Release notes for update package 1396-5242

Rolling DFA upgrades

Starting from dynamic update 1393, the handling of situations appearing in multiple contexts is improved. To avoid the same traffic data to be matched against multiple DFA's, all DFA's are being modified. When large number of DFAs change at the same time, the temporary memory requirement during a policy installation or refresh increases. To avoid not enough available memory on low end NGFW appliances these changes on DFA's are implemented gradually over the course of 10 dynamic update packages. With low end NGFW appliances, especially N110 and N115, it is recommended to upgrade to NGFW version 6.8.2 or higher to better address new policy when there is not enough memory for both old and new policy. A large number of DFAs might change at the same time if there is a large gap between activating dynamic update packages and the subsequent policy refresh.

See knowledge base article 18570.

This update package improves the detection capabilities of the Forcepoint LLM system.

RELEASE DATE:     Monday October 18, 2021
MD5 CHECKSUM:     d6f789f59627adcac5a7a4e38821b340
SHA1 CHECKSUM:     c06870b79fd79f4d8e41a226f6ae5b646847b0f7
SHA256 CHECKSUM:     eea78d0f2131eb5ed61695d1ab12b1baafaa82dc1cabd3de98c82237dff1c327

UPDATE CRITICALITY:    HIGH

List of detected attacks in this update package:

Risk level Description Reference Vulnerability
High     Metasploit x86/alpha_mixed shellcode encoder stub detected     No CVE/CAN Shellcode-Encoder
High     Metasploit x86/fnstenv_mov shellcode encoder stub detected     No CVE/CAN Shellcode-Encoder
High     Metasploit shellcode detection     No CVE/CAN Shellcode-Encoder
High     Metasploit x86/jmp_call_additive shellcode encoder stub detected     No CVE/CAN Shellcode-Encoder
High     Metasploit x86/shikata_ga_nai shellcode encoder stub detected     No CVE/CAN Shellcode-Encoder
High     Metasploit x86/single_static_bit shellcode encoder stub detected     No CVE/CAN Shellcode-Encoder
High     Generic shellcode detection     No CVE/CAN Shellcode-Encoder
High     Generic shellcode encoder detection     No CVE/CAN Shellcode-Encoder
High     Generic shellcode encoder detection     No CVE/CAN Shellcode-Encoder
High     Generic shellcode encoder detection     No CVE/CAN Shellcode-Encoder
High     Generic shellcode encoder detection     No CVE/CAN Shellcode-Encoder
High     Metasploit x86/alpha_upper shellcode encoder stub detected     No CVE/CAN Shellcode-Encoder
High     Generic shellcode encoder detection     No CVE/CAN Shellcode-Encoder
High     Generic shellcode encoder detection     No CVE/CAN Shellcode-Encoder
High     Generic shellcode detection     No CVE/CAN Shellcode-Encoder
High     Generic shellcode detection     No CVE/CAN Shellcode-Encoder
High     Metasploit Java shellcode detection     No CVE/CAN Shellcode-Encoder
High     Metasploit x86/unicode_mixed shellcode encoder stub detected     No CVE/CAN Shellcode-Encoder
High     Metasploit x86/unicode_upper shellcode encoder stub detected     No CVE/CAN Shellcode-Encoder
High     Metasploit x86/avoid_underscore shellcode encoder stub detected     No CVE/CAN Shellcode-Encoder
High     Metasploit x86/bloxor shellcode encoder stub detected     No CVE/CAN Shellcode-Encoder
High     Metasploit x86/nonalpha shellcode encoder stub detected     No CVE/CAN Shellcode-Encoder
High     Metasploit shellcode detection     No CVE/CAN Shellcode-Encoder
High     Metasploit shellcode detection     No CVE/CAN Shellcode-Encoder
High     Metasploit x86/nonupper shellcode encoder stub detected     No CVE/CAN Shellcode-Encoder
High     Metasploit x86/avoid_utf8_tolower shellcode encoder stub detected     No CVE/CAN Shellcode-Encoder
High     Metasploit shellcode detection     No CVE/CAN Shellcode-Encoder
High     Metasploit x86/call4_dword_xor shellcode encoder stub detected     No CVE/CAN Shellcode-Encoder
High     Metasploit x86/countdown shellcode encoder stub detected     No CVE/CAN Shellcode-Encoder
High     Metasploit shellcode detection     No CVE/CAN Shellcode-Encoder
High     Metasploit shellcode detection     No CVE/CAN Shellcode-Encoder
High     Metasploit shellcode detection     No CVE/CAN Shellcode-Encoder
High     Metasploit shellcode detection     No CVE/CAN Shellcode-Encoder
High     Metasploit shellcode detection     No CVE/CAN Shellcode-Encoder
High     An attempt to exploit a vulnerability in SonicWall Mobile Access detected     CVE-2021-20034     SonicWall-Secure-Mobile-Access-Arbitrary-File-Deletion
High     An attempt to exploit a vulnerability in Delta Electronics DIAEnergie detected     CVE-2021-32955     Delta-Industrial-Automation-Diaenergie-CVE-2021-32955-Arbitrary-File-Upload
High     An attempt to exploit a vulnerability in Centreon Project Centreon detected     CVE-2021-37558     Centreon-Knowledgebase-Proxy-Proceduresproxy-SQL-Injection
High     Nitro Stealer infection traffic was detected     No CVE/CAN Nitro-Stealer-Infection-Traffic
High     Redline Password Stealer infection traffic was detected     No CVE/CAN Redline-Password-Stealer-Infection-Traffic
High     An attempt to exploit a vulnerability in Advantech WebAccess HMI Designer detected     CVE-2021-33000     Advantech-WebAccess-HMI-Designer-Pm3-Nanimatedgraphic-Heap-Buffer-Overflow
High     An attempt to exploit a vulnerability in Adobe Acrobat detected     CVE-2021-39840     Adobe-Acrobat-And-Acrobat-Reader-Dc-Acroform-Field-Format-Action-Use-After-Free

Jump to: Detected Attacks Other Changes

DETECTED ATTACKS

New detected attacks:

TCP Client Stream Unknown

Risk Vulnerability/Situation References Related Fingerprint Situation Type
High Redline-Password-Stealer-Infection-Traffic No CVE/CAN Generic_CS-Redline-Password-Stealer-Infection-Traffic Suspected Botnet

HTTP Request URI

Risk Vulnerability/Situation References Related Fingerprint Situation Type
High SonicWall-Secure-Mobile-Access-Arbitrary-File-Deletion CVE-2021-20034 HTTP_CSU-SonicWall-Secure-Mobile-Access-Arbitrary-File-Deletion Suspected Compromise
High Delta-Industrial-Automation-Diaenergie-CVE-2021-32955-Arbitrary-File-Upload CVE-2021-32955 HTTP_CSU-Delta-Industrial-Automation-Diaenergie-CVE-2021-32955-Arbitrary-File-Upload Suspected Compromise

ANY Common Stream

Risk Vulnerability/Situation References Related Fingerprint Situation Type
High Shellcode-Encoder No CVE/CAN Common_Metasploit-Shellcode-x86-Alpha-Mixed-Stub Suspected Compromise
High Shellcode-Encoder No CVE/CAN Common_Metasploit-Shellcode-x86-Fnstenv-Mov-Stub Suspected Compromise
High Shellcode-Encoder No CVE/CAN Common_Metasploit-Stager-Windows-x86-Reverse-TCP-Ord Suspected Compromise
High Shellcode-Encoder No CVE/CAN Common_Metasploit-Shellcode-x86-Jmp-Call-Additive-Stub Suspected Compromise
High Shellcode-Encoder No CVE/CAN Common_Metasploit-Shellcode-x86-Shikata-Ga-Nai-Stub Suspected Compromise
High Shellcode-Encoder No CVE/CAN Common_Metasploit-Shellcode-x86-Single-Static-Bit-Stub Suspected Compromise
High Shellcode-Encoder No CVE/CAN Common_Generic-Shellcode-1 Suspected Compromise
High Shellcode-Encoder No CVE/CAN Common_Generic-Shellcode-Encoder-1 Suspected Compromise
High Shellcode-Encoder No CVE/CAN Common_Generic-Shellcode-Encoder-2 Suspected Compromise
High Shellcode-Encoder No CVE/CAN Common_Generic-Shellcode-Encoder-3 Suspected Compromise
High Shellcode-Encoder No CVE/CAN Common_Generic-Shellcode-Encoder-4 Suspected Compromise
High Shellcode-Encoder No CVE/CAN Common_Metasploit-Shellcode-x86-Alpha-Upper-Stub Suspected Compromise
High Shellcode-Encoder No CVE/CAN Common_Generic-Shellcode-Encoder-5 Suspected Compromise
High Shellcode-Encoder No CVE/CAN Common_Generic-Shellcode-Encoder-6 Suspected Compromise
High Shellcode-Encoder No CVE/CAN Common_Generic-Shellcode-2 Suspected Compromise
High Shellcode-Encoder No CVE/CAN Common_Generic-Shellcode-Encoder-7 Suspected Compromise
High Shellcode-Encoder No CVE/CAN Common_Metasploit-Shellcode-Java Suspected Compromise
High Shellcode-Encoder No CVE/CAN Common_Metasploit-Shellcode-x86-Unicode-Mixed-Stub Suspected Compromise
High Shellcode-Encoder No CVE/CAN Common_Metasploit-Shellcode-x86-Unicode-Upper-Stub Suspected Compromise
High Shellcode-Encoder No CVE/CAN Common_Metasploit-Shellcode-x86-Avoid-Underscore-Stub Suspected Compromise
High Shellcode-Encoder No CVE/CAN Common_Metasploit-Shellcode-x86-Bloxor-Stub Suspected Compromise
High Shellcode-Encoder No CVE/CAN Common_Metasploit-Shellcode-x86-NonAlpha-Stub Suspected Compromise
High Shellcode-Encoder No CVE/CAN Common_Metasploit-Shellcode-x86-Add-Sub-Stub Suspected Compromise
High Shellcode-Encoder No CVE/CAN Common_Metasploit-Shellcode-x86-Opt-Sub-Stub Suspected Compromise
High Shellcode-Encoder No CVE/CAN Common_Metasploit-Shellcode-x86-NonUpper-Stub Suspected Compromise
High Shellcode-Encoder No CVE/CAN Common_Metasploit-Shellcode-x86-Avoid-Utf8-Tolower-Stub Suspected Compromise
High Shellcode-Encoder No CVE/CAN Common_Metasploit-Shellcode-x86-Service-Stub Suspected Compromise
High Shellcode-Encoder No CVE/CAN Common_Metasploit-Shellcode-x86-Call4-Dword-Xor-Stub Suspected Compromise
High Shellcode-Encoder No CVE/CAN Common_Metasploit-Shellcode-x86-Countdown-Stub Suspected Compromise
High Shellcode-Encoder No CVE/CAN Common_Metasploit-Stager-Windows-x64-Block-API-Gen Suspected Compromise
High Shellcode-Encoder No CVE/CAN Common_Metasploit-Stager-Windows-X86-Bind-Hidden-TCP Suspected Compromise
High Shellcode-Encoder No CVE/CAN Common_Metasploit-Stager-Windows-X86-Bind-Nonx-TCP Suspected Compromise
High Shellcode-Encoder No CVE/CAN Common_Metasploit-Stager-Windows-X86-Block-API-Gen Suspected Compromise
High Shellcode-Encoder No CVE/CAN Common_Metasploit-Stager-Windows-X86-Findtag-Ord Suspected Compromise

