Sign In with your
Trend Micro Account
Need Help?
Need More Help?

Create a technical support case if you need further support.

Digital Vaccine #8986

    • Updated:
    • 15 Aug 2017
    • Product/Version:
    • TippingPoint Digital Vaccine
    • Platform:
Summary
Digital Vaccine #8986      (August 15, 2017)
Details
Public
 
Thank you for subscribing to Digital Vaccine updates brought to you by Trend Micro™ TippingPoint DVLabs.

New content is now available at the Threat Management Center (TMC): https://tmc.tippingpoint.com

SMS customers can update the Digital Vaccine through the SMS client. From the top line menu, you can open the "File > Download Digital Vaccine from TMC" menu item to detect and load the latest update.
 
System Requirements
The 2.5.2 DV will run on IPS with TOS 2.5.2 to TOS 3.1.x.
The 3.2.0 DV will run on IPS with TOS 3.2.0 to TOS 3.9.x, all NGFW and TPS v4.0.0 to 4.2.0.
The 4.0.0 DV only supports the Virtual Threat Protection System (vTPS) platform.
Please note that vTPS does not currently support pre-disclosed ZDI filters.
 
Adobe Security Bulletins
This DV includes coverage for the Adobe vulnerabilities released on or before August 8, 2017.
The following table maps TippingPoint filters to the Adobe CVEs.
Bulletin #CVE #TippingPoint Filter #Status
APSB17-23CVE-2017-3085 Local Only.
APSB17-23CVE-2017-310629353 
APSB17-24CVE-2017-3113*26537 
APSB17-24CVE-2017-3115*27233 
APSB17-24CVE-2017-311629354 
APSB17-24CVE-2017-3117 Vendor Deemed Reproducibility or Exploitation Unlikely
APSB17-24CVE-2017-311829358 
APSB17-24CVE-2017-311929359 
APSB17-24CVE-2017-3120*27751 
APSB17-24CVE-2017-3121*27948 
APSB17-24CVE-2017-3122*28005 
APSB17-24CVE-2017-3123*28032 
APSB17-24CVE-2017-3124*28034 
APSB17-24CVE-2017-11209*28035 
APSB17-24CVE-2017-11210*28092 
APSB17-24CVE-2017-11211*28218 
APSB17-24CVE-2017-11212*28100 
APSB17-24CVE-2017-11214*28216 
APSB17-24CVE-2017-11216*27821 
APSB17-24CVE-2017-11217*27812 
APSB17-24CVE-2017-11218*27753 
APSB17-24CVE-2017-11219*27820 
APSB17-24CVE-2017-1122029360 
APSB17-24CVE-2017-1122129413 
APSB17-24CVE-2017-1122229352 
APSB17-24CVE-2017-11223*28202 
APSB17-24CVE-2017-11224*28202 
APSB17-24CVE-2017-1122629349 
APSB17-24CVE-2017-11227*28473 
APSB17-24CVE-2017-11228*28475 
APSB17-24CVE-2017-1122929361 
APSB17-24CVE-2017-11230*28476 
APSB17-24CVE-2017-11231*28478 
APSB17-24CVE-2017-11232*28479 
APSB17-24CVE-2017-11233*28481 
APSB17-24CVE-2017-11234*28543 
APSB17-24CVE-2017-1123529362 
APSB17-24CVE-2017-1123629363 
APSB17-24CVE-2017-1123729370 
APSB17-24CVE-2017-1123829371 
APSB17-24CVE-2017-11239*28544 
APSB17-24CVE-2017-11241*28547 
APSB17-24CVE-2017-1124228480, 28548 
APSB17-24CVE-2017-11243*28663 
APSB17-24CVE-2017-11244*28664 
APSB17-24CVE-2017-11245*28666 
APSB17-24CVE-2017-1124629414 
APSB17-24CVE-2017-11248*28463 
APSB17-24CVE-2017-11249*28464 
APSB17-24CVE-2017-1125129418 
APSB17-24CVE-2017-11252*28477 
APSB17-24CVE-2017-1125429350 
APSB17-24CVE-2017-11255*28741 
APSB17-24CVE-2017-11256*28735 
APSB17-24CVE-2017-11257*28734 
APSB17-24CVE-2017-11258*28732 
APSB17-24CVE-2017-11259*28733 
APSB17-24CVE-2017-11260*28731 
APSB17-24CVE-2017-11261*28730 
APSB17-24CVE-2017-1126229355 
APSB17-24CVE-2017-1126329369 
APSB17-24CVE-2017-11265*28916 
APSB17-24CVE-2017-1126729364 
APSB17-24CVE-2017-1126829365 
APSB17-24CVE-2017-1126929366 
APSB17-24CVE-2017-1127029367 
APSB17-24CVE-2017-1127129368 
Filters marked with * shipped prior to this DV, providing zero-day protection.
 
The Digital Vaccine can be manually downloaded from the following URLs:
https://tmc.tippingpoint.com/TMC/ViewPackage?parentFolderId=digital_vaccines&contentId=SIG_2.5.2_8986.pkg
https://tmc.tippingpoint.com/TMC/ViewPackage?parentFolderId=digital_vaccines&contentId=SIG_3.2.0_8986.pkg
https://tmc.tippingpoint.com/TMC/ViewPackage?parentFolderId=vsa_dv&contentId=SIG_VTPS_4.0.0_8986.pkg

Update Details

Table of Contents
--------------------------

Filters
 New Filters
 Modified Filters (logic changes)
 Modified Filters (metadata changes only)
 Removed Filters

Filters
----------------
 New Filters:


    29214: ISAKMP: strongSwan x509 Plugin Denial-of-Service Vulnerability
      - IPS Version: 3.7.0 and after.
      - NGFW Version: 1.3.0 and after.
      - TPS Version: 4.1.0 and after.
      - vTPS Version: 4.1.0 and after.
      - Category: Exploits
      - Severity: Critical
      - Description: This filter detects an attempt to exploit a denial-of-service vulnerability in strongSwan.
      - Deployments:
        - Deployment: Default (Block / Notify)
        - Deployment: Performance-Optimized (Disabled)
      - References:
        - Bugtraq ID: 98756
        - Common Vulnerabilities and Exposures: CVE-2017-9023 CVSS 4.3

    29273: HTTP: WordPress Statistics Plugin Cross-Site Scripting Vulnerability
      - IPS Version: 3.1.3 and after.
      - NGFW Version: 1.0.0 and after.
      - TPS Version: 4.0.0 and after.
      - vTPS Version: 4.0.1 and after.
      - Category: Vulnerabilities
      - Severity: Critical
      - Description: This filter detects an attempt to exploit a cross-site scripting vulnerability in WordPress Statistics plugin.
      - Deployments:
        - Deployment: Default (Block / Notify)
        - Deployment: Performance-Optimized (Disabled)
      - References:
        - Common Vulnerabilities and Exposures: CVE-2017-10991 CVSS 4.3

    29279: HTTP: VICIdial user_authorization Basic Authentication Request
      - IPS Version: 3.1.3 and after.
      - NGFW Version: 1.0.0 and after.
      - TPS Version: 4.0.0 and after.
      - vTPS Version: 4.0.1 and after.
      - Category: Security Policy
      - Severity: Moderate
      - Description: This filter detects an attempt to authenticate via VICIdial.
      - Deployment: Not enabled by default in any deployment.

