11-28-2019 12:59 PM
Team,
Please provide the release notes of Applications and Threats Content version 8202 and 8203
11-29-2019 02:51 PM
Hello,
If you log into your support site, go to Updates->Dynamic updates.
Regards,
11-30-2019 07:22 AM
@OtakarKlier Do you see these versions there? I only see back to version 8205 and I assume this is the reason why @Manjunath_V is asking here ...
12-02-2019 02:29 AM
@Vsys yes you are right i was not able to find this in dynamic updates.
12-02-2019 02:49 AM - edited 12-02-2019 03:20 AM
Applications and Threats Content Release Notes Version 8203
New Anti-Spyware Signatures (2)
Severity | ID | Attack Name | Default Action | Minimum PAN-OS Version | Maximum PAN-OS Version |
critical | 85446 | MOONSHINE Android Malware Kit Command and Control Traffic Detection | reset-both | 7.1.0 | |
medium | 85473 | Malicious User-Agent in HTTP Traffic Detection | alert | 7.1.0 |
New Vulnerability Signatures (24)
Severity | ID | Attack Name | CVE ID | Vendor ID | Default Action | Minimum PAN-OS Version | Maximum PAN-OS Version |
high | 56630 | Nexus Yum Repository Plugin Remote Code Execution Vulnerability | CVE-2019-5475 | alert | 7.1.0 | ||
medium | 56658 | Google Chrome Popup Blocker Security Bypass Vulnerability | CVE-2019-5840 | alert | 7.1.0 | ||
critical | 56692 | Tecrail Responsive FileManager Server-Side Request Forgery Vulnerability | CVE-2018-14728 | alert | 7.1.0 | ||
high | 56710 | Microsoft Jet Database Engine Remote Code Execution Vulnerability | CVE-2019-1242 | alert | 7.1.0 | ||
critical | 56722 | HP Intelligent Management Center Command Injection Vulnerability | CVE-2019-5390 | reset-both | 7.1.0 | ||
critical | 56723 | HP Intelligent Management Center Memory Corruption Vulnerability | CVE-2019-5391 | reset-both | 7.1.0 | ||
high | 56744 | Atlassian Jira Customer Context Filter Path Traversal Vulnerability | CVE-2019-14994 | alert | 7.1.0 | ||
high | 56778 | E-Cology OA SQL Injection Vulnerability | alert | 7.1.0 | |||
medium | 56810 | ASUS RT-N10 Repeater Command Injection Vulnerability | reset-both | 7.1.0 | |||
critical | 56814 | Joomla! Component Raffle Factory SQL Injection Vulnerability | CVE-2018-17379 | alert | 7.1.0 | ||
high | 56819 | KDE KConfig Code Execution Vulnerability | CVE-2019-14744 | alert | 7.1.0 | ||
high | 56820 | Trend Micro Email Encryption Gateway Unvalidated Software Update Vulnerability | CVE-2018-6221 | alert | 7.1.0 | ||
medium | 56823 | Microsoft Office Sharepoint XSS Vulnerability | CVE-2019-1262 | alert | 8.1.0 | ||
critical | 56824 | IBM Operational Decision Manager XML External Entity Injection Vulnerability | CVE-2018-1821 | alert | 7.1.0 | ||
critical | 56827 | Cisco IOS XE WebUI Privileged Command Injection Vulnerability | CVE-2019-12650 | alert | 7.1.0 | ||
medium | 56828 | vBulletin SQL Injection Vulnerability | CVE-2019-17271 | alert | 7.1.0 | ||
critical | 56831 | Cyberark Password Vault Web Access Remote Code Execution Vulnerability | CVE-2018-9843 | alert | 7.1.0 | ||
high | 56834 | Cybelsoft ThinVNC Authentication Bypass Vulnerability | CVE-2019-17662 | alert | 7.1.0 | ||
critical | 56835 | Kibana Timelion Remote Code Execution Vulnerabilitiy | CVE-2019-7609 | alert | 7.1.0 | ||
critical | 56836 | Joomla! Component PrayerCenter SQL Injection Vulnerability | CVE-2018-7314 | alert | 7.1.0 | ||
critical | 56840 | Oracle Tarantella Enterprise Directory Traversal Vulnerability | CVE-2018-19753 | alert | 7.1.0 | ||
high | 56845 | Oracle Tarantella Enterprise Privilege Escalation Vulnerability | CVE-2018-19754 | alert | 7.1.0 | ||
critical | 56848 | Total.js CMS Remote Code Execution Vulnerability | CVE-2019-15954 | alert | 7.1.0 | ||
high | 56849 | Zoho ManageEngine Applications Manager MASRequestProcessor serverID SQL Injection Vulnerability | alert | 7.1.0 |
Modified Vulnerability Signatures (96)
Severity | ID | Attack Name | CVE ID | Vendor ID | Default Action | Change | Minimum PAN-OS Version | Maximum PAN-OS Version |
medium | 30514 | HTTP SQL Injection Attempt | CVE-2019-12516 | alert | updated associated metadata information | 7.1.0 | ||
medium | 30657 | MySQL Create Function Buffer Overflow Vulnerability | CVE-2005-2558 | alert | updated associated metadata information | 7.1.0 | ||
high | 30725 | Microsoft MDAC SoftwareDistribution.WebControl ActiveX Code execution Vulnerability | CVE-2006-0003 | reset-both | updated associated metadata information | 7.1.0 | ||
medium | 31012 | Apache apr-util IPv6 URI Parsing Vulnerability | CVE-2004-0786 | alert | updated associated metadata information | 7.1.0 | ||
critical | 31586 | CA BrightStor ARCserve Backup Universal Agent Buffer Overflow Vulnerability | CVE-2005-1018 | reset-both | updated associated metadata information | 7.1.0 | ||
high | 32271 | eIQnetworks Enterprise Security Analyzer Topology Server Buffer Overflow Vulnerability | CVE-2006-3838 | reset-both | updated associated metadata information | 7.1.0 | ||
high | 32575 | Mozilla Firefox Multiple Unspecified Vulnerabilities | CVE-2009-3070 | reset-both | updated associated metadata information | 7.1.0 | ||
high | 32658 | HTTP Cross Site Scripting Attempt | CVE-2019-9167 | alert | updated associated metadata information | 7.1.0 | ||
medium | 36239 | HTTP SQL Injection Attempt | CVE-2017-8917 | alert | updated associated metadata information | 7.1.0 | ||
critical | 38193 | Android Stagefright Library Overflow Vulnerability | CVE-2015-1538 | alert | updated associated metadata information | 7.1.0 | ||
critical | 39337 | Wordpress Timing Side Channel Denial-Of-Service Vulnerability | CVE-2014-9034 | alert | updated associated metadata information | 7.1.0 | ||
critical | 40440 | Adobe Reader Memory Corruption Vulnerability | CVE-2017-16418 | APSB17-36 | reset-both | updated associated metadata information | 7.1.0 | |
critical | 40453 | Acrobat Reader Memory Corruption Vulnerability | CVE-2017-16394 | APSB17-36 | reset-both | updated associated metadata information | 7.1.0 | |
