Sign In with your
Trend Micro Account
Need Help?
Need More Help?

Create a technical support case if you need further support.

Digital Vaccine #9017

    • Updated:
    • 18 Oct 2017
    • Product/Version:
    • TippingPoint Digital Vaccine
    • Platform:
Summary
Digital Vaccine #9017      October 17, 2017
Details
Public
Thank you for subscribing to Digital Vaccine updates brought to you by Trend Micro™ TippingPoint DVLabs.

New content is now available at the Threat Management Center (TMC): https://tmc.tippingpoint.com

SMS customers can update the Digital Vaccine through the SMS client. From the top line menu, you can open the "File > Download Digital Vaccine from TMC" menu item to detect and load the latest update.
 
System Requirements
The 3.2.0 DV will run on IPS devices with TOS v3.2.0 and above,  all NGFW and all TPS systems.
The 4.0.0 DV will only run on the Virtual Threat Protection System (vTPS) appliance.
Please note that vTPS does not currently support pre-disclosed ZDI filters.
 
Microsoft Security Bulletins
This DV includes coverage for the Microsoft vulnerabilities released on or before October 10, 2017.
The following table maps TippingPoint filters to the Microsoft CVEs.
 CVE #TippingPoint Filter #Status
 CVE-2017-1182629766 
Filters marked with * shipped prior to this DV, providing zero-day protection.
 
Adobe Security Bulletins
This DV includes coverage for the Adobe vulnerabilities released on or before October 17, 2017.
The following table maps TippingPoint filters to the Adobe CVEs.
Bulletin #CVE #TippingPoint Filter #Status
APSB17-32CVE-2017-1129229771 
Filters marked with * shipped prior to this DV, providing zero-day protection.
 
The Digital Vaccine can be manually downloaded from the following URLs:
https://tmc.tippingpoint.com/TMC/ViewPackage?parentFolderId=digital_vaccines&contentId=SIG_3.2.0_9017.pkg
https://tmc.tippingpoint.com/TMC/ViewPackage?parentFolderId=vsa_dv&contentId=SIG_VTPS_4.0.0_9017.pkg

Update Details

Table of Contents
--------------------------

Filters
 New Filters
 Modified Filters (logic changes)
 Modified Filters (metadata changes only)
 Removed Filters

Filters
----------------
 New Filters:


    27705: HTTP: HPE Application Performance Management System Health Authentication Bypass (ZDI-17-722)
      - IPS Version: 3.6.2 and after.
      - NGFW Version: 1.0.0 and after.
      - TPS Version: 4.0.0 and after.
      - vTPS Version: 4.0.1 and after.
      - Category: Vulnerabilities
      - Severity: Critical
      - Description: This filter detects an attempt to exploit an authentication bypass vulnerability in Hewlett Packard Enterprise (HPE) Application Performance Management System Health.
      - Deployments:
        - Deployment: Security-Optimized (Block / Notify)
      - References:
        - Common Vulnerabilities and Exposures: CVE-2017-13983 CVSS 10.0
        - Zero Day Initiative: ZDI-17-722

    29659: ISAKMP: strongSwan GMP Plugin Denial-of-Service Vulnerability
      - IPS Version: 3.6.2 and after.
      - NGFW Version: 1.0.0 and after.
      - TPS Version: 4.0.0 and after.
      - vTPS Version: 4.0.1 and after.
      - Category: Exploits
      - Severity: Critical
      - Description: This filter detects an attempt to exploit a denial-of-service vulnerability in strongSwan.
      - Deployments:
        - Deployment: Default (Block / Notify)
        - Deployment: Performance-Optimized (Disabled)
      - References:
        - Bugtraq ID: 100492
        - Common Vulnerabilities and Exposures: CVE-2017-11185 CVSS 5.0

    29697: SMB: Microsoft Windows Search Buffer Overflow Vulnerability
      - IPS Version: 3.6.2 and after.
      - NGFW Version: 1.0.0 and after.
      - TPS Version: 4.0.0 and after.
      - vTPS Version: 4.0.1 and after.
      - Category: Exploits
      - Severity: Critical
      - Description: This filter detects an attempt to exploit a buffer overflow vulnerability in Microsoft Windows Search.
      - Deployments:
        - Deployment: Security-Optimized (Block / Notify)
      - References:
        - Bugtraq ID: 98824
        - Common Vulnerabilities and Exposures: CVE-2017-8543 CVSS 10.0