    29331: HTTPS: Cisco Prime Infrastructure and EPNM SystemPreferences_Configurable Cross-Site Scripting
      - IPS Version: 3.1.3 and after.
      - NGFW Version: 1.0.0 and after.
      - TPS Version: 4.0.0 and after.
      - vTPS Version: 4.0.1 and after.
      - Category: Exploits
      - Severity: Critical
      - Description: This filter detects an attempt to exploit a cross-site scripting vulnerability in Cisco Prime Infrastructure and Evolved Programmable Network Manager (EPNM).
      - Deployments:
        - Deployment: Default (Block / Notify)
        - Deployment: Performance-Optimized (Disabled)
      - References:
        - Bugtraq ID: 99221
        - Common Vulnerabilities and Exposures: CVE-2017-6699 CVSS 4.3

    29332: HTTPS: Cisco Prime Infrastructure and EPNM ImportJobResults.jsp Cross-Site Scripting Vulnerability
      - IPS Version: 3.1.3 and after.
      - NGFW Version: 1.0.0 and after.
      - TPS Version: 4.0.0 and after.
      - vTPS Version: 4.0.1 and after.
      - Category: Exploits
      - Severity: Critical
      - Description: This filter detects an attempt to exploit a cross-site scripting vulnerability in Cisco Prime Infrastructure and Evolved Programmable Network Manager (EPNM).
      - Deployments:
        - Deployment: Security-Optimized (Block / Notify)
      - References:
        - Bugtraq ID: 99221
        - Common Vulnerabilities and Exposures: CVE-2017-6699 CVSS 4.3

    29333: HTTPS: Trend Micro SafeSync for Enterprise replace_local_disk Command Injection (ZDI-17-119)
      - IPS Version: 3.1.3 and after.
      - NGFW Version: 1.0.0 and after.
      - TPS Version: 4.0.0 and after.
      - vTPS Version: 4.0.1 and after.
      - Category: Exploits
      - Severity: Critical
      - Description: This filter detects attempts to exploit a command injection vulnerability in Trend Micro SafeSync for Enterprise.
      - Deployments:
        - Deployment: Default (Block / Notify)
        - Deployment: Performance-Optimized (Disabled)
      - References:
        - Zero Day Initiative: ZDI-17-119

    29336: HTTP: Phamm view/helpers.php Cross-Site Scripting Vulnerability
      - IPS Version: 3.1.3 and after.
      - NGFW Version: 1.0.0 and after.
      - TPS Version: 4.0.0 and after.
      - vTPS Version: 4.0.1 and after.
      - Category: Vulnerabilities
      - Severity: High
      - Description: This filter detects an attempt to exploit a cross-site scripting vulnerability in Phamm.
      - Deployments:
        - Deployment: Security-Optimized (Block / Notify)
      - References:
        - Bugtraq ID: 99927
        - Common Vulnerabilities and Exposures: CVE-2017-0378 CVSS 4.3

    29337: HTTP: Trend Micro SafeSync for Enterprise dead_local_disk Command Injection (ZDI-17-118)
      - IPS Version: 3.1.3 and after.
      - NGFW Version: 1.0.0 and after.
      - TPS Version: 4.0.0 and after.
      - vTPS Version: 4.0.1 and after.
      - Category: Vulnerabilities
      - Severity: Critical
      - Description: This filter detects attempts to exploit a command injection vulnerability in Trend Micro SafeSync for Enterprise.
      - Deployments:
        - Deployment: Default (Block / Notify)
        - Deployment: Performance-Optimized (Disabled)
      - References:
        - Zero Day Initiative: ZDI-17-118

    29338: HTTPS: Trend Micro SafeSync for Enterprise dead_local_disk Command Injection (ZDI-17-118)
      - IPS Version: 3.1.3 and after.
      - NGFW Version: 1.0.0 and after.
      - TPS Version: 4.0.0 and after.
      - vTPS Version: 4.0.1 and after.
      - Category: Exploits
      - Severity: Critical
      - Description: This filter detects attempts to exploit a command injection vulnerability in Trend Micro SafeSync for Enterprise.
      - Deployments:
        - Deployment: Default (Block / Notify)
        - Deployment: Performance-Optimized (Disabled)
      - References:
        - Zero Day Initiative: ZDI-17-118

    29349: HTTP: Adobe Acrobat JPG2000 Memory Corruption Vulnerability
      - IPS Version: 3.2.2 and after.
      - NGFW Version: 1.0.0 and after.
      - TPS Version: 4.0.0 and after.
      - vTPS Version: 4.0.1 and after.
      - Category: Exploits
      - Severity: Critical
      - Description: This filter detects an attempt to exploit a memory corruption vulnerability in Adobe Acrobat.
      - Deployments:
        - Deployment: Default (Block / Notify)
        - Deployment: Performance-Optimized (Disabled)
      - References:
        - Bugtraq ID: 100179
        - Common Vulnerabilities and Exposures: CVE-2017-11226 CVSS 7.8

    29350: HTTP: Adobe Reader JavaScript addAnnot Use-After-Free Vulnerability
      - IPS Version: 3.1.3 and after.
      - NGFW Version: 1.0.0 and after.
      - TPS Version: 4.0.0 and after.
      - vTPS Version: 4.0.1 and after.
      - Category: Exploits
      - Severity: Critical
      - Description: This filter detects attempt to exploit a use-after-free vulnerability in Adobe Reader.
      - Deployments:
        - Deployment: Default (Block / Notify)
        - Deployment: Performance-Optimized (Disabled)
      - References:
        - Bugtraq ID: 100182
        - Common Vulnerabilities and Exposures: CVE-2017-11254

    29352: HTTP: Adobe Acrobat Reader PRC Engine Memory Corruption Vulnerability
      - IPS Version: 3.1.3 and after.
      - NGFW Version: 1.0.0 and after.
      - TPS Version: 4.0.0 and after.
      - vTPS Version: 4.0.1 and after.
      - Category: Vulnerabilities
      - Severity: Critical
      - Description: This filter detects an attempt to exploit a memory corruption vulnerability in the Adobe Acrobat Reader.
      - Deployments:
        - Deployment: Default (Block / Notify)
        - Deployment: Performance-Optimized (Disabled)
      - References:
        - Common Vulnerabilities and Exposures: CVE-2017-11222

    29353: HTTP: Adobe Flash Trait Object Type Confusion Vulnerability
      - IPS Version: 3.1.3 and after.
      - NGFW Version: 1.0.0 and after.
      - TPS Version: 4.0.0 and after.
      - vTPS Version: 4.0.1 and after.
      - Category: Exploits
      - Severity: Critical
      - Description: This filter detects an attempt to exploit a type confusion vulnerability in Adobe Flash.
      - Deployments:
        - Deployment: Default (Block / Notify)
        - Deployment: Performance-Optimized (Disabled)
      - References:
        - Common Vulnerabilities and Exposures: CVE-2017-3106