critical | 40457 | Adobe Reader Memory Corruption Vulnerability | CVE-2017-16411 | APSB17-36 | reset-both | updated associated metadata information | 7.1.0 | |
critical | 40462 | Android JavascriptInterface Code Execution Vulnerability | reset-both | updated associated metadata information | 7.1.0 | |||
critical | 40464 | Microsoft Scripting Engine Memory Corruption Vulnerability | CVE-2017-11886 | reset-both | updated associated metadata information | 7.1.0 | ||
critical | 40465 | Microsoft Scripting Engine Memory Corruption Vulnerability | CVE-2017-11894 | reset-both | updated associated metadata information | 7.1.0 | ||
critical | 40466 | Microsoft Scripting Engine Memory Corruption Vulnerability | CVE-2017-11889 | reset-both | updated associated metadata information | 7.1.0 | ||
high | 40467 | Microsoft Scripting Engine Memory Corruption Vulnerability | CVE-2017-11916 | reset-both | updated associated metadata information | 7.1.0 | ||
critical | 40468 | Microsoft Scripting Engine Memory Corruption Vulnerability | CVE-2017-11909 | reset-both | updated associated metadata information | 7.1.0 | ||
critical | 40469 | Microsoft Scripting Engine Memory Corruption Vulnerability | CVE-2017-11918 | reset-both | updated associated metadata information | 7.1.0 | ||
high | 40470 | Microsoft Scripting Engine Memory Corruption Vulnerability | CVE-2017-11930 | reset-both | updated associated metadata information | 7.1.0 | ||
critical | 40472 | Microsoft Scripting Engine Memory Corruption Vulnerability | CVE-2017-11895 | reset-both | updated associated metadata information | 7.1.0 | ||
critical | 40474 | Microsoft Scripting Engine Memory Corruption Vulnerability | CVE-2017-11903 | reset-both | updated associated metadata information | 7.1.0 | ||
critical | 40475 | Microsoft Scripting Engine Memory Corruption Vulnerability | CVE-2017-11907 | reset-both | updated associated metadata information | 7.1.0 | ||
critical | 40480 | Microsoft Scripting Engine Memory Corruption Vulnerability | CVE-2017-11911 | reset-both | updated associated metadata information | 7.1.0 | ||
high | 40481 | Microsoft Scripting Engine Memory Corruption Vulnerability | CVE-2017-11913 | reset-both | updated associated metadata information | 7.1.0 | ||
critical | 40482 | Microsoft Scripting Engine Memory Corruption Vulnerability | CVE-2017-11914 | reset-both | updated associated metadata information | 7.1.0 | ||
critical | 40489 | Microsoft Scripting Engine Memory Corruption Vulnerability | CVE-2018-0762 | reset-both | updated associated metadata information | 7.1.0 | ||
critical | 40490 | Microsoft Scripting Engine Memory Corruption Vulnerability | CVE-2018-0773 | reset-both | updated associated metadata information | 7.1.0 | ||
critical | 40492 | Microsoft Scripting Engine Memory Corruption Vulnerability | CVE-2018-0774 | reset-both | updated associated metadata information | 7.1.0 | ||
critical | 40496 | Microsoft Scripting Engine Memory Corruption Vulnerability | CVE-2018-0758 | reset-both | updated associated metadata information | 7.1.0 | ||
critical | 40502 | Microsoft Scripting Engine Information Disclosure Vulnerability | CVE-2018-0767 | reset-both | updated associated metadata information | 7.1.0 | ||
critical | 40504 | PHP Fileinfo Call Stack Exhaustion Denial-of-Service Vulnerability | CVE-2014-1943 | reset-both | updated associated metadata information | 7.1.0 | ||
critical | 40505 | Microsoft Scripting Engine Memory Corruption Vulnerability | CVE-2018-0838 | reset-both | updated associated metadata information | 7.1.0 | ||
critical | 40508 | Microsoft Scripting Engine Memory Corruption Vulnerability | CVE-2018-0858 | reset-both | updated associated metadata information | 7.1.0 | ||
critical | 40509 | Microsoft Scripting Engine Memory Corruption Vulnerability | CVE-2018-0860 | reset-both | updated associated metadata information | 7.1.0 | ||
critical | 40511 | Microsoft Scripting Engine Memory Corruption Vulnerability | CVE-2018-0837 | reset-both | updated associated metadata information | 7.1.0 | ||
critical | 40512 | Microsoft Scripting Engine Memory Corruption Vulnerability | CVE-2018-0835 | reset-both | updated associated metadata information | 7.1.0 | ||
high | 40518 | Microsoft Scripting Engine Information Disclosure Vulnerability | CVE-2018-0780 | reset-both | updated associated metadata information | 7.1.0 | ||
critical | 40569 | Microsoft Scripting Engine Memory Corruption Vulnerability | CVE-2018-0874 | reset-both | updated associated metadata information | 7.1.0 | ||
critical | 40570 | Microsoft Scripting Engine Memory Corruption Vulnerability | CVE-2018-0889 | reset-both | updated associated metadata information | 7.1.0 | ||
critical | 40571 | Microsoft Scripting Engine Memory Corruption Vulnerability | CVE-2018-0933 | reset-both | updated associated metadata information | 7.1.0 | ||
critical | 40576 | Microsoft Scripting Engine Memory Corruption Vulnerability | CVE-2018-0872 | reset-both | updated associated metadata information | 7.1.0 | ||
critical | 40577 | Microsoft Scripting Engine Memory Corruption Vulnerability | CVE-2018-0930 | reset-both | updated associated metadata information | 7.1.0 | ||
high | 40585 | Microsoft Windows Desktop Bridge Elevation Of Privilege Vulnerability | CVE-2018-0880 | reset-both | updated associated metadata information | 7.1.0 | ||
critical | 40591 | Microsoft Scripting Engine Memory Corruption Vulnerability | CVE-2018-0980 | reset-both | updated associated metadata information | 7.1.0 | ||
high | 40597 | Microsoft Scripting Engine Memory Corruption Vulnerability | CVE-2018-1001 | reset-both | updated associated metadata information | 7.1.0 | ||
critical | 40605 | Microsoft Scripting Engine Memory Corruption Vulnerability | CVE-2018-0993 | reset-both | updated associated metadata information | 7.1.0 | ||
high | 40610 | Microsoft Excel Remote Code Execution Vulnerability | CVE-2018-0920 | reset-both | updated associated metadata information | 7.1.0 | ||
critical | 40618 | Microsoft Scripting Engine Memory Corruption Vulnerability | CVE-2018-0996 | reset-both | updated associated metadata information | 7.1.0 | ||