    29700: HTTP: Trend Micro Mobile Security Enterprise URI SQL Injection (ZDI-17-787,788,792-794,800-806)
      - IPS Version: 3.6.2 and after.
      - NGFW Version: 1.0.0 and after.
      - TPS Version: 4.0.0 and after.
      - vTPS Version: 4.0.1 and after.
      - Category: Vulnerabilities
      - Severity: Critical
      - Description: This filter detects an attempt to exploit a SQL injection vulnerability in Trend Micro Mobile Security Enterprise.
      - Deployments:
        - Deployment: Security-Optimized (Block / Notify)
      - References:
        - Bugtraq ID: 100966
        - Common Vulnerabilities and Exposures: CVE-2017-14078 CVSS 10.0
        - Zero Day Initiative: ZDI-17-787, ZDI-17-788, ZDI-17-792, ZDI-17-793, ZDI-17-794, ZDI-17-800, ZDI-17-801, ZDI-17-802, ZDI-17-803, ZDI-17-804, ZDI-17-805, ZDI-17-806

    29711: HTTP: Advantech WebAccess rmTemplate.aspx SQL Injection Vulnerability (ZDI-17-712)
      - IPS Version: 3.6.2 and after.
      - NGFW Version: 1.0.0 and after.
      - TPS Version: 4.0.0 and after.
      - vTPS Version: 4.0.1 and after.
      - Category: Vulnerabilities
      - Severity: Critical
      - Description: This filter detects an attempt to exploit a SQL injection vulnerability in Advantech WebAccess.
      - Deployments:
        - Deployment: Default (Block / Notify)
        - Deployment: Performance-Optimized (Disabled)
      - References:
        - Bugtraq ID: 100526
        - Common Vulnerabilities and Exposures: CVE-2017-12710 CVSS 5.0
        - Zero Day Initiative: ZDI-17-712

    29712: NFS: Linux Kernel NFSv4 nfsd PNFS Denial-of-Service Vulnerability
      - IPS Version: 3.6.2 and after.
      - NGFW Version: 1.0.0 and after.
      - TPS Version: 4.0.0 and after.
      - vTPS Version: 4.0.1 and after.
      - Category: Exploits
      - Severity: Critical
      - Description: This filter detects an attempt to exploit a denial-of-service vulnerability in Linux Kernel.
      - Deployments:
        - Deployment: Security-Optimized (Block / Notify)
      - References:
        - Bugtraq ID: 99298
        - Common Vulnerabilities and Exposures: CVE-2017-8797 CVSS 7.8

    29726: TCP: Elastic Elasticsearch ThrowableObjectInputStream Insecure Deserialization Vulnerability
      - IPS Version: 3.6.2 and after.
      - NGFW Version: 1.0.0 and after.
      - TPS Version: 4.0.0 and after.
      - vTPS Version: 4.0.1 and after.
      - Category: Vulnerabilities
      - Severity: Critical
      - Description: This filter detects an attempt to exploit an insecure deserialization vulnerability in Elastic Elasticsearch.
      - Deployments:
        - Deployment: Default (Block / Notify)
        - Deployment: Performance-Optimized (Disabled)
      - References:
        - Bugtraq ID: 75938
        - Common Vulnerabilities and Exposures: CVE-2015-5377

    29727: SIP: Digium Asterisk non-SIP URIs Denial-of-Service Vulnerability
      - IPS Version: 3.6.2 and after.
      - NGFW Version: 1.0.0 and after.
      - TPS Version: 4.0.0 and after.
      - vTPS Version: 4.0.1 and after.
      - Category: Exploits
      - Severity: Critical
      - Description: This filter detects an attempt to exploit a denial-of-service vulnerability in Digium Asterisk.
      - Deployments:
        - Deployment: Default (Block / Notify)
        - Deployment: Performance-Optimized (Disabled)
      - References:
        - Bugtraq ID: 100583
        - Common Vulnerabilities and Exposures: CVE-2017-14098 CVSS 5.0

    29728: HTTP: Apache Tomcat HTTP PUT Windows Code Execution Vulnerability
      - IPS Version: 3.6.2 and after.
      - NGFW Version: 1.0.0 and after.
      - TPS Version: 4.0.0 and after.
      - vTPS Version: 4.0.1 and after.
      - Category: Vulnerabilities
      - Severity: Critical
      - Description: This filter detects an attempt to exploit a code execution vulnerability in Apache Tomcat.
      - Deployments:
        - Deployment: Default (Block / Notify)
        - Deployment: Performance-Optimized (Disabled)
      - References:
        - Bugtraq ID: 100901
        - Common Vulnerabilities and Exposures: CVE-2017-12615 CVSS 6.8