    29354: HTTP: Adobe Acrobat MakeAccessible Memory Corruption Vulnerability
      - IPS Version: 3.1.3 and after.
      - NGFW Version: 1.0.0 and after.
      - TPS Version: 4.0.0 and after.
      - vTPS Version: 4.0.1 and after.
      - Category: Exploits
      - Severity: Critical
      - Description: This filter detects an attempt to exploit a memory corruption vulnerability in Adobe Acrobat.
      - Deployments:
        - Deployment: Default (Block / Notify)
        - Deployment: Performance-Optimized (Disabled)
      - References:
        - Common Vulnerabilities and Exposures: CVE-2017-3116

    29355: HTTP: Adobe Acrobat EMF ASCII Text Memory Corruption Vulnerability
      - IPS Version: 3.1.3 and after.
      - NGFW Version: 1.0.0 and after.
      - TPS Version: 4.0.0 and after.
      - vTPS Version: 4.0.1 and after.
      - Category: Exploits
      - Severity: Critical
      - Description: This filter detects an attempt to exploit a memory corruption vulnerability in Adobe Acrobat.
      - Deployments:
        - Deployment: Default (Block / Notify)
        - Deployment: Performance-Optimized (Disabled)
      - References:
        - Common Vulnerabilities and Exposures: CVE-2017-11262

    29358: HTTP: Adobe Reader Blacklist Security Bypass Vulnerability
      - IPS Version: 3.1.3 and after.
      - NGFW Version: 1.0.0 and after.
      - TPS Version: 4.0.0 and after.
      - vTPS Version: 4.0.1 and after.
      - Category: Exploits
      - Severity: Critical
      - Description: This filter detects an attempt to exploit a security bypass vulnerability in Adobe Acrobat Reader.
      - Deployments:
        - Deployment: Security-Optimized (Block / Notify)
      - References:
        - Common Vulnerabilities and Exposures: CVE-2017-3118

    29359: HTTP: Adobe Acrobat Getter Memory Corruption Vulnerability
      - IPS Version: 3.1.3 and after.
      - NGFW Version: 1.0.0 and after.
      - TPS Version: 4.0.0 and after.
      - vTPS Version: 4.0.1 and after.
      - Category: Exploits
      - Severity: Critical
      - Description: This filter detects an attempt to exploit a memory corruption vulnerability in Adobe Acrobat.
      - Deployments:
        - Deployment: Default (Block / Notify)
        - Deployment: Performance-Optimized (Disabled)
      - References:
        - Common Vulnerabilities and Exposures: CVE-2017-3119

    29360: HTTP: Adobe Reader Printer Buffer Overflow Vulnerability
      - IPS Version: 3.1.3 and after.
      - NGFW Version: 1.0.0 and after.
      - TPS Version: 4.0.0 and after.
      - vTPS Version: 4.0.1 and after.
      - Category: Exploits
      - Severity: Critical
      - Description: This filter detects an attempt to exploit a buffer overflow vulnerability in Adobe Reader.
      - Deployments:
        - Deployment: Security-Optimized (Block / Notify)
      - References:
        - Common Vulnerabilities and Exposures: CVE-2017-11220

    29361: HTTP: Adobe Reader FDF Security Bypass Vulnerability
      - IPS Version: 3.1.3 and after.
      - NGFW Version: 1.0.0 and after.
      - TPS Version: 4.0.0 and after.
      - vTPS Version: 4.0.1 and after.
      - Category: Exploits
      - Severity: Critical
      - Description: This filter detects an attempt to exploit a security bypass vulnerability in Adobe Acrobat Reader.
      - Deployments:
        - Deployment: Security-Optimized (Block / Notify)
      - References:
        - Common Vulnerabilities and Exposures: CVE-2017-11229

    29362: HTTP: Adobe Acrobat Pro DC ImageConversion JPEG Use-After-Free Vulnerability (ZDI-17-590)
      - IPS Version: 3.1.3 and after.
      - NGFW Version: 1.0.0 and after.
      - TPS Version: 4.0.0 and after.
      - vTPS Version: 4.0.1 and after.
      - Category: Exploits
      - Severity: Critical
      - Description: This filter detects an attempt to exploit a use-after-free vulnerability in Adobe Acrobat Pro DC.
      - Deployments:
        - Deployment: Default (Block / Notify)
        - Deployment: Performance-Optimized (Disabled)
      - References:
        - Common Vulnerabilities and Exposures: CVE-2017-11235
        - Zero Day Initiative: ZDI-17-590

    29363: HTTP: Adobe Acrobat Pro DC Forms Information Disclosure Vulnerability (ZDI-17-591)
      - IPS Version: 3.1.3 and after.
      - NGFW Version: 1.0.0 and after.
      - TPS Version: 4.0.0 and after.
      - vTPS Version: 4.0.1 and after.
      - Category: Exploits
      - Severity: High
      - Description: This filter detects an attempt to exploit an information disclosure vulnerability in Adobe Acrobat Pro DC.
      - Deployments:
        - Deployment: Default (Block / Notify)
        - Deployment: Performance-Optimized (Disabled)
      - References:
        - Common Vulnerabilities and Exposures: CVE-2017-11236
        - Zero Day Initiative: ZDI-17-591

    29364: HTTP: Adobe Acrobat Pro DC ImageConversion Memory Corruption Vulnerability (ZDI-17-621)
      - IPS Version: 3.1.3 and after.
      - NGFW Version: 1.0.0 and after.
      - TPS Version: 4.0.0 and after.
      - vTPS Version: 4.0.1 and after.
      - Category: Exploits
      - Severity: Critical
      - Description: This filter detects an attempt to exploit a memory corruption vulnerability in Adobe Acrobat Pro DC.
      - Deployments:
        - Deployment: Security-Optimized (Block / Notify)
      - References:
        - Common Vulnerabilities and Exposures: CVE-2017-11267
        - Zero Day Initiative: ZDI-17-621

    29365: HTTP: Adobe Acrobat Pro DC ImageConversion Information Disclosure Vulnerability (ZDI-17-622)
      - IPS Version: 3.1.3 and after.
      - NGFW Version: 1.0.0 and after.
      - TPS Version: 4.0.0 and after.
      - vTPS Version: 4.0.1 and after.
      - Category: Exploits
      - Severity: High
      - Description: This filter detects an attempt to exploit an information disclosure vulnerability in Adobe Acrobat Pro DC.
      - Deployments:
        - Deployment: Security-Optimized (Block / Notify)
      - References:
        - Common Vulnerabilities and Exposures: CVE-2017-11268
        - Zero Day Initiative: ZDI-17-622

    29366: HTTP: Adobe Acrobat Pro DC ImageConversion Information Disclosure Vulnerability (ZDI-17-623)
      - IPS Version: 3.1.3 and after.
      - NGFW Version: 1.0.0 and after.
      - TPS Version: 4.0.0 and after.
      - vTPS Version: 4.0.1 and after.
      - Category: Exploits
      - Severity: High
      - Description: This filter detects an attempt to exploit an information disclosure vulnerability in Adobe Acrobat Pro DC.
      - Deployments:
        - Deployment: Security-Optimized (Block / Notify)
      - References:
        - Common Vulnerabilities and Exposures: CVE-2017-11269
        - Zero Day Initiative: ZDI-17-623