critical | 40623 | Microsoft Windows Vbscript Engine Remote Code Execution Vulnerability | CVE-2018-1004 | reset-both | updated associated metadata information | 7.1.0 | ||
critical | 40634 | uTorrent Remote Code Execution Vulnerability | reset-both | updated associated metadata information | 7.1.0 | |||
critical | 40642 | Microsoft Scripting Engine Memory Corruption Vulnerability | CVE-2018-8133 | reset-both | updated associated metadata information | 7.1.0 | ||
critical | 40643 | Microsoft Scripting Engine Memory Corruption Vulnerability | CVE-2018-0953 | reset-both | updated associated metadata information | 7.1.0 | ||
critical | 40645 | Microsoft Browser Memory Corruption Vulnerability | CVE-2018-0954 | reset-both | updated associated metadata information | 7.1.0 | ||
high | 40677 | Adobe Reader Memory Corruption Vulnerability | CVE-2018-4967 | APSB18-09 | reset-both | updated associated metadata information | 7.1.0 | |
high | 40690 | Adobe Acrobat Web Capture Engine Memory Corruption Vulnerability | CVE-2018-4957 | APSB18-09 | reset-both | updated associated metadata information | 7.1.0 | |
high | 40694 | Adobe Reader Memory Corruption Vulnerability | CVE-2018-4975 | APSB18-09 | reset-both | updated associated metadata information | 7.1.0 | |
critical | 40763 | Microsoft Scripting Engine Memory Corruption Vulnerability | CVE-2018-8267 | reset-both | updated associated metadata information | 7.1.0 | ||
high | 40896 | Adobe Reader Memory Corruption Vulnerability | CVE-2018-12781 | APSB18-21 | reset-both | updated associated metadata information | 7.1.0 | |
high | 40898 | Adobe Reader Memory Corruption Vulnerability | CVE-2018-12791 | APSB18-21 | reset-both | updated associated metadata information | 7.1.0 | |
high | 40908 | Adobe Reader Memory Corruption Vulnerability | CVE-2018-5056 | APSB18-21 | reset-both | updated associated metadata information | 7.1.0 | |
high | 40917 | Adobe Reader Memory Corruption Vulnerability | CVE-2018-12783 | APSB18-21 | reset-both | updated associated metadata information | 7.1.0 | |
high | 40924 | Adobe Reader Memory Corruption Vulnerability | CVE-2018-12792 | APSB18-21 | reset-both | updated associated metadata information | 7.1.0 | |
high | 40925 | Adobe Reader Memory Corruption Vulnerability | CVE-2018-12780 | APSB18-21 | reset-both | updated associated metadata information | 7.1.0 | |
high | 40926 | Adobe Reader Memory Corruption Vulnerability | CVE-2018-12771 | APSB18-21 | reset-both | updated associated metadata information | 7.1.0 | |
high | 40929 | Adobe Reader Memory Corruption Vulnerability | CVE-2018-12772 | APSB18-21 | reset-both | updated associated metadata information | 7.1.0 | |
high | 40932 | Adobe Reader Memory Corruption Vulnerability | CVE-2018-12770 | APSB18-21 | reset-both | updated associated metadata information | 7.1.0 | |
high | 40941 | Adobe Reader Memory Corruption Vulnerability | CVE-2018-12777 | APSB18-21 | reset-both | updated associated metadata information | 7.1.0 | |
high | 40942 | Adobe Reader Memory Corruption Vulnerability | CVE-2018-12776 | APSB18-21 | reset-both | updated associated metadata information | 7.1.0 | |
high | 40944 | Adobe Reader Memory Corruption Vulnerability | CVE-2018-12773 | APSB18-21 | reset-both | updated associated metadata information | 7.1.0 | |
high | 40958 | Adobe Acrobat Memory Corruption Vulnerability | CVE-2018-12774 | APSB18-21 | reset-both | updated associated metadata information | 7.1.0 | |
high | 40959 | Adobe Acrobat Memory Corruption Vulnerability | CVE-2018-12779 | APSB18-21 | reset-both | updated associated metadata information | 7.1.0 | |
critical | 40986 | Microsoft Internet Explorer Memory Corruption Vulnerability | CVE-2018-8631 | reset-both | updated associated metadata information | 7.1.0 | ||
high | 40990 | Adobe Reader Memory Corruption Vulnerability | CVE-2018-12782 | APSB18-21 | reset-both | updated associated metadata information | 7.1.0 | |
high | 40991 | Adobe Reader Memory Corruption Vulnerability | CVE-2018-12799 | APSB18-25 | reset-both | updated associated metadata information | 7.1.0 | |
high | 54080 | Apache Santuario XML Security for Java DTD Denial-of-Service Vulnerability | CVE-2013-4517 | reset-both | updated associated metadata information | 7.1.0 | ||
high | 54187 | SpringSource Spring Framework SourceHttpMessageConverter XXE Information Disclosure Vulnerability | CVE-2013-6429 | reset-both | updated associated metadata information | 7.1.0 | ||
high | 54196 | Microsoft XML Core Services Integer Truncation Memory Corruption Vulnerability | CVE-2013-0006 | MS13-002 | reset-both | updated associated metadata information | 7.1.0 | |
high | 54217 | Oracle Java Security Slider Feature Bypass Vulnerability | CVE-2013-1489 | reset-both | updated associated metadata information | 7.1.0 | ||
high | 54282 | Oracle Java JPEGImageWriter Memory Corruption Vulnerability | CVE-2013-2429 | reset-both | updated associated metadata information | 7.1.0 | ||
high | 54330 | Novell iPrint Client ActiveX Control Stack Overflow Vulnerability | CVE-2011-3173 | reset-both | updated associated metadata information | 7.1.0 | ||
critical | 54391 | Microsoft Internet Explorer Internet Explorer Insecure Library Loading Vulnerability | CVE-2011-0038 | MS11-003 | alert | improved detection logic to address a possible fp issue | 7.1.0 | |
critical | 54433 | Malicious JavaScript Detection | reset-both | updated associated metadata information | 7.1.0 | |||
high | 54462 | Protocol Evasion Application Detection | reset-both | updated associated metadata information | 7.1.0 | |||
critical | 54549 | VBScript Remote Code Execution Vulnerability | CVE-2010-0483 | MS10-022 | reset-both | updated associated metadata information | 7.1.0 | |
critical | 54552 | Microsoft VBScript Memory Corruption Vulnerability | CVE-2014-0271 | MS14-010 | reset-both | updated associated metadata information | 7.1.0 | |