HTTP Normalized Request-Line

Risk Vulnerability/Situation References Related Fingerprint Situation Type
High Centreon-Knowledgebase-Proxy-Proceduresproxy-SQL-Injection CVE-2021-37558 HTTP_CRL-Centreon-Knowledgebase-Proxy-Proceduresproxy-SQL-Injection Suspected Compromise
High Nitro-Stealer-Infection-Traffic No CVE/CAN HTTP_CRL-Nitro-Stealer-Infection-Traffic Suspected Botnet

PDF File Stream

Risk Vulnerability/Situation References Related Fingerprint Situation Type
High Adobe-Acrobat-And-Acrobat-Reader-Dc-Acroform-Field-Format-Action-Use-After-Free CVE-2021-39840 File-PDF_Adobe-Acrobat-And-Acrobat-Reader-Dc-Acroform-Field-Format-Action-Use-After-Free Potential Compromise

OLE File Stream

Risk Vulnerability/Situation References Related Fingerprint Situation Type
High Advantech-WebAccess-HMI-Designer-Pm3-Nanimatedgraphic-Heap-Buffer-Overflow CVE-2021-33000 File-OLE_Advantech-WebAccess-HMI-Designer-Pm3-Nanimatedgraphic-Heap-Buffer-Overflow Suspected Compromise

Updated detected attacks:

Any TCP Client Stream

Risk Vulnerability/Situation References Related Fingerprint Situation Type Change Description
High Shellcode-Encoder No CVE/CAN Shared_CS-Metasploit-Shellcode-x86-Alpha-Mixed-Stub Suspected Compromise
Fingerprint regexp changed
High Shellcode-Encoder No CVE/CAN Shared_CS-Metasploit-Shellcode-x86-Fnstenv-Mov-Stub Suspected Compromise
Fingerprint regexp changed
High Shellcode-Encoder No CVE/CAN Shared_CS-Metasploit-Shellcode-x86-Jmp-Call-Additive-Stub Suspected Compromise
Fingerprint regexp changed
High Shellcode-Encoder No CVE/CAN Shared_CS-Metasploit-Shellcode-x86-Shikata-Ga-Nai-Stub Suspected Compromise
Fingerprint regexp changed
High Shellcode-Encoder No CVE/CAN Shared_CS-Metasploit-Shellcode-x86-Single-Static-Bit-Stub Suspected Compromise
Fingerprint regexp changed
High Shellcode-Encoder No CVE/CAN Shared_CS-Metasploit-Shellcode-x64-Xor-Stub Suspected Compromise
Fingerprint regexp changed
High Shellcode-Encoder No CVE/CAN Shared_CS-Metasploit-Shellcode-x86-Alpha-Upper-Stub Suspected Compromise
Fingerprint regexp changed
High Shellcode-Encoder No CVE/CAN Shared_CS-Metasploit-Shellcode-x86-Unicode-Mixed-Stub Suspected Compromise
Fingerprint regexp changed
High Shellcode-Encoder No CVE/CAN Shared_CS-Metasploit-Shellcode-x86-Unicode-Upper-Stub Suspected Compromise
Fingerprint regexp changed
High Shellcode-Encoder No CVE/CAN Shared_CS-Metasploit-Shellcode-x86-NonAlpha-Stub Suspected Compromise
Fingerprint regexp changed
High Shellcode-Encoder No CVE/CAN Shared_CS-Metasploit-Shellcode-x86-NonUpper-Stub Suspected Compromise
Fingerprint regexp changed
High Shellcode-Encoder No CVE/CAN Shared_CS-Metasploit-Shellcode-x86-Avoid-Utf8-Tolower-Stub Suspected Compromise
Fingerprint regexp changed
High Shellcode-Encoder No CVE/CAN Shared_CS-Metasploit-Shellcode-x86-Call4-Dword-Xor-Stub Suspected Compromise
Fingerprint regexp changed
High Shellcode-Encoder No CVE/CAN Shared_CS-Metasploit-Shellcode-x86-Countdown-Stub Suspected Compromise
Fingerprint regexp changed
High Shellcode-Encoder No CVE/CAN Shared_CS-Generic-Shellcode-Encoder-3 Suspected Compromise
Detection mechanism updated
High Shellcode-Encoder No CVE/CAN Shared_CS-Generic-Shellcode-Encoder-2 Suspected Compromise
Detection mechanism updated
High Shellcode-Encoder No CVE/CAN Shared_CS-Generic-Shellcode-Encoder-4 Suspected Compromise
Detection mechanism updated
High Shellcode-Encoder No CVE/CAN Shared_CS-Generic-Shellcode-2 Suspected Compromise
Detection mechanism updated
High Shellcode-Encoder No CVE/CAN Shared_CS-Generic-Shellcode-Encoder-1 Suspected Compromise
Detection mechanism updated
High Shellcode-Encoder No CVE/CAN Shared_CS-Generic-Shellcode-Encoder-5 Suspected Compromise
Detection mechanism updated
High Shellcode-Encoder No CVE/CAN Shared_CS-Generic-Shellcode-1 Suspected Compromise
Detection mechanism updated
High Shellcode-Encoder No CVE/CAN Shared_CS-Generic-Shellcode-Encoder-6 Suspected Compromise
Detection mechanism updated
High Shellcode-Encoder No CVE/CAN Shared_CS-Generic-Shellcode-Encoder-7 Suspected Compromise
Detection mechanism updated
High Shellcode-Encoder No CVE/CAN Shared_CS-Metasploit-Shellcode-Java Suspected Compromise
Detection mechanism updated
High Shellcode-Encoder No CVE/CAN Shared_CS-Metasploit-Shellcode-x86-Avoid-Underscore-Stub Suspected Compromise
Detection mechanism updated
High Shellcode-Encoder No CVE/CAN Shared_CS-Metasploit-Shellcode-x86-Bloxor-Stub Suspected Compromise
Fingerprint regexp changed
High Shellcode-Encoder No CVE/CAN Shared_CS-Metasploit-Shellcode-x86-Opt-Sub-Stub Suspected Compromise
Fingerprint regexp changed
High Shellcode-Encoder No CVE/CAN Shared_CS-Metasploit-Shellcode-x86-Add-Sub-Stub Suspected Compromise
Fingerprint regexp changed

Any TCP Server Stream

Risk Vulnerability/Situation References Related Fingerprint Situation Type Change Description
High Shellcode-Encoder No CVE/CAN Shared_SS-Metasploit-Shellcode-x86-Alpha-Mixed-Stub Suspected Compromise
Fingerprint regexp changed
High Shellcode-Encoder No CVE/CAN Shared_SS-Metasploit-Shellcode-x86-Fnstenv-Mov-Stub Suspected Compromise
Fingerprint regexp changed
High Shellcode-Encoder No CVE/CAN Shared_SS-Metasploit-Shellcode-x86-Jmp-Call-Additive-Stub Suspected Compromise
Fingerprint regexp changed
High Shellcode-Encoder No CVE/CAN Shared_SS-Metasploit-Shellcode-x86-Shikata-Ga-Nai-Stub Suspected Compromise
Fingerprint regexp changed
High Shellcode-Encoder No CVE/CAN Shared_SS-Metasploit-Shellcode-x86-Single-Static-Bit-Stub Suspected Compromise
Fingerprint regexp changed
High Shellcode-Encoder No CVE/CAN Shared_SS-Metasploit-Shellcode-x64-Xor-Stub Suspected Compromise
Fingerprint regexp changed
High Shellcode-Encoder No CVE/CAN Shared_SS-Metasploit-Shellcode-x86-Alpha-Upper-Stub Suspected Compromise
Fingerprint regexp changed
High Shellcode-Encoder No CVE/CAN Shared_SS-Metasploit-Shellcode-x86-Unicode-Mixed-Stub Suspected Compromise
Fingerprint regexp changed
High Shellcode-Encoder No CVE/CAN Shared_SS-Metasploit-Shellcode-x86-Unicode-Upper-Stub Suspected Compromise
Fingerprint regexp changed
High Shellcode-Encoder No CVE/CAN Shared_SS-Metasploit-Shellcode-x86-NonAlpha-Stub Suspected Compromise
Fingerprint regexp changed
High Shellcode-Encoder No CVE/CAN Shared_SS-Metasploit-Shellcode-x86-NonUpper-Stub Suspected Compromise
Fingerprint regexp changed
High Shellcode-Encoder No CVE/CAN Shared_SS-Metasploit-Shellcode-x86-Avoid-Utf8-Tolower-Stub Suspected Compromise
Fingerprint regexp changed
High Shellcode-Encoder No CVE/CAN Shared_SS-Metasploit-Shellcode-x86-Call4-Dword-Xor-Stub Suspected Compromise
Fingerprint regexp changed
High Shellcode-Encoder No CVE/CAN Shared_SS-Metasploit-Shellcode-x86-Countdown-Stub Suspected Compromise
Fingerprint regexp changed
High Shellcode-Encoder No CVE/CAN Shared_SS-Generic-Shellcode-Encoder-3 Suspected Compromise
Detection mechanism updated
High Shellcode-Encoder No CVE/CAN Shared_SS-Generic-Shellcode-Encoder-2 Suspected Compromise
Detection mechanism updated
High Shellcode-Encoder No CVE/CAN Shared_SS-Generic-Shellcode-Encoder-4 Suspected Compromise
Detection mechanism updated
High Shellcode-Encoder No CVE/CAN Shared_SS-Generic-Shellcode-2 Suspected Compromise
Detection mechanism updated
High Shellcode-Encoder No CVE/CAN Shared_SS-Generic-Shellcode-Encoder-1 Suspected Compromise
Detection mechanism updated
High Shellcode-Encoder No CVE/CAN Shared_SS-Generic-Shellcode-Encoder-5 Suspected Compromise
Detection mechanism updated
High Shellcode-Encoder No CVE/CAN Shared_SS-Generic-Shellcode-1 Suspected Compromise
Detection mechanism updated
High Shellcode-Encoder No CVE/CAN Shared_SS-Generic-Shellcode-Encoder-6 Suspected Compromise
Detection mechanism updated
High Shellcode-Encoder No CVE/CAN Shared_SS-Generic-Shellcode-Encoder-7 Suspected Compromise
Detection mechanism updated
High Shellcode-Encoder No CVE/CAN Shared_SS-Metasploit-Shellcode-Java Suspected Compromise
Detection mechanism updated
High Shellcode-Encoder No CVE/CAN Shared_SS-Metasploit-Shellcode-x86-Avoid-Underscore-Stub Suspected Compromise
Detection mechanism updated
High Shellcode-Encoder No CVE/CAN Shared_SS-Metasploit-Shellcode-x86-Bloxor-Stub Suspected Compromise
Fingerprint regexp changed
High Shellcode-Encoder No CVE/CAN Shared_SS-Metasploit-Shellcode-x86-Opt-Sub-Stub Suspected Compromise
Fingerprint regexp changed
High Shellcode-Encoder No CVE/CAN Shared_SS-Metasploit-Shellcode-x86-Add-Sub-Stub Suspected Compromise
Fingerprint regexp changed