    29367: HTTP: Adobe Acrobat Pro DC ImageConversion Information Disclosure Vulnerability (ZDI-17-625)
      - IPS Version: 3.1.3 and after.
      - NGFW Version: 1.0.0 and after.
      - TPS Version: 4.0.0 and after.
      - vTPS Version: 4.0.1 and after.
      - Category: Exploits
      - Severity: High
      - Description: This filter detects an attempt to exploit an information disclosure vulnerability in Adobe Acrobat Pro DC.
      - Deployments:
        - Deployment: Security-Optimized (Block / Notify)
      - References:
        - Common Vulnerabilities and Exposures: CVE-2017-11270
        - Zero Day Initiative: ZDI-17-625

    29368: HTTP: Adobe Acrobat Pro DC ImageConversion Memory Corruption Vulnerability (ZDI-17-629)
      - IPS Version: 3.1.3 and after.
      - NGFW Version: 1.0.0 and after.
      - TPS Version: 4.0.0 and after.
      - vTPS Version: 4.0.1 and after.
      - Category: Exploits
      - Severity: Critical
      - Description: This filter detects an attempt to exploit a memory corruption vulnerability in Adobe Acrobat Pro DC.
      - Deployments:
        - Deployment: Security-Optimized (Block / Notify)
      - References:
        - Common Vulnerabilities and Exposures: CVE-2017-11271
        - Zero Day Initiative: ZDI-17-629

    29369: HTTP: Adobe Acrobat Reader WinAnsiEncoding Differences Memory Corruption Vulnerability
      - IPS Version: 3.1.3 and after.
      - NGFW Version: 1.0.0 and after.
      - TPS Version: 4.0.0 and after.
      - vTPS Version: 4.0.1 and after.
      - Category: Vulnerabilities
      - Severity: Critical
      - Description: This filter detects an attempt to exploit a memory corruption vulnerability in the Adobe Acrobat Reader.
      - Deployments:
        - Deployment: Default (Block / Notify)
        - Deployment: Performance-Optimized (Disabled)
      - References:
        - Common Vulnerabilities and Exposures: CVE-2017-11263

    29370: HTTP: Adobe Acrobat Pro DC Font Parsing Information Disclosure Vulnerability (ZDI-17-592)
      - IPS Version: 3.1.3 and after.
      - NGFW Version: 1.0.0 and after.
      - TPS Version: 4.0.0 and after.
      - vTPS Version: 4.0.1 and after.
      - Category: Exploits
      - Severity: High
      - Description: This filter detects an attempt to exploit an information disclosure vulnerability in Adobe Acrobat Pro DC.
      - Deployments:
        - Deployment: Default (Block / Notify)
        - Deployment: Performance-Optimized (Disabled)
      - References:
        - Common Vulnerabilities and Exposures: CVE-2017-11237
        - Zero Day Initiative: ZDI-17-592

    29371: HTTP: Adobe Acrobat Pro DC ImageConversion EMF Information Disclosure Vulnerability (ZDI-17-593)
      - IPS Version: 3.1.3 and after.
      - NGFW Version: 1.0.0 and after.
      - TPS Version: 4.0.0 and after.
      - vTPS Version: 4.0.1 and after.
      - Category: Exploits
      - Severity: High
      - Description: This filter detects an attempt to exploit an information disclosure vulnerability in Adobe Acrobat Pro DC.
      - Deployments:
        - Deployment: Default (Block / Notify)
        - Deployment: Performance-Optimized (Disabled)
      - References:
        - Common Vulnerabilities and Exposures: CVE-2017-11238
        - Zero Day Initiative: ZDI-17-593

    29413: HTTP: Adobe Acrobat Reader Font Type Confusion Buffer Overflow Vulnerability
      - IPS Version: 3.1.3 and after.
      - NGFW Version: 1.0.0 and after.
      - TPS Version: 4.0.0 and after.
      - vTPS Version: 4.0.1 and after.
      - Category: Exploits
      - Severity: Critical
      - Description: This filter detects an attempt to exploit a buffer overflow vulnerability in Adobe Acrobat Reader.
      - Deployments:
        - Deployment: Default (Block / Notify)
        - Deployment: Performance-Optimized (Disabled)
      - References:
        - Common Vulnerabilities and Exposures: CVE-2017-11221

    29414: HTTP: Adobe Acrobat Pro ImageConversion JPEG Information Disclosure Vulnerability (ZDI-17-603)
      - IPS Version: 3.1.3 and after.
      - NGFW Version: 1.0.0 and after.
      - TPS Version: 4.0.0 and after.
      - vTPS Version: 4.0.1 and after.
      - Category: Exploits
      - Severity: High
      - Description: This filter detects an attempt to exploit an information disclosure vulnerability in Adobe Acrobat Pro DC.
      - Deployments:
        - Deployment: Security-Optimized (Block / Notify)
      - References:
        - Common Vulnerabilities and Exposures: CVE-2017-11246
        - Zero Day Initiative: ZDI-17-603

    29418: HTTP: Adobe Acrobat Pro DC JPEG2000 Memory Corruption Vulnerability (ZDI-17-609)
      - IPS Version: 3.1.3 and after.
      - NGFW Version: 1.0.0 and after.
      - TPS Version: 4.0.0 and after.
      - vTPS Version: 4.0.1 and after.
      - Category: Exploits
      - Severity: Critical
      - Description: This filter detects an attempt to exploit a memory corruption vulnerability in the Adobe Acrobat Pro DC.
      - Deployments:
        - Deployment: Default (Block / Notify)
        - Deployment: Performance-Optimized (Disabled)
      - References:
        - Common Vulnerabilities and Exposures: CVE-2017-11251
        - Zero Day Initiative: ZDI-17-609

  Modified Filters (logic changes):
    * = Enabled in Default deployments

    * 7176: Engine Protection: Suspicious chunked HTTP
      - IPS Version: 3.2.2 and after.
      - NGFW Version: 1.0.0 and after.
      - TPS Version: 4.0.0 and after.
      - vTPS Version: 4.0.1 and after.
      - Detection logic updated.

    * 24697: HTTP: Microsoft Internet Explorer ExtEscape EMF Parsing Integer Overflow Vulnerability
      - IPS Version: 3.1.3 and after.
      - NGFW Version: 1.0.0 and after.
      - TPS Version: 4.0.0 and after.
      - vTPS Version: 4.0.1 and after.
      - Description updated.
      - Detection logic updated.
      - Vulnerability references updated.

    27233: HTTP: Adobe Reader DC URL Parsing Information Disclosure Vulnerability (ZDI-17-570)
      - IPS Version: 3.1.3 and after.
      - NGFW Version: 1.0.0 and after.
      - TPS Version: 4.0.0 and after.
      - vTPS Version: 4.0.1 and after.
      - Name changed from "27233: ZDI-CAN-4369: Zero Day Initiative Vulnerability (Adobe Reader DC)".
      - Severity changed from "Critical" to "High".
      - Description updated.
      - Detection logic updated.
      - Vulnerability references updated.

