></UL><P>Multiple Vulnerabilities in Apache Struts Could Allow for Remote Code Execution</P><UL><LI>A denial of service vulnerability exists due to an outdated JSON-lib library utilized by a REST plugin. (CVE-2017-15707)</LI><LI>A remote code execution vulnerability exists because the REST Plugin utilizes Jackson JSON library for data binding. (CVE-2017-7525)</LI></UL><P>&nbsp;</P><P>But could not find the CVE's in the Threat Vault.&nbsp; Would like to understand how PaloAlto determines which CVE's should be included in the Threat Updates.</P><P>&nbsp;</P><P>Regards</P><P>&nbsp;</P><P>Mario</P> Tue, 12 Dec 2017 19:14:21 GMT https://live.paloaltonetworks.com/t5/general-topics/to-what-extent-threat-updates-covers-against-the-latest-cve-s/m-p/191376#M57656 mario.chancay 2017-12-12T19:14:21Z https://live.paloaltonetworks.com/t5/general-topics/to-what-extent-threat-updates-covers-against-the-latest-cve-s/m-p/191507#M57670 <P>hi <a href="https://live.paloaltonetworks.com/t5/user/viewprofilepage/user-id/10360">@mario.chancay</a></P> <P>&nbsp;</P> <P>some CVE may not have identifiable factors in the network packets: there may be legitimate packets that are able to buffer overflow a certain vulnerable version of client/server but are not malicious in nature, or they may not have been disclosed publicly yet</P> <P>&nbsp;</P> <P>i've tried to review these CVE but they are marked as reserved on mitre, I then tried tracing the original bug bt I don't appear to have access to chromium bugs <span class="lia-unicode-emoji" title=":winking_face:">😉</span></P> <P>My assumption is these have not been disclosed yet, to allow google to fix the bugs</P> Wed, 13 Dec 2017 12:25:51 GMT https://live.paloaltonetworks.com/t5/general-topics/to-what-extent-threat-updates-covers-against-the-latest-cve-s/m-p/191507#M57670 reaper 2017-12-13T12:25:51Z