Any UDP Packet

Risk Vulnerability/Situation References Related Fingerprint Situation Type Change Description
High Shellcode-Encoder No CVE/CAN Shared-UDP_CS-Metasploit-Shellcode-x86-Alpha-Mixed-Stub Suspected Compromise
Fingerprint regexp changed
High Shellcode-Encoder No CVE/CAN Shared-UDP_CS-Metasploit-Shellcode-x86-Fnstenv-Mov-Stub Suspected Compromise
Fingerprint regexp changed
High Shellcode-Encoder No CVE/CAN Shared-UDP_CS-Metasploit-Shellcode-x86-Jmp-Call-Additive-Stub Suspected Compromise
Fingerprint regexp changed
High Shellcode-Encoder No CVE/CAN Shared-UDP_CS-Metasploit-Shellcode-x86-Shikata-Ga-Nai-Stub Suspected Compromise
Fingerprint regexp changed
High Shellcode-Encoder No CVE/CAN Shared-UDP_CS-Metasploit-Shellcode-x86-Single-Static-Bit-Stub Suspected Compromise
Fingerprint regexp changed
High Shellcode-Encoder No CVE/CAN Shared-UDP_CS-Metasploit-Shellcode-x64-Xor-Stub Suspected Compromise
Fingerprint regexp changed
High Shellcode-Encoder No CVE/CAN Shared-UDP_CS-Metasploit-Shellcode-x86-Alpha-Upper-Stub Suspected Compromise
Fingerprint regexp changed
High Shellcode-Encoder No CVE/CAN Shared-UDP_CS-Metasploit-Shellcode-x86-Unicode-Mixed-Stub Suspected Compromise
Fingerprint regexp changed
High Shellcode-Encoder No CVE/CAN Shared-UDP_CS-Metasploit-Shellcode-x86-Unicode-Upper-Stub Suspected Compromise
Fingerprint regexp changed
High Shellcode-Encoder No CVE/CAN Shared-UDP_CS-Metasploit-Shellcode-x86-NonAlpha-Stub Suspected Compromise
Fingerprint regexp changed
High Shellcode-Encoder No CVE/CAN Shared-UDP_CS-Metasploit-Shellcode-x86-NonUpper-Stub Suspected Compromise
Fingerprint regexp changed
High Shellcode-Encoder No CVE/CAN Shared-UDP_CS-Metasploit-Shellcode-x86-Avoid-Utf8-Tolower-Stub Suspected Compromise
Fingerprint regexp changed
High Shellcode-Encoder No CVE/CAN Shared-UDP_CS-Metasploit-Shellcode-x86-Call4-Dword-Xor-Stub Suspected Compromise
Fingerprint regexp changed
High Shellcode-Encoder No CVE/CAN Shared-UDP_CS-Metasploit-Shellcode-x86-Countdown-Stub Suspected Compromise
Fingerprint regexp changed
High Shellcode-Encoder No CVE/CAN Shared-UDP_CS-Generic-Shellcode-Encoder-3 Suspected Compromise
Detection mechanism updated
High Shellcode-Encoder No CVE/CAN Shared-UDP_CS-Generic-Shellcode-Encoder-2 Suspected Compromise
Detection mechanism updated
High Shellcode-Encoder No CVE/CAN Shared-UDP_CS-Generic-Shellcode-Encoder-4 Suspected Compromise
Detection mechanism updated
High Shellcode-Encoder No CVE/CAN Shared-UDP_CS-Generic-Shellcode-2 Suspected Compromise
Detection mechanism updated
High Shellcode-Encoder No CVE/CAN Shared-UDP_CS-Generic-Shellcode-Encoder-1 Suspected Compromise
Detection mechanism updated
High Shellcode-Encoder No CVE/CAN Shared-UDP_CS-Generic-Shellcode-Encoder-5 Suspected Compromise
Detection mechanism updated
High Shellcode-Encoder No CVE/CAN Shared-UDP_CS-Generic-Shellcode-1 Suspected Compromise
Detection mechanism updated
High Shellcode-Encoder No CVE/CAN Shared-UDP_CS-Generic-Shellcode-Encoder-6 Suspected Compromise
Detection mechanism updated
High Shellcode-Encoder No CVE/CAN Shared-UDP_CS-Generic-Shellcode-Encoder-7 Suspected Compromise
Detection mechanism updated
High Shellcode-Encoder No CVE/CAN Shared-UDP_CS-Metasploit-Shellcode-x86-Avoid-Underscore-Stub Suspected Compromise
Detection mechanism updated
High Shellcode-Encoder No CVE/CAN Shared-UDP_CS-Metasploit-Shellcode-x86-Bloxor-Stub Suspected Compromise
Fingerprint regexp changed
High Shellcode-Encoder No CVE/CAN Shared-UDP_CS-Metasploit-Shellcode-x86-Opt-Sub-Stub Suspected Compromise
Fingerprint regexp changed
High Shellcode-Encoder No CVE/CAN Shared-UDP_CS-Metasploit-Shellcode-x86-Add-Sub-Stub Suspected Compromise
Fingerprint regexp changed

HTTP Client Stream

Risk Vulnerability/Situation References Related Fingerprint Situation Type Change Description
High Libpng-PNG-Decompress-Chunk-Integer-Overflow CVE-2011-3026 HTTP_CS-Libpng-PNG-Decompress-Chunk-Integer-Overflow Potential Compromise
Fingerprint regexp changed
High Adobe-ColdFusion-Ckeditor-Upload-Unrestricted-File-Upload CVE-2018-15961 HTTP_CS-Adobe-ColdFusion-Ckeditor-Upload-Unrestricted-File-Upload Suspected Compromise
Fingerprint regexp changed

HTTP Request Header Line

Risk Vulnerability/Situation References Related Fingerprint Situation Type Change Description
High Redline-Password-Stealer-Infection-Traffic No CVE/CAN HTTP_CSH-Redline-Password-Stealer-Infection-Traffic Suspected Botnet
Fingerprint regexp changed

LDAP Client Stream

Risk Vulnerability/Situation References Related Fingerprint Situation Type Change Description
High IBM-Lotus-Domino-LDAP-Bind-Request-Integer-Overflow CVE-2011-0917 LDAP_CS-IBM-Lotus-Domino-LDAP-Bind-Request-Integer-Overflow Suspected Compromise
Detection mechanism updated

HTTP Normalized Request-Line

Risk Vulnerability/Situation References Related Fingerprint Situation Type Change Description
High Sysax-Multi-Server-Stack-Based-Buffer-Overflow CVE-2012-6530 HTTP_CRL-Sysax-Multi-Server-Stack-Based-Buffer-Overflow Suspected Compromise
Fingerprint regexp changed
High Apache-Struts-OGNL-Expressions-DefaultActionMapper-Code-Execution CVE-2013-2251 HTTP_CRL-Apache-Struts-OGNL-Expressions-DefaultActionMapper-Code-Execution Suspected Compromise
Fingerprint regexp changed
High Cross-Site-Script-Encoder No CVE/CAN HTTP_CRL-Cross-Site-Script-Encoder Suspected Compromise
Detection mechanism updated
High OpenSIS-Unauthenticated-PHP-Code-Execution CVE-2020-13381 HTTP_CRL-OpenSIS-Unauthenticated-PHP-Code-Execution Suspected Compromise
Detection mechanism updated
High NSClient++-ExternalScripts-Authenticated-RCE No CVE/CAN HTTP_CRL-NSClient++-ExternalScripts-Authenticated-RCE Suspected Compromise
Detection mechanism updated
High Jenkins-Config-File-Provider-Plugin-External-Entity-Injection CVE-2021-21642 HTTP_CRL-Jenkins-Config-File-Provider-Plugin-External-Entity-Injection Suspected Compromise
Fingerprint regexp changed

OLE File Stream

Risk Vulnerability/Situation References Related Fingerprint Situation Type Change Description
High Microsoft-Office-Buffer-Overflow-CVE-2013-1331 CVE-2013-1331 File-OLE_Microsoft-Office-Buffer-Overflow-CVE-2013-1331 Suspected Compromise
Detection mechanism updated

Flash File Stream

Risk Vulnerability/Situation References Related Fingerprint Situation Type Change Description
High Adobe-Flash-Buffer-Overflow-Vulnerability-CVE-2013-0634 CVE-2013-0634 File-Flash_Adobe-Flash-Buffer-Overflow-Vulnerability-CVE-2013-0638 Suspected Compromise
Detection mechanism updated
High Generic-HTTP-Exploit No CVE/CAN File-Flash_RIG-EK-Exploit Suspected Compromise
Detection mechanism updated
High Generic-HTTP-Exploit No CVE/CAN File-Flash_DoSWF-Obfuscation Suspected Compromise
Detection mechanism updated
High Generic-HTTP-Exploit No CVE/CAN File-Flash_Magnitude-Exploit-Stager Suspected Compromise
Detection mechanism updated

LIST OF OTHER CHANGES:

New objects:

Type Name
Category SonicWall Mobile Access
IPList Salesforce India
IPList Salesforce LACNIC
IPList Salesforce USA
IPList Salesforce US-East
IPList Salesforce US-West
IPList Microsoft Azure service for AzureSphere
IPList Microsoft Azure service for AzureStack
IPList Microsoft Azure datacenter for belgiumcentral
IPList Amazon CLOUDFRONT_ORIGIN_FACING ap-northeast-2
IPList Amazon CLOUDFRONT_ORIGIN_FACING
IPList Ericom Datacenter IP Address List
Situation ICMP_Error-TCP-sequence-mismatch

Updated objects:

Type Name Changes
Situation URLList 2855836
Detection mechanism updated
Situation URLList 2855838
Detection mechanism updated
Situation URLList 2855885
Detection mechanism updated
Situation URLList 2856177
Detection mechanism updated
Situation URLList for ClearDay-Web
Detection mechanism updated
Situation URLList 2856183
Detection mechanism updated
Situation URLList for ScheduleSmart
Detection mechanism updated
Situation URLList for Grepsr
Detection mechanism updated
Situation URLList for SupplierSelect
Detection mechanism updated
Situation URLList for SymVolli
Detection mechanism updated
Situation URLList for Sofon-Guided-Selling
Detection mechanism updated
Situation URLList for Aggregatur
Detection mechanism updated
Situation URLList 2856215
Detection mechanism updated
Situation URLList for Nirvaha
Detection mechanism updated
Situation URLList for KAP-Virtual-Data-Room
Detection mechanism updated
Situation URLList for LeveragePoint-for-Value-Management
Detection mechanism updated
Situation URLList for 360-Degree-Feedback-Tool
Detection mechanism updated
Situation URLList for TrackAbout
Detection mechanism updated
Situation URLList for improveit!-360
Detection mechanism updated
Situation URLList for Yanomo
Detection mechanism updated
Situation URLList for Kronos
Detection mechanism updated
Situation URLList for Leavetrack
Detection mechanism updated
Situation URLList for Caretime
Detection mechanism updated
Situation URLList for Mojave-Networks
Detection mechanism updated
Situation URLList for Email-It
Detection mechanism updated
Situation URLList for Orderhive
Detection mechanism updated
Situation URLList 2856144
Detection mechanism updated
Situation URLList for ezyCollect
Detection mechanism updated
Situation URLList for Sphera-Cloud
Detection mechanism updated
Situation URLList for CompanyCollege
Detection mechanism updated
IPList Somalia
IPList Iraq
IPList Saudi Arabia
IPList Iran
IPList Cyprus
IPList Tanzania
IPList Syria
IPList Armenia
IPList DR Congo
IPList Uganda
IPList Seychelles
IPList Jordan
IPList Lebanon
IPList Kuwait
IPList Oman
IPList Qatar
IPList United Arab Emirates
IPList Israel
IPList Turkey
IPList Egypt
IPList Greece
IPList Estonia
IPList Latvia
IPList Azerbaijan
IPList Lithuania
IPList Georgia
IPList Moldova
IPList Belarus
IPList Finland
IPList Åland
IPList Ukraine
IPList Hungary
IPList Bulgaria
IPList Albania
IPList Poland
IPList Romania
IPList Kosovo
IPList Zimbabwe
IPList Zambia
IPList Malawi
IPList Botswana
IPList Mauritius
IPList Eswatini
IPList Réunion
IPList South Africa
IPList Mayotte
IPList Mozambique
IPList Pakistan
IPList Bangladesh
IPList Sri Lanka
IPList Bhutan
IPList India
IPList Nepal
IPList Myanmar
IPList Kazakhstan
IPList Kyrgyzstan
IPList Vietnam
IPList Thailand
IPList Indonesia
IPList Laos
IPList Taiwan
IPList Philippines
IPList Malaysia
IPList China
IPList Hong Kong
IPList Brunei
IPList Macao
IPList Cambodia
IPList South Korea
IPList Japan
IPList Singapore
IPList Timor-Leste
IPList Russia
IPList Mongolia
IPList Australia
IPList Christmas Island
IPList Solomon Islands
IPList Vanuatu
IPList New Zealand
IPList Cameroon
IPList Portugal
IPList Liberia
IPList Ghana
IPList Nigeria
IPList Gibraltar
IPList Tunisia
IPList Spain
IPList Malta
IPList Denmark
IPList Iceland
IPList United Kingdom
IPList Switzerland
IPList Sweden
IPList Netherlands
IPList Austria
IPList Belgium
IPList Germany
IPList Luxembourg
IPList Ireland
IPList Monaco
IPList France
IPList Slovakia
IPList Czechia
IPList Norway
IPList Italy
IPList Slovenia
IPList Montenegro
IPList Croatia
IPList Bosnia and Herzegovina
IPList Angola
IPList Namibia
IPList Bouvet Island
IPList Barbados
IPList Guyana
IPList French Guiana
IPList Suriname
IPList Paraguay
IPList Brazil
IPList South Georgia and the South Sandwich Islands
IPList Jamaica
IPList Dominican Republic
IPList Cuba
IPList Martinique
IPList Bahamas
IPList Bermuda
IPList Anguilla
IPList Trinidad and Tobago
IPList St Kitts and Nevis
IPList Dominica
IPList Antigua and Barbuda
IPList Saint Lucia
IPList Turks and Caicos Islands
IPList Aruba
IPList British Virgin Islands
IPList St Vincent and Grenadines
IPList Montserrat
IPList Saint Martin
IPList Saint Barthélemy
IPList Guadeloupe
IPList Grenada
IPList Cayman Islands
IPList Belize
IPList El Salvador
IPList Guatemala
IPList Honduras
IPList Nicaragua
IPList Costa Rica
IPList Venezuela
IPList Ecuador
IPList Colombia
IPList Panama
IPList Haiti
IPList Argentina
IPList Chile
IPList Peru
IPList Mexico
IPList French Polynesia
IPList Guam
IPList Puerto Rico
IPList U.S. Virgin Islands
IPList American Samoa
IPList Canada
IPList United States
IPList Serbia
IPList Sint Maarten
IPList Curaçao
IPList Bonaire, Sint Eustatius, and Saba
IPList TOR exit nodes IP Address List
IPList Amazon AMAZON
IPList Amazon S3
IPList TOR relay nodes IP Address List
IPList Microsoft Azure datacenter for eastus2
IPList Microsoft Azure datacenter for northcentralus
IPList Microsoft Azure datacenter for uksouth
IPList Amazon API_GATEWAY
IPList Microsoft Azure datacenter
IPList Salesforce APNIC
IPList Salesforce ARIN
IPList Salesforce Australia
IPList Salesforce Canada
IPList Salesforce Community Cloud
IPList Salesforce email APNIC
IPList Salesforce email ARIN
IPList Salesforce email Australia
IPList Salesforce email Canada
IPList Salesforce email RIPE
IPList Salesforce
IPList Salesforce RIPE
IPList Amazon AMAZON ap-northeast-1
IPList Amazon S3 ap-northeast-1
IPList Amazon AMAZON eu-south-2
IPList Botnet IP Address List
IPList Malicious Site IP Address List
IPList Amazon AMAZON ap-southeast-1
IPList Amazon S3 ap-southeast-1
IPList Amazon API_GATEWAY ap-southeast-2
IPList Amazon AMAZON eu-west-1
IPList Amazon AMAZON sa-east-1
IPList Amazon S3 sa-east-1
IPList Amazon AMAZON us-east-1
IPList Amazon AMAZON us-east-2
IPList Amazon AMAZON us-west-1
IPList Amazon S3 us-west-1
IPList Amazon AMAZON us-west-2
IPList Microsoft Azure service for AppService
IPList Microsoft Azure service for AzureCloud
IPList Microsoft Azure datacenter for taiwannorth
Situation Generic_CS-McAfee-Web-Reporter-Jboss-Ejbinvokerservlet-Marshalled-Object-Code-Execution
Description has changed
Category tag situation Obsolete added
Category tag os Any Operating System removed
Category tag hardware Any Hardware removed
Category tag application McAfee Web Reporter removed
Category tag os_not_specific Any Operating System not specific removed
Category tag situation Potential Compromise removed
Category tag group TCP Correlation Dependency Group removed
Category tag group Severity over 4 Correlation Dependency Group removed
Category tag group TCP Client Traffic removed
Situation HTTP_CSU-Shared-Variables
Situation HTTP_SHS-Shared-Variables
Situation Generic_Oracle-HTTP-Server-Mod-Access-Restriction-Bypass-2
Description has changed
Category tag situation Obsolete added
Category tag os Any Operating System removed
Category tag hardware Any Hardware removed
Category tag application Oracle Application Server removed
Category tag group CVE2005 removed
Category tag os_not_specific Any Operating System not specific removed
Category tag application_not_specific Oracle Application Server not specific removed
Category tag situation Potential Disclosure removed
Category tag group TCP Client Traffic removed
Situation Generic_Oracle-Reports-Service-File-Overwrite
Description has changed
Category tag situation Obsolete added
Category tag os Any Operating System removed
Category tag hardware Any Hardware removed
Category tag application Oracle Developer Suite removed
Category tag application Oracle Application Server removed
Category tag group CVE2005 removed
Category tag os_not_specific Any Operating System not specific removed
Category tag application_not_specific Oracle Application Server not specific removed
Category tag situation Potential Compromise removed
Category tag group TCP Correlation Dependency Group removed
Category tag group Severity over 4 Correlation Dependency Group removed
Category tag group TCP Client Traffic removed
Situation Generic_Bea-WebLogic-Admin-Console-Cross-Site-Scripting
Description has changed
Category tag situation Obsolete added
Category tag os Any Operating System removed
Category tag hardware Any Hardware removed
Category tag application BEA WebLogic removed
Category tag group CVE2005 removed
Category tag os_not_specific Any Operating System not specific removed
Category tag situation Potential Compromise removed
Category tag group TCP Correlation Dependency Group removed
Category tag group Severity over 4 Correlation Dependency Group removed
Category tag group TCP Client Traffic removed
Situation Generic_Novell-eDirectory-DOS-Device-Name-Denial-Of-Service
Description has changed
Category tag situation Obsolete added
Category tag os Windows removed
Category tag hardware x86 removed
Category tag application Novell eDirectory removed
Category tag group CVE2005 removed
Category tag os_not_specific Windows not specific removed
Category tag situation Potential Denial of Service removed
Category tag group TCP Client Traffic removed
Situation Generic_Oracle-HTTP-Server-Mod-Access-Restriction-Bypass
Description has changed
Category tag situation Obsolete added
Category tag os Any Operating System removed
Category tag hardware Any Hardware removed
Category tag application Oracle Application Server removed
Category tag group CVE2005 removed
Category tag os_not_specific Any Operating System not specific removed
Category tag application_not_specific Oracle Application Server not specific removed
Category tag situation Potential Disclosure removed
Category tag group TCP Client Traffic removed
Situation Generic_Oracle-Application-Server-XSS
Description has changed
Category tag situation Obsolete added
Category tag os Any Operating System removed
Category tag hardware Any Hardware removed
Category tag application Oracle Application Server removed
Category tag group CVE2008 removed
Category tag os_not_specific Any Operating System not specific removed
Category tag application_not_specific Oracle Application Server not specific removed
Category tag situation Potential Compromise removed
Category tag group TCP Correlation Dependency Group removed
Category tag group Severity over 4 Correlation Dependency Group removed
Category tag group TCP Client Traffic removed
Situation Generic_Novell-eDirectory-Server-Accept-Language-Buffer-Overflow
Description has changed
Category tag situation Obsolete added
Category tag os Any Operating System removed
Category tag hardware Any Hardware removed
Category tag application Novell eDirectory removed
Category tag os_not_specific Any Operating System not specific removed
Category tag situation Potential Compromise removed
Category tag group TCP Correlation Dependency Group removed
