* Talos combines our security experts from TRAC, SecApps, and VRT teams.
This SRU number: 2016-04-07-003
Previous SRU number: 2016-04-07-002
Applies to:
This SEU number: 1463
Previous SEU: 1462
Applies to:
This is the complete list of rules modified in SRU 2016-04-07-003 and SEU 1463.
The format of the file is:
GID - SID - Rule Group - Rule Message - Policy State
The Policy State refers to each default Sourcefire policy, Connectivity, Balanced and Security.
The default passive policy state is the same as the Balanced policy state with the exception of alert being used instead of drop.
Note: Unless stated explicitly, the rules are for the series of products listed above.
| GID | SID | Rule Group | Rule Message | Policy State | ||
|---|---|---|---|---|---|---|
| Con. | Bal. | Sec. | ||||
| 1 | 37234 | FILE-FLASH | Adobe Flash Player removeMovieClip use after free attempt | off | drop | drop |
| 1 | 37235 | FILE-FLASH | Adobe Flash Player removeMovieClip use after free attempt | off | drop | drop |
| 1 | 38401 | FILE-FLASH | Adobe Flash Player multiple scripts display rendering use-after-free attempt | off | drop | drop |
| 1 | 38402 | FILE-FLASH | Adobe Flash Player multiple scripts display rendering use-after-free attempt | off | drop | drop |
| 1 | 38403 | FILE-FLASH | Adobe Flash Player Transform Class Matrix AS2 use after free attempt | off | drop | drop |
| 1 | 38404 | FILE-FLASH | Adobe Flash Player Transform Class Matrix AS2 use after free attempt | off | drop | drop |
| 1 | 38405 | FILE-FLASH | Adobe Flash Player Transform Class Matrix AS2 use after free attempt | off | drop | drop |
| 1 | 38406 | FILE-FLASH | Adobe Flash Player Transform Class Matrix AS2 use after free attempt | off | drop | drop |
| 1 | 38407 | FILE-FLASH | Adobe Flash Player JPEG-XR decode buffer overflow attempt | off | drop | drop |
| 1 | 38408 | FILE-FLASH | Adobe Flash Player JPEG-XR decode buffer overflow attempt | off | drop | drop |
| 1 | 38409 | FILE-FLASH | Adobe Flash Player JPEG-XR decode buffer overflow attempt | off | drop | drop |
| 1 | 38410 | FILE-FLASH | Adobe Flash Player JPEG-XR decode buffer overflow attempt | off | drop | drop |
| 1 | 38411 | FILE-FLASH | Adobe Flash Player duplicateMovieClip use after free attempt | off | drop | drop |
| 1 | 38412 | FILE-FLASH | Adobe Flash Player duplicateMovieClip use after free attempt | off | drop | drop |
| 1 | 38413 | FILE-FLASH | Adobe Flash Player NetConnection to ColorMatrixFilter object type confusion attempt | off | drop | drop |
| 1 | 38414 | FILE-FLASH | Adobe Flash Player NetConnection to ColorMatrixFilter object type confusion attempt | off | drop | drop |
| 1 | 38415 | FILE-FLASH | Adobe Flash Player NetConnection to ColorMatrixFilter object type confusion attempt | off | drop | drop |
| 1 | 38416 | FILE-FLASH | Adobe Flash Player NetConnection to ColorMatrixFilter object type confusion attempt | off | drop | drop |
| 1 | 38417 | FILE-FLASH | Adobe Flash Player ClbCatQ.dll dll-load exploit attempt | off | off | drop |
| 1 | 38418 | FILE-FLASH | Adobe Flash Player HNetCfg.dll dll-load exploit attempt | off | off | drop |
| 1 | 38419 | FILE-FLASH | Adobe Flash Player RASMan.dll dll-load exploit attempt | off | off | drop |
| 1 | 38420 | FILE-FLASH | Adobe Flash Player setupapi.dll dll-load exploit attempt | off | off | drop |
| 1 | 38421 | FILE-FLASH | Adobe Flash Player ClbCatQ.dll dll-load exploit attempt | off | off | drop |
| 1 | 38422 | FILE-FLASH | Adobe Flash Player HNetCfg.dll dll-load exploit attempt | off | off | drop |
| 1 | 38423 | FILE-FLASH | Adobe Flash Player RASMan.dll dll-load exploit attempt | off | off | drop |
| 1 | 38424 | FILE-FLASH | Adobe Flash Player setupapi.dll dll-load exploit attempt | off | off | drop |
| 1 | 38425 | FILE-FLASH | Adobe Flash Player ExportAssets count memory corruption attempt | off | drop | drop |
| 1 | 38426 | FILE-FLASH | Adobe Flash Player ExportAssets count memory corruption attempt | off | drop | drop |
| 1 | 38427 | FILE-FLASH | Adobe Flash Player ExportAssets count memory corruption attempt | off | drop | drop |
| 1 | 38428 | FILE-FLASH | Adobe Flash Player ExportAssets count memory corruption attempt | off | drop | drop |
| GID | SID | Rule Group | Rule Message | Policy State | ||
|---|---|---|---|---|---|---|
| Con. | Bal. | Sec. | ||||
| 1 | 30520 | SERVER-OTHER | OpenSSL SSLv3 heartbeat read overrun attempt - vulnerable client response | off | drop | drop |
| 1 | 30521 | SERVER-OTHER | OpenSSL TLSv1 heartbeat read overrun attempt - vulnerable client response | off | drop | drop |
| 1 | 30522 | SERVER-OTHER | OpenSSL TLSv1.1 heartbeat read overrun attempt - vulnerable client response | off | drop | drop |
| 1 | 30523 | SERVER-OTHER | OpenSSL TLSv1.2 heartbeat read overrun attempt - vulnerable client response | off | drop | drop |