    27305: HTTP: Trend Micro SafeSync for Enterprise replace_local_disk Command Injection (ZDI-17-119)
      - IPS Version: 3.1.3 and after.
      - NGFW Version: 1.0.0 and after.
      - TPS Version: 4.0.0 and after.
      - vTPS Version: 4.0.1 and after.
      - Name changed from "27305: HTTPS: Trend Micro SafeSync for Enterprise replace_local_disk Command Injection (ZDI-17-119)".
      - Description updated.
      - Detection logic updated.
      - Vulnerability references updated.
      - Deployments updated and are now:
        - Deployment: Security-Optimized (Block / Notify)

    * 27743: HTTP: Microsoft Windows PDF Library JPEG2000 Parsing Out-Of-Bounds Write Vulnerability (ZDI-17-466)
      - IPS Version: 3.1.3 and after.
      - NGFW Version: 1.0.0 and after.
      - TPS Version: 4.0.0 and after.
      - vTPS Version: 4.0.1 and after.
      - Name changed from "27743: ZDI-CAN-4481: Zero Day Initiative Vulnerability (Microsoft Windows PDF Library)".
      - Description updated.
      - Detection logic updated.
      - Vulnerability references updated.

    * 28473: HTTP: Adobe Acrobat Pro DC ImageConversion EMF Parsing Out-Of-Bounds Read Vulnerability (ZDI-17-606)
      - IPS Version: 3.1.3 and after.
      - NGFW Version: 1.0.0 and after.
      - TPS Version: 4.0.0 and after.
      - vTPS Version: 4.0.1 and after.
      - Name changed from "28473: ZDI-CAN-4765: Zero Day Initiative Vulnerability (Adobe Acrobat Pro DC)".
      - Description updated.
      - Detection logic updated.
      - Vulnerability references updated.

    28477: HTTP: Adobe Acrobat Pro DC PDF Parsing Out-Of-Bounds Read Vulnerability (ZDI-17-612)
      - IPS Version: 3.1.3 and after.
      - NGFW Version: 1.0.0 and after.
      - TPS Version: 4.0.0 and after.
      - vTPS Version: 4.0.1 and after.
      - Name changed from "28477: ZDI-CAN-4819: Zero Day Initiative Vulnerability (Adobe Acrobat Pro DC)".
      - Description updated.
      - Detection logic updated.
      - Vulnerability references updated.

    * 28544: HTTP: Adobe Acrobat Pro DC ImageConversion EMF Parsing Out-Of-Bounds Read (ZDI-17-594, ZDI-17-595)
      - IPS Version: 3.1.3 and after.
      - NGFW Version: 1.0.0 and after.
      - TPS Version: 4.0.0 and after.
      - vTPS Version: 4.0.1 and after.
      - Name changed from "28544: ZDI-CAN-4729: Zero Day Initiative Vulnerability (Adobe Acrobat Pro DC)".
      - Description updated.
      - Detection logic updated.
      - Vulnerability references updated.

    28730: HTTP: Adobe Acrobat Pro DC ImageConversion Memory Corruption Vulnerability (ZDI-17-618,ZDI-17-626)
      - IPS Version: 3.1.3 and after.
      - NGFW Version: 1.0.0 and after.
      - TPS Version: 4.0.0 and after.
      - vTPS Version: 4.0.1 and after.
      - Name changed from "28730: ZDI-CAN-4827: Zero Day Initiative Vulnerability (Adobe Acrobat Pro DC)".
      - Description updated.
      - Detection logic updated.
      - Vulnerability references updated.

    28733: HTTP: Adobe Acrobat Pro DC ImageConversion Memory Corruption Vulnerability (ZDI-17-620,ZDI-17-624)
      - IPS Version: 3.1.3 and after.
      - NGFW Version: 1.0.0 and after.
      - TPS Version: 4.0.0 and after.
      - vTPS Version: 4.0.1 and after.
      - Name changed from "28733: ZDI-CAN-4830: Zero Day Initiative Vulnerability (Adobe Acrobat Pro DC)".
      - Description updated.
      - Detection logic updated.
      - Vulnerability references updated.
      - Deployments updated and are now:
        - Deployment: Security-Optimized (Block / Notify)

    * 28735: HTTP: Adobe Acrobat Pro XFA Use-After-Free Vulnerability (ZDI-17-628,ZDI-17-631)
      - IPS Version: 3.1.3 and after.
      - NGFW Version: 1.0.0 and after.
      - TPS Version: 4.0.0 and after.
      - vTPS Version: 4.0.1 and after.
      - Name changed from "28735: ZDI-CAN-4843: Zero Day Initiative Vulnerability (Adobe Acrobat Pro DC)".
      - Description updated.
      - Detection logic updated.
      - Vulnerability references updated.

    * 28901: HTTP: EFS Software Easy File Sharing Web Server POST Request Buffer Overflow Vulnerability
      - IPS Version: 3.1.3 and after.
      - NGFW Version: 1.0.0 and after.
      - TPS Version: 4.0.0 and after.
      - vTPS Version: 4.0.1 and after.
      - Detection logic updated.

    28916: HTTP: Adobe Acrobat Pro DC Graphics Manager Use-After-Free Vulnerability (ZDI-17-632)
      - IPS Version: 3.1.3 and after.
      - NGFW Version: 1.0.0 and after.
      - TPS Version: 4.0.0 and after.
      - vTPS Version: 4.0.1 and after.
      - Name changed from "28916: ZDI-CAN-4887: Zero Day Initiative Vulnerability (Adobe Acrobat Pro DC)".
      - Description updated.
      - Detection logic updated.
      - Vulnerability references updated.

    * 29131: HTTPS: Cisco Prime Collaboration Provisioning ScriptMgr Servlet Authentication Bypass (ZDI-17-445)
      - IPS Version: 3.1.3 and after.
      - NGFW Version: 1.0.0 and after.
      - TPS Version: 4.0.0 and after.
      - vTPS Version: 4.0.1 and after.
      - Detection logic updated.

  Modified Filters (metadata changes only):
    * = Enabled in Default deployments

    25494: HTTP: HPE Intelligent Management Center RMI Registry Deserialization of Untrusted Data (ZDI-17-162)
      - IPS Version: 3.1.3 and after.
      - NGFW Version: 1.0.0 and after.
      - TPS Version: 4.0.0 and after.
      - vTPS Version: 4.0.1 and after.
      - Miscellaneous modification.

    * 26537: HTTP: Adobe Reader DC XFA AFDriver Use-After-Free Vulnerability (ZDI-17-569)
      - IPS Version: 3.1.3 and after.
      - NGFW Version: 1.0.0 and after.
      - TPS Version: 4.0.0 and after.
      - vTPS Version: 4.0.1 and after.
      - Name changed from "26537: ZDI-CAN-4310: Zero Day Initiative Vulnerability (Adobe Reader DC)".
      - Description updated.
      - Vulnerability references updated.

    * 27751: HTTP: Adobe Reader DC XFA Parsing Use-After-Free Vulnerability (ZDI-17-571)
      - IPS Version: 3.1.3 and after.
      - NGFW Version: 1.0.0 and after.
      - TPS Version: 4.0.0 and after.
      - vTPS Version: 4.0.1 and after.
      - Name changed from "27751: ZDI-CAN-4489: Zero Day Initiative Vulnerability (Adobe Reader DC)".
      - Description updated.
      - Vulnerability references updated.