    29736: HTTP: EMC Data Protection Advisor ScheduledReportResource preScript Parameter Usage (ZDI-17-812)
      - IPS Version: 3.6.2 and after.
      - NGFW Version: 1.0.0 and after.
      - TPS Version: 4.0.0 and after.
      - vTPS Version: 4.0.1 and after.
      - Category: Security Policy
      - Severity: Moderate
      - Description: This filter detects an attempt to use a prescript parameter in a EMC Data Protection.
      - Deployment: Not enabled by default in any deployment.
      - References:
        - Bugtraq ID: 101008
        - Common Vulnerabilities and Exposures: CVE-2017-10955 CVSS 9.0
        - Zero Day Initiative: ZDI-17-812

    29738: HTTP: Apache Tomcat HTTP PUT Code Execution Vulnerability
      - IPS Version: 3.6.2 and after.
      - NGFW Version: 1.0.0 and after.
      - TPS Version: 4.0.0 and after.
      - vTPS Version: 4.0.1 and after.
      - Category: Vulnerabilities
      - Severity: Critical
      - Description: This filter detects an attempt to exploit a code execution vulnerability in Apache Tomcat.
      - Deployments:
        - Deployment: Security-Optimized (Block / Notify)
      - References:
        - Bugtraq ID: 100954
        - Common Vulnerabilities and Exposures: CVE-2017-12617

    29739: SIP: Digium Asterisk app_minivm Caller-ID Command Execution Vulnerability
      - IPS Version: 3.6.2 and after.
      - NGFW Version: 1.0.0 and after.
      - TPS Version: 4.0.0 and after.
      - vTPS Version: 4.0.1 and after.
      - Category: Vulnerabilities
      - Severity: Critical
      - Description: This filter detects an attempt to exploit a command execution vulnerability in Digium Asterisk.
      - Deployments:
        - Deployment: Security-Optimized (Block / Notify)
      - References:
        - Bugtraq ID: 100582
        - Common Vulnerabilities and Exposures: CVE-2017-14100 CVSS 7.5

    29742: ZDI-CAN-5074: Zero Day Initiative Vulnerability (Adobe Flash)
      - IPS Version: 3.6.2 and after.
      - NGFW Version: 1.0.0 and after.
      - TPS Version: 4.0.0 and after.
      - vTPS Version: Not available.
      - Requires: IPS N-Platform, NX-Platform, NGFW, or TPS models.
      - Category: Exploits
      - Severity: Critical
      - Description: This filter provides protection against exploitation of a zero-day vulnerability affecting Adobe Flash.
      - Deployments:
        - Deployment: Default (Block / Notify / Trace)
        - Deployment: Performance-Optimized (Disabled)

    29743: ZDI-CAN-5075: Zero Day Initiative Vulnerability (Adobe Flash)
      - IPS Version: 3.6.2 and after.
      - NGFW Version: 1.0.0 and after.
      - TPS Version: 4.0.0 and after.
      - vTPS Version: Not available.
      - Requires: IPS N-Platform, NX-Platform, NGFW, or TPS models.
      - Category: Exploits
      - Severity: Critical
      - Description: This filter provides protection against exploitation of a zero-day vulnerability affecting Adobe Flash.
      - Deployments:
        - Deployment: Default (Block / Notify / Trace)
        - Deployment: Performance-Optimized (Disabled)

    29744: ZDI-CAN-5077: Zero Day Initiative Vulnerability (Microsoft Edge)
      - IPS Version: 3.6.2 and after.
      - NGFW Version: 1.0.0 and after.
      - TPS Version: 4.0.0 and after.
      - vTPS Version: Not available.
      - Requires: IPS N-Platform, NX-Platform, NGFW, or TPS models.
      - Category: Vulnerabilities
      - Severity: Critical
      - Description: This filter provides protection against exploitation of a zero-day vulnerability affecting Microsoft Edge.
      - Deployments:
        - Deployment: Security-Optimized (Block / Notify)

