Cisco Talos (VRT) Update for Sourcefire 3D System

* Talos combines our security experts from TRAC, SecApps, and VRT teams.

Date: 2016-06-16

This SRU number: 2016-06-16-002
Previous SRU number: 2016-06-13-001

Applies to:

This SEU number: 1497
Previous SEU: 1495

Applies to:

This is the complete list of rules added in SRU 2016-06-16-002 and SEU 1497.

The format of the file is:

GID - SID - Rule Group - Rule Message - Policy State

The Policy State refers to each default Sourcefire policy, Connectivity, Balanced and Security.

The default passive policy state is the same as the Balanced policy state with the exception of alert being used instead of drop.

Note: Unless stated explicitly, the rules are for the series of products listed above.

New Rules:

High Priority
GIDSIDRule GroupRule MessagePolicy State
Con.Bal.Sec.
139262FILE-FLASHAdobe Flash Player unhandled recursion limit out of bounds read attemptoffoffoff
139263FILE-FLASHAdobe Flash Player unhandled recursion limit out of bounds read attemptoffoffoff
139264FILE-FLASHAdobe Flash Player unhandled recursion limit out of bounds read attemptoffoffoff
139265FILE-FLASHAdobe Flash Player unhandled recursion limit out of bounds read attemptoffoffoff
139268SERVER-WEBAPPJoomla PayPlans Extension com_payplans group_id SQL injection attemptoffoffdrop
139269FILE-FLASHAdobe Flash TextFormat.setTabStops use-after-free attemptoffdropdrop
139270FILE-FLASHAdobe Flash TextFormat.setTabStops use-after-free attemptoffdropdrop
139271FILE-FLASHAdobe Flash Player ShimContentFactory uninitialized pointer use attemptoffdropdrop
139272FILE-FLASHAdobe Flash Player ShimContentFactory uninitialized pointer use attemptoffdropdrop
139273FILE-FLASHAdobe Flash Player malformed ATF heap overflow attemptoffdropdrop
139274FILE-FLASHAdobe Flash Player malformed ATF heap overflow attemptoffdropdrop
139275FILE-FLASHAdobe Flash Player loadSound use after free attemptoffdropdrop
139276FILE-FLASHAdobe Flash Player loadSound use after free attemptoffdropdrop
139277FILE-OTHERAdobe Flash Player malformed JPEG XR heap overflow attemptoffdropdrop
139278FILE-OTHERAdobe Flash Player malformed JPEG XR heap overflow attemptoffdropdrop
139279FILE-FLASHAdobe Primetime SDK object type confusion overflow attemptoffdropdrop
139280FILE-FLASHAdobe Primetime SDK object type confusion overflow attemptoffdropdrop
139281FILE-FLASHAdobe Flash Player malformed JPEG-XR out of bounds memory access attemptoffdropdrop
139282FILE-FLASHAdobe Flash Player malformed JPEG-XR out of bounds memory access attemptoffdropdrop
139283FILE-FLASHAdobe Flash Player loadSound use after free attemptoffdropdrop
139284FILE-FLASHAdobe Flash Player loadSound use after free attemptoffdropdrop
139285FILE-FLASHAdobe Flash Player loadSound use after free attemptoffdropdrop
139286FILE-FLASHAdobe Flash Player loadSound use after free attemptoffdropdrop
139287FILE-FLASHAdobe Flash Player ShimContentResolver out of bounds memory access attemptoffdropdrop
139288FILE-FLASHAdobe Flash Player ShimContentResolver out of bounds memory access attemptoffdropdrop
139289FILE-FLASHAdobe Flash Player Primetime SDK ShimContentResolver out of bounds memory access attemptoffdropdrop
139290FILE-FLASHAdobe Flash Player Primetime SDK ShimContentResolver out of bounds memory access attemptoffdropdrop
139291FILE-FLASHAdobe Flash Player NetConnection object type confusion overflow attemptoffdropdrop
139292FILE-FLASHAdobe Flash Player NetConnection object type confusion overflow attemptoffdropdrop
139293FILE-FLASHAdobe Flash Player apphelp.dll dll-load exploit attemptoffoffdrop
139294FILE-FLASHAdobe Flash Player dbghelp.dll dll-load exploit attemptoffoffdrop
139295FILE-FLASHAdobe Flash Player apphelp.dll dll-load exploit attemptoffoffdrop
139296FILE-FLASHAdobe Flash Player dbghelp.dll dll-load exploit attemptoffoffdrop
139297FILE-FLASHAdobe Flash player retrieveResolvers memory corruption attemptoffdropdrop
139298FILE-FLASHAdobe Flash player retrieveResolvers memory corruption attemptoffdropdrop
139299FILE-FLASHAdobe Flash Player malformed regular expression use after free attemptoffdropdrop
139300FILE-FLASHAdobe Flash Player malformed regular expression use after free attemptoffdropdrop
139301FILE-FLASHAdobe Flash Player ExecPolicy invalid string table lookup attemptoffdropdrop
139302FILE-FLASHAdobe Flash Player ExecPolicy invalid string table lookup attemptoffdropdrop
339303SERVER-WEBAPPCisco RV Series Routers command injection attemptoffoffdrop
139304FILE-FLASHAdobe Flash Player Primetime SDK ShimContentResolver out of bounds memory access attemptoffdropdrop
139305FILE-FLASHAdobe Flash Player Primetime SDK ShimContentResolver out of bounds memory access attemptoffdropdrop
139306FILE-FLASHAdobe Flash Player sound object use-after-free attemptoffdropdrop
139307FILE-FLASHAdobe Flash Player sound object use-after-free attemptoffdropdrop
139308FILE-FLASHAdobe Flash Player malformed ATF file length load buffer overflow attemptoffdropdrop
139309FILE-FLASHAdobe Flash Player malformed ATF file length load buffer overflow attemptoffdropdrop
139310FILE-FLASHAdobe Flash Player same origin policy security bypass attemptoffdropdrop
139311FILE-FLASHAdobe Flash Player same origin policy security bypass attemptoffdropdrop
139312FILE-FLASHAdobe Flash Player malformed Adobe Texture Format image load memory corruption attemptoffoffdrop
139313FILE-FLASHAdobe Flash Player malformed Adobe Texture Format image load memory corruption attemptoffoffdrop
139314FILE-FLASHAdobe Flash Player RegExp numbered backreference out of bounds read attemptoffoffdrop
139315FILE-FLASHAdobe Flash Player RegExp numbered backreference out of bounds read attemptoffoffdrop
139316FILE-FLASHAdobe Flash Player MovieClip object use-after-free attemptoffdropdrop
139317FILE-FLASHAdobe Flash Player MovieClip object use-after-free attemptoffdropdrop
139318FILE-FLASHAdobe Flash Player ShimOpportunityGenerator out of bounds memory access attemptoffdropdrop
139319FILE-FLASHAdobe Flash Player ShimOpportunityGenerator out of bounds memory access attemptoffdropdrop

Updated Rules:

Updated rules can be found at this link.