Sign In with your
Trend Micro Account
Need Help?
Need More Help?

Create a technical support case if you need further support.

Digital Vaccine #9100

    • Updated:
    • 15 May 2018
    • Product/Version:
    • TippingPoint Digital Vaccine
    • Platform:
Summary
Digital Vaccine #9100      May 15, 2018
Details
Public
 
Thank you for subscribing to Digital Vaccine updates brought to you by Trend Micro™ TippingPoint DVLabs.

New content is now available at the Threat Management Center (TMC): https://tmc.tippingpoint.com

SMS customers can update the Digital Vaccine through the SMS client. From the top line menu, you can open the "File > Download Digital Vaccine from TMC" menu item to detect and load the latest update.
 
System Requirements
The 3.2.0 DV will run on IPS devices with TOS v3.2.0 and above,  all NGFW and all TPS systems.
The 4.0.0 DV will only run on the Virtual Threat Protection System (vTPS) appliance.
Please note that vTPS does not currently support pre-disclosed ZDI filters.
 
Adobe Security Bulletins
This DV includes coverage for the Adobe vulnerabilities released on or before May 8, 2018.
The following table maps TippingPoint filters to the Adobe CVEs.
Bulletin #CVE #TippingPoint Filter #Status
APSB18-16CVE-2018-494431588 
APSB18-09CVE-2018-494631687 
APSB18-09CVE-2018-494731688 
APSB18-09CVE-2018-494831589 
APSB18-09CVE-2018-494931592 
APSB18-09CVE-2018-495031593 
APSB18-09CVE-2018-495131594 
APSB18-09CVE-2018-495231695 
APSB18-09CVE-2018-495331696 
APSB18-09CVE-2018-495431697 
APSB18-09CVE-2018-495531698 
APSB18-09CVE-2018-4956 Vendor Deemed Reproducibility or Exploitation Unlikely
APSB18-09CVE-2018-495731699 
APSB18-09CVE-2018-495831700 
APSB18-09CVE-2018-495931701 
APSB18-09CVE-2018-496031702 
APSB18-09CVE-2018-496131703 
APSB18-09CVE-2018-496231704 
APSB18-09CVE-2018-496331705 
APSB18-09CVE-2018-496431706 
APSB18-09CVE-2018-496531707 
APSB18-09CVE-2018-496631708 
APSB18-09CVE-2018-496731709 
APSB18-09CVE-2018-496831710 
APSB18-09CVE-2018-496931711 
APSB18-09CVE-2018-497031712 
APSB18-09CVE-2018-497131713 
APSB18-09CVE-2018-497231714 
APSB18-09CVE-2018-497331715 
APSB18-09CVE-2018-497431716 
APSB18-09CVE-2018-497531717 
APSB18-09CVE-2018-497631718 
APSB18-09CVE-2018-497731719 
APSB18-09CVE-2018-497831720 
APSB18-09CVE-2018-497931721 
APSB18-09CVE-2018-498031722 
APSB18-09CVE-2018-498131723 
APSB18-09CVE-2018-498231724 
APSB18-09CVE-2018-498331725 
APSB18-09CVE-2018-498431726 
APSB18-09CVE-2018-498531727 
APSB18-09CVE-2018-498631597 
APSB18-09CVE-2018-498731598 
APSB18-09CVE-2018-498831596 
APSB18-09CVE-2018-498931595 
APSB18-09CVE-2018-499031591 
APSB18-09CVE-2018-499331570 
Filters marked with * shipped prior to this DV, providing zero-day protection.
 