    29745: HTTP: Elastic Elasticsearch Snapshot API Directory Traversal Vulnerability
      - IPS Version: 3.6.2 and after.
      - NGFW Version: 1.0.0 and after.
      - TPS Version: 4.0.0 and after.
      - vTPS Version: 4.0.1 and after.
      - Category: Vulnerabilities
      - Severity: Critical
      - Description: This filter detects an attempt to exploit a directory traversal vulnerability in Elastic Elasticsearch.
      - Deployments:
        - Deployment: Security-Optimized (Block / Notify)
      - References:
        - Bugtraq ID: 75935
        - Common Vulnerabilities and Exposures: CVE-2015-5531 CVSS 5.0

    29747: HTTP: DenyAll Web Application Firewall Command Injection Vulnerability
      - IPS Version: 3.6.2 and after.
      - NGFW Version: 1.0.0 and after.
      - TPS Version: 4.0.0 and after.
      - vTPS Version: 4.0.1 and after.
      - Category: Vulnerabilities
      - Severity: Critical
      - Description: This filter detects an attempt to exploit a command injection vulnerability in DenyAll Web Application Firewall.
      - Deployments:
        - Deployment: Security-Optimized (Block / Notify)

    29748: TCP: HPE Intelligent Management Center imcwlandm SSID Buffer Overflow Vulnerability (ZDI-17-316)
      - IPS Version: 3.6.2 and after.
      - NGFW Version: 1.0.0 and after.
      - TPS Version: 4.0.0 and after.
      - vTPS Version: 4.0.1 and after.
      - Category: Exploits
      - Severity: Critical
      - Description: This filter detects an attempt to exploit a buffer overflow vulnerability in Hewlett Packard Enterprise Intelligent Management Center.
      - Deployments:
        - Deployment: Default (Block / Notify)
        - Deployment: Performance-Optimized (Disabled)
      - References:
        - Common Vulnerabilities and Exposures: CVE-2017-5805 CVSS 10.0
        - Zero Day Initiative: ZDI-17-316

    29749: TCP: HPE Intelligent Management Center imcwlandm UserName Buffer Overflow Vulnerability (ZDI-17-317)
      - IPS Version: 3.6.2 and after.
      - NGFW Version: 1.0.0 and after.
      - TPS Version: 4.0.0 and after.
      - vTPS Version: 4.0.1 and after.
      - Category: Exploits
      - Severity: Critical
      - Description: This filter detects an attempt to exploit a buffer overflow vulnerability in Hewlett Packard Enterprise Intelligent Management Center.
      - Deployments:
        - Deployment: Default (Block / Notify)
        - Deployment: Performance-Optimized (Disabled)
      - References:
        - Common Vulnerabilities and Exposures: CVE-2017-5806 CVSS 10.0
        - Zero Day Initiative: ZDI-17-317

    29751: ZDI-CAN-5083: Zero Day Initiative Vulnerability (NETGEAR Nighthawk)
      - IPS Version: 3.6.2 and after.
      - NGFW Version: 1.0.0 and after.
      - TPS Version: 4.0.0 and after.
      - vTPS Version: Not available.
      - Requires: IPS N-Platform, NX-Platform, NGFW, or TPS models.
      - Category: Vulnerabilities
      - Severity: Critical
      - Description: This filter provides protection against exploitation of a zero-day vulnerability affecting NETGEAR Nighthawk.
      - Deployments:
        - Deployment: Default (Block / Notify / Trace)
        - Deployment: Performance-Optimized (Disabled)

    29752: ZDI-CAN-5085: Zero Day Initiative Vulnerability (WECON LeviStudio)
      - IPS Version: 3.6.2 and after.
      - NGFW Version: 1.0.0 and after.
      - TPS Version: 4.0.0 and after.
      - vTPS Version: Not available.
      - Requires: IPS N-Platform, NX-Platform, NGFW, or TPS models.
      - Category: Vulnerabilities
      - Severity: Critical
      - Description: This filter provides protection against exploitation of a zero-day vulnerability affecting WECON LeviStudio.
      - Deployments:
        - Deployment: Security-Optimized (Block / Notify)

    29766: HTTP: Microsoft Office OOXML Type Confusion Vulnerability
      - IPS Version: 3.6.2 and after.
      - NGFW Version: 1.0.0 and after.
      - TPS Version: 4.0.0 and after.
      - vTPS Version: 4.0.1 and after.
      - Category: Exploits
      - Severity: Critical
      - Description: This filter detects an attempt to exploit a type confusion vulnerability in Microsoft Office.
      - Deployments:
        - Deployment: Default (Block / Notify)
        - Deployment: Performance-Optimized (Disabled)
      - References:
        - Common Vulnerabilities and Exposures: CVE-2017-11826

