Sign In with your
Trend Micro Account
Need Help?
Need More Help?

Create a technical support case if you need further support.

Digital Vaccine #DV9079

    • Updated:
    • 27 Mar 2018
    • Product/Version:
    • TippingPoint Digital Vaccine
    • Platform:
Summary
Digital Vaccine #DV9079      March 27, 2018
Details
Public
Thank you for subscribing to Digital Vaccine updates brought to you by Trend Micro™ TippingPoint DVLabs.

New content is now available at the Threat Management Center (TMC): https://tmc.tippingpoint.com

SMS customers can update the Digital Vaccine through the SMS client. From the top line menu, you can open the "File > Download Digital Vaccine from TMC" menu item to detect and load the latest update.
 
System Requirements
The 3.2.0 DV will run on IPS devices with TOS v3.2.0 and above,  all NGFW and all TPS systems. The 4.0.0 DV will only run on the Virtual Threat Protection System (vTPS) appliance.
Please note that vTPS does not currently support pre-disclosed ZDI filters.
 
The Digital Vaccine can be manually downloaded from the following URLs:
https://tmc.tippingpoint.com/TMC/ViewPackage?parentFolderId=digital_vaccines&contentId=SIG_3.2.0_9079.pkg
https://tmc.tippingpoint.com/TMC/ViewPackage?parentFolderId=vsa_dv&contentId=SIG_VTPS_4.0.0_9079.pkg

Update Details

Table of Contents
--------------------------

Filters
 New Filters
 Modified Filters (logic changes)
 Modified Filters (metadata changes only)
 Removed Filters

Filters
----------------
 New Filters:
    30544: SIP: Digium Asterisk res_pjsip_pubsub Out-of-Bounds Write Vulnerability
      - IPS Version: 3.6.2 and after.
      - NGFW Version: 1.0.0 and after.
      - TPS Version: 4.0.0 and after.
      - vTPS Version: 4.0.1 and after.
      - Category: Vulnerabilities
      - Severity: High
      - Description: This filter detects an attempt to exploit an out-of-bounds write vulnerability in Digium Asterisk.
      - Deployment: Not enabled by default in any deployment.
      - References:
        - Bugtraq ID: 103151
        - Common Vulnerabilities and Exposures: CVE-2018-7284

    30729: HTTP: Panasonic Security Iprosapi ActiveX GetInfoString Buffer Overflow Vulnerability (ZDI-15-259)
      - IPS Version: 3.6.2 and after.
      - NGFW Version: 1.0.0 and after.
      - TPS Version: 4.0.0 and after.
      - vTPS Version: 4.0.1 and after.
      - Category: Vulnerabilities
      - Severity: Critical
      - Description: This filter detects an attempt to a exploit a buffer overflow vulnerability in Panasonic Security API SDK.
      - Deployments:
        - Deployment: Security-Optimized (Block / Notify)
      - References:
        - Bugtraq ID: 75409
        - Common Vulnerabilities and Exposures: CVE-2015-4647 CVSS 6.8
        - Zero Day Initiative: ZDI-15-259, ZDI-15-260

    30731: HTTP: Schneider Electric Pelco DS-NVs Rvctl.RVControl ActiveX SetText Buffer Overflow (ZDI-15-090)
      - IPS Version: 3.6.2 and after.
      - NGFW Version: 1.0.0 and after.
      - TPS Version: 4.0.0 and after.
      - vTPS Version: 4.0.1 and after.
      - Category: Exploits
      - Severity: Critical
      - Description: This filter detects an attempt to exploit a buffer overflow vulnerability in Schneider Electric Pelco DS-NVs.
      - Deployments:
        - Deployment: Security-Optimized (Block / Notify)
      - References:
        - Common Vulnerabilities and Exposures: CVE-2015-0982 CVSS 7.5
        - Zero Day Initiative: ZDI-15-090

    30732: RTP: Digium Asterisk Unnegotiated RTP Payload Type Denial-of-Service Vulnerability
      - IPS Version: 3.6.2 and after.
      - NGFW Version: 1.0.0 and after.
      - TPS Version: 4.0.0 and after.
      - vTPS Version: 4.0.1 and after.
      - Category: Exploits
      - Severity: Critical
      - Description: This filter detects an attempt to exploit a denial-of-service vulnerability in Digium Asterisk.
      - Deployments:
        - Deployment: Default (Block / Notify)
        - Deployment: Performance-Optimized (Disabled)
      - References:
        - Bugtraq ID: 103149
        - Common Vulnerabilities and Exposures: CVE-2018-7285

    30733: HTTPS: HP System Management iprange/iprestrlist Buffer Overflow Vulnerability (ZDI-13-204)
      - IPS Version: 3.6.2 and after.
      - NGFW Version: 1.0.0 and after.
      - TPS Version: 4.0.0 and after.
      - vTPS Version: 4.0.1 and after.
      - Category: Exploits
      - Severity: Critical
      - Description: This filter detects an attempt to exploit a buffer overflow vulnerability in HP System Management.
      - Deployments:
        - Deployment: Security-Optimized (Block / Notify)
      - References:
        - Bugtraq ID: 61337
        - Common Vulnerabilities and Exposures: CVE-2013-2362 CVSS 2.1
        - Zero Day Initiative: ZDI-13-204

    30735: HTTP: Schneider Electric ProClima ActiveX SetHtmlFileName Buffer Overflow Vulnerability (ZDI-15-003)
      - IPS Version: 3.6.2 and after.
      - NGFW Version: 1.0.0 and after.
      - TPS Version: 4.0.0 and after.
      - vTPS Version: 4.0.1 and after.
      - Category: Vulnerabilities
      - Severity: Critical
      - Description: This filter detects an attempt to exploit a buffer overflow vulnerability in Schneider Electric ProClima.
      - Deployments:
        - Deployment: Security-Optimized (Block / Notify)
      - References:
        - Common Vulnerabilities and Exposures: CVE-2014-8511 CVSS 10.0
        - Zero Day Initiative: ZDI-15-003

    30736: HTTP: Honeywell OPOS Suite HWOPOSScale.ocx Open Buffer Overflow Vulnerability (ZDI-14-424)
      - IPS Version: 3.6.2 and after.
      - NGFW Version: 1.0.0 and after.
      - TPS Version: 4.0.0 and after.
      - vTPS Version: 4.0.1 and after.
      - Category: Vulnerabilities
      - Severity: Critical
      - Description: This filter detects an attempt to exploit a buffer overflow vulnerability in Honeywell OPOS Suite.
      - Deployments:
        - Deployment: Security-Optimized (Block / Notify)
      - References:
        - Bugtraq ID: 71642
        - Common Vulnerabilities and Exposures: CVE-2014-8269 CVSS 7.5
        - Zero Day Initiative: ZDI-14-424