The Digital Vaccine can be manually downloaded from the following URLs:
https://tmc.tippingpoint.com/TMC/ViewPackage?parentFolderId=digital_vaccines&contentId=SIG_3.2.0_9100.pkg
https://tmc.tippingpoint.com/TMC/ViewPackage?parentFolderId=vsa_dv&contentId=SIG_VTPS_4.0.0_9100.pkg

Update Details

Table of Contents
--------------------------

Filters
 New Filters
 Modified Filters (logic changes)
 Modified Filters (metadata changes only)
 Removed Filters

Filters
----------------
 New Filters:
    31551: HTTP: Ipswitch WhatsUp Gold DOS Device HTTP Request Denial-of-Service Vulnerability
      - IPS Version: 3.6.2 and after.
      - NGFW Version: 1.0.0 and after.
      - TPS Version: 4.0.0 and after.
      - vTPS Version: 4.0.1 and after.
      - Category: Vulnerabilities
      - Severity: High
      - Description: This filter detects an attempt to exploit a denial-of-service vulnerability in Ipswitch WhatsUp Gold.
      - Deployment: Not enabled by default in any deployment.
      - References:
        - Bugtraq ID: 11110
        - Common Vulnerabilities and Exposures: CVE-2004-0799 CVSS 5.0

    31553: HTTP: Oracle Web Cache Buffer Overflow Vulnerability
      - IPS Version: 3.6.2 and after.
      - NGFW Version: 1.0.0 and after.
      - TPS Version: 4.0.0 and after.
      - vTPS Version: 4.0.1 and after.
      - Category: Exploits
      - Severity: Critical
      - Description: This filter detects an attempt to exploit a buffer overflow vulnerability in Oracle Web Cache.
      - Deployment: Not enabled by default in any deployment.
      - References:
        - Bugtraq ID: 9868
        - Common Vulnerabilities and Exposures: CVE-2004-0385 CVSS 10.0

    31564: CVS: CVS Entry Line Flag Buffer Overflow Vulnerability
      - IPS Version: 3.6.2 and after.
      - NGFW Version: 1.0.0 and after.
      - TPS Version: 4.0.0 and after.
      - vTPS Version: 4.0.1 and after.
      - Category: Exploits
      - Severity: Critical
      - Description: This filter detects an attempt to exploit a buffer overflow vulnerability in CVS.
      - Deployment: Not enabled by default in any deployment.
      - References:
        - Bugtraq ID: 10384
        - Common Vulnerabilities and Exposures: CVE-2004-0396 CVSS 7.5

    31565: SMB: Samba Arbitrary File Access Bypass Vulnerability
      - IPS Version: 3.6.2 and after.
      - NGFW Version: 1.0.0 and after.
      - TPS Version: 4.0.0 and after.
      - vTPS Version: 4.0.1 and after.
      - Category: Exploits
      - Severity: High
      - Description: This filter detects an attempt to exploit a file access bypass vulnerability in Samba.
      - Deployment: Not enabled by default in any deployment.
      - References:
        - Bugtraq ID: 11281
        - Common Vulnerabilities and Exposures: CVE-2004-0815 CVSS 7.5

    31567: DNS: Symantec Norton DNS CNAME Buffer Overflow Vulnerability
      - IPS Version: 3.6.2 and after.
      - NGFW Version: 1.0.0 and after.
      - TPS Version: 4.0.0 and after.
      - vTPS Version: 4.0.1 and after.
      - Category: Exploits
      - Severity: Critical
      - Description: This filter detects an attempt to exploit a buffer overflow vulnerability in Symantec Norton.
      - Deployment: Not enabled by default in any deployment.
      - References:
        - Bugtraq ID: 10333, 10334, 10335
        - Common Vulnerabilities and Exposures: CVE-2004-0444 CVSS 10.0

    31568: HTTP: Microsoft WordPerfect 5.x Converter Buffer Overflow Vulnerability
      - IPS Version: 3.6.2 and after.
      - NGFW Version: 1.0.0 and after.
      - TPS Version: 4.0.0 and after.
      - vTPS Version: 4.0.1 and after.
      - Category: Vulnerabilities
      - Severity: Critical
      - Description: This filter detects an attempt to exploit a buffer overflow vulnerability in Microsoft WordPerfect 5.x Converter.
      - Deployment: Not enabled by default in any deployment.
      - References:
        - Bugtraq ID: 11172
        - Common Vulnerabilities and Exposures: CVE-2004-0573 CVSS 7.5
        - Microsoft Security Bulletin: MS04-027