    27753: HTTP: Adobe Reader DC XFA Parsing Use-After-Free Vulnerability (ZDI-17-572)
      - IPS Version: 3.1.3 and after.
      - NGFW Version: 1.0.0 and after.
      - TPS Version: 4.0.0 and after.
      - vTPS Version: 4.0.1 and after.
      - Name changed from "27753: ZDI-CAN-4490: Zero Day Initiative Vulnerability (Adobe Reader DC)".
      - Description updated.
      - Vulnerability references updated.

    * 27812: HTTP: Adobe Acrobat Pro DC ImageConversion EMF Parsing Out-Of-Bounds Read Vulnerability (ZDI-17-586)
      - IPS Version: 3.1.3 and after.
      - NGFW Version: 1.0.0 and after.
      - TPS Version: 4.0.0 and after.
      - vTPS Version: 4.0.1 and after.
      - Name changed from "27812: ZDI-CAN-4572: Zero Day Initiative Vulnerability (Adobe Acrobat Pro DC)".
      - Description updated.
      - Vulnerability references updated.

    27820: HTTP: Adobe Reader DC XFA topInset Use-After-Free Vulnerability (ZDI-17-585)
      - IPS Version: 3.1.3 and after.
      - NGFW Version: 1.0.0 and after.
      - TPS Version: 4.0.0 and after.
      - vTPS Version: 4.0.1 and after.
      - Name changed from "27820: ZDI-CAN-4571: Zero Day Initiative Vulnerability (Adobe Acrobat Reader DC)".
      - Description updated.
      - Vulnerability references updated.

    * 27821: HTTP: Adobe Acrobat Pro DC ImageConversion EMF Parsing Out-Of-Bounds Write Vulnerability(ZDI-17-607)
      - IPS Version: 3.1.3 and after.
      - NGFW Version: 1.0.0 and after.
      - TPS Version: 4.0.0 and after.
      - vTPS Version: 4.0.1 and after.
      - Name changed from "27821: ZDI-CAN-4570: Zero Day Initiative Vulnerability (Adobe Acrobat Pro DC)".
      - Description updated.
      - Vulnerability references updated.

    * 27822: HTTP: Adobe Acrobat Pro DC ImageConversion EMF Parsing Out-Of-Bounds Read Vulnerability (ZDI-17-583)
      - IPS Version: 3.1.3 and after.
      - NGFW Version: 1.0.0 and after.
      - TPS Version: 4.0.0 and after.
      - vTPS Version: 4.0.1 and after.
      - Name changed from "27822: ZDI-CAN-4569: Zero Day Initiative Vulnerability (Adobe Acrobat Pro DC)".
      - Description updated.
      - Vulnerability references updated.

    * 27948: HTTP: Adobe Acrobat Pro DC ImageConversion EMF Parsing Buffer Overflow Vulnerability (ZDI-17-599)
      - IPS Version: 3.1.3 and after.
      - NGFW Version: 1.0.0 and after.
      - TPS Version: 4.0.0 and after.
      - vTPS Version: 4.0.1 and after.
      - Name changed from "27948: ZDI-CAN-4502: Zero Day Initiative Vulnerability (Adobe Acrobat Pro DC)".
      - Description updated.
      - Vulnerability references updated.

    * 28005: HTTP: Adobe Acrobat Pro DC ImageConversion EMF Parsing Out-Of-Bounds Read Vulnerability (ZDI-17-596)
      - IPS Version: 3.1.3 and after.
      - NGFW Version: 1.0.0 and after.
      - TPS Version: 4.0.0 and after.
      - vTPS Version: 4.0.1 and after.
      - Name changed from "28005: ZDI-CAN-4534: Zero Day Initiative Vulnerability (Adobe Acrobat Pro DC)".
      - Description updated.
      - Vulnerability references updated.

    * 28032: HTTP: Adobe Acrobat Pro DC ImageConversion EMF Parsing Out-Of-Bounds Write Vulnerability(ZDI-17-575)
      - IPS Version: 3.1.3 and after.
      - NGFW Version: 1.0.0 and after.
      - TPS Version: 4.0.0 and after.
      - vTPS Version: 4.0.1 and after.
      - Name changed from "28032: ZDI-CAN-4556: Zero Day Initiative Vulnerability (Adobe Acrobat Pro DC)".
      - Description updated.
      - Vulnerability references updated.

    * 28034: HTTP: Adobe Acrobat Pro DC ImageConversion PCX Parsing Out-Of-Bounds Write Vulnerability(ZDI-17-576)
      - IPS Version: 3.1.3 and after.
      - NGFW Version: 1.0.0 and after.
      - TPS Version: 4.0.0 and after.
      - vTPS Version: 4.0.1 and after.
      - Name changed from "28034: ZDI-CAN-4557: Zero Day Initiative Vulnerability (Adobe Acrobat Pro DC)".
      - Description updated.
      - Vulnerability references updated.

    * 28035: HTTP: Adobe Acrobat Pro DC ImageConversion XPS Parsing Out-Of-Bounds Read Vulnerability (ZDI-17-577)
      - IPS Version: 3.1.3 and after.
      - NGFW Version: 1.0.0 and after.
      - TPS Version: 4.0.0 and after.
      - vTPS Version: 4.0.1 and after.
      - Name changed from "28035: ZDI-CAN-4558: Zero Day Initiative Vulnerability (Adobe Acrobat Pro DC)".
      - Description updated.
      - Vulnerability references updated.

    * 28092: HTTP: Adobe Acrobat Pro DC ImageConversion XPS Parsing Out-Of-Bounds Read Vulnerability (ZDI-17-578)
      - IPS Version: 3.1.3 and after.
      - NGFW Version: 1.0.0 and after.
      - TPS Version: 4.0.0 and after.
      - vTPS Version: 4.0.1 and after.
      - Name changed from "28092: ZDI-CAN-4559: Zero Day Initiative Vulnerability (Adobe Acrobat Pro DC)".
      - Description updated.
      - Vulnerability references updated.

    * 28100: HTTP: Adobe Acrobat Pro DC ImageConversion EMF Parsing Out-Of-Bounds Write Vulnerability(ZDI-17-580)
      - IPS Version: 3.1.3 and after.
      - NGFW Version: 1.0.0 and after.
      - TPS Version: 4.0.0 and after.
      - vTPS Version: 4.0.1 and after.
      - Name changed from "28100: ZDI-CAN-4566: Zero Day Initiative Vulnerability (Adobe Acrobat Pro DC)".
      - Description updated.
      - Vulnerability references updated.

    * 28101: HTTP: Adobe Acrobat Pro DC ImageConversion EMF Parsing Out-Of-Bounds Read Vulnerability (ZDI-17-581)
      - IPS Version: 3.1.3 and after.
      - NGFW Version: 1.0.0 and after.
      - TPS Version: 4.0.0 and after.
      - vTPS Version: 4.0.1 and after.
      - Name changed from "28101: ZDI-CAN-4567: Zero Day Initiative Vulnerability (Adobe Acrobat Pro DC)".
      - Description updated.
      - Vulnerability references updated.