    30793: HTTP: Schneider Electric ProClima F1BookView CopyAll Memory Corruption Vulnerability (ZDI-15-626)
      - IPS Version: 3.6.2 and after.
      - NGFW Version: 1.0.0 and after.
      - TPS Version: 4.0.0 and after.
      - vTPS Version: 4.0.1 and after.
      - Category: Exploits
      - Severity: Critical
      - Description: This filter detects an attempt to exploit a memory corruption vulnerability in Schneider Electric ProClima.
      - Deployments:
        - Deployment: Security-Optimized (Block / Notify)
      - References:
        - Bugtraq ID: 79802
        - Common Vulnerabilities and Exposures: CVE-2015-8561 CVSS 6.8
        - Zero Day Initiative: ZDI-15-626

    30795: HTTP: Samsung iPOLiS Device Manager FindConfigChildeKeyList Buffer Overflow (ZDI-14-169)
      - IPS Version: 3.6.2 and after.
      - NGFW Version: 1.0.0 and after.
      - TPS Version: 4.0.0 and after.
      - vTPS Version: 4.0.1 and after.
      - Category: Exploits
      - Severity: Critical
      - Description: This filter detects an attempt to exploit a buffer overflow vulnerability in Samsung iPOLiS Device Manager.
      - Deployments:
        - Deployment: Security-Optimized (Block / Notify)
      - References:
        - Bugtraq ID: 67823
        - Common Vulnerabilities and Exposures: CVE-2014-3912 CVSS 9.3
        - Zero Day Initiative: ZDI-14-169

    30796: HTTP: Advantech WebAccess SCADA webvact.ocx NodeName2 Buffer Overflow Vulnerability (ZDI-14-073)
      - IPS Version: 3.6.2 and after.
      - NGFW Version: 1.0.0 and after.
      - TPS Version: 4.0.0 and after.
      - vTPS Version: 4.0.1 and after.
      - Category: Exploits
      - Severity: Critical
      - Description: This filter detects an attempt to exploit a buffer overflow vulnerability in Advantech WebAccess.
      - Deployments:
        - Deployment: Security-Optimized (Block / Notify)
      - References:
        - Bugtraq ID: 66725
        - Common Vulnerabilities and Exposures: CVE-2014-0766 CVSS 7.5
        - Zero Day Initiative: ZDI-14-073

    30797: SMTP: Norton AntiVirus Decompression Bomb Denial-of-Service Vulnerability
      - IPS Version: 3.6.2 and after.
      - NGFW Version: 1.0.0 and after.
      - TPS Version: 4.0.0 and after.
      - vTPS Version: 4.0.1 and after.
      - Category: Exploits
      - Severity: Critical
      - Description: This filter detects an attempt to exploit a denial-of-service vulnerability in Norton AntiVirus.
      - Deployments:
        - Deployment: Security-Optimized (Block / Notify)

    30798: DNS: ISC BIND delegation Denial-of-Service Vulnerability
      - IPS Version: 3.6.2 and after.
      - NGFW Version: 1.0.0 and after.
      - TPS Version: 4.0.0 and after.
      - vTPS Version: 4.0.1 and after.
      - Category: Exploits
      - Severity: High
      - Description: This filter detects an attempt to exploit a denial-of-service vulnerability in ISC BIND.
      - Deployments:
        - Deployment: Security-Optimized (Block / Notify)
      - References:
        - Bugtraq ID: 71590
        - Common Vulnerabilities and Exposures: CVE-2014-8500 CVSS 7.8

    30800: HTTPS: Symantec Web Gateway OS Command Injection Vulnerability
      - IPS Version: 3.6.2 and after.
      - NGFW Version: 1.0.0 and after.
      - TPS Version: 4.0.0 and after.
      - vTPS Version: 4.0.1 and after.
      - Category: Exploits
      - Severity: Critical
      - Description: This filter detect an attempt to exploit a command injection vulnerability in Symantec Web Gateway OS.
      - Deployments:
        - Deployment: Security-Optimized (Block / Notify)
      - References:
        - Bugtraq ID: 71620
        - Common Vulnerabilities and Exposures: CVE-2014-7285 CVSS 6.5

    30804: HTTP: Microsoft Windows File Handling Component Memory Corruption Vulnerability
      - IPS Version: 3.6.2 and after.
      - NGFW Version: 1.0.0 and after.
      - TPS Version: 4.0.0 and after.
      - vTPS Version: 4.0.1 and after.
      - Category: Exploits
      - Severity: Critical
      - Description: This filter detects an attempt to exploit a memory corruption vulnerability in Microsoft Windows.
      - Deployments:
        - Deployment: Default (Block / Notify)
        - Deployment: Performance-Optimized (Disabled)
      - References:
        - Common Vulnerabilities and Exposures: CVE-2014-0315 CVSS 6.9
        - Microsoft Security Bulletin: MS14-019

    30805: TLS: OpenSSL ChangeCipherSpec Information Disclosure Vulnerability
      - IPS Version: 3.6.2 and after.
      - NGFW Version: 1.0.0 and after.
      - TPS Version: 4.0.0 and after.
      - vTPS Version: 4.0.1 and after.
      - Category: Exploits
      - Severity: High
      - Description: This filter detects an attempt to exploit an information disclosure vulnerability in TLS/SSL.
      - Deployments:
        - Deployment: Default (Block / Notify)
        - Deployment: Performance-Optimized (Disabled)
      - References:
        - Common Vulnerabilities and Exposures: CVE-2014-0224 CVSS 6.8

    30806: HTTP: WellinTech Multiple Products kxClientDownload ActiveX Code Execution Vulnerability(ZDI-14-011)
      - IPS Version: 3.6.2 and after.
      - NGFW Version: 1.0.0 and after.
      - TPS Version: 4.0.0 and after.
      - vTPS Version: 4.0.1 and after.
      - Category: Vulnerabilities
      - Severity: Critical
      - Description: This filter detects an attempt to exploit a code execution vulnerability in multiple products by WellinTech.
      - Deployments:
        - Deployment: Security-Optimized (Block / Notify)
      - References:
        - Common Vulnerabilities and Exposures: CVE-2013-2827 CVSS 7.5
        - Zero Day Initiative: ZDI-14-011

    30807: HTTPS: Oracle Secure Backup Command Injection Vulnerability (ZDI-09-059, ZDI-10-119, ZDI-10-120)
      - IPS Version: 3.6.2 and after.
      - NGFW Version: 1.0.0 and after.
      - TPS Version: 4.0.0 and after.
      - vTPS Version: 4.0.1 and after.
      - Category: Exploits
      - Severity: Critical
      - Description: This filter detects an attempt to exploit a command injection vulnerability in Oracle Secure Backup Server.
      - Deployments:
        - Deployment: Security-Optimized (Block / Notify)
      - References:
        - Bugtraq ID: 35678
        - Common Vulnerabilities and Exposures: CVE-2009-1978 CVSS 9.0, CVE-2010-0899 CVSS 9.0, CVE-2010-0906 CVSS 9.0
        - Zero Day Initiative: ZDI-09-059, ZDI-10-119, ZDI-10-120