    31569: SMTP: Alt-N Technologies MDaemon SMTP command Buffer Overflow Vulnerability
      - IPS Version: 3.6.2 and after.
      - NGFW Version: 1.0.0 and after.
      - TPS Version: 4.0.0 and after.
      - vTPS Version: 4.0.1 and after.
      - Category: Exploits
      - Severity: Critical
      - Description: This filter detects an attempt to exploit a buffer overflow vulnerability in Alt-N Technologies MDaemon.
      - Deployment: Not enabled by default in any deployment.
      - References:
        - Bugtraq ID: 11238
        - Common Vulnerabilities and Exposures: CVE-2004-1546 CVSS 5.0

    31574: HTTP: Trend Micro InterScan VirusWall Directory Traversal Vulnerability
      - IPS Version: 3.6.2 and after.
      - NGFW Version: 1.0.0 and after.
      - TPS Version: 4.0.0 and after.
      - vTPS Version: 4.0.1 and after.
      - Category: Vulnerabilities
      - Severity: High
      - Description: This filter detects an attempt to exploit a directory traversal vulnerability in Trend Micro InterScan VirusWall.
      - Deployment: Not enabled by default in any deployment.
      - References:
        - Bugtraq ID: 9966
        - Common Vulnerabilities and Exposures: CVE-2004-1859 CVSS 5.0

    31576: TCP: Dell OpenManage Web Server Pre-Authentication Based Buffer Overflow Vulnerability
      - IPS Version: 3.6.2 and after.
      - NGFW Version: 1.0.0 and after.
      - TPS Version: 4.0.0 and after.
      - vTPS Version: 4.0.1 and after.
      - Category: Exploits
      - Severity: Critical
      - Description: This filter detects an attempt to exploit a buffer overflow vulnerability in Dell OpenManage Web Server.
      - Deployment: Not enabled by default in any deployment.
      - References:
        - Bugtraq ID: 9750
        - Common Vulnerabilities and Exposures: CVE-2004-0331 CVSS 5.0

    31578: HTTP: Oracle 10g iSQLPLus Service Heap Buffer Overflow Vulnerability
      - IPS Version: 3.6.2 and after.
      - NGFW Version: 1.0.0 and after.
      - TPS Version: 4.0.0 and after.
      - vTPS Version: 4.0.1 and after.
      - Category: Vulnerabilities
      - Severity: Critical
      - Description: This filter detects an attempt to exploit a buffer overflow vulnerability in Oracle iSQLPlus service.
      - Deployment: Not enabled by default in any deployment.
      - References:
        - Bugtraq ID: 10871
        - Common Vulnerabilities and Exposures: CVE-2004-1371 CVSS 9.0

    31579: KERBEROS: MIT Kerberos V5 Principal Name Buffer Overflow Vulnerability
      - IPS Version: 3.6.2 and after.
      - NGFW Version: 1.0.0 and after.
      - TPS Version: 4.0.0 and after.
      - vTPS Version: 4.0.1 and after.
      - Category: Exploits
      - Severity: Critical
      - Description: This filter detects an attempt to exploit a buffer overflow vulnerability in MIT Kerberos V5.
      - Deployment: Not enabled by default in any deployment.
      - References:
        - Bugtraq ID: 10448
        - Common Vulnerabilities and Exposures: CVE-2004-0523 CVSS 10.0