Category tag group Severity over 4 Correlation Dependency Group removed
Category tag group TCP Client Traffic removed
Situation Generic_CS-HP-OpenView-Network-Node-Manager-Rping-Stack-Buffer-Overflow
Description has changed
Category tag situation Obsolete added
Category tag os Any Operating System removed
Category tag hardware Any Hardware removed
Category tag application HP OpenView Network Node Manager removed
Category tag group CVE2009 removed
Category tag os_not_specific Any Operating System not specific removed
Category tag situation Potential Compromise removed
Category tag group TCP Correlation Dependency Group removed
Category tag group Severity over 4 Correlation Dependency Group removed
Category tag group TCP Client Traffic removed
Situation Generic_CS-Oracle-Secure-Enterprise-Search-Parameter-Cross-Site-Scripting
Description has changed
Category tag situation Obsolete added
Category tag os Any Operating System removed
Category tag hardware Any Hardware removed
Category tag application Oracle Secure Enterprise Search removed
Category tag group CVE2009 removed
Category tag os_not_specific Any Operating System not specific removed
Category tag situation Potential Compromise removed
Category tag group TCP Correlation Dependency Group removed
Category tag group Severity over 4 Correlation Dependency Group removed
Category tag group TCP Client Traffic removed
Situation Generic_CS-Oracle-Bea-WebLogic-Server-Console-help.portal-XSS
Description has changed
Category tag situation Obsolete added
Category tag os Any Operating System removed
Category tag hardware Any Hardware removed
Category tag application Oracle BEA WebLogic removed
Category tag group CVE2009 removed
Category tag os_not_specific Any Operating System not specific removed
Category tag situation Potential Compromise removed
Category tag group TCP Correlation Dependency Group removed
Category tag group Severity over 4 Correlation Dependency Group removed
Category tag group TCP Client Traffic removed
Situation LDAP_CS-IBM-Lotus-Domino-LDAP-Bind-Request-Integer-Overflow-2
Description has changed
Category tag situation Obsolete added
Category tag os Any Operating System removed
Category tag hardware Any Hardware removed
Category tag application Lotus Domino removed
Category tag group CVE2011 removed
Category tag os_not_specific Any Operating System not specific removed
Category tag application_not_specific Lotus Domino not specific removed
Category tag situation Suspected Compromise removed
Category tag group TCP Correlation Dependency Group removed
Category tag group Severity over 4 Correlation Dependency Group removed
Category tag group TCP Client Traffic removed
Situation File-OLE_Microsoft-Excel-Linked-List-Corruption-Vulnerability-CVE-2011-0979
Description has changed
Category tag situation Obsolete added
Category tag os Windows removed
Category tag hardware Any Hardware removed
Category tag application Microsoft Excel removed
Category tag group MS2011-04 removed
Category tag group CVE2011 removed
Category tag os_not_specific Windows not specific removed
Category tag application_not_specific Microsoft Excel not specific removed
Category tag situation Potential Compromise removed
Category tag group Severity over 4 Correlation Dependency Group removed
Situation File-OLE_Metasploit-Shellcode-x86-Shikata-Ga-Nai-Stub
Category tag situation Obsolete added
Category tag os Any Operating System removed
Category tag hardware Any Hardware removed
Category tag os_not_specific Any Operating System not specific removed
Category tag situation Suspected Compromise removed
Category tag group Severity over 4 Correlation Dependency Group removed
Situation File-OLE_Generic-Shellcode-1
Category tag situation Obsolete added
Category tag os Any Operating System removed
Category tag hardware Any Hardware removed
Category tag os_not_specific Any Operating System not specific removed
Category tag situation Suspected Compromise removed
Category tag group Severity over 4 Correlation Dependency Group removed
Situation File-OLE_Metasploit-Shellcode-x86-Unicode-Mixed-Stub
Category tag situation Obsolete added
Category tag os Any Operating System removed
Category tag hardware Any Hardware removed
Category tag os_not_specific Any Operating System not specific removed
Category tag situation Suspected Compromise removed
Category tag group Severity over 4 Correlation Dependency Group removed
Situation File-OLE_Metasploit-Shellcode-x86-Single-Static-Bit-Stub
Category tag situation Obsolete added
Category tag os Any Operating System removed
Category tag hardware Any Hardware removed
Category tag os_not_specific Any Operating System not specific removed
Category tag situation Suspected Compromise removed
Category tag group Severity over 4 Correlation Dependency Group removed
Situation File-OLE_Metasploit-Shellcode-x86-NonAlpha-Stub
Category tag situation Obsolete added
Category tag os Any Operating System removed
Category tag hardware Any Hardware removed
Category tag os_not_specific Any Operating System not specific removed
Category tag situation Suspected Compromise removed
Category tag group Severity over 4 Correlation Dependency Group removed
Situation File-OLE_Metasploit-Shellcode-x86-Fnstenv-Mov-Stub
Category tag situation Obsolete added
Category tag os Any Operating System removed
Category tag hardware Any Hardware removed
Category tag os_not_specific Any Operating System not specific removed
Category tag situation Suspected Compromise removed
Category tag group Severity over 4 Correlation Dependency Group removed
Situation File-OLE_Metasploit-Shellcode-x86-NonUpper-Stub
Category tag situation Obsolete added
Category tag os Any Operating System removed
Category tag hardware Any Hardware removed
Category tag os_not_specific Any Operating System not specific removed
Category tag situation Suspected Compromise removed
Category tag group Severity over 4 Correlation Dependency Group removed
Situation File-OLE_Metasploit-Shellcode-x64-Xor-Stub
Category tag situation Obsolete added
Category tag os Any Operating System removed
Category tag hardware Any Hardware removed
Category tag os_not_specific Any Operating System not specific removed
Category tag situation Suspected Compromise removed
Category tag group Severity over 4 Correlation Dependency Group removed
Situation File-OLE_Metasploit-Shellcode-x86-Call4-Dword-Xor-Stub
Category tag situation Obsolete added
Category tag os Any Operating System removed
Category tag hardware Any Hardware removed
Category tag os_not_specific Any Operating System not specific removed
Category tag situation Suspected Compromise removed
Category tag group Severity over 4 Correlation Dependency Group removed
Situation File-OLE_Metasploit-Shellcode-x86-Jmp-Call-Additive-Stub
Category tag situation Obsolete added
Category tag os Any Operating System removed
Category tag hardware Any Hardware removed
Category tag os_not_specific Any Operating System not specific removed
Category tag situation Suspected Compromise removed
Category tag group Severity over 4 Correlation Dependency Group removed
Situation File-OLE_Metasploit-Shellcode-x86-Unicode-Upper-Stub
Category tag situation Obsolete added
Category tag os Any Operating System removed
Category tag hardware Any Hardware removed
Category tag os_not_specific Any Operating System not specific removed
Category tag situation Suspected Compromise removed
Category tag group Severity over 4 Correlation Dependency Group removed
Situation File-OLE_Metasploit-Shellcode-x86-Countdown-Stub
Category tag situation Obsolete added
Category tag os Any Operating System removed
Category tag hardware Any Hardware removed
Category tag os_not_specific Any Operating System not specific removed
Category tag situation Suspected Compromise removed
Category tag group Severity over 4 Correlation Dependency Group removed
Situation File-OLE_Metasploit-Shellcode-x86-Alpha-Upper-Stub
Category tag situation Obsolete added
Category tag os Any Operating System removed
Category tag hardware Any Hardware removed
Category tag os_not_specific Any Operating System not specific removed
Category tag situation Suspected Compromise removed
Category tag group Severity over 4 Correlation Dependency Group removed
Situation File-OLE_Metasploit-Shellcode-x86-Alpha-Mixed-Stub
Category tag situation Obsolete added
Category tag os Any Operating System removed
Category tag hardware Any Hardware removed
Category tag os_not_specific Any Operating System not specific removed
Category tag situation Suspected Compromise removed
Category tag group Severity over 4 Correlation Dependency Group removed
Situation File-OLE_Metasploit-Shellcode-x86-Avoid-Utf8-Tolower-Stub
Category tag situation Obsolete added
Category tag os Any Operating System removed
Category tag hardware Any Hardware removed
Category tag os_not_specific Any Operating System not specific removed
Category tag situation Suspected Compromise removed
Category tag group Severity over 4 Correlation Dependency Group removed
Situation File-OLE_Generic-Shellcode-2
Category tag situation Obsolete added
Category tag os Any Operating System removed
Category tag hardware Any Hardware removed
Category tag os_not_specific Any Operating System not specific removed
Category tag situation Suspected Compromise removed
Category tag group Severity over 4 Correlation Dependency Group removed
Situation File-OLE_Generic-Shellcode-Encoder-6
Category tag situation Obsolete added
Category tag os Any Operating System removed
Category tag hardware Any Hardware removed
Category tag os_not_specific Any Operating System not specific removed
Category tag situation Suspected Compromise removed
Category tag group Severity over 4 Correlation Dependency Group removed
Situation File-OLE_Generic-Shellcode-Encoder-1
Category tag situation Obsolete added
Category tag os Any Operating System removed
Category tag hardware Any Hardware removed
Category tag os_not_specific Any Operating System not specific removed
Category tag situation Suspected Compromise removed
Category tag group Severity over 4 Correlation Dependency Group removed
Situation File-OLE_Generic-Shellcode-Encoder-2
Category tag situation Obsolete added
Category tag os Any Operating System removed
Category tag hardware Any Hardware removed
Category tag os_not_specific Any Operating System not specific removed
Category tag situation Suspected Compromise removed
Category tag group Severity over 4 Correlation Dependency Group removed
Situation File-OLE_Generic-Shellcode-Encoder-7
Category tag situation Obsolete added
Category tag os Any Operating System removed
Category tag hardware Any Hardware removed
Category tag os_not_specific Any Operating System not specific removed
Category tag situation Suspected Compromise removed
Category tag group Severity over 4 Correlation Dependency Group removed
Situation File-OLE_Generic-Shellcode-Encoder-4
Category tag situation Obsolete added
Category tag os Any Operating System removed
Category tag hardware Any Hardware removed
Category tag os_not_specific Any Operating System not specific removed
Category tag situation Suspected Compromise removed
Category tag group Severity over 4 Correlation Dependency Group removed
Situation File-OLE_Generic-Shellcode-Encoder-3
Category tag situation Obsolete added