high | 54646 | RabbitMQ Web Management CSRF Vulnerability | reset-both | updated associated metadata information | 7.1.0 | |||
critical | 54703 | CA Multiple Products ActiveX Control ListCtrl AddColumn Buffer Overflow Vulnerability | CVE-2008-1472 | reset-both | updated associated metadata information | 7.1.0 | ||
high | 54876 | Clipbucket Arbitrary PHP Code Execution Vulnerability | CVE-2018-7665 | alert | updated associated metadata information | 7.1.0 | ||
high | 55485 | Adobe Reader Memory Corruption Vulnerability | CVE-2019-7109 | APSB19-17 | alert | improved detection logic to cover a new exploit | 7.1.0 | |
medium | 55983 | Sierra Wireless AirLink ES450 SNMPD Hard-coded Credentials Vulnerability | CVE-2018-4062 | alert | updated associated metadata information | 7.1.0 | ||
high | 56129 | Jackson-Databind Insecure Deserialization Vulnerability | CVE-2019-14361 | reset-both | improved detection logic to cover a new exploit | 7.1.0 | ||
critical | 56471 | Adobe Flash Player Memory Corruption Vulnerability | CVE-2015-8430 | APSB15-32 | alert | improved detection logic to address a possible fp issue | 7.1.0 | |
medium | 56536 | BACnet Stack 0.8.6 Denial-of-Service Vulnerability | CVE-2019-12480 | alert | updated associated metadata information | 7.1.0 |
12-02-2019 03:09 AM - edited 12-02-2019 03:25 AM
Applications and Threats Content Release Notes Version 8202 - Part 1
Modified Applications (15)
Risk | Name | Category | Subcategory | Technology | Type of Change | Change | Depends On | Minimum PAN-OS Version |
3 | backblaze-backup | business-systems | storage-backup | client-server | expanded coverage; metadata change | from web-browsing to backblaze-backup; Added ssl and web-browsing in Implicit-use-application | ssl, web-browsing | 6.1.0 |
2 | chrome-remote-desktop | networking | remote-access | browser-based | expanded coverage; metadata change | from ssl, web-browsing to chrome-remote-desktop; Removed jabber from use-application; Added rtp as use-application | google-base, rtp-base, stun | 6.1.0 |
2 | cisco-spark-audio-video (functional) | collaboration | voip-video | peer-to-peer | metadata change | Extended UDP timeout to 3600s. | stun | 6.1.0 |
1 | cisco-spark-base | collaboration | social-business | browser-based | metadata change | Extended UDP timeout to 3600s. | ssl, web-browsing, webex-base, websocket | 6.1.0 |
2 | cisco-spark-file-transfer (functional) | collaboration | social-business | browser-based | metadata change | Extended UDP timeout to 3600s. | cisco-spark-base, jungledisk, ssl, web-browsing | 6.1.0 |
2 | h.225 | collaboration | voip-video | client-server | expanded coverage | from unknown-tcp to h.225 | 6.1.0 | |
5 | hamachi | networking | encrypted-tunnel | peer-to-peer | removed false positive | from hamachi to unknown-udp | web-browsing | 6.1.0 |
2 | instagram-base | media | photo-video | client-server | metadata change | Added Web-browsing in Implicit-use-application | apple-maps, google-maps, ssl, web-browsing | 6.1.0 |
2 | instagram-upload (functional) | media | photo-video | client-server | expanded coverage; metadata change | from instagram-base,facebook-base to instagram-upload; Added ssl and web-browsing in Implicit-use-application | apple-maps, google-maps, instagram-base, ssl, web-browsing | 6.1.0 |
2 | ldap | business-systems | auth-service | client-server | expanded coverage | from insufficient-data to ldap | 6.1.0 | |
2 | ms-wmi (functional) | business-systems | management | client-server | expanded coverage | from msrpc to ms-wmi | msrpc-base | 6.1.0 |
2 | slack-base | collaboration | social-business | browser-based | expanded coverage | from web-browsing, websocket to slack-base | ssl, web-browsing, websocket | 6.1.0 |
2 | telegram | collaboration | instant-messaging | client-server | expanded coverage | from unknown-udp to telegram | ssl, web-browsing | 6.1.0 |
3 | webex-base | collaboration | internet-conferencing | client-server | metadata change | Extended UDP timeout to 3600s. | cisco-spark-base, rtcp, rtp-base, ssl, stun, web-browsing | 6.1.0 |
3 | webex-desktop-sharing (functional) | collaboration | internet-conferencing | client-server | metadata change | Extended UDP timeout to 3600s. | ssl, web-browsing, webex-base | 6.1.0 |
Modified Decoders (4)
Name |
http |
http2 |
msrpc |
smb |
New Anti-Spyware Signatures (24)
Severity | ID | Attack Name | Default Action | Minimum PAN-OS Version | Maximum PAN-OS Version |
critical | 85350 | Cobalt Strike Beacon Command and Control Traffic Detection | reset-both | 7.1.0 | |
informational | 85386 | Trojan.Gafgyt Command and Control Traffic Detection | alert | 7.1.0 | |
informational | 85388 | Trojan.Gafgyt Command and Control Traffic Detection | alert | 7.1.0 | |
informational | 85389 | Trojan.Gafgyt Command and Control Traffic Detection | alert | 7.1.0 | |
informational | 85391 | Trojan.Gafgyt Command and Control Traffic Detection | alert | 7.1.0 | |
informational | 85393 | Trojan.Gafgyt Command and Control Traffic Detection | alert | 7.1.0 | |
informational | 85396 | Trojan.Gafgyt Command and Control Traffic Detection | alert | 7.1.0 | |
informational | 85398 | Trojan.Gafgyt Command and Control Traffic Detection | alert | 7.1.0 | |
informational | 85400 | Trojan.Gafgyt Command and Control Traffic Detection | alert | 7.1.0 | |
informational | 85402 | Trojan.Gafgyt Command and Control Traffic Detection | alert | 7.1.0 | |
informational | 85403 | Trojan.Gafgyt Command and Control Traffic Detection | alert | 7.1.0 | |
informational | 85404 | Trojan.Gafgyt Command and Control Traffic Detection | alert | 7.1.0 | |
informational | 85405 | Trojan.Gafgyt Command and Control Traffic Detection | alert | 7.1.0 | |
informational | 85407 | Trojan.Zegost Command and Control Traffic | alert | 7.1.0 | |
critical | 85447 | NetWire RAT Command and Control Traffic Detection | reset-both | 7.1.0 | |
critical | 85448 | Pony Command and Control Traffic Detection | reset-both | 7.1.0 | |
critical | 85449 | JackFruit Command and Control Traffic Detection | reset-both | 7.1.0 | |