    31580: SMB: Samba Printer Change Notification Request Denial-of-Service Vulnerability
      - IPS Version: 3.6.2 and after.
      - NGFW Version: 1.0.0 and after.
      - TPS Version: 4.0.0 and after.
      - vTPS Version: 4.0.1 and after.
      - Category: Exploits
      - Severity: High
      - Description: This filter detects an attempt to exploit a denial-of-service vulnerability in Samba.
      - Deployment: Not enabled by default in any deployment.
      - References:
        - Bugtraq ID: 11055
        - Common Vulnerabilities and Exposures: CVE-2004-0829 CVSS 5.0

    31581: HTTP: Internet Explorer Security Zone Bypass and Address Spoofing Vulnerability
      - IPS Version: 3.6.2 and after.
      - NGFW Version: 1.0.0 and after.
      - TPS Version: 4.0.0 and after.
      - vTPS Version: 4.0.1 and after.
      - Category: Exploits
      - Severity: Critical
      - Description: This filter detects an attempt to exploit an address spoofing vulnerability in Microsoft Internet Explorer.
      - Deployment: Not enabled by default in any deployment.
      - References:
        - Bugtraq ID: 10579

    31582: SMTP: Adobe Acrobat Reader (Unix) Shell Metacharacter Code Execution Vulnerability
      - IPS Version: 3.6.2 and after.
      - NGFW Version: 1.0.0 and after.
      - TPS Version: 4.0.0 and after.
      - vTPS Version: 4.0.1 and after.
      - Category: Exploits
      - Severity: Critical
      - Description: This filter detects an attempt to exploit a code execution vulnerability in Adobe Acrobat Reader For UNIX.
      - Deployment: Not enabled by default in any deployment.
      - References:
        - Bugtraq ID: 10931
        - Common Vulnerabilities and Exposures: CVE-2004-0630 CVSS 10.0

    31583: HTTP: PHP memory_limit Buffer Overflow Vulnerability
      - IPS Version: 3.6.2 and after.
      - NGFW Version: 1.0.0 and after.
      - TPS Version: 4.0.0 and after.
      - vTPS Version: 4.0.1 and after.
      - Category: Exploits
      - Severity: Critical
      - Description: This filter detects an attempt to exploit a buffer overflow vulnerability in PHP.
      - Deployment: Not enabled by default in any deployment.
      - References:
        - Bugtraq ID: 10725
        - Common Vulnerabilities and Exposures: CVE-2004-0594 CVSS 5.1

    31584: HTTP: Qt BMP Handling Buffer Overflow Vulnerability
      - IPS Version: 3.6.2 and after.
      - NGFW Version: 1.0.0 and after.
      - TPS Version: 4.0.0 and after.
      - vTPS Version: 4.0.1 and after.
      - Category: Exploits
      - Severity: Critical
      - Description: This filter detects an attempt to exploit a buffer overflow vulnerability in Qt library.
      - Deployment: Not enabled by default in any deployment.
      - References:
        - Bugtraq ID: 10977
        - Common Vulnerabilities and Exposures: CVE-2004-0691 CVSS 7.5

    31585: HTTP: Adobe Acrobat Reader Javascript Use-After-Free Vulnerability
      - IPS Version: 3.6.2 and after.
      - NGFW Version: 1.0.0 and after.
      - TPS Version: 4.0.0 and after.
      - vTPS Version: 4.0.1 and after.
      - Category: Vulnerabilities
      - Severity: Critical
      - Description: This filter detects an attempt to exploit a use-after-free vulnerability in Adobe Acrobat Reader.
      - Deployments:
        - Deployment: Security-Optimized (Block / Notify)
      - References:
        - Common Vulnerabilities and Exposures: CVE-2018-4946 CVSS 7.8

    31586: SMS: Microsoft Systems Management Server Remote Control Service Denial-of-Service Vulnerability
      - IPS Version: 3.6.2 and after.
      - NGFW Version: 1.0.0 and after.
      - TPS Version: 4.0.0 and after.
      - vTPS Version: 4.0.1 and after.
      - Category: Vulnerabilities
      - Severity: Critical
      - Description: This filter detects an attempt to exploit a denial-of-service vulnerability in Microsoft Systems Management Server.
      - Deployment: Not enabled by default in any deployment.
      - References:
        - Bugtraq ID: 10726
        - Common Vulnerabilities and Exposures: CVE-2004-0728 CVSS 5.0