    29771: HTTP: Adobe Flash BufferControlParameters Type Confusion Vulnerability
      - IPS Version: 3.6.2 and after.
      - NGFW Version: 1.0.0 and after.
      - TPS Version: 4.0.0 and after.
      - vTPS Version: 4.0.1 and after.
      - Category: Exploits
      - Severity: Critical
      - Description: This filter detects an attempt to exploit a type confusion vulnerability in Adobe Flash.
      - Deployments:
        - Deployment: Security-Optimized (Block / Notify)
      - References:
        - Common Vulnerabilities and Exposures: CVE-2017-11292 CVSS 8.8

  Modified Filters (logic changes):
    * = Enabled in Default deployments

    * 27700: HTTP: HPE BSM Application Performance Management System Health Directory Traversal (ZDI-17-719)
      - IPS Version: 3.1.3 and after.
      - NGFW Version: 1.0.0 and after.
      - TPS Version: 4.0.0 and after.
      - vTPS Version: 4.0.1 and after.
      - Name changed from "27700: ZDI-CAN-4455: Zero Day Initiative Vulnerability (HPE Application Performance Management System)".
      - Description updated.
      - Detection logic updated.
      - Vulnerability references updated.

    * 27701: HTTP: HPE BSM Application Performance Management System Health Directory Traversal (ZDI-17-721)
      - IPS Version: 3.1.3 and after.
      - NGFW Version: 1.0.0 and after.
      - TPS Version: 4.0.0 and after.
      - vTPS Version: 4.0.1 and after.
      - Name changed from "27701: ZDI-CAN-4456: Zero Day Initiative Vulnerability (HPE Application Performance Management System)".
      - Description updated.
      - Detection logic updated.
      - Vulnerability references updated.

    * 27702: HTTP: HPE BSM Application Performance Management System Health Directory Traversal (ZDI-17-720)
      - IPS Version: 3.1.3 and after.
      - NGFW Version: 1.0.0 and after.
      - TPS Version: 4.0.0 and after.
      - vTPS Version: 4.0.1 and after.
      - Name changed from "27702: ZDI-CAN-4457: Zero Day Initiative Vulnerability (HPE Application Performance Management System)".
      - Description updated.
      - Detection logic updated.
      - Vulnerability references updated.

    * 28102: HTTP: EMC Data Protection Advisor ReportQueueResource orderby SQL Injection (ZDI-17-709)
      - IPS Version: 3.1.3 and after.
      - NGFW Version: 1.0.0 and after.
      - TPS Version: 4.0.0 and after.
      - vTPS Version: 4.0.1 and after.
      - Name changed from "28102: ZDI-CAN-4694: Zero Day Initiative Vulnerability (EMC Data Protection Advisor)".
      - Description updated.
      - Detection logic updated.
      - Vulnerability references updated.

    * 28103: HTTP: EMC Data Protection Advisor ScheduledReportResource Directory Traversal (ZDI-17-711)
      - IPS Version: 3.1.3 and after.
      - NGFW Version: 1.0.0 and after.
      - TPS Version: 4.0.0 and after.
      - vTPS Version: 4.0.1 and after.
      - Name changed from "28103: ZDI-CAN-4695: Zero Day Initiative Vulnerability (EMC Data Protection Advisor)".
      - Description updated.
      - Detection logic updated.
      - Vulnerability references updated.

    * 28104: HTTP: EMC Data Protection Advisor BaseRestEntityResource orderby SQL Injection (ZDI-17-708)
      - IPS Version: 3.1.3 and after.
      - NGFW Version: 1.0.0 and after.
      - TPS Version: 4.0.0 and after.
      - vTPS Version: 4.0.1 and after.
      - Name changed from "28104: ZDI-CAN-4696: Zero Day Initiative Vulnerability (EMC Data Protection Advisor)".
      - Description updated.
      - Detection logic updated.
      - Vulnerability references updated.