    30808: HTTPS: Oracle Secure Backup Command Injection Vulnerability
      - IPS Version: 3.6.2 and after.
      - NGFW Version: 1.0.0 and after.
      - TPS Version: 4.0.0 and after.
      - vTPS Version: 4.0.1 and after.
      - Category: Exploits
      - Severity: Critical
      - Description: This filter detects an attempt to exploit a command injection vulnerability in Oracle Secure Backup.
      - Deployments:
        - Deployment: Security-Optimized (Block / Notify)
      - References:
        - Bugtraq ID: 33177
        - Common Vulnerabilities and Exposures: CVE-2008-4006 CVSS 10.0, CVE-2008-5448 CVSS 10.0

    30809: IPv6: Linux Kernel ICMPv6 Prefix Information Denial-of-Service Vulnerability
      - IPS Version: 3.6.2 and after.
      - NGFW Version: 1.0.0 and after.
      - TPS Version: 4.0.0 and after.
      - vTPS Version: 4.0.1 and after.
      - Category: Exploits
      - Severity: Critical
      - Description: This filter detects an attempt to exploit a denial-of-service vulnerability in Linux Kernel.
      - Deployment: Not enabled by default in any deployment.
      - References:
        - Common Vulnerabilities and Exposures: CVE-2014-2309 CVSS 6.1

    30816: HTTP: IBM Lotus Quickr/iNotes ActiveX Control Integer Overflow Vulnerability (ZDI-13-213/ZDI-13-214)
      - IPS Version: 3.6.2 and after.
      - NGFW Version: 1.0.0 and after.
      - TPS Version: 4.0.0 and after.
      - vTPS Version: 4.0.1 and after.
      - Category: Exploits
      - Severity: Critical
      - Description: This filter detects an attempt to exploit an integer overflow vulnerability in IBM Lotus Quickr for Domino and iNotes.
      - Deployments:
        - Deployment: Security-Optimized (Block / Notify)
      - References:
        - Common Vulnerabilities and Exposures: CVE-2013-3026 CVSS 9.3, CVE-2013-3027 CVSS 9.3
        - Zero Day Initiative: ZDI-13-213, ZDI-13-214

    30822: HTTP: Microsoft Windows Remote Assistance XXE Injection Vulnerability
      - IPS Version: 3.6.2 and after.
      - NGFW Version: 1.0.0 and after.
      - TPS Version: 4.0.0 and after.
      - vTPS Version: 4.0.1 and after.
      - Category: Exploits
      - Severity: Critical
      - Description: This filter detects an attempt to exploit an XML external entity (XXE) injection vulnerability in the Remote Assistance component of Microsoft Windows.
      - Deployments:
        - Deployment: Default (Block / Notify)
        - Deployment: Performance-Optimized (Disabled)
      - References:
        - Bugtraq ID: 103230
        - Common Vulnerabilities and Exposures: CVE-2018-0878 CVSS 4.3

    30823: HTTPS: HP ProCurve Manager SNAC UpdateDomainControllerServlet Directory Traversal (ZDI-13-226)
      - IPS Version: 3.6.2 and after.
      - NGFW Version: 1.0.0 and after.
      - TPS Version: 4.0.0 and after.
      - vTPS Version: 4.0.1 and after.
      - Category: Vulnerabilities
      - Severity: Critical
      - Description: This filter detects an attempt to exploit a directory traversal vulnerability in HP ProCurve Manager.
      - Deployments:
        - Deployment: Security-Optimized (Block / Notify)
      - References:
        - Common Vulnerabilities and Exposures: CVE-2013-4811 CVSS 10.0
        - Zero Day Initiative: ZDI-13-226

    30824: HTTP: Symantec LiveUpdate Administrator Information Disclosure Vulnerability
      - IPS Version: 3.6.2 and after.
      - NGFW Version: 1.0.0 and after.
      - TPS Version: 4.0.0 and after.
      - vTPS Version: 4.0.1 and after.
      - Category: Exploits
      - Severity: High
      - Description: This filter detects an attempt to exploit an information disclosure vulnerability in Symantec LiveUpdate.
      - Deployments:
        - Deployment: Default (Block / Notify)
        - Deployment: Performance-Optimized (Disabled)
      - References:
        - Bugtraq ID: 66399
        - Common Vulnerabilities and Exposures: CVE-2014-1644 CVSS 7.5

    30825: HTTPS: HP ProCurve Manager SNAC UpdateCertificatesServlet Directory Traversal (ZDI-13-225)
      - IPS Version: 3.6.2 and after.
      - NGFW Version: 1.0.0 and after.
      - TPS Version: 4.0.0 and after.
      - vTPS Version: 4.0.1 and after.
      - Category: Exploits
      - Severity: Critical
      - Description: This filter detects an attempt to exploit a directory traversal vulnerability in HP ProCurve Manager.
      - Deployments:
        - Deployment: Security-Optimized (Block / Notify)
      - References:
        - Common Vulnerabilities and Exposures: CVE-2013-4812 CVSS 10.0
        - Zero Day Initiative: ZDI-13-225

    30826: HTTP: Microsoft XML Core Services Integer Truncation Memory Corruption Vulnerability
      - IPS Version: 3.6.2 and after.
      - NGFW Version: 1.0.0 and after.
      - TPS Version: 4.0.0 and after.
      - vTPS Version: 4.0.1 and after.
      - Category: Exploits
      - Severity: Critical
      - Description: This filter detects an attempt to exploit a memory corruption vulnerability in Microsoft XML Core Services.
      - Deployments:
        - Deployment: Security-Optimized (Block / Notify)
      - References:
        - Common Vulnerabilities and Exposures: CVE-2013-0006 CVSS 9.3
        - Microsoft Security Bulletin: MS13-002

    30827: HTTP: Oracle WebCenter Content CheckOutAndOpen ActiveX Control Instantiation (ZDI-13-094)
      - IPS Version: 3.6.2 and after.
      - NGFW Version: 1.0.0 and after.
      - TPS Version: 4.0.0 and after.
      - vTPS Version: 4.0.1 and after.
      - Category: Exploits
      - Severity: Critical
      - Description: This filter detects an attempt to use the openWebdav or coao method calls of the CheckOutAndOpen ActiveX control.
      - Deployments:
        - Deployment: Security-Optimized (Block / Notify)
      - References:
        - Common Vulnerabilities and Exposures: CVE-2013-1559 CVSS 4.0
        - Zero Day Initiative: ZDI-13-094