critical | 85450 | MuddyWater Command and Control Traffic Detection | reset-both | 7.1.0 | |
critical | 85457 | AZORult Command and Control Traffic Detection | reset-both | 7.1.0 | |
critical | 85458 | Amadey Botnet Command and Control Traffic Detection | reset-both | 7.1.0 | |
critical | 85459 | MasterMana Command and Control Traffic Detection | reset-both | 8.1.0 | |
critical | 85460 | MasterMana Command and Control Traffic Detection | reset-both | 7.1.0 | |
medium | 85461 | Generic Trojan Command and Control Traffic Detection | reset-both | 7.1.0 | |
critical | 85467 | Casbaneiro Command and Control Traffic Detection | reset-both | 7.1.0 |
Modified Anti-Spyware Signatures (103)
Severity | ID | Attack Name | Default Action | Change | Minimum PAN-OS Version | Maximum PAN-OS Version |
medium | 18019 | X.509 Extensions Channel Command and Control Traffic Detection | alert | improved detection logic to address a possible fp issue | 7.1.0 | |
critical | 80060 | Wells Fargo Phishing Site Detection | reset-both | updated associated metadata information | 7.1.0 | |
critical | 80061 | NBC Phishing Site Detection | reset-both | updated associated metadata information | 7.1.0 | |
critical | 80062 | Microsoft Phishing Site Detection | reset-both | updated associated metadata information | 7.1.0 | |
critical | 80063 | Gmail Phishing Site Detection | reset-both | updated associated metadata information | 7.1.0 | |
critical | 80064 | AOL Phishing Site Detection | reset-both | updated associated metadata information | 7.1.0 | |
critical | 80065 | PayPal Phishing Site Detection | reset-both | updated associated metadata information | 7.1.0 | |
critical | 80066 | Fifth Third Bank Phishing Site Detection | reset-both | updated associated metadata information | 7.1.0 | |
critical | 83087 | Webshell.PHP.tennc.Chinese_Hackers Command And Control Traffic Detection | reset-both | updated associated metadata information | 7.1.0 | |
critical | 83088 | Webshell.PHP.xl7dev.Silic_Group_Hacker_Army Command And Control Traffic Detection | reset-both | updated associated metadata information | 7.1.0 | |
critical | 83089 | Webshell.PHP.Johntroony.SimShell_1.0 Command And Control Traffic Detection | reset-both | updated associated metadata information | 7.1.0 | |
critical | 83090 | Webshell.PHP.tennc.b374k_2.1 Command And Control Traffic Detection | reset-both | updated associated metadata information | 7.1.0 | |
critical | 83091 | Webshell.PHP.JohnTroony.aZRaiLPhp_v1.0 Command And Control Traffic Detection | reset-both | updated associated metadata information | 7.1.0 | |
critical | 83092 | Webshell.PHP.mattiasgeniar.b374k_2.2 Command And Control Traffic Detection | reset-both | updated associated metadata information | 7.1.0 | |
critical | 83093 | Webshell.PHP.ysrc.Chinese_Hackers Command And Control Traffic Detection | reset-both | updated associated metadata information | 7.1.0 | |
critical | 83094 | Webshell.PHP.ysrc.F4ckTeam Command And Control Traffic Detection | reset-both | updated associated metadata information | 7.1.0 | |
critical | 83095 | Webshell.PHP.ysrc.Mysql_BackDoor Command And Control Traffic Detection | reset-both | updated associated metadata information | 7.1.0 | |
critical | 83097 | Webshell.PHP.ysrc.b1u3b0y Command and Control Traffic | reset-both | updated associated metadata information | 7.1.0 | |
critical | 83098 | Webshell.PHP.ysrc.ExpDoor.com Command and Control Traffic | reset-both | updated associated metadata information | 7.1.0 | |
critical | 83099 | Webshell.PHP.ysrc.MetalSoft_Hackers_Team_1.1 Command and Control Traffic | reset-both | updated associated metadata information | 7.1.0 | |
critical | 83100 | Webshell.PHP.tennc.sky_oot Command and Control Traffic | reset-both | updated associated metadata information | 7.1.0 | |
critical | 83101 | Webshell.PHP.ysrc.interactive Command and Control Traffic | reset-both | updated associated metadata information | 7.1.0 | |
critical | 83102 | Webshell.PHP.tennc.Deface_Keeper_0.2 Command and Control Traffic | reset-both | updated associated metadata information | 7.1.0 | |
critical | 83103 | Webshell.PHP.JohnTroony.NTDaddy_v1.9 Command and Control Traffic | reset-both | updated associated metadata information | 7.1.0 | |
critical | 83104 | Webshell.PHP.xl7dev.oTTo Command and Control Traffic | reset-both | updated associated metadata information | 7.1.0 | |
critical | 83105 | Webshell.PHP.xl7dev.interactive Command and Control Traffic | reset-both | updated associated metadata information | 7.1.0 | |
critical | 83108 | Webshell.PHP.ysrc.interactive Command and Control Traffic | reset-both | updated associated metadata information | 7.1.0 | |
critical | 83109 | Webshell.PHP.ysrc.interactive Command and Control Traffic | reset-both | updated associated metadata information | 7.1.0 | |
critical | 83110 | Webshell.PHP.tennc.C37_Shell_v1.1 Command and Control Traffic | reset-both | updated associated metadata information | 7.1.0 | |
critical | 83111 | Webshell.PHP.ysrc.interactive Command and Control Traffic | reset-both | updated associated metadata information | 7.1.0 | |
critical | 83112 | Webshell.PHP.bartblaze.GaZa Command and Control Traffic | reset-both | updated associated metadata information | 7.1.0 | |
critical | 83113 | Webshell.PHP.ysrc.egy_spider Command and Control Traffic | reset-both | updated associated metadata information | 7.1.0 | |
critical | 83114 | Webshell.PHP.bartblaze.RevSlideR_2015 Command and Control Traffic | reset-both | updated associated metadata information | 7.1.0 | |
critical | 83117 | Webshell.PHP.bartblaze.INDRAJITH_SHELL_v.2.0 Command and Control Traffic | reset-both | updated associated metadata information | 7.1.0 | |
critical | 83118 | Webshell.PHP.tanjiti.devilzShell Command and Control Traffic | reset-both | updated associated metadata information | 7.1.0 | |
critical | 83119 | Webshell.PHP.ysrc.Kacak_FSO_1.0 Command and Control Traffic | reset-both | updated associated metadata information | 7.1.0 | |