    28202: HTTP: Adobe Reader DC XFA closeDoc/loadXML Use-After-Free Vulnerability (ZDI-17-587, ZDI-17-588)
      - IPS Version: 3.2.2 and after.
      - NGFW Version: 1.0.0 and after.
      - TPS Version: 4.0.0 and after.
      - vTPS Version: 4.0.1 and after.
      - Name changed from "28202: ZDI-CAN-4715,4716: Zero Day Initiative Vulnerability (Adobe Reader DC)".
      - Description updated.
      - Vulnerability references updated.

    * 28216: HTTP: Adobe Acrobat Pro DC ImageConversion EMF Parsing Out-Of-Bounds Read Vulnerability (ZDI-17-582)
      - IPS Version: 3.1.3 and after.
      - NGFW Version: 1.0.0 and after.
      - TPS Version: 4.0.0 and after.
      - vTPS Version: 4.0.1 and after.
      - Name changed from "28216: ZDI-CAN-4568: Zero Day Initiative Vulnerability (Adobe Acrobat Pro DC)".
      - Description updated.
      - Vulnerability references updated.

    * 28218: HTTP: Adobe Acrobat Pro DC ImageConversion JPEG Parsing Buffer Overflow Vulnerability (ZDI-17-579)
      - IPS Version: 3.1.3 and after.
      - NGFW Version: 1.0.0 and after.
      - TPS Version: 4.0.0 and after.
      - vTPS Version: 4.0.1 and after.
      - Name changed from "28218: ZDI-CAN-4562: Zero Day Initiative Vulnerability (Adobe Acrobat Pro DC)".
      - Description updated.
      - Vulnerability references updated.

    * 28463: HTTP: Adobe Acrobat Pro ImageConversion EMF Information Disclosure Vulnerability (ZDI-17-604)
      - IPS Version: 3.1.3 and after.
      - NGFW Version: 1.0.0 and after.
      - TPS Version: 4.0.0 and after.
      - vTPS Version: 4.0.1 and after.
      - Name changed from "28463: ZDI-CAN-4763: Zero Day Initiative Vulnerability (Adobe Acrobat Pro DC)".
      - Severity changed from "Critical" to "High".
      - Description updated.
      - Vulnerability references updated.

    * 28464: HTTP: Adobe Acrobat Pro DC ImageConversion Memory Corruption Vulnerability (ZDI-17-615)
      - IPS Version: 3.1.3 and after.
      - NGFW Version: 1.0.0 and after.
      - TPS Version: 4.0.0 and after.
      - vTPS Version: 4.0.1 and after.
      - Name changed from "28464: ZDI-CAN-4764: Zero Day Initiative Vulnerability (Adobe Acrobat Pro DC)".
      - Description updated.
      - Vulnerability references updated.

    * 28475: HTTP: Adobe Acrobat Pro DC JPEG2000 Parsing Memory Corruption Vulnerability (ZDI-17-610)
      - IPS Version: 3.1.3 and after.
      - NGFW Version: 1.0.0 and after.
      - TPS Version: 4.0.0 and after.
      - vTPS Version: 4.0.1 and after.
      - Name changed from "28475: ZDI-CAN-4817: Zero Day Initiative Vulnerability (Adobe Acrobat Pro DC)".
      - Description updated.
      - Vulnerability references updated.

    * 28476: HTTP: Adobe Acrobat Pro DC JPEG2000 Information Disclosure Vulnerability (ZDI-17-611)
      - IPS Version: 3.1.3 and after.
      - NGFW Version: 1.0.0 and after.
      - TPS Version: 4.0.0 and after.
      - vTPS Version: 4.0.1 and after.
      - Name changed from "28476: ZDI-CAN-4818: Zero Day Initiative Vulnerability (Adobe Acrobat Pro DC)".
      - Severity changed from "Critical" to "High".
      - Description updated.
      - Vulnerability references updated.

    28478: HTTP: Adobe Acrobat Pro DC PDF Annotation Use-After-Free Vulnerability (ZDI-17-633)
      - IPS Version: 3.1.3 and after.
      - NGFW Version: 1.0.0 and after.
      - TPS Version: 4.0.0 and after.
      - vTPS Version: 4.0.1 and after.
      - Name changed from "28478: ZDI-CAN-4820: Zero Day Initiative Vulnerability (Adobe Acrobat Pro DC)".
      - Description updated.
      - Vulnerability references updated.

    * 28479: HTTP: Adobe Acrobat Pro DC ImageConversion EMF Use-After-Free Vulnerability (ZDI-17-614)
      - IPS Version: 3.1.3 and after.
      - NGFW Version: 1.0.0 and after.
      - TPS Version: 4.0.0 and after.
      - vTPS Version: 4.0.1 and after.
      - Name changed from "28479: ZDI-CAN-4821: Zero Day Initiative Vulnerability (Adobe Acrobat Pro DC)".
      - Description updated.
      - Vulnerability references updated.

    * 28480: HTTP: Adobe Acrobat Pro DC ImageConversion EMF Parsing Out-Of-Bounds Write (ZDI-17-605)
      - IPS Version: 3.1.3 and after.
      - NGFW Version: 1.0.0 and after.
      - TPS Version: 4.0.0 and after.
      - vTPS Version: 4.0.1 and after.
      - Name changed from "28480: ZDI-CAN-4822: Zero Day Initiative Vulnerability (Adobe Acrobat Pro DC)".
      - Description updated.
      - Vulnerability references updated.

    * 28481: HTTP: Adobe Acrobat Pro DC ImageConversion EMF Information Disclosure Vulnerability (ZDI-17-616)
      - IPS Version: 3.1.3 and after.
      - NGFW Version: 1.0.0 and after.
      - TPS Version: 4.0.0 and after.
      - vTPS Version: 4.0.1 and after.
      - Name changed from "28481: ZDI-CAN-4823: Zero Day Initiative Vulnerability (Adobe Acrobat Pro DC)".
      - Severity changed from "Critical" to "High".
      - Description updated.
      - Vulnerability references updated.

    * 28543: HTTP: Adobe Acrobat Pro DC ImageConversion TIFF Information Disclosure Vulnerability (ZDI-17-589)
      - IPS Version: 3.1.3 and after.
      - NGFW Version: 1.0.0 and after.
      - TPS Version: 4.0.0 and after.
      - vTPS Version: 4.0.1 and after.
      - Name changed from "28543: ZDI-CAN-4719: Zero Day Initiative Vulnerability (Adobe Acrobat Pro DC)".
      - Severity changed from "Critical" to "High".
      - Description updated.
      - Vulnerability references updated.

    28546: HTTP: Adobe Acrobat Pro DC ImageConversion EMF Parsing Out-Of-Bounds Read Vulnerability (ZDI-17-574)
      - IPS Version: 3.1.3 and after.
      - NGFW Version: 1.0.0 and after.
      - TPS Version: 4.0.0 and after.
      - vTPS Version: 4.0.1 and after.
      - Name changed from "28546: ZDI-CAN-4730: Zero Day Initiative Vulnerability (Adobe Acrobat Pro DC)".
      - Description updated.
      - Vulnerability references updated.