Category tag os Any Operating System removed
Category tag hardware Any Hardware removed
Category tag os_not_specific Any Operating System not specific removed
Category tag situation Suspected Compromise removed
Category tag group Severity over 4 Correlation Dependency Group removed
Situation File-OLE_Generic-Shellcode-Encoder-5
Category tag situation Obsolete added
Category tag os Any Operating System removed
Category tag hardware Any Hardware removed
Category tag os_not_specific Any Operating System not specific removed
Category tag situation Suspected Compromise removed
Category tag group Severity over 4 Correlation Dependency Group removed
Situation File-OLE_Microsoft-Excel-Use-After-Free-WriteAV-Vulnerability
Description has changed
Category tag situation Obsolete added
Category tag os Windows removed
Category tag hardware Any Hardware removed
Category tag application Microsoft Excel removed
Category tag group MS2011-09 removed
Category tag group CVE2011 removed
Category tag os_not_specific Windows not specific removed
Category tag application_not_specific Microsoft Excel not specific removed
Category tag situation Potential Compromise removed
Category tag group Severity over 4 Correlation Dependency Group removed
Situation File-OLE_Microsoft-Visio-VSD-File-Format-Memory-Corruption-CVE-2012-0020
Description has changed
Category tag situation Obsolete added
Category tag os Windows removed
Category tag hardware Any Hardware removed
Category tag application Microsoft Visio Viewer removed
Category tag group MS2012-02 removed
Category tag group CVE2012 removed
Category tag os_not_specific Windows not specific removed
Category tag situation Potential Compromise removed
Category tag group Severity over 4 Correlation Dependency Group removed
Situation File-OLE_Microsoft-Excel-SXLI-Record-Memory-Corruption-Vulnerability
Description has changed
Category tag situation Obsolete added
Category tag os Windows removed
Category tag hardware Any Hardware removed
Category tag application Microsoft Excel removed
Category tag group MS2012-05 removed
Category tag group CVE2012 removed
Category tag os_not_specific Windows not specific removed
Category tag application_not_specific Microsoft Excel not specific removed
Category tag situation Potential Compromise removed
Category tag group Severity over 4 Correlation Dependency Group removed
Situation File-OLE_Metasploit-Shellcode-x86-Avoid-Underscore-Stub
Category tag situation Obsolete added
Category tag os Any Operating System removed
Category tag hardware Any Hardware removed
Category tag os_not_specific Any Operating System not specific removed
Category tag situation Suspected Compromise removed
Category tag group Severity over 4 Correlation Dependency Group removed
Situation File-OLE_Metasploit-Shellcode-x86-Bloxor-Stub
Category tag situation Obsolete added
Category tag os Any Operating System removed
Category tag hardware Any Hardware removed
Category tag os_not_specific Any Operating System not specific removed
Category tag situation Suspected Compromise removed
Category tag group Severity over 4 Correlation Dependency Group removed
Situation File-Flash_Metasploit-Shellcode-x86-Shikata-Ga-Nai-Stub
Category tag situation Obsolete added
Category tag os Any Operating System removed
Category tag hardware Any Hardware removed
Category tag os_not_specific Any Operating System not specific removed
Category tag situation Suspected Compromise removed
Category tag group Severity over 4 Correlation Dependency Group removed
Situation File-Flash_Generic-Shellcode-1
Category tag situation Obsolete added
Category tag os Any Operating System removed
Category tag hardware Any Hardware removed
Category tag os_not_specific Any Operating System not specific removed
Category tag situation Suspected Compromise removed
Category tag group Severity over 4 Correlation Dependency Group removed
Situation File-Flash_Metasploit-Shellcode-x86-Unicode-Mixed-Stub
Category tag situation Obsolete added
Category tag os Any Operating System removed
Category tag hardware Any Hardware removed
Category tag os_not_specific Any Operating System not specific removed
Category tag situation Suspected Compromise removed
Category tag group Severity over 4 Correlation Dependency Group removed
Situation File-Flash_Metasploit-Shellcode-x86-Single-Static-Bit-Stub
Category tag situation Obsolete added
Category tag os Any Operating System removed
Category tag hardware Any Hardware removed
Category tag os_not_specific Any Operating System not specific removed
Category tag situation Suspected Compromise removed
Category tag group Severity over 4 Correlation Dependency Group removed
Situation File-Flash_Metasploit-Shellcode-x86-NonAlpha-Stub
Category tag situation Obsolete added
Category tag os Any Operating System removed
Category tag hardware Any Hardware removed
Category tag os_not_specific Any Operating System not specific removed
Category tag situation Suspected Compromise removed
Category tag group Severity over 4 Correlation Dependency Group removed
Situation File-Flash_Metasploit-Shellcode-x86-Fnstenv-Mov-Stub
Category tag situation Obsolete added
Category tag os Any Operating System removed
Category tag hardware Any Hardware removed
Category tag os_not_specific Any Operating System not specific removed
Category tag situation Suspected Compromise removed
Category tag group Severity over 4 Correlation Dependency Group removed
Situation File-Flash_Metasploit-Shellcode-x86-NonUpper-Stub
Category tag situation Obsolete added
Category tag os Any Operating System removed
Category tag hardware Any Hardware removed
Category tag os_not_specific Any Operating System not specific removed
Category tag situation Suspected Compromise removed
Category tag group Severity over 4 Correlation Dependency Group removed
Situation File-Flash_Metasploit-Shellcode-x64-Xor-Stub
Category tag situation Obsolete added
Category tag os Any Operating System removed
Category tag hardware Any Hardware removed
Category tag os_not_specific Any Operating System not specific removed
Category tag situation Suspected Compromise removed
Category tag group Severity over 4 Correlation Dependency Group removed
Situation File-Flash_Metasploit-Shellcode-x86-Call4-Dword-Xor-Stub
Category tag situation Obsolete added
Category tag os Any Operating System removed
Category tag hardware Any Hardware removed
Category tag os_not_specific Any Operating System not specific removed
Category tag situation Suspected Compromise removed
Category tag group Severity over 4 Correlation Dependency Group removed
Situation File-Flash_Metasploit-Shellcode-x86-Jmp-Call-Additive-Stub
Category tag situation Obsolete added
Category tag os Any Operating System removed
Category tag hardware Any Hardware removed
Category tag os_not_specific Any Operating System not specific removed
Category tag situation Suspected Compromise removed
Category tag group Severity over 4 Correlation Dependency Group removed
Situation File-Flash_Metasploit-Shellcode-x86-Unicode-Upper-Stub
Category tag situation Obsolete added
Category tag os Any Operating System removed
Category tag hardware Any Hardware removed
Category tag os_not_specific Any Operating System not specific removed
Category tag situation Suspected Compromise removed
Category tag group Severity over 4 Correlation Dependency Group removed
Situation File-Flash_Metasploit-Shellcode-x86-Countdown-Stub
Category tag situation Obsolete added
Category tag os Any Operating System removed
Category tag hardware Any Hardware removed
Category tag os_not_specific Any Operating System not specific removed
Category tag situation Suspected Compromise removed
Category tag group Severity over 4 Correlation Dependency Group removed
Situation File-Flash_Metasploit-Shellcode-x86-Alpha-Upper-Stub
Category tag situation Obsolete added
Category tag os Any Operating System removed
Category tag hardware Any Hardware removed
Category tag os_not_specific Any Operating System not specific removed
Category tag situation Suspected Compromise removed
Category tag group Severity over 4 Correlation Dependency Group removed
Situation File-Flash_Metasploit-Shellcode-x86-Alpha-Mixed-Stub
Category tag situation Obsolete added
Category tag os Any Operating System removed
Category tag hardware Any Hardware removed
Category tag os_not_specific Any Operating System not specific removed
Category tag situation Suspected Compromise removed
Category tag group Severity over 4 Correlation Dependency Group removed
Situation File-Flash_Metasploit-Shellcode-x86-Avoid-Utf8-Tolower-Stub
Category tag situation Obsolete added
Category tag os Any Operating System removed
Category tag hardware Any Hardware removed
Category tag os_not_specific Any Operating System not specific removed
Category tag situation Suspected Compromise removed
Category tag group Severity over 4 Correlation Dependency Group removed
Situation File-Flash_Generic-Shellcode-2
Category tag situation Obsolete added
Category tag os Any Operating System removed
Category tag hardware Any Hardware removed
Category tag os_not_specific Any Operating System not specific removed
Category tag situation Suspected Compromise removed
Category tag group Severity over 4 Correlation Dependency Group removed
Situation File-Flash_Generic-Shellcode-Encoder-6
Category tag situation Obsolete added
Category tag os Any Operating System removed
Category tag hardware Any Hardware removed
Category tag os_not_specific Any Operating System not specific removed
Category tag situation Suspected Compromise removed
Category tag group Severity over 4 Correlation Dependency Group removed
Situation File-Flash_Generic-Shellcode-Encoder-1
Category tag situation Obsolete added
Category tag os Any Operating System removed
Category tag hardware Any Hardware removed
Category tag os_not_specific Any Operating System not specific removed
Category tag situation Suspected Compromise removed
Category tag group Severity over 4 Correlation Dependency Group removed
Situation File-Flash_Generic-Shellcode-Encoder-2
Category tag situation Obsolete added
Category tag os Any Operating System removed
Category tag hardware Any Hardware removed
Category tag os_not_specific Any Operating System not specific removed
Category tag situation Suspected Compromise removed
Category tag group Severity over 4 Correlation Dependency Group removed
Situation File-Flash_Generic-Shellcode-Encoder-7
Category tag situation Obsolete added
Category tag os Any Operating System removed
Category tag hardware Any Hardware removed
Category tag os_not_specific Any Operating System not specific removed
Category tag situation Suspected Compromise removed
Category tag group Severity over 4 Correlation Dependency Group removed
Situation File-Flash_Generic-Shellcode-Encoder-4
Category tag situation Obsolete added
Category tag os Any Operating System removed
Category tag hardware Any Hardware removed
Category tag os_not_specific Any Operating System not specific removed
Category tag situation Suspected Compromise removed
Category tag group Severity over 4 Correlation Dependency Group removed
Situation File-Flash_Generic-Shellcode-Encoder-3
Category tag situation Obsolete added
Category tag os Any Operating System removed
Category tag hardware Any Hardware removed