    30828: HTTP: Microsoft .NET Framework Silverlight Class Inheritance Code Execution Vulnerability
      - IPS Version: 3.6.2 and after.
      - NGFW Version: 1.0.0 and after.
      - TPS Version: 4.0.0 and after.
      - vTPS Version: 4.0.1 and after.
      - Category: Exploits
      - Severity: Critical
      - Description: This filter detects an attempt to exploit a code execution vulnerability in Microsoft .NET and Silverlight frameworks.
      - Deployments:
        - Deployment: Security-Optimized (Block / Notify)
      - References:
        - Bugtraq ID: 49999
        - Common Vulnerabilities and Exposures: CVE-2011-1253 CVSS 9.3
        - Microsoft Security Bulletin: MS11-078

    30829: HTTP: Oracle Java SQL DriverManager Sandbox Bypass Vulnerability (ZDI-13-076)
      - IPS Version: 3.6.2 and after.
      - NGFW Version: 1.0.0 and after.
      - TPS Version: 4.0.0 and after.
      - vTPS Version: 4.0.1 and after.
      - Category: Exploits
      - Severity: Critical
      - Description: This filter detects an attempt to exploit a sandbox bypass vulnerability in Oracle Java.
      - Deployments:
        - Deployment: Security-Optimized (Block / Notify)
      - References:
        - Common Vulnerabilities and Exposures: CVE-2013-1488 CVSS 10.0
        - Zero Day Initiative: ZDI-13-076

    30830: HTTP: Microsoft Office DirectPlay Invalid Memory Free Vulnerability
      - IPS Version: 3.6.2 and after.
      - NGFW Version: 1.0.0 and after.
      - TPS Version: 4.0.0 and after.
      - vTPS Version: 4.0.1 and after.
      - Category: Exploits
      - Severity: Critical
      - Description: This filter detects an attempt to exploit an invalid memory free vulnerability in Microsoft DirectPlay.
      - Deployments:
        - Deployment: Default (Block / Notify)
        - Deployment: Performance-Optimized (Disabled)
      - References:
        - Bugtraq ID: 56839
        - Common Vulnerabilities and Exposures: CVE-2012-1537 CVSS 9.3
        - Microsoft Security Bulletin: MS12-082

    30831: HTTP: Microsoft .NET Framework WinForms Buffer Overflow Vulnerability
      - IPS Version: 3.6.2 and after.
      - NGFW Version: 1.0.0 and after.
      - TPS Version: 4.0.0 and after.
      - vTPS Version: 4.0.1 and after.
      - Category: Exploits
      - Severity: Critical
      - Description: This filter detects an attempt to exploit a buffer overflow vulnerability in the Windows Form in the Microsoft .NET framework.
      - Deployment: Not enabled by default in any deployment.
      - References:
        - Bugtraq ID: 57126
        - Common Vulnerabilities and Exposures: CVE-2013-0002 CVSS 9.3
        - Microsoft Security Bulletin: MS13-004

    30832: HTTP: Advantech WebAccess SCADA bwocxrun.ocx Command Execution Vulnerability (ZDI-14-139)
      - IPS Version: 3.6.2 and after.
      - NGFW Version: 1.0.0 and after.
      - TPS Version: 4.0.0 and after.
      - vTPS Version: 4.0.1 and after.
      - Category: Exploits
      - Severity: Critical
      - Description: This filter detects an attempt to exploit a command execution vulnerability in Advantech WebAccess.
      - Deployments:
        - Deployment: Security-Optimized (Block / Notify)
      - References:
        - Bugtraq ID: 66742
        - Common Vulnerabilities and Exposures: CVE-2014-0773 CVSS 7.5
        - Zero Day Initiative: ZDI-14-139

    30833: HTTP: Microsoft .NET Framework WinForms Information Disclosure Vulnerability
      - IPS Version: 3.6.2 and after.
      - NGFW Version: 1.0.0 and after.
      - TPS Version: 4.0.0 and after.
      - vTPS Version: 4.0.1 and after.
      - Category: Exploits
      - Severity: High
      - Description: This filter detects an attempt to exploit an information disclosure in the Windows Form in the Microsoft .NET framework.
      - Deployments:
        - Deployment: Security-Optimized (Block / Notify)
      - References:
        - Bugtraq ID: 57124
        - Common Vulnerabilities and Exposures: CVE-2013-0001 CVSS 4.3
        - Microsoft Security Bulletin: MS13-004

    30834: TCP: Novell iPrint Client for Windows IPP Response Memory Corruption Vulnerability
      - IPS Version: 3.6.2 and after.
      - NGFW Version: 1.0.0 and after.
      - TPS Version: 4.0.0 and after.
      - vTPS Version: 4.0.1 and after.
      - Category: Exploits
      - Severity: Critical
      - Description: This filter detects an attempt to exploit a memory corruption vulnerability in Novell iPrint Client.
      - Deployments:
        - Deployment: Default (Block / Notify)
        - Deployment: Performance-Optimized (Disabled)
      - References:
        - Bugtraq ID: 59612
        - Common Vulnerabilities and Exposures: CVE-2013-1091 CVSS 10.0

    30835: NDS: Novell eDirectory Verb 0x01 Integer Overflow Vulnerability
      - IPS Version: 3.6.2 and after.
      - NGFW Version: 1.0.0 and after.
      - TPS Version: 4.0.0 and after.
      - vTPS Version: 4.0.1 and after.
      - Category: Exploits
      - Severity: Critical
      - Description: This filter detects an attempt to exploit an integer overflow vulnerability in Novell eDirectory.
      - Deployments:
        - Deployment: Security-Optimized (Block / Notify)
      - References:
        - Bugtraq ID: 37184
        - Common Vulnerabilities and Exposures: CVE-2009-0895 CVSS 10.0

    30836: HTTP: Siemens SIMATIC WinCC RegReader ActiveX Memory Corruption Vulnerability
      - IPS Version: 3.6.2 and after.
      - NGFW Version: 1.0.0 and after.
      - TPS Version: 4.0.0 and after.
      - vTPS Version: 4.0.1 and after.
      - Category: Exploits
      - Severity: Critical
      - Description: This filter detects an attempt to exploit a memory corruption vulnerability in SIMATIC WinCC.
      - Deployments:
        - Deployment: Default (Block / Notify)
        - Deployment: Performance-Optimized (Disabled)
      - References:
        - Common Vulnerabilities and Exposures: CVE-2013-0674 CVSS 6.8