critical | 83120 | Webshell.PHP.tanjiti.Devil_shell_v2.0 Command and Control Traffic | reset-both | updated associated metadata information | 7.1.0 | |
critical | 83121 | Webshell.PHP.mattiasgeniar.Rebels_Mailer Command and Control Traffic | reset-both | updated associated metadata information | 7.1.0 | |
critical | 83122 | Webshell.PHP.tanjiti.Mauritania_Attacker_and_Virusa_Worm Command and Control Traffic | reset-both | updated associated metadata information | 7.1.0 | |
critical | 83123 | Webshell.PHP.tdifg.Mexican_WebShell_PHP Command and Control Traffic | reset-both | updated associated metadata information | 7.1.0 | |
critical | 83124 | Webshell.PHP.tanjiti.interactive Command and Control Traffic | reset-both | updated associated metadata information | 7.1.0 | |
critical | 83125 | Webshell.PHP.mattiasgeniar.Pro_Mailer_V2 Command and Control Traffic | reset-both | updated associated metadata information | 7.1.0 | |
critical | 83126 | Webshell.PHP.mattiasgeniar.team_p Command and Control Traffic | reset-both | updated associated metadata information | 7.1.0 | |
critical | 83127 | Webshell.PHP.tennc.MumaSec Command and Control Traffic | reset-both | updated associated metadata information | 7.1.0 | |
critical | 83128 | Webshell.PHP.tennc.Shor7cut Command and Control Traffic | reset-both | updated associated metadata information | 7.1.0 | |
critical | 83129 | Webshell.PHP.tanjiti.iMHaBiRLiGi Command and Control Traffic | reset-both | updated associated metadata information | 7.1.0 | |
critical | 83134 | Webshell.PHP.tdifg.interactive Command and Control Traffic | reset-both | updated associated metadata information | 7.1.0 | |
critical | 83135 | Webshell.PHP.ysrc.interactive Command and Control Traffic | reset-both | updated associated metadata information | 7.1.0 | |
critical | 83136 | Webshell.PHP.ysrc.mOon Command and Control Traffic | reset-both | updated associated metadata information | 7.1.0 | |
critical | 83137 | Webshell.PHP.tanjiti.h4ckcity Command and Control Traffic | reset-both | updated associated metadata information | 7.1.0 | |
critical | 83138 | Webshell.PHP.bartblaze.Peterson Command and Control Traffic | reset-both | updated associated metadata information | 7.1.0 | |
critical | 83139 | Webshell.PHP.tennc.sai Command and Control Traffic | reset-both | updated associated metadata information | 7.1.0 | |
critical | 83140 | Webshell.PHP.tanjiti.backdoor Command and Control Traffic | reset-both | updated associated metadata information | 7.1.0 | |
critical | 83141 | Webshell.PHP.ysrc.Symlink_Sa_2.0 Command and Control Traffic | reset-both | updated associated metadata information | 7.1.0 | |
critical | 83142 | Webshell.PHP.ysrc.interactive Command and Control Traffic | reset-both | updated associated metadata information | 7.1.0 | |
critical | 83143 | Webshell.PHP.JohnTroony.b374k Command and Control Traffic | reset-both | updated associated metadata information | 7.1.0 | |
critical | 83144 | Webshell.PHP.ysrc.jalanG Command and Control Traffic | reset-both | updated associated metadata information | 7.1.0 | |
critical | 83145 | Webshell.PHP.xl7dev.BnS_Shell Command and Control Traffic | reset-both | updated associated metadata information | 7.1.0 | |
critical | 83146 | Webshell.PHP.bartblaze.E404 Command and Control Traffic | reset-both | updated associated metadata information | 7.1.0 | |
critical | 83147 | Webshell.PHP.tennc.interactive Command and Control Traffic | reset-both | updated associated metadata information | 7.1.0 | |
critical | 83148 | Webshell.PHP.tanjiti.interactive Command and Control Traffic | reset-both | updated associated metadata information | 7.1.0 | |
critical | 83149 | Webshell.PHP.bartblaze.PentaSec Command and Control Traffic | reset-both | updated associated metadata information | 7.1.0 | |
critical | 83150 | Webshell.PHP.JohnTroony.KA_uShell Command and Control Traffic | reset-both | updated associated metadata information | 7.1.0 | |
critical | 83151 | Webshell.PHP.tdifg.interactive Command and Control Traffic | reset-both | updated associated metadata information | 7.1.0 | |
critical | 83152 | Webshell.PHP.ysrc.uploader Command and Control Traffic | reset-both | updated associated metadata information | 7.1.0 | |
critical | 83153 | Webshell.PHP.JohnTroony.Cyber_Shell_v_1.0 Command and Control Traffic | reset-both | updated associated metadata information | 7.1.0 | |
critical | 83154 | Webshell.PHP.JohnTroony.lama_shell_v_3.0 Command and Control Traffic | reset-both | updated associated metadata information | 7.1.0 | |
critical | 83155 | Webshell.PHP.mattiasgeniar.interactive Command and Control Traffic | reset-both | updated associated metadata information | 7.1.0 | |
critical | 83157 | Webshell.PHP.tanjiti.c99madshell_v_3.0 Command and Control Traffic | reset-both | updated associated metadata information | 7.1.0 | |
critical | 83160 | Webshell.PHP.tanjiti.PHP_Shell_offender Command and Control Traffic | reset-both | updated associated metadata information | 7.1.0 | |
critical | 83161 | Webshell.PHP.mattiasgeniar.interactive Command and Control Traffic | reset-both | updated associated metadata information | 7.1.0 | |
critical | 83162 | Webshell.PHP.tdifg.interactive Command and Control Traffic | reset-both | updated associated metadata information | 7.1.0 | |
critical | 83164 | Webshell.PHP.tennc.interactive Command and Control Traffic | reset-both | updated associated metadata information | 7.1.0 | |
critical | 83165 | Webshell.PHP.ysrc.MSSQL_Cracker Command and Control Traffic | reset-both | updated associated metadata information | 7.1.0 | |
critical | 83166 | Webshell.ASP.ysrc.hididi Command and Control Traffic | reset-both | updated associated metadata information | 7.1.0 | |
critical | 83167 | Webshell.ASPX.ysrc.ASPXSpy Command and Control Traffic | reset-both | updated associated metadata information | 7.1.0 | |
critical | 83168 | Webshell.ASPX.ysrc.ASPXSpy Command and Control Traffic | reset-both | updated associated metadata information | 7.1.0 | |