Category tag os_not_specific Any Operating System not specific removed
Category tag situation Suspected Compromise removed
Category tag group Severity over 4 Correlation Dependency Group removed
Situation File-Flash_Generic-Shellcode-Encoder-5
Category tag situation Obsolete added
Category tag os Any Operating System removed
Category tag hardware Any Hardware removed
Category tag os_not_specific Any Operating System not specific removed
Category tag situation Suspected Compromise removed
Category tag group Severity over 4 Correlation Dependency Group removed
Situation File-Flash_Metasploit-Shellcode-x86-Avoid-Underscore-Stub
Category tag situation Obsolete added
Category tag os Any Operating System removed
Category tag hardware Any Hardware removed
Category tag os_not_specific Any Operating System not specific removed
Category tag situation Suspected Compromise removed
Category tag group Severity over 4 Correlation Dependency Group removed
Situation File-Flash_Metasploit-Shellcode-x86-Bloxor-Stub
Category tag situation Obsolete added
Category tag os Any Operating System removed
Category tag hardware Any Hardware removed
Category tag os_not_specific Any Operating System not specific removed
Category tag situation Suspected Compromise removed
Category tag group Severity over 4 Correlation Dependency Group removed
Situation File-PDF_Metasploit-Shellcode-x86-Shikata-Ga-Nai-Stub
Category tag situation Obsolete added
Category tag os Any Operating System removed
Category tag hardware Any Hardware removed
Category tag os_not_specific Any Operating System not specific removed
Category tag situation Suspected Compromise removed
Category tag group Severity over 4 Correlation Dependency Group removed
Situation File-PDF_Generic-Shellcode-1
Category tag situation Obsolete added
Category tag os Any Operating System removed
Category tag hardware Any Hardware removed
Category tag os_not_specific Any Operating System not specific removed
Category tag situation Suspected Compromise removed
Category tag group Severity over 4 Correlation Dependency Group removed
Situation File-PDF_Metasploit-Shellcode-x86-Unicode-Mixed-Stub
Category tag situation Obsolete added
Category tag os Any Operating System removed
Category tag hardware Any Hardware removed
Category tag os_not_specific Any Operating System not specific removed
Category tag situation Suspected Compromise removed
Category tag group Severity over 4 Correlation Dependency Group removed
Situation File-PDF_Metasploit-Shellcode-x86-Single-Static-Bit-Stub
Category tag situation Obsolete added
Category tag os Any Operating System removed
Category tag hardware Any Hardware removed
Category tag os_not_specific Any Operating System not specific removed
Category tag situation Suspected Compromise removed
Category tag group Severity over 4 Correlation Dependency Group removed
Situation File-PDF_Metasploit-Shellcode-x86-NonAlpha-Stub
Category tag situation Obsolete added
Category tag os Any Operating System removed
Category tag hardware Any Hardware removed
Category tag os_not_specific Any Operating System not specific removed
Category tag situation Suspected Compromise removed
Category tag group Severity over 4 Correlation Dependency Group removed
Situation File-PDF_Metasploit-Shellcode-x86-Fnstenv-Mov-Stub
Category tag situation Obsolete added
Category tag os Any Operating System removed
Category tag hardware Any Hardware removed
Category tag os_not_specific Any Operating System not specific removed
Category tag situation Suspected Compromise removed
Category tag group Severity over 4 Correlation Dependency Group removed
Situation File-PDF_Metasploit-Shellcode-x86-NonUpper-Stub
Category tag situation Obsolete added
Category tag os Any Operating System removed
Category tag hardware Any Hardware removed
Category tag os_not_specific Any Operating System not specific removed
Category tag situation Suspected Compromise removed
Category tag group Severity over 4 Correlation Dependency Group removed
Situation File-PDF_Metasploit-Shellcode-x64-Xor-Stub
Category tag situation Obsolete added
Category tag os Any Operating System removed
Category tag hardware Any Hardware removed
Category tag os_not_specific Any Operating System not specific removed
Category tag situation Suspected Compromise removed
Category tag group Severity over 4 Correlation Dependency Group removed
Situation File-PDF_Metasploit-Shellcode-x86-Call4-Dword-Xor-Stub
Category tag situation Obsolete added
Category tag os Any Operating System removed
Category tag hardware Any Hardware removed
Category tag os_not_specific Any Operating System not specific removed
Category tag situation Suspected Compromise removed
Category tag group Severity over 4 Correlation Dependency Group removed
Situation File-PDF_Metasploit-Shellcode-x86-Jmp-Call-Additive-Stub
Category tag situation Obsolete added
Category tag os Any Operating System removed
Category tag hardware Any Hardware removed
Category tag os_not_specific Any Operating System not specific removed
Category tag situation Suspected Compromise removed
Category tag group Severity over 4 Correlation Dependency Group removed
Situation File-PDF_Metasploit-Shellcode-x86-Unicode-Upper-Stub
Category tag situation Obsolete added
Category tag os Any Operating System removed
Category tag hardware Any Hardware removed
Category tag os_not_specific Any Operating System not specific removed
Category tag situation Suspected Compromise removed
Category tag group Severity over 4 Correlation Dependency Group removed
Situation File-PDF_Metasploit-Shellcode-x86-Countdown-Stub
Category tag situation Obsolete added
Category tag os Any Operating System removed
Category tag hardware Any Hardware removed
Category tag os_not_specific Any Operating System not specific removed
Category tag situation Suspected Compromise removed
Category tag group Severity over 4 Correlation Dependency Group removed
Situation File-PDF_Metasploit-Shellcode-x86-Alpha-Upper-Stub
Category tag situation Obsolete added
Category tag os Any Operating System removed
Category tag hardware Any Hardware removed
Category tag os_not_specific Any Operating System not specific removed
Category tag situation Suspected Compromise removed
Category tag group Severity over 4 Correlation Dependency Group removed
Situation File-PDF_Metasploit-Shellcode-x86-Alpha-Mixed-Stub
Category tag situation Obsolete added
Category tag os Any Operating System removed
Category tag hardware Any Hardware removed
Category tag os_not_specific Any Operating System not specific removed
Category tag situation Suspected Compromise removed
Category tag group Severity over 4 Correlation Dependency Group removed
Situation File-PDF_Metasploit-Shellcode-x86-Avoid-Utf8-Tolower-Stub
Category tag situation Obsolete added
Category tag os Any Operating System removed
Category tag hardware Any Hardware removed
Category tag os_not_specific Any Operating System not specific removed
Category tag situation Suspected Compromise removed
Category tag group Severity over 4 Correlation Dependency Group removed
Situation File-PDF_Generic-Shellcode-2
Category tag situation Obsolete added
Category tag os Any Operating System removed
Category tag hardware Any Hardware removed
Category tag os_not_specific Any Operating System not specific removed
Category tag situation Suspected Compromise removed
Category tag group Severity over 4 Correlation Dependency Group removed
Situation File-PDF_Generic-Shellcode-Encoder-6
Category tag situation Obsolete added
Category tag os Any Operating System removed
Category tag hardware Any Hardware removed
Category tag os_not_specific Any Operating System not specific removed
Category tag situation Suspected Compromise removed
Category tag group Severity over 4 Correlation Dependency Group removed
Situation File-PDF_Generic-Shellcode-Encoder-1
Category tag situation Obsolete added
Category tag os Any Operating System removed
Category tag hardware Any Hardware removed
Category tag os_not_specific Any Operating System not specific removed
Category tag situation Suspected Compromise removed
Category tag group Severity over 4 Correlation Dependency Group removed
Situation File-PDF_Generic-Shellcode-Encoder-2
Category tag situation Obsolete added
Category tag os Any Operating System removed
Category tag hardware Any Hardware removed
Category tag os_not_specific Any Operating System not specific removed
Category tag situation Suspected Compromise removed
Category tag group Severity over 4 Correlation Dependency Group removed
Situation File-PDF_Generic-Shellcode-Encoder-7
Category tag situation Obsolete added
Category tag os Any Operating System removed
Category tag hardware Any Hardware removed
Category tag os_not_specific Any Operating System not specific removed
Category tag situation Suspected Compromise removed
Category tag group Severity over 4 Correlation Dependency Group removed
Situation File-PDF_Generic-Shellcode-Encoder-4
Category tag situation Obsolete added
Category tag os Any Operating System removed
Category tag hardware Any Hardware removed
Category tag os_not_specific Any Operating System not specific removed
Category tag situation Suspected Compromise removed
Category tag group Severity over 4 Correlation Dependency Group removed
Situation File-PDF_Generic-Shellcode-Encoder-3
Category tag situation Obsolete added
Category tag os Any Operating System removed
Category tag hardware Any Hardware removed
Category tag os_not_specific Any Operating System not specific removed
Category tag situation Suspected Compromise removed
Category tag group Severity over 4 Correlation Dependency Group removed
Situation File-PDF_Generic-Shellcode-Encoder-5
Category tag situation Obsolete added
Category tag os Any Operating System removed
Category tag hardware Any Hardware removed
Category tag os_not_specific Any Operating System not specific removed
Category tag situation Suspected Compromise removed
Category tag group Severity over 4 Correlation Dependency Group removed
Situation File-PDF_Metasploit-Shellcode-x86-Avoid-Underscore-Stub
Category tag situation Obsolete added
Category tag os Any Operating System removed
Category tag hardware Any Hardware removed
Category tag os_not_specific Any Operating System not specific removed
Category tag situation Suspected Compromise removed
Category tag group Severity over 4 Correlation Dependency Group removed
Situation File-PDF_Metasploit-Shellcode-x86-Bloxor-Stub
Category tag situation Obsolete added
Category tag os Any Operating System removed
Category tag hardware Any Hardware removed
Category tag os_not_specific Any Operating System not specific removed
Category tag situation Suspected Compromise removed
Category tag group Severity over 4 Correlation Dependency Group removed
Situation File-JPEG_Metasploit-Shellcode-x86-Shikata-Ga-Nai-Stub
Category tag situation Obsolete added
Category tag os Any Operating System removed
Category tag hardware Any Hardware removed
Category tag os_not_specific Any Operating System not specific removed
Category tag situation Suspected Compromise removed
Category tag group Severity over 4 Correlation Dependency Group removed
Situation File-JPEG_Generic-Shellcode-1
Category tag situation Obsolete added
Category tag os Any Operating System removed
Category tag hardware Any Hardware removed