    30837: HTTPS: Novell File Reporter VOL Tag Heap Buffer Overflow Vulnerability 
      - IPS Version: 3.6.2 and after.
      - NGFW Version: 1.0.0 and after.
      - TPS Version: 4.0.0 and after.
      - vTPS Version: 4.0.1 and after.
      - Category: Exploits
      - Severity: Critical
      - Description: This filter detects an attempt to exploit a buffer overflow vulnerability in Novell File Reporter.
      - Deployments:
        - Deployment: Security-Optimized (Block / Notify)
      - References:
        - Bugtraq ID: 56579
        - Common Vulnerabilities and Exposures: CVE-2012-4956 CVSS 10.0

    30838: HTTPS: VMware ESX/ESXi Server SOAP Request Handling Denial-of-Service Vulnerability
      - IPS Version: 3.6.2 and after.
      - NGFW Version: 1.0.0 and after.
      - TPS Version: 4.0.0 and after.
      - vTPS Version: 4.0.1 and after.
      - Category: Exploits
      - Severity: Critical
      - Description: This filter detects an attempt to exploit a denial-of-service vulnerability in VMware ESX and ESXi.
      - Deployments:
        - Deployment: Security-Optimized (Block / Notify)
      - References:
        - Bugtraq ID: 56571
        - Common Vulnerabilities and Exposures: CVE-2012-2615, CVE-2012-5703 CVSS 5.0

    30839: HTTP: PHP SSL Certificate Validation Security Bypass Vulnerability 
      - IPS Version: 3.6.2 and after.
      - NGFW Version: 1.0.0 and after.
      - TPS Version: 4.0.0 and after.
      - vTPS Version: 4.0.1 and after.
      - Category: Exploits
      - Severity: Critical
      - Description: This filter detects an attempt to exploit an security bypass vulnerability in PHP SSL.
      - Deployments:
        - Deployment: Default (Block / Notify)
        - Deployment: Performance-Optimized (Disabled)
      - References:
        - Bugtraq ID: 61776
        - Common Vulnerabilities and Exposures: CVE-2013-4248 CVSS 4.3

    30840: LDAP: OpenLDAP rwm Overlay Denial-of-Service Vulnerability
      - IPS Version: 3.6.2 and after.
      - NGFW Version: 1.0.0 and after.
      - TPS Version: 4.0.0 and after.
      - vTPS Version: 4.0.1 and after.
      - Category: Exploits
      - Severity: High
      - Description: This filter detects an attempt to exploit a denial-of-service vulnerability in OpenLDAP.
      - Deployments:
        - Deployment: Security-Optimized (Block / Notify)
      - References:
        - Bugtraq ID: 63190
        - Common Vulnerabilities and Exposures: CVE-2013-4449 CVSS 4.3

    30843: TCP: Trustwave ModSecurity Chunked Transfer Encoding Policy Bypass Vulnerability
      - IPS Version: 3.6.2 and after.
      - NGFW Version: 1.0.0 and after.
      - TPS Version: 4.0.0 and after.
      - vTPS Version: 4.0.1 and after.
      - Category: Exploits
      - Severity: High
      - Description: This filter detects an attempt to exploit a policy bypass vulnerability in Trustwave ModSecurity.
      - Deployments:
        - Deployment: Default (Block / Notify)
        - Deployment: Performance-Optimized (Disabled)
      - References:
        - Common Vulnerabilities and Exposures: CVE-2013-5705 CVSS 5.0

    30844: HTTP: FreeType PostScript Type1 Font Parsing Code Execution Vulnerability
      - IPS Version: 3.6.2 and after.
      - NGFW Version: 1.0.0 and after.
      - TPS Version: 4.0.0 and after.
      - vTPS Version: 4.0.1 and after.
      - Category: Exploits
      - Severity: Critical
      - Description: This filter detects an attempt to exploit a code execution vulnerability in FreeType.
      - Deployments:
        - Deployment: Security-Optimized (Block / Notify)
      - References:
        - Bugtraq ID: 48619
        - Common Vulnerabilities and Exposures: CVE-2011-0226 CVSS 9.3

    30845: HTTP: Novell File Reporter SRS Arbitrary File Retrieval Vulnerability
      - IPS Version: 3.6.2 and after.
      - NGFW Version: 1.0.0 and after.
      - TPS Version: 4.0.0 and after.
      - vTPS Version: 4.0.1 and after.
      - Category: Exploits
      - Severity: Critical
      - Description: This filter detects an attempt to exploit a file retrieval vulnerability in Novell File Reporter.
      - Deployments:
        - Deployment: Security-Optimized (Block / Notify)
      - References:
        - Bugtraq ID: 56579
        - Common Vulnerabilities and Exposures: CVE-2012-4957 CVSS 7.8

    30846: HTTP: Apple QuickTime ActiveX Control Clear Method Use-After-Free Vulnerability
      - IPS Version: 3.6.2 and after.
      - NGFW Version: 1.0.0 and after.
      - TPS Version: 4.0.0 and after.
      - vTPS Version: 4.0.1 and after.
      - Category: Exploits
      - Severity: Critical
      - Description: This filter detects an attempt to exploit a use-after-free vulnerability in Apple QuickTime.
      - Deployments:
        - Deployment: Security-Optimized (Block / Notify)
      - References:
        - Bugtraq ID: 56438
        - Common Vulnerabilities and Exposures: CVE-2012-3754 CVSS 9.3

    30847: HTTP: SafeNet HASP SL ActiveX Control ChooseFilePath Buffer Overflow Vulnerability
      - IPS Version: 3.6.2 and after.
      - NGFW Version: 1.0.0 and after.
      - TPS Version: 4.0.0 and after.
      - vTPS Version: 4.0.1 and after.
      - Category: Exploits
      - Severity: Critical
      - Description: This filter detects an attempt to exploit a buffer overflow vulnerability in SafeNet HASP.
      - Deployments:
        - Deployment: Security-Optimized (Block / Notify)
      - References:
        - Bugtraq ID: 56297

    30848: TCP: HP Operations Agent for NonStop Server Buffer Overflow Vulnerability (ZDI-12-165)
      - IPS Version: 3.6.2 and after.
      - NGFW Version: 1.0.0 and after.
      - TPS Version: 4.0.0 and after.
      - vTPS Version: 4.0.1 and after.
      - Category: Exploits
      - Severity: Critical
      - Description: This filter detects an attempt to exploit a buffer overflow vulnerability in HP Operations Agent for NonStop Server.
      - Deployments:
        - Deployment: Security-Optimized (Block / Notify)
      - References:
        - Zero Day Initiative: ZDI-12-165

    30849: HTTP: CYME Multiple Products ChartFX.ClientServer.Core.dll Remote Code Execution Vulnerability
      - IPS Version: 3.6.2 and after.
      - NGFW Version: 1.0.0 and after.
      - TPS Version: 4.0.0 and after.
      - vTPS Version: 4.0.1 and after.
      - Category: Exploits
      - Severity: Critical
      - Description: This filter detects an attempt to exploit a remote code execution vulnerability in multiple products by CYME.
      - Deployments:
        - Deployment: Security-Optimized (Block / Notify)
      - References:
        - Bugtraq ID: 55765