    * 28105: HTTP: EMC Data Protection Advisor RequestHistoryResource orderby SQL Injection (ZDI-17-710)
      - IPS Version: 3.1.3 and after.
      - NGFW Version: 1.0.0 and after.
      - TPS Version: 4.0.0 and after.
      - vTPS Version: 4.0.1 and after.
      - Name changed from "28105: ZDI-CAN-4698: Zero Day Initiative Vulnerability (EMC Data Protection Advisor)".
      - Description updated.
      - Detection logic updated.
      - Vulnerability references updated.

    28226: HTTP: Microsoft Windows Bitmap Parsing Information Disclosure Vulnerability (ZDI-17-724)
      - IPS Version: 3.1.3 and after.
      - NGFW Version: 1.0.0 and after.
      - TPS Version: 4.0.0 and after.
      - vTPS Version: 4.0.1 and after.
      - Description updated.
      - Detection logic updated.
      - Vulnerability references updated.

    * 28310: HTTP: Trend Micro Mobile Security Enterprise JSON SQL Injection (ZDI-17-787,788,792-794,800-806)
      - IPS Version: 3.1.3 and after.
      - NGFW Version: 1.0.0 and after.
      - TPS Version: 4.0.0 and after.
      - vTPS Version: 4.0.1 and after.
      - Name changed from "28310: ZDI-CAN-4782-4783,4787: Zero Day Initiative Vulnerability (Trend Micro Mobile Security)".
      - Description updated.
      - Detection logic updated.
      - Vulnerability references updated.

    28994: HTTPS: Trend Micro InterScan Web Security ManageSRouteSettings HttpServlet Command Injection
      - IPS Version: 3.1.3 and after.
      - NGFW Version: 1.0.0 and after.
      - TPS Version: 4.0.0 and after.
      - vTPS Version: 4.0.1 and after.
      - Detection logic updated.

    29522: HTTP: Microsoft Edge Chakra arguments Memory Corruption Vulnerability
      - IPS Version: 3.1.3 and after.
      - NGFW Version: 1.0.0 and after.
      - TPS Version: 4.0.0 and after.
      - vTPS Version: 4.0.1 and after.
      - Name changed from "29522: HTTP: Microsoft Edge Scripting Engine Memory Corruption Vulnerability".
      - Description updated.
      - Detection logic updated.
      - Vulnerability references updated.

    * 29574: HTTP: Microsoft Windows PDF Library Buffer Overflow Vulnerability (ZDI-17-729)
      - IPS Version: 3.1.3 and after.
      - NGFW Version: 1.0.0 and after.
      - TPS Version: 4.0.0 and after.
      - vTPS Version: 4.0.1 and after.
      - Name changed from "29574: HTTP: Microsoft Windows PDF Memory Corruption Vulnerability (ZDI-17-729)".
      - Description updated.
      - Detection logic updated.
      - Vulnerability references updated.

    * 29579: HTTP: Microsoft Edge SelectionRange Out-of-Bounds Read Vulnerability
      - IPS Version: 3.1.3 and after.
      - NGFW Version: 1.0.0 and after.
      - TPS Version: 4.0.0 and after.
      - vTPS Version: 4.0.1 and after.
      - Name changed from "29579: HTTP: Microsoft Edge SelectionRange Memory Corruption Vulnerability".
      - Description updated.
      - Detection logic updated.
      - Vulnerability references updated.

    29677: HTTP: Microsoft Office Composite Moniker Code Execution Vulnerability
      - IPS Version: 3.2.2 and after.
      - NGFW Version: 1.0.0 and after.
      - TPS Version: 4.0.0 and after.
      - vTPS Version: 4.0.1 and after.
      - Detection logic updated.

  Modified Filters (metadata changes only):
    * = Enabled in Default deployments

    24330: HTTP: ARRIS VAP2500 assoc_table Command Injection Vulnerability (ZDI-16-690)
      - IPS Version: 3.1.3 and after.
      - NGFW Version: 1.0.0 and after.
      - TPS Version: 4.0.0 and after.
      - vTPS Version: 4.0.1 and after.
      - Name changed from "24330: ZDI-CAN-3867: Zero Day Initiative Vulnerability (ARRIS VAP2500)".
      - Description updated.
      - Vulnerability references updated.

    27379: HTTP: Microsoft Edge AsmJs Memory Corruption Vulnerability (ZDI-17-173)
      - IPS Version: 3.1.3 and after.
      - NGFW Version: 1.0.0 and after.
      - TPS Version: 4.0.0 and after.
      - vTPS Version: 4.0.1 and after.
      - Vulnerability references updated.