    31587: HTTP: Microsoft Windows Large Image Resize Denial-of-Service Vulnerability
      - IPS Version: 3.6.2 and after.
      - NGFW Version: 1.0.0 and after.
      - TPS Version: 4.0.0 and after.
      - vTPS Version: 4.0.1 and after.
      - Category: Exploits
      - Severity: High
      - Description: This filter detects an attempt to exploit a denial-of-service vulnerability in Microsoft Windows.
      - Deployment: Not enabled by default in any deployment.

    31588: HTTP: Adobe Flash ActionScript 2 VM Type Confusion Vulnerability
      - IPS Version: 3.6.2 and after.
      - NGFW Version: 1.0.0 and after.
      - TPS Version: 4.0.0 and after.
      - vTPS Version: 4.0.1 and after.
      - Category: Exploits
      - Severity: Critical
      - Description: This filter detects an attempt to exploit a type confusion vulnerability in Adobe Flash.
      - Deployments:
        - Deployment: Default (Block / Notify)
        - Deployment: Performance-Optimized (Disabled)
      - References:
        - Common Vulnerabilities and Exposures: CVE-2018-4944

    31589: HTTP: Adobe Acrobat EMF Parsing Buffer Overflow Vulnerability
      - IPS Version: 3.6.2 and after.
      - NGFW Version: 1.0.0 and after.
      - TPS Version: 4.0.0 and after.
      - vTPS Version: 4.0.1 and after.
      - Category: Exploits
      - Severity: Critical
      - Description: This filter detects an attempt to exploit a buffer overflow vulnerability in Adobe Acrobat.
      - Deployments:
        - Deployment: Default (Block / Notify)
        - Deployment: Performance-Optimized (Disabled)
      - References:
        - Common Vulnerabilities and Exposures: CVE-2018-4948

    31590: HTTP: Microsoft Windows Task Scheduler Buffer Overflow Vulnerability
      - IPS Version: 3.6.2 and after.
      - NGFW Version: 1.0.0 and after.
      - TPS Version: 4.0.0 and after.
      - vTPS Version: 4.0.1 and after.
      - Category: Exploits
      - Severity: Critical
      - Description: This filter detects an attempt to exploit a buffer overflow vulnerability in Microsoft Windows Task Scheduler.
      - Deployment: Not enabled by default in any deployment.
      - References:
        - Bugtraq ID: 10708
        - Common Vulnerabilities and Exposures: CVE-2004-0212 CVSS 10.0
        - Microsoft Security Bulletin: MS04-022

    31591: HTTP: Adobe Acrobat JPEG2000 Double-Free Vulnerability
      - IPS Version: 3.6.2 and after.
      - NGFW Version: 1.0.0 and after.
      - TPS Version: 4.0.0 and after.
      - vTPS Version: 4.0.1 and after.
      - Category: Exploits
      - Severity: Critical
      - Description: This filter detects an attempt to exploit a double-free vulnerability in Adobe Acrobat.
      - Deployments:
        - Deployment: Security-Optimized (Block / Notify)
      - References:
        - Common Vulnerabilities and Exposures: CVE-2018-4990

    31592: HTTP: Adobe Acrobat EMF Parsing Memory Corruption Vulnerability
      - IPS Version: 3.6.2 and after.
      - NGFW Version: 1.0.0 and after.
      - TPS Version: 4.0.0 and after.
      - vTPS Version: 4.0.1 and after.
      - Category: Exploits
      - Severity: Critical
      - Description: This filter detects an attempt to exploit a memory corruption vulnerability in Adobe Acrobat.
      - Deployments:
        - Deployment: Default (Block / Notify)
        - Deployment: Performance-Optimized (Disabled)
      - References:
        - Common Vulnerabilities and Exposures: CVE-2018-4949