    30850: HTTP: Samsung Kies Command Execution Vulnerability
      - IPS Version: 3.6.2 and after.
      - NGFW Version: 1.0.0 and after.
      - TPS Version: 4.0.0 and after.
      - vTPS Version: 4.0.1 and after.
      - Category: Exploits
      - Severity: Critical
      - Description: This filter detects an attempt to exploit a command execution vulnerability in Samsung Kies.
      - Deployments:
        - Deployment: Security-Optimized (Block / Notify)
      - References:
        - Bugtraq ID: 55936
        - Common Vulnerabilities and Exposures: CVE-2012-3807

    30851: HTTP: Node js Pipelined Requests Denial of Service Vulnerability
      - IPS Version: 3.6.2 and after.
      - NGFW Version: 1.0.0 and after.
      - TPS Version: 4.0.0 and after.
      - vTPS Version: 4.0.1 and after.
      - Category: Exploits
      - Severity: High
      - Description: This filter detects an attempt to exploit a denial-of-service vulnerability in Node js.
      - Deployments:
        - Deployment: Security-Optimized (Block / Notify)
      - References:
        - Bugtraq ID: 63229
        - Common Vulnerabilities and Exposures: CVE-2013-4450 CVSS 5.0

    30852: DNS: ISC BIND Zero Length RDATA Denial-of-Service Vulnerability
      - IPS Version: 3.6.2 and after.
      - NGFW Version: 1.0.0 and after.
      - TPS Version: 4.0.0 and after.
      - vTPS Version: 4.0.1 and after.
      - Category: Exploits
      - Severity: High
      - Description: This filter detects an attempt to exploit a denial-of-service vulnerability in ISC BIND.
      - Deployments:
        - Deployment: Security-Optimized (Block / Notify)
      - References:
        - Bugtraq ID: 53772
        - Common Vulnerabilities and Exposures: CVE-2012-1667 CVSS 8.5

    30855: HTTP: Apache Struts XSLTResult File Memory Corruption Vulnerability
      - IPS Version: 3.6.2 and after.
      - NGFW Version: 1.0.0 and after.
      - TPS Version: 4.0.0 and after.
      - vTPS Version: 4.0.1 and after.
      - Category: Exploits
      - Severity: Critical
      - Description: This filter detects an attempt to exploit a memory corruption vulnerability in Apache Struts.
      - Deployments:
        - Deployment: Default (Block / Notify)
        - Deployment: Performance-Optimized (Disabled)
      - References:
        - Bugtraq ID: 88826
        - Common Vulnerabilities and Exposures: CVE-2016-3082 CVSS 10.0

    30856: HTTP: Microsoft SharePoint Username Sanitization Cross-site Scripting Vulnerability
      - IPS Version: 3.6.2 and after.
      - NGFW Version: 1.0.0 and after.
      - TPS Version: 4.0.0 and after.
      - vTPS Version: 4.0.1 and after.
      - Category: Exploits
      - Severity: Critical
      - Description: This filter detects an attempt to exploit a cross-site scripting (XSS) vulnerability in a Microsoft SharePoint 2010 server.
      - Deployments:
        - Deployment: Security-Optimized (Block / Notify)
      - References:
        - Common Vulnerabilities and Exposures: CVE-2012-1861 CVSS 4.3

    30911: TCP: Microsoft Windows Kerberos KDC Privilege Escalation Vulnerability
      - IPS Version: 3.6.2 and after.
      - NGFW Version: 1.0.0 and after.
      - TPS Version: 4.0.0 and after.
      - vTPS Version: 4.0.1 and after.
      - Category: Exploits
      - Severity: High
      - Description: This filter detects an attempt to exploit a privilege escalation vulnerability in Microsoft Windows Kerberos.
      - Deployment: Not enabled by default in any deployment.
      - References:
        - Common Vulnerabilities and Exposures: CVE-2014-6324 CVSS 9.0
        - Microsoft Security Bulletin: MS14-068

    30920: SMB: Microsoft Windows File Handling Component Memory Corruption Vulnerability
      - IPS Version: 3.6.2 and after.
      - NGFW Version: 1.0.0 and after.
      - TPS Version: 4.0.0 and after.
      - vTPS Version: 4.0.1 and after.
      - Category: Exploits
      - Severity: Critical
      - Description: This filter detects an attempt to exploit a memory corruption vulnerability in Microsoft Windows.
      - Deployments:
        - Deployment: Default (Block / Notify)
        - Deployment: Performance-Optimized (Disabled)
      - References:
        - Common Vulnerabilities and Exposures: CVE-2014-0315 CVSS 6.9
        - Microsoft Security Bulletin: MS14-019

  Modified Filters (logic changes):
    * = Enabled in Default deployments

    * 3003: HTTP: Microsoft GDI+ JPEG Processing Buffer Overflow Vulnerability
      - IPS Version: 1.0.0 and after.
      - NGFW Version: 1.0.0 and after.
      - TPS Version: 4.0.0 and after.
      - vTPS Version: 4.0.1 and after.
      - Name changed from "3003: HTTP: JPEG Image Processing Overflow".
      - Description updated.
      - Detection logic updated.
      - Vulnerability references updated.

    6040: HTTP: Microsoft Access File Download (TPTI-08-04)
      - IPS Version: 1.0.0 and after.
      - NGFW Version: 1.0.0 and after.
      - TPS Version: 4.0.0 and after.
      - vTPS Version: 4.0.1 and after.
      - Description updated.
      - Detection logic updated.
      - NGFW Application Groups updated.
      - Vulnerability references updated.

    * 8661: HTTP: Microsoft Windows GDI+ TIFF Parsing Buffer Overflow (ZDI-09-072)
      - IPS Version: 1.0.0 and after.
      - NGFW Version: 1.0.0 and after.
      - TPS Version: 4.0.0 and after.
      - vTPS Version: 4.0.1 and after.
      - Name changed from "8661: HTTP: Malicious TIFF Image File (ZDI-09-072)".
      - Description updated.
      - Detection logic updated.
      - Vulnerability references updated.

    * 12448: HTTP: HP OpenView Performance Agent Buffer Overflow Vulnerability (ZDI-12-114, ZDI-12-115)
      - IPS Version: 1.0.0 and after.
      - NGFW Version: 1.0.0 and after.
      - TPS Version: 4.0.0 and after.
      - vTPS Version: 4.0.1 and after.
      - Name changed from "12448: HTTP: HP OpenView Performance Agent Buffer Overflow (ZDI-12-114, ZDI-12-115)".
      - Description updated.
      - Detection logic updated.
      - Vulnerability references updated.