Category tag os_not_specific Any Operating System not specific removed
Category tag situation Suspected Compromise removed
Category tag group Severity over 4 Correlation Dependency Group removed
Situation File-JPEG_Generic-Shellcode-2
Category tag situation Obsolete added
Category tag os Any Operating System removed
Category tag hardware Any Hardware removed
Category tag os_not_specific Any Operating System not specific removed
Category tag situation Suspected Compromise removed
Category tag group Severity over 4 Correlation Dependency Group removed
Situation File-JPEG_Metasploit-Shellcode-x86-Unicode-Mixed-Stub
Category tag situation Obsolete added
Category tag os Any Operating System removed
Category tag hardware Any Hardware removed
Category tag os_not_specific Any Operating System not specific removed
Category tag situation Suspected Compromise removed
Category tag group Severity over 4 Correlation Dependency Group removed
Situation File-JPEG_Metasploit-Shellcode-x86-Single-Static-Bit-Stub
Category tag situation Obsolete added
Category tag os Any Operating System removed
Category tag hardware Any Hardware removed
Category tag os_not_specific Any Operating System not specific removed
Category tag situation Suspected Compromise removed
Category tag group Severity over 4 Correlation Dependency Group removed
Situation File-JPEG_Metasploit-Shellcode-x86-NonAlpha-Stub
Category tag situation Obsolete added
Category tag os Any Operating System removed
Category tag hardware Any Hardware removed
Category tag os_not_specific Any Operating System not specific removed
Category tag situation Suspected Compromise removed
Category tag group Severity over 4 Correlation Dependency Group removed
Situation File-JPEG_Metasploit-Shellcode-x86-Fnstenv-Mov-Stub
Category tag situation Obsolete added
Category tag os Any Operating System removed
Category tag hardware Any Hardware removed
Category tag os_not_specific Any Operating System not specific removed
Category tag situation Suspected Compromise removed
Category tag group Severity over 4 Correlation Dependency Group removed
Situation File-JPEG_Generic-Shellcode-Encoder-6
Category tag situation Obsolete added
Category tag os Any Operating System removed
Category tag hardware Any Hardware removed
Category tag os_not_specific Any Operating System not specific removed
Category tag situation Suspected Compromise removed
Category tag group Severity over 4 Correlation Dependency Group removed
Situation File-JPEG_Metasploit-Shellcode-x86-NonUpper-Stub
Category tag situation Obsolete added
Category tag os Any Operating System removed
Category tag hardware Any Hardware removed
Category tag os_not_specific Any Operating System not specific removed
Category tag situation Suspected Compromise removed
Category tag group Severity over 4 Correlation Dependency Group removed
Situation File-JPEG_Metasploit-Shellcode-x64-Xor-Stub
Category tag situation Obsolete added
Category tag os Any Operating System removed
Category tag hardware Any Hardware removed
Category tag os_not_specific Any Operating System not specific removed
Category tag situation Suspected Compromise removed
Category tag group Severity over 4 Correlation Dependency Group removed
Situation File-JPEG_Metasploit-Shellcode-x86-Call4-Dword-Xor-Stub
Category tag situation Obsolete added
Category tag os Any Operating System removed
Category tag hardware Any Hardware removed
Category tag os_not_specific Any Operating System not specific removed
Category tag situation Suspected Compromise removed
Category tag group Severity over 4 Correlation Dependency Group removed
Situation File-JPEG_Metasploit-Shellcode-x86-Jmp-Call-Additive-Stub
Category tag situation Obsolete added
Category tag os Any Operating System removed
Category tag hardware Any Hardware removed
Category tag os_not_specific Any Operating System not specific removed
Category tag situation Suspected Compromise removed
Category tag group Severity over 4 Correlation Dependency Group removed
Situation File-JPEG_Generic-Shellcode-Encoder-1
Category tag situation Obsolete added
Category tag os Any Operating System removed
Category tag hardware Any Hardware removed
Category tag os_not_specific Any Operating System not specific removed
Category tag situation Suspected Compromise removed
Category tag group Severity over 4 Correlation Dependency Group removed
Situation File-JPEG_Generic-Shellcode-Encoder-2
Category tag situation Obsolete added
Category tag os Any Operating System removed
Category tag hardware Any Hardware removed
Category tag os_not_specific Any Operating System not specific removed
Category tag situation Suspected Compromise removed
Category tag group Severity over 4 Correlation Dependency Group removed
Situation File-JPEG_Generic-Shellcode-Encoder-7
Category tag situation Obsolete added
Category tag os Any Operating System removed
Category tag hardware Any Hardware removed
Category tag os_not_specific Any Operating System not specific removed
Category tag situation Suspected Compromise removed
Category tag group Severity over 4 Correlation Dependency Group removed
Situation File-JPEG_Generic-Shellcode-Encoder-4
Category tag situation Obsolete added
Category tag os Any Operating System removed
Category tag hardware Any Hardware removed
Category tag os_not_specific Any Operating System not specific removed
Category tag situation Suspected Compromise removed
Category tag group Severity over 4 Correlation Dependency Group removed
Situation File-JPEG_Generic-Shellcode-Encoder-3
Category tag situation Obsolete added
Category tag os Any Operating System removed
Category tag hardware Any Hardware removed
Category tag os_not_specific Any Operating System not specific removed
Category tag situation Suspected Compromise removed
Category tag group Severity over 4 Correlation Dependency Group removed
Situation File-JPEG_Metasploit-Shellcode-x86-Unicode-Upper-Stub
Category tag situation Obsolete added
Category tag os Any Operating System removed
Category tag hardware Any Hardware removed
Category tag os_not_specific Any Operating System not specific removed
Category tag situation Suspected Compromise removed
Category tag group Severity over 4 Correlation Dependency Group removed
Situation File-JPEG_Generic-Shellcode-Encoder-5
Category tag situation Obsolete added
Category tag os Any Operating System removed
Category tag hardware Any Hardware removed
Category tag os_not_specific Any Operating System not specific removed
Category tag situation Suspected Compromise removed
Category tag group Severity over 4 Correlation Dependency Group removed
Situation File-JPEG_Metasploit-Shellcode-x86-Countdown-Stub
Category tag situation Obsolete added
Category tag os Any Operating System removed
Category tag hardware Any Hardware removed
Category tag os_not_specific Any Operating System not specific removed
Category tag situation Suspected Compromise removed
Category tag group Severity over 4 Correlation Dependency Group removed
Situation File-JPEG_Metasploit-Shellcode-x86-Alpha-Upper-Stub
Category tag situation Obsolete added
Category tag os Any Operating System removed
Category tag hardware Any Hardware removed
Category tag os_not_specific Any Operating System not specific removed
Category tag situation Suspected Compromise removed
Category tag group Severity over 4 Correlation Dependency Group removed
Situation File-JPEG_Metasploit-Shellcode-x86-Alpha-Mixed-Stub
Category tag situation Obsolete added
Category tag os Any Operating System removed
Category tag hardware Any Hardware removed
Category tag os_not_specific Any Operating System not specific removed
Category tag situation Suspected Compromise removed
Category tag group Severity over 4 Correlation Dependency Group removed
Situation File-JPEG_Metasploit-Shellcode-x86-Avoid-Utf8-Tolower-Stub
Category tag situation Obsolete added
Category tag os Any Operating System removed
Category tag hardware Any Hardware removed
Category tag os_not_specific Any Operating System not specific removed
Category tag situation Suspected Compromise removed
Category tag group Severity over 4 Correlation Dependency Group removed
Situation File-JPEG_Metasploit-Shellcode-x86-Avoid-Underscore-Stub
Category tag situation Obsolete added
Category tag os Any Operating System removed
Category tag hardware Any Hardware removed
Category tag os_not_specific Any Operating System not specific removed
Category tag situation Suspected Compromise removed
Category tag group Severity over 4 Correlation Dependency Group removed
Situation File-JPEG_Metasploit-Shellcode-x86-Bloxor-Stub
Category tag situation Obsolete added
Category tag os Any Operating System removed
Category tag hardware Any Hardware removed
Category tag os_not_specific Any Operating System not specific removed
Category tag situation Suspected Compromise removed
Category tag group Severity over 4 Correlation Dependency Group removed
Application Debt-Collections-Software
Description has changed
Application Rosslyn-Data-Technologies
Name: RA.Pid->Rosslyn-Data-Technologies
Comment has changed
Description has changed
Application MineralTree
Description has changed
Application Windward-Studios
Name: Windward-Reports-AutoTag-Max->Windward-Studios
Comment has changed
Application Web-Human-Resource
Description has changed
Application OffiServ
Description has changed
Application PARIM-Workforce-Management-Software
Description has changed
Application HR-Performance-Management
Description has changed
Application clock.in
Description has changed
Application Alertsec-Xpress-Full-Disk-Encryption
Description has changed
Application Marin-Software
Description has changed
Application SignalMind-(formerly-piJnz)
Description has changed
Application Geotoko
Description has changed
Application Trade-Promotion-Optimization-Planner
Description has changed
Application Rezgo
Description has changed
Application Agility-CMS
Description has changed
Application Brightree-LLC
Description has changed
Application AutoMCF
Description has changed
Application Catalogue-Manager
Description has changed
Application EatherWay
Description has changed
Application Plantune
Description has changed
Application Quote-Manager
Description has changed
Application WorkXpress-Build-from-Scratch
Description has changed
Application Appraisal-Smart
Description has changed
Application BIG4books.com
Description has changed
Application ChamberMaster
Description has changed
Application AppOnTheRun
Description has changed
Application RADIX-IDC
Description has changed
Application InfinityHR
Description has changed

DISCLAIMER AND COPYRIGHT

Copyright © 2021 Forcepoint
Forcepoint and the FORCEPOINT logo are trademarks of Forcepoint.

All other trademarks used in this document are the property of their respective owners.

Every effort has been made to ensure the accuracy of this document. However, Forcepoint makes no warranties with respect to this documentation and disclaims any implied warranties of merchantability and fitness for a particular purpose. Forcepoint shall not be liable for any error or for incidental or consequential damages in connection with the furnishing, performance, or use of this manual or the examples herein. The information in this documentation is subject to change without notice.