critical | 83169 | Webshell.ASP.ysrc.F4ckTeam Command and Control Traffic | reset-both | updated associated metadata information | 7.1.0 | |
critical | 83170 | Webshell.ASP.ysrc.hackyong Command and Control Traffic | reset-both | updated associated metadata information | 7.1.0 | |
critical | 83171 | Webshell.ASP.ysrc.F4ckTeam Command and Control Traffic | reset-both | updated associated metadata information | 7.1.0 | |
critical | 83172 | Webshell.ASPX.ysrc.interactive Command and Control Traffic | reset-both | updated associated metadata information | 7.1.0 | |
critical | 83173 | Webshell.ASP.tanjiti.zehiriv Command and Control Traffic | reset-both | updated associated metadata information | 7.1.0 | |
critical | 83174 | Webshell.ASP.tdifg.interactive Command and Control Traffic | reset-both | updated associated metadata information | 7.1.0 | |
critical | 83175 | Webshell.ASP.ysrc.interactive Command and Control Traffic | reset-both | updated associated metadata information | 7.1.0 | |
critical | 83176 | Webshell.ASP.ysrc.black_skull Command and Control Traffic | reset-both | updated associated metadata information | 7.1.0 | |
critical | 83177 | Webshell.ASP.git.80sec Command and Control Traffic | reset-both | updated associated metadata information | 7.1.0 | |
critical | 85106 | NetWire RAT Downloader Traffic Detection | reset-both | updated associated metadata information | 7.1.0 | |
critical | 85123 | Apple Phishing Site Detection | reset-both | updated associated metadata information | 7.1.0 | |
critical | 85124 | Apple Phishing Site Detection | reset-both | updated associated metadata information | 7.1.0 | |
critical | 85125 | Paypal Phishing Site Detection | reset-both | updated associated metadata information | 7.1.0 | |
critical | 85164 | Telekom Phishing Site Detection | reset-both | updated associated metadata information | 7.1.0 | |
critical | 85166 | WhatsApp Phishing Site Detection | reset-both | updated associated metadata information | 7.1.0 | |
critical | 85167 | Chase Phishing Site Detection | reset-both | updated associated metadata information | 7.1.0 | |
critical | 85168 | Paypal Phishing Site Detection | reset-both | updated associated metadata information | 7.1.0 | |
critical | 85233 | Chartered Phishing Site Detection | reset-both | updated associated metadata information | 7.1.0 | |
critical | 85234 | PostFinance Phishing Site Detection | reset-both | updated associated metadata information | 7.1.0 | |
critical | 85235 | Xfinity Phishing Site Detection | reset-both | updated associated metadata information | 7.1.0 | |
critical | 85257 | Microsoft Phishing Site Detection | reset-both | updated associated metadata information | 7.1.0 | |
critical | 85258 | DHL Phishing Site Detection | reset-both | updated associated metadata information | 7.1.0 | |
critical | 85259 | BMO Phishing Site Detection | reset-both | updated associated metadata information | 7.1.0 | |
critical | 85260 | ICS Phishing Site Detection | reset-both | updated associated metadata information | 7.1.0 | |
critical | 85261 | BMO Phishing Site Detection | reset-both | updated associated metadata information | 7.1.0 | |
critical | 85307 | NetWire RAT Command and Control Traffic Detection | reset-both | updated associated metadata information | 7.1.0 |
12-02-2019 03:26 AM
Applications and Threats Content Release Notes Version 8202 - Part 2
Disabled Anti-Spyware Signatures (1)
Severity | ID | Attack Name | Default Action | Minimum PAN-OS Version | Maximum PAN-OS Version |
critical | 11001 | Cobalt Strike Command and Control Traffic Detection | reset-both | 7.1.0 |
New Vulnerability Signatures (50)
Severity | ID | Attack Name | CVE ID | Vendor ID | Default Action | Minimum PAN-OS Version | Maximum PAN-OS Version |
critical | 40109 | Compal CH7465LG Improper Input Validation Brute-Force Attempt Detection | CVE-2019-13025 | alert | 6.1.0 | ||
critical | 56579 | Microsoft Internet Explorer Memory Corruption Vulnerability | CVE-2014-0275 | MS14-010 | alert | 7.1.0 | |
critical | 56580 | Microsoft Internet Explorer Memory Corruption Vulnerability | CVE-2014-0303 | MS14-012 | alert | 7.1.0 | |
critical | 56581 | Microsoft Internet Explorer Use-After-Free Vulnerability | CVE-2014-0283 | MS14-010 | alert | 7.1.0 | |
critical | 56582 | Mozilla Firefox WebIDL Implementation Privilege Escalation Vulnerability | CVE-2014-1510 | alert | 7.1.0 | ||
high | 56584 | Advantech WebAccess SCADA webeye ActiveX ip_addr Parameter Buffer Overflow Vulnerability | CVE-2014-8388 | alert | 7.1.0 | ||
critical | 56593 | Microsoft Internet Explorer Memory Corruption Vulnerability | CVE-2014-0282 | MS14-035 | alert | 7.1.0 | |
high | 56603 | Microsoft Office Bad Index Remote Code Execution Vulnerability | CVE-2014-6334 | MS14-069 | alert | 7.1.0 | |
high | 56617 | Squid Proxy Digest Authentication Denial-of-Service Vulnerability | CVE-2019-12525 | alert | 7.1.0 | ||
critical | 56666 | SaltStack Salt SQL Injection Vulnerability | CVE-2019-1010259 | alert | 7.1.0 | ||
high | 56669 | D-Link Routers Remote Command Execution Vulnerability | CVE-2019-16920 | reset-both | 7.1.0 | ||
critical | 56670 | WhatsApp Remote Code Execution Vulnerability | CVE-2019-11932 | alert | 7.1.0 | ||
high | 56671 | Advantech WebAccess SCADA Bwgetval Arbitrary File Deletion Vulnerability | CVE-2019-13552 | alert | 7.1.0 | ||
critical | 56672 | Cisco Smart Switch Remote Code Execution Vulnerability | CVE-2019-1912 | reset-both | 7.1.0 | ||
high | 56675 | phpIPAM SQL Injection Vulnerability | CVE-2019-16692 | alert | 7.1.0 | ||
medium | 56676 | Eclipse Mosquitto MQTT SUBSCRIBE Topic Stack Overflow Vulnerability | CVE-2019-11779 | alert | 8.1.0 | ||
high | 56679 | NPMJS Gitlabhook Remote Command Injection Vulnerability | CVE-2019-5485 | alert | 7.1.0 | ||
high | 56680 | File Sharing Wizard Buffer Overflow Vulnerability | CVE-2019-16724 | alert | 7.1.0 | ||
critical | 56687 | Apache Karaf XML External Entity Injection Vulnerability | CVE-2018-11788 | alert | 7.1.0 | ||