    12485: HTTP: HP SiteScope File Upload Directory Traversal Vulnerability (ZDI-12-174)
      - IPS Version: 1.0.0 and after.
      - NGFW Version: 1.0.0 and after.
      - TPS Version: 4.0.0 and after.
      - vTPS Version: 4.0.1 and after.
      - Name changed from "12485: HTTP: HP SiteScope Arbitrary File Upload (ZDI-12-174)".
      - Category changed from "Security Policy" to "Vulnerabilities".
      - Severity changed from "Low" to "Critical".
      - Description updated.
      - Detection logic updated.
      - Vulnerability references updated.
      - Deployments updated and are now:
        - Deployment: Security-Optimized (Block / Notify)

    12486: HTTP: HP SiteScope File Download Directory Traversal Vulnerability (ZDI-12-174)
      - IPS Version: 1.0.0 and after.
      - NGFW Version: 1.0.0 and after.
      - TPS Version: 4.0.0 and after.
      - vTPS Version: 4.0.1 and after.
      - Name changed from "12486: HTTP: HP SiteScope Arbitrary File Download (ZDI-12-175)".
      - Category changed from "Security Policy" to "Vulnerabilities".
      - Severity changed from "Low" to "High".
      - Description updated.
      - Detection logic updated.
      - Vulnerability references updated.
      - Deployments updated and are now:
        - Deployment: Security-Optimized (Block / Notify)

    * 12827: HTTP: Windows Live Writer URI Information Disclosure
      - IPS Version: 1.0.0 and after.
      - NGFW Version: 1.0.0 and after.
      - TPS Version: 4.0.0 and after.
      - vTPS Version: 4.0.1 and after.
      - Description updated.
      - Detection logic updated.
      - Vulnerability references updated.

    * 12936: HTTP: IBM SPSS SamplePower ComboList ActiveX Buffer Overflow Vulnerability (ZDI-13-099, ZDI-13-101)
      - IPS Version: 1.0.0 and after.
      - NGFW Version: 1.0.0 and after.
      - TPS Version: 4.0.0 and after.
      - vTPS Version: 4.0.1 and after.
      - Name changed from "12936: TCP: IBM SPSS SamplePower ComboList ActiveX Buffer Overflow Vulnerability (ZDI-13-099, ZDI-13-101)".
      - Description updated.
      - Detection logic updated.
      - Vulnerability references updated.

    13323: HTTP: Microsoft InformationCardSigninHelper ActiveX Control Memory Corruption Vulnerability
      - IPS Version: 1.0.0 and after.
      - NGFW Version: 1.0.0 and after.
      - TPS Version: 4.0.0 and after.
      - vTPS Version: 4.0.1 and after.
      - Description updated.
      - Detection logic updated.
      - Vulnerability references updated.

    13431: HTTP: PineApp Mail-SeCure livelog Command Injection Vulnerability (ZDI-13-184)
      - IPS Version: 1.0.0 and after.
      - NGFW Version: 1.0.0 and after.
      - TPS Version: 4.0.0 and after.
      - vTPS Version: 4.0.1 and after.
      - Description updated.
      - Detection logic updated.
      - Vulnerability references updated.

    13432: HTTP: PineApp Mail-SeCure livelog Component Access (ZDI-13-184)
      - IPS Version: 1.0.0 and after.
      - NGFW Version: 1.0.0 and after.
      - TPS Version: 4.0.0 and after.
      - vTPS Version: 4.0.1 and after.
      - Description updated.
      - Detection logic updated.
      - Vulnerability references updated.

    16224: HTTP: Advantech WebAccess NodeName ActiveX Buffer Overflow Vulnerability (ZDI-14-076)
      - IPS Version: 1.0.0 and after.
      - NGFW Version: 1.0.0 and after.
      - TPS Version: 4.0.0 and after.
      - vTPS Version: 4.0.1 and after.
      - Detection logic updated.
      - Vulnerability references updated.

    16520: HTTP: Adobe Mobile Reader Exposed Public Java Objects Code Execution Vulnerability
      - IPS Version: 1.0.0 and after.
      - NGFW Version: 1.0.0 and after.
      - TPS Version: 4.0.0 and after.
      - vTPS Version: 4.0.1 and after.
      - Detection logic updated.
      - Vulnerability references updated.

    16567: HTTP: MW6 Technologies MaxiCode ActiveX Control Buffer Overflow Vulnerability
      - IPS Version: 3.6.2 and after.
      - NGFW Version: 1.0.0 and after.
      - TPS Version: 4.0.0 and after.
      - vTPS Version: 4.0.1 and after.
      - Description updated.
      - Detection logic updated.
      - Vulnerability references updated.

    * 16748: HTTP: Mozilla Firefox WebIDL Privilege Escalation Vulnerability
      - IPS Version: 1.0.0 and after.
      - NGFW Version: 1.0.0 and after.
      - TPS Version: 4.0.0 and after.
      - vTPS Version: 4.0.1 and after.
      - Detection logic updated.

    16771: HTTP: Advantech WebAccess SCADA Parameter Buffer Overflow Vulnerability
      - IPS Version: 1.0.0 and after.
      - NGFW Version: 1.0.0 and after.
      - TPS Version: 4.0.0 and after.
      - vTPS Version: 4.0.1 and after.
      - Description updated.
      - Detection logic updated.
      - Vulnerability references updated.

    * 16926: HTTP: Microsoft Windows OLE Packer Memory Corruption Vulnerability
      - IPS Version: 1.0.0 and after.
      - NGFW Version: 1.0.0 and after.
      - TPS Version: 4.0.0 and after.
      - vTPS Version: 4.0.1 and after.
      - Detection logic updated.
      - Vulnerability references updated.

    * 28551: SCCP: Digium Asterisk chan_skinny SCCP packet Denial-of-Service Vulnerability
      - IPS Version: 3.1.3 and after.
      - NGFW Version: 1.0.0 and after.
      - TPS Version: 4.0.0 and after.
      - vTPS Version: 4.0.1 and after.
      - Detection logic updated.

    * 29369: HTTP: Adobe Acrobat Reader WinAnsiEncoding Differences Memory Corruption Vulnerability 
      - IPS Version: 3.1.3 and after.
      - NGFW Version: 1.0.0 and after.
      - TPS Version: 4.0.0 and after.
      - vTPS Version: 4.0.1 and after.
      - Detection logic updated.

    29936: HTTP: Adobe Acrobat Pro DC ImageConversion EMF BMP Parsing Out-Of-Bounds Read (ZDI-18-198)
      - IPS Version: 3.6.2 and after.
      - NGFW Version: 1.0.0 and after.
      - TPS Version: 4.0.0 and after.
      - vTPS Version: 4.0.1 and after.
      - Name changed from "29936: ZDI-CAN-5142: Zero Day Initiative Vulnerability (Adobe Acrobat Pro DC)".
      - Description updated.
      - Detection logic updated.
      - Vulnerability references updated.