    * 28547: HTTP: Adobe Acrobat Pro DC ImageConversion EMF Parsing Buffer Overflow Vulnerability (ZDI-17-597)
      - IPS Version: 3.1.3 and after.
      - NGFW Version: 1.0.0 and after.
      - TPS Version: 4.0.0 and after.
      - vTPS Version: 4.0.1 and after.
      - Name changed from "28547: ZDI-CAN-4731: Zero Day Initiative Vulnerability (Adobe Acrobat Pro DC)".
      - Description updated.
      - Vulnerability references updated.

    28548: HTTP: Adobe Acrobat Pro DC ImageConversion EMF Parsing Out-Of-Bounds Read Vulnerability (ZDI-17-598)
      - IPS Version: 3.1.3 and after.
      - NGFW Version: 1.0.0 and after.
      - TPS Version: 4.0.0 and after.
      - vTPS Version: 4.0.1 and after.
      - Name changed from "28548: ZDI-CAN-4732: Zero Day Initiative Vulnerability (Adobe Acrobat Pro DC)".
      - Description updated.
      - Vulnerability references updated.

    * 28654: HTTP: Adobe Acrobat Pro DC ImageConversion EMF Parsing Out-Of-Bounds Read Vulnerability (ZDI-17-573)
      - IPS Version: 3.1.3 and after.
      - NGFW Version: 1.0.0 and after.
      - TPS Version: 4.0.0 and after.
      - vTPS Version: 4.0.1 and after.
      - Name changed from "28654: ZDI-CAN-4733: Zero Day Initiative Vulnerability (Adobe Acrobat Pro DC)".
      - Description updated.
      - Vulnerability references updated.

    * 28663: HTTP: Adobe Acrobat Pro DC XSLT Parsing Out-Of-Bounds Read Vulnerability (ZDI-17-600)
      - IPS Version: 3.1.3 and after.
      - NGFW Version: 1.0.0 and after.
      - TPS Version: 4.0.0 and after.
      - vTPS Version: 4.0.1 and after.
      - Name changed from "28663: ZDI-CAN-4734: Zero Day Initiative Vulnerability (Adobe Acrobat Pro DC)".
      - Description updated.
      - Vulnerability references updated.

    28664: HTTP: Adobe Acrobat Pro DC ImageConversion EMF Parsing Out-Of-Bounds Read (ZDI-17-601)
      - IPS Version: 3.1.3 and after.
      - NGFW Version: 1.0.0 and after.
      - TPS Version: 4.0.0 and after.
      - vTPS Version: 4.0.1 and after.
      - Name changed from "28664: ZDI-CAN-4746: Zero Day Initiative Vulnerability (Adobe Acrobat Pro DC)".
      - Description updated.
      - Vulnerability references updated.

    28666: HTTP: Adobe Acrobat Pro ImageConversion EMF Information Disclosure Vulnerability (ZDI-17-602)
      - IPS Version: 3.1.3 and after.
      - NGFW Version: 1.0.0 and after.
      - TPS Version: 4.0.0 and after.
      - vTPS Version: 4.0.1 and after.
      - Name changed from "28666: ZDI-CAN-4747: Zero Day Initiative Vulnerability (Adobe Acrobat Pro DC)".
      - Severity changed from "Critical" to "High".
      - Description updated.
      - Vulnerability references updated.

    28668: HTTP: Adobe Acrobat Pro DC ImageConversion EMF Parsing Out-Of-Bounds Read Vulnerability (ZDI-17-608)
      - IPS Version: 3.1.3 and after.
      - NGFW Version: 1.0.0 and after.
      - TPS Version: 4.0.0 and after.
      - vTPS Version: 4.0.1 and after.
      - Name changed from "28668: ZDI-CAN-4767: Zero Day Initiative Vulnerability (Adobe Acrobat Pro DC)".
      - Description updated.
      - Vulnerability references updated.

    * 28731: HTTP: Adobe Acrobat Pro DC ImageConversion EMF Parsing Out-Of-Bounds Write Vulnerability(ZDI-17-617)
      - IPS Version: 3.1.3 and after.
      - NGFW Version: 1.0.0 and after.
      - TPS Version: 4.0.0 and after.
      - vTPS Version: 4.0.1 and after.
      - Name changed from "28731: ZDI-CAN-4828: Zero Day Initiative Vulnerability (Adobe Acrobat Pro DC)".
      - Description updated.
      - Vulnerability references updated.
      - Deployments updated and are now:
        - Deployment: Default (Block / Notify)
        - Deployment: Performance-Optimized (Disabled)

    28732: HTTP: Adobe Acrobat Pro DC ImageConversion Information Disclosure Vulnerability (ZDI-17-619)
      - IPS Version: 3.1.3 and after.
      - NGFW Version: 1.0.0 and after.
      - TPS Version: 4.0.0 and after.
      - vTPS Version: 4.0.1 and after.
      - Name changed from "28732: ZDI-CAN-4829: Zero Day Initiative Vulnerability (Adobe Acrobat Pro DC)".
      - Severity changed from "Critical" to "High".
      - Description updated.
      - Vulnerability references updated.

    * 28734: HTTP: Adobe Acrobat Pro DC XFA Type Confusion Vulnerability (ZDI-17-627)
      - IPS Version: 3.1.3 and after.
      - NGFW Version: 1.0.0 and after.
      - TPS Version: 4.0.0 and after.
      - vTPS Version: 4.0.1 and after.
      - Name changed from "28734: ZDI-CAN-4842: Zero Day Initiative Vulnerability (Adobe Acrobat Pro DC)".
      - Description updated.
      - Vulnerability references updated.

    * 28741: HTTP: Adobe Acrobat Pro DC ImageConversion TIFF Parsing Out-Of-Bounds Read Vulnerability(ZDI-17-630)
      - IPS Version: 3.1.3 and after.
      - NGFW Version: 1.0.0 and after.
      - TPS Version: 4.0.0 and after.
      - vTPS Version: 4.0.1 and after.
      - Name changed from "28741: ZDI-CAN-4854: Zero Day Initiative Vulnerability (Adobe Acrobat Pro DC)".
      - Description updated.
      - Vulnerability references updated.

    29217: HTTP: Request for External Microsoft Word Template with Macros
      - IPS Version: 3.1.3 and after.
      - NGFW Version: 1.0.0 and after.
      - TPS Version: 4.0.0 and after.
      - vTPS Version: 4.0.1 and after.
      - Miscellaneous modification.

  Removed Filters:  None
  
Top of the Page
Premium
Internal
Rating:
Category:
Configure; Troubleshoot; Deploy
Solution Id:
TP000087060
Feedback
Did this article help you?

Thank you for your feedback!

To help us improve the quality of this article, please leave your email here so we can clarify further your feedback, if neccessary:
We will not send you spam or share your email address.

*This form is automated system. General questions, technical, sales, and product-related issues submitted through this form will not be answered.

If you need additional help, you may try to contact the support team. Contact Support


To help us improve the quality of this article, please leave your email here so we can clarify further your feedback, if neccessary:
We will not send you spam or share your email address.

*This form is automated system. General questions, technical, sales, and product-related issues submitted through this form will not be answered.