    31593: HTTP: Adobe Acrobat EMF Parsing Memory Corruption Vulnerability
      - IPS Version: 3.6.2 and after.
      - NGFW Version: 1.0.0 and after.
      - TPS Version: 4.0.0 and after.
      - vTPS Version: 4.0.1 and after.
      - Category: Exploits
      - Severity: Critical
      - Description: This filter detects an attempt to exploit a memory corruption vulnerability in Adobe Acrobat.
      - Deployments:
        - Deployment: Default (Block / Notify)
        - Deployment: Performance-Optimized (Disabled)
      - References:
        - Common Vulnerabilities and Exposures: CVE-2018-4950

    31594: HTTP: Adobe Acrobat EMF Parsing Information Disclosure Vulnerability
      - IPS Version: 3.6.2 and after.
      - NGFW Version: 1.0.0 and after.
      - TPS Version: 4.0.0 and after.
      - vTPS Version: 4.0.1 and after.
      - Category: Exploits
      - Severity: High
      - Description: This filter detects an attempt to exploit an information disclosure vulnerability in Adobe Acrobat.
      - Deployments:
        - Deployment: Default (Block / Notify)
        - Deployment: Performance-Optimized (Disabled)
      - References:
        - Common Vulnerabilities and Exposures: CVE-2018-4951

    31595: HTTP: Adobe Acrobat Reader 3D Annotation Use-After-Free Vulnerability 
      - IPS Version: 3.6.2 and after.
      - NGFW Version: 1.0.0 and after.
      - TPS Version: 4.0.0 and after.
      - vTPS Version: 4.0.1 and after.
      - Category: Exploits
      - Severity: Critical
      - Description: This filter detects an attempt to exploit a use-after-free vulnerability in Adobe Acrobat.
      - Deployments:
        - Deployment: Default (Block / Notify)
        - Deployment: Performance-Optimized (Disabled)
      - References:
        - Common Vulnerabilities and Exposures: CVE-2018-4989

    31596: HTTP: Adobe Acrobat Reader Plugin Use-After-Free Vulnerability 
      - IPS Version: 3.6.2 and after.
      - NGFW Version: 1.0.0 and after.
      - TPS Version: 4.0.0 and after.
      - vTPS Version: 4.0.1 and after.
      - Category: Vulnerabilities
      - Severity: Critical
      - Description: This filter detects an attempt to exploit a use-after-free vulnerability in Adobe Acrobat.
      - Deployments:
        - Deployment: Default (Block / Notify)
        - Deployment: Performance-Optimized (Disabled)
      - References:
        - Common Vulnerabilities and Exposures: CVE-2018-4988

    31598: HTTP: Adobe Acrobat Information Disclosure Vulnerability
      - IPS Version: 3.6.2 and after.
      - NGFW Version: 1.0.0 and after.
      - TPS Version: 4.0.0 and after.
      - vTPS Version: 4.0.1 and after.
      - Category: Vulnerabilities
      - Severity: High
      - Description: This filter detects an attempt to exploit a memory corruption vulnerability within Adobe Acrobat.
      - Deployments:
        - Deployment: Default (Block / Notify)
        - Deployment: Performance-Optimized (Disabled)
      - References:
        - Common Vulnerabilities and Exposures: CVE-2018-4987

    31599: UDP: Ethereal Netflow Dissector Buffer Overflow Vulnerability 
      - IPS Version: 3.6.2 and after.
      - NGFW Version: 1.0.0 and after.
      - TPS Version: 4.0.0 and after.
      - vTPS Version: 4.0.1 and after.
      - Category: Vulnerabilities
      - Severity: Critical
      - Description: This filter detects an attempt to exploit a buffer overflow vulnerability in Ethereal.
      - Deployment: Not enabled by default in any deployment.
      - References:
        - Bugtraq ID: 9952
        - Common Vulnerabilities and Exposures: CVE-2004-0176 CVSS 5.0