high | 56690 | Cisco RV110W OS Remote Command Injection Vulnerability | CVE-2014-0683 | reset-both | 7.1.0 | ||
critical | 56691 | Eaton Intelligent Power Manager File Inclusion Vulnerability | CVE-2018-12031 | alert | 7.1.0 | ||
medium | 56693 | Metasploit VxWorks WDB Agent Scanner Detection | alert | 7.1.0 | |||
critical | 56695 | Sapplica Sentrifugo SQL Injection Vulnerability | CVE-2018-15873 | alert | 7.1.0 | ||
high | 56697 | Microsoft Jet Database Engine Remote Code Execution Vulnerability | CVE-2019-1243 | alert | 7.1.0 | ||
critical | 56698 | Joomla! Social Factory SQL Injection Vulnerability | CVE-2018-17385 | alert | 7.1.0 | ||
critical | 56703 | CWJoomla Multiple Products SQL Injection Vulnerability | CVE-2018-14592 | alert | 7.1.0 | ||
critical | 56704 | Compal CH7465LG Improper Input Validation Vulnerability | CVE-2019-13025 | alert | 7.1.0 | ||
informational | 56705 | Compal CH7465LG Improper Input Validation Attempt | allow | 7.1.0 | |||
critical | 56707 | LibreNMS Command Execution Vulnerability | CVE-2018-20434 | alert | 7.1.0 | ||
critical | 56708 | Joomla Article Factory Manager SQL Injection Vulnerability | CVE-2018-17380 | alert | 7.1.0 | ||
high | 56709 | Harbor Project Privilege Escalation Vulnerability | CVE-2019-16097 | alert | 7.1.0 | ||
critical | 56711 | Joomla Jobs Factory SQL Injection Vulnerability | CVE-2018-17382 | alert | 7.1.0 | ||
critical | 56715 | Joomla AlphaIndex Dictionaries Component SQL Injection Vulnerability | CVE-2018-17397 | alert | 7.1.0 | ||
critical | 56716 | CMS ISWEB 3.5.3 SQL Injection Vulnerability | CVE-2018-14956 | alert | 7.1.0 | ||
critical | 56717 | ZLDNN DNNArticle Information Disclosure Vulnerability | CVE-2018-9126 | alert | 7.1.0 | ||
high | 56720 | Drupal Avatar Uploader Information Disclosure Vulnerability | CVE-2018-9205 | alert | 7.1.0 | ||
critical | 56721 | E-Negosyo System SQL Injection Vulnerability | CVE-2018-18801 | alert | 7.1.0 | ||
high | 56725 | Microsoft Jet Database Engine Remote Code Execution Vulnerability | CVE-2019-1250 | alert | 7.1.0 | ||
high | 56726 | Adobe Reader Memory Corruption Vulnerability | CVE-2019-7111 | APSB19-17 | alert | 7.1.0 | |
critical | 56731 | Joomla Swap Factory SQL Injection Vulnerability | CVE-2018-17384 | alert | 7.1.0 | ||
high | 56745 | Redis HyperLogLog hllCount Stack Buffer Overflow Vulnerability | CVE-2019-10193 | alert | 7.1.0 | ||
critical | 56784 | Cisco IOS XE WebUI Command Injection Vulnerability Vulnerability | CVE-2019-12651 | alert | 7.1.0 | ||
critical | 56803 | Socomec DIRIS A-40 Information Disclosure Vulnerability | CVE-2019-15859 | alert | 7.1.0 | ||
high | 56804 | HP Intelligent Management Center Code Execution Vulnerability | CVE-2019-11956 | alert | 7.1.0 | ||
high | 56805 | Jenkins Script Security Plugin Sandbox Bypass Vulnerability | CVE-2019-10393 | alert | 7.1.0 | ||
high | 56808 | Microsoft Jet Database Engine Remote Code Execution Vulnerability | CVE-2019-1249 | alert | 7.1.0 | ||
critical | 56809 | vBulletin Remote Code Execution Vulnerability | CVE-2019-17132 | alert | 7.1.0 | ||
critical | 56813 | HPE Intelligent Management Center AMF3 Externalizable Deserialization Vulnerability | CVE-2019-11944 | alert | 7.1.0 | ||
critical | 56816 | Pulse Secure Platform Stack-Based Buffer Overflow Vulnerability | CVE-2019-11542 | alert | 7.1.0 | ||
high | 56817 | Microsoft Windows HTTP2 Data Dribble Denial-of-Service Vulnerability | CVE-2019-9511 | alert | 9.0.0 |
Modified Vulnerability Signatures (9)
Severity | ID | Attack Name | CVE ID | Vendor ID | Default Action | Change | Minimum PAN-OS Version | Maximum PAN-OS Version |
high | 31606 | Apple Safari for Windows and Internet Explorer Combined Code Execution Vulnerability | CVE-2008-2540 | alert | improved detection logic to address a possible fp issue | 7.1.0 | ||
high | 38767 | FortiOS Cookie Parser Buffer Overflow Vulnerability | CVE-2016-6909 | alert | improved detection logic to cover a new exploit | 7.1.0 | ||
low | 39868 | Suspicious HTTP Evasion Found | alert | improved detection logic to address a possible fp issue | 7.1.0 | |||
critical | 40781 | Oracle WebLogic Server Java Deserialization Vulnerability | CVE-2016-3510 | alert | updated associated metadata information | 7.1.0 | ||
critical | 40799 | Oracle WebLogic Server Java Deserialization Vulnerability | CVE-2016-3510 | alert | updated associated metadata information | 7.1.0 | ||
critical | 54503 | Microsoft SMB Client Response Parsing Vulnerability | CVE-2010-0476 | MS10-020 | alert | improved detection logic to address a possible fp issue | 7.1.0 | |
critical | 55807 | Microsoft Internet Explorer Use-After-Free Vulnerability | CVE-2014-1772 | MS14-035 | alert | improved detection logic to cover a new exploit | 7.1.0 | |
high | 56245 | Apache Solr Remote Code Execution Vulnerability | CVE-2019-0193 | alert | improved detection logic to cover a new exploit | 7.1.0 | ||
critical | 56632 | vBulletin Remote Code Execution Vulnerability | CVE-2019-16759 | alert | improved detection logic to cover a new exploit | 7.1.0 |
Disabled Vulnerability Signatures (2)
Severity | ID | Attack Name | CVE ID | Vendor ID | Default Action | Minimum PAN-OS Version | Maximum PAN-OS Version |
critical | 33344 | Adobe Reader Memory Corruption Vulnerability | CVE-2017-11231 | APSB17-24 | alert | 7.1.0 | |
high | 36856 | Mozilla Firefox SharedWorker MessagePort Handing Memory Corruption Vulnerability | CVE-2014-1548 | alert | 7.1.0 |
12-02-2019 03:37 AM
@RemoThank you for providing the details and useful.
Also would like to know if any modified application in release 8203
Click Accept as Solution to acknowledge that the answer to your question has been provided.
The button appears next to the replies on topics you’ve started. The member who gave the solution and all future visitors to this topic will appreciate it!
These simple actions take just seconds of your time, but go a long way in showing appreciation for community members and the LIVEcommunity as a whole!
The LIVEcommunity thanks you for your participation!