    28025: HTTP: Eaton ELCSoft Device Comment Range Parsing Out-Of-Bounds Write Vulnerability (ZDI-17-813)
      - IPS Version: 3.1.3 and after.
      - NGFW Version: 1.0.0 and after.
      - TPS Version: 4.0.0 and after.
      - vTPS Version: 4.0.1 and after.
      - Name changed from "28025: ZDI-CAN-4552: Zero Day Initiative Vulnerability (Eaton ELCSoft)".
      - Description updated.
      - Vulnerability references updated.

    28027: HTTP: Eaton ELCSoft SegCmt Parsing Buffer Overflow Vulnerability (ZDI-17-819)
      - IPS Version: 3.1.3 and after.
      - NGFW Version: 1.0.0 and after.
      - TPS Version: 4.0.0 and after.
      - vTPS Version: 4.0.1 and after.
      - Name changed from "28027: ZDI-CAN-4553: Zero Day Initiative Vulnerability (Eaton ELCSoft)".
      - Description updated.
      - Vulnerability references updated.

    28106: HTTP: EMC Data Protection Advisor Application Service Authentication Bypass (ZDI-17-811)
      - IPS Version: 3.1.3 and after.
      - NGFW Version: 1.0.0 and after.
      - TPS Version: 4.0.0 and after.
      - vTPS Version: 4.0.1 and after.
      - Name changed from "28106: ZDI-CAN-4699: Zero Day Initiative Vulnerability (EMC Data Protection Advisor)".
      - Description updated.
      - Vulnerability references updated.

    * 28107: HTTP: EMC AppSync SQL Injection Information Disclosure Vulnerability (ZDI-17-723)
      - IPS Version: 3.1.3 and after.
      - NGFW Version: 1.0.0 and after.
      - TPS Version: 4.0.0 and after.
      - vTPS Version: 4.0.1 and after.
      - Name changed from "28107: ZDI-CAN-4710: Zero Day Initiative Vulnerability (EMC AppSync)".
      - Description updated.
      - Vulnerability references updated.

    * 28230: HTTP: Dell EMC VNX Scheduler Directory Traversal Vulnerability (ZDI-17-827)
      - IPS Version: 3.1.3 and after.
      - NGFW Version: 1.0.0 and after.
      - TPS Version: 4.0.0 and after.
      - vTPS Version: 4.0.1 and after.
      - Name changed from "28230: ZDI-CAN-4754: Zero Day Initiative Vulnerability (Dell EMC VNX Monitoring and Reporting)".
      - Description updated.
      - Vulnerability references updated.

    28925: HTTP: Microsoft Chakra Array JIT Optimization Type Confusion Vulnerability (ZDI-17-480)
      - IPS Version: 3.1.3 and after.
      - NGFW Version: 1.0.0 and after.
      - TPS Version: 4.0.0 and after.
      - vTPS Version: 4.0.1 and after.
      - Vulnerability references updated.

    29554: HTTP: E-XD++ Visualization Enterprise Suite UCCDRAW Vulnerable Activex Instantiation (ZDI-17-421)
      - IPS Version: 3.1.3 and after.
      - NGFW Version: 1.0.0 and after.
      - TPS Version: 4.0.0 and after.
      - vTPS Version: 4.0.1 and after.
      - Miscellaneous modification.

    * 29703: SMB: Microsoft Windows Search Information Disclosure Vulnerability
      - IPS Version: 3.2.0 and after.
      - NGFW Version: 1.0.0 and after.
      - TPS Version: 4.0.0 and after.
      - vTPS Version: 4.0.1 and after.
      - Description updated.

  Removed Filters:  None
  
   
Top of the Page
Premium
Internal
Rating:
Category:
Configure; Troubleshoot; Deploy
Solution Id:
TP000091789
Feedback
Did this article help you?

Thank you for your feedback!

To help us improve the quality of this article, please leave your email here so we can clarify further your feedback, if neccessary:
We will not send you spam or share your email address.

*This form is automated system. General questions, technical, sales, and product-related issues submitted through this form will not be answered.

If you need additional help, you may try to contact the support team. Contact Support


To help us improve the quality of this article, please leave your email here so we can clarify further your feedback, if neccessary:
We will not send you spam or share your email address.

*This form is automated system. General questions, technical, sales, and product-related issues submitted through this form will not be answered.