    31600: SMTP: Metamail Format String Buffer Overflow Vulnerability
      - IPS Version: 3.6.2 and after.
      - NGFW Version: 1.0.0 and after.
      - TPS Version: 4.0.0 and after.
      - vTPS Version: 4.0.1 and after.
      - Category: Exploits
      - Severity: Critical
      - Description: This filter detects an attempt to exploit a buffer overflow vulnerability in Metamail.
      - Deployment: Not enabled by default in any deployment.
      - References:
        - Bugtraq ID: 9692
        - Common Vulnerabilities and Exposures: CVE-2004-0104 CVSS 7.5

    31601: SSL: OpenSSL Integer Underflow Denial-of-Service Vulnerability
      - IPS Version: 3.6.2 and after.
      - NGFW Version: 1.0.0 and after.
      - TPS Version: 4.0.0 and after.
      - vTPS Version: 4.0.1 and after.
      - Category: Exploits
      - Severity: High
      - Description: This filter detects an attempt to exploit a denial-of-service vulnerability in OpenSSL.
      - Deployment: Not enabled by default in any deployment.
      - References:
        - Bugtraq ID: 9899
        - Common Vulnerabilities and Exposures: CVE-2004-0079 CVSS 5.0

    31602: HTTPS: BEA WebLogic SSL Handling Denial-of-Service Vulnerability
      - IPS Version: 3.6.2 and after.
      - NGFW Version: 1.0.0 and after.
      - TPS Version: 4.0.0 and after.
      - vTPS Version: 4.0.1 and after.
      - Category: Exploits
      - Severity: High
      - Description: This filter detects an attempt to exploit a denial-of-service vulnerability in BEA Systems WebLogic.
      - Deployment: Not enabled by default in any deployment.
      - References:
        - Bugtraq ID: 10544
        - Common Vulnerabilities and Exposures: CVE-2004-2424 CVSS 5.0

    31603: HTTP: Multiple Browsers Telnet URI Handler File Manipulation Vulnerability
      - IPS Version: 3.6.2 and after.
      - NGFW Version: 1.0.0 and after.
      - TPS Version: 4.0.0 and after.
      - vTPS Version: 4.0.1 and after.
      - Category: Vulnerabilities
      - Severity: High
      - Description: This filter detects an attempt to exploit a file manipulation vulnerability in various web browsers.
      - Deployment: Not enabled by default in any deployment.
      - References:
        - Bugtraq ID: 10341, 10358
        - Common Vulnerabilities and Exposures: CVE-2004-0411 CVSS 7.5, CVE-2004-0473 CVSS 2.6

    31605: SMB: Microsoft Explorer Long Share Name Buffer Overflow Vulnerability
      - IPS Version: 3.6.2 and after.
      - NGFW Version: 1.0.0 and after.
      - TPS Version: 4.0.0 and after.
      - vTPS Version: 4.0.1 and after.
      - Category: Exploits
      - Severity: High
      - Description: This filter detects an attempt to exploit a buffer overflow vulnerability in Microsoft Explorer.
      - Deployment: Not enabled by default in any deployment.
      - References:
        - Bugtraq ID: 10213
        - Common Vulnerabilities and Exposures: CVE-2004-0214 CVSS 10.0
        - Microsoft Security Bulletin: MS04-037

    31607: HTTP: Macromedia Flash Player LoadMovie Denial-of-Service Vulnerability
      - IPS Version: 3.6.2 and after.
      - NGFW Version: 1.0.0 and after.
      - TPS Version: 4.0.0 and after.
      - vTPS Version: 4.0.1 and after.
      - Category: Exploits
      - Severity: Critical
      - Description: This filter detects an attempt to exploit a denial-of-service vulnerability in Macromedia Flash Player.
      - Deployment: Not enabled by default in any deployment.