    29948: HTTP: Adobe Acrobat ImageConversion EMF Integer Overflow Vulnerability (ZDI-17-1013)
      - IPS Version: 3.6.2 and after.
      - NGFW Version: 1.0.0 and after.
      - TPS Version: 4.0.0 and after.
      - vTPS Version: 4.0.1 and after.
      - Name changed from "29948: ZDI-CAN-5154: Zero Day Initiative Vulnerability (Adobe Acrobat Pro DC)".
      - Description updated.
      - Detection logic updated.
      - Vulnerability references updated.

    * 30241: HTTP: Microsoft Windows Font Embedding Information Disclosure Vulnerability (ZDI-18-163)
      - IPS Version: 3.6.2 and after.
      - NGFW Version: 1.0.0 and after.
      - TPS Version: 4.0.0 and after.
      - vTPS Version: 4.0.1 and after.
      - Detection logic updated.
      - Vulnerability references updated.

    * 30525: HTTP: Adobe Reader DC EMF HatchBrush Memory Corruption Vulnerability
      - IPS Version: 3.6.2 and after.
      - NGFW Version: 1.0.0 and after.
      - TPS Version: 4.0.0 and after.
      - vTPS Version: 4.0.1 and after.
      - Description updated.
      - Detection logic updated.
      - Vulnerability references updated.

  Modified Filters (metadata changes only):
    * = Enabled in Default deployments

    * 8744: HTTP: Oracle Secure Backup Command Injection Vulnerability
      - IPS Version: 1.0.0 and after.
      - NGFW Version: 1.0.0 and after.
      - TPS Version: 4.0.0 and after.
      - vTPS Version: 4.0.1 and after.
      - Name changed from "8744: Oracle: Secure Backup Command Injection".
      - Description updated.
      - Vulnerability references updated.

    8778: HTTP: Oracle Secure Backup Command Injection Vulnerability (ZDI-09-059, ZDI-10-119, ZDI-10-120)
      - IPS Version: 1.0.0 and after.
      - NGFW Version: 1.0.0 and after.
      - TPS Version: 4.0.0 and after.
      - vTPS Version: 4.0.1 and after.
      - Name changed from "8778: HTTP: Oracle Secure Backup Command Injection (ZDI-09-059, ZDI-10-119, ZDI-10-120)".
      - Description updated.
      - Vulnerability references updated.

    12287: HTTP: Oracle WebCenter Forms Recognition ActiveX Control Directory Traversal (ZDI-12-074)
      - IPS Version: 1.0.0 and after.
      - NGFW Version: 1.0.0 and after.
      - TPS Version: 4.0.0 and after.
      - vTPS Version: 4.0.1 and after.
      - Description updated.
      - Vulnerability references updated.

    12682: HTTP: CYME Multiple Products ChartFX.ClientServer.Core.dll Instantiation
      - IPS Version: 1.0.0 and after.
      - NGFW Version: 1.0.0 and after.
      - TPS Version: 4.0.0 and after.
      - vTPS Version: 4.0.1 and after.
      - Description updated.
      - Vulnerability references updated.

    12884: HTTP: LANDesk ThinkManagement Suite File Upload
      - IPS Version: 1.0.0 and after.
      - NGFW Version: 1.0.0 and after.
      - TPS Version: 4.0.0 and after.
      - vTPS Version: 4.0.1 and after.
      - Vulnerability references updated.

    13289: HTTP: IBM Quickr Vulnerable ActiveX Instantiation (ZDI-13-214)
      - IPS Version: 1.0.0 and after.
      - NGFW Version: 1.0.0 and after.
      - TPS Version: 4.0.0 and after.
      - vTPS Version: 4.0.1 and after.
      - Description updated.
      - Vulnerability references updated.

    13291: HTTP: IBM Lotus iNotes Retired ActiveX Control (ZDI-13-213)
      - IPS Version: 1.0.0 and after.
      - NGFW Version: 1.0.0 and after.
      - TPS Version: 4.0.0 and after.
      - vTPS Version: 4.0.1 and after.
      - Description updated.
      - Vulnerability references updated.

    * 13429: HTTP: HP ProCurve Manager SNAC UpdateDomainControllerServlet Directory Traversal (ZDI-13-226)
      - IPS Version: 1.0.0 and after.
      - NGFW Version: 1.0.0 and after.
      - TPS Version: 4.0.0 and after.
      - vTPS Version: 4.0.1 and after.
      - Description updated.
      - Vulnerability references updated.

    * 13430: HTTP: HP ProCurve Manager SNAC UpdateCertificatesServlet Directory Traversal (ZDI-13-225)
      - IPS Version: 1.0.0 and after.
      - NGFW Version: 1.0.0 and after.
      - TPS Version: 4.0.0 and after.
      - vTPS Version: 4.0.1 and after.
      - Description updated.
      - Vulnerability references updated.

    13987: HTTP: Samsung iPOLiS XNSSDKDEVICE ActiveX Control Instantiation (ZDI-14-169/ZDI-14-170)
      - IPS Version: 3.6.2 and after.
      - NGFW Version: 1.0.0 and after.
      - TPS Version: 4.0.0 and after.
      - vTPS Version: 4.0.1 and after.
      - Description updated.
      - Vulnerability references updated.

    30707: HTTP: Apache multiple Space header Heap Overflow Vulnerability
      - IPS Version: 3.6.2 and after.
      - NGFW Version: 1.0.0 and after.
      - TPS Version: 4.0.0 and after.
      - vTPS Version: 4.0.1 and after.
      - Miscellaneous modification.

  Removed Filters:

    30045: HTTP: Adobe Acrobat Pro EMF file XForm object Memory Corruption Vulnerability
      - IPS Version: 3.6.2 and after.
      - NGFW Version: 1.0.0 and after.
      - TPS Version: 4.0.0 and after.
      - vTPS Version: 4.0.1 and after.
Top of the Page
Premium
Internal
Rating:
Category:
Configure; Troubleshoot; Deploy
Solution Id:
TP000103795
Feedback
Did this article help you?

Thank you for your feedback!

To help us improve the quality of this article, please leave your email here so we can clarify further your feedback, if neccessary:
We will not send you spam or share your email address.

*This form is automated system. General questions, technical, sales, and product-related issues submitted through this form will not be answered.

If you need additional help, you may try to contact the support team. Contact Support


To help us improve the quality of this article, please leave your email here so we can clarify further your feedback, if neccessary:
We will not send you spam or share your email address.

*This form is automated system. General questions, technical, sales, and product-related issues submitted through this form will not be answered.