    31608: POP3/HTTP: Microsoft Outlook Object Security Bypass Vulnerability
      - IPS Version: 3.6.2 and after.
      - NGFW Version: 1.0.0 and after.
      - TPS Version: 4.0.0 and after.
      - vTPS Version: 4.0.1 and after.
      - Category: Exploits
      - Severity: High
      - Description: This filter detects an attempt to exploit a security bypass vulnerability in Microsoft Outlook.
      - Deployment: Not enabled by default in any deployment.
      - References:
        - Bugtraq ID: 10369
        - Common Vulnerabilities and Exposures: CVE-2004-0503 CVSS 5.0

    31609: FTP: Serv-U LIST Parameter Buffer Overflow Vulnerability
      - IPS Version: 3.6.2 and after.
      - NGFW Version: 1.0.0 and after.
      - TPS Version: 4.0.0 and after.
      - vTPS Version: 4.0.1 and after.
      - Category: Exploits
      - Severity: Critical
      - Description: This filter detects an attempt to exploit a buffer overflow vulnerability in Rhino Software Serv-U FTP Server.
      - Deployment: Not enabled by default in any deployment.
      - References:
        - Bugtraq ID: 10181
        - Common Vulnerabilities and Exposures: CVE-2004-1992 CVSS 5.0

    31610: FTP: HD Soft Windows FTP Server Username Format String Vulnerability
      - IPS Version: 3.6.2 and after.
      - NGFW Version: 1.0.0 and after.
      - TPS Version: 4.0.0 and after.
      - vTPS Version: 4.0.1 and after.
      - Category: Exploits
      - Severity: High
      - Description: This filter detects an attempt to exploit a user format string vulnerability in HD Soft Windows FTP Server.
      - Deployment: Not enabled by default in any deployment.
      - References:
        - Bugtraq ID: 9385
        - Common Vulnerabilities and Exposures: CVE-2004-0069 CVSS 7.5

    31611: CVS: CVS File Existence Information Disclosure Vulnerability
      - IPS Version: 3.6.2 and after.
      - NGFW Version: 1.0.0 and after.
      - TPS Version: 4.0.0 and after.
      - vTPS Version: 4.0.1 and after.
      - Category: Exploits
      - Severity: High
      - Description: This filter detects an attempt to exploit an information disclosure vulnerability in CVS.
      - Deployment: Not enabled by default in any deployment.
      - References:
        - Bugtraq ID: 10955
        - Common Vulnerabilities and Exposures: CVE-2004-0778 CVSS 5.0

    31613: SMB: Samba Wildcard Filename Matching Denial-of-Service Vulnerability
      - IPS Version: 3.6.2 and after.
      - NGFW Version: 1.0.0 and after.
      - TPS Version: 4.0.0 and after.
      - vTPS Version: 4.0.1 and after.
      - Category: Exploits
      - Severity: High
      - Description: This filter detects an attempt to exploit a denial-of-service vulnerability in the Samba protocol.
      - Deployment: Not enabled by default in any deployment.
      - References:
        - Bugtraq ID: 11624
        - Common Vulnerabilities and Exposures: CVE-2004-0930 CVSS 5.0

    31614: HTTP: Absolute LoJack Agent Checkin Request
      - IPS Version: 3.6.2 and after.
      - NGFW Version: 1.0.0 and after.
      - TPS Version: 4.0.0 and after.
      - vTPS Version: 4.0.1 and after.
      - Category: Security Policy
      - Severity: Moderate
      - Description: This filter detects the checkin request of Absolute LoJack agent.
      - Deployment: Not enabled by default in any deployment.

    31615: EIGRP: Ethereal EIGRP Dissector Buffer Overflow Vulnerability 
      - IPS Version: 3.6.2 and after.
      - NGFW Version: 1.0.0 and after.
      - TPS Version: 4.0.0 and after.
      - vTPS Version: 4.0.1 and after.
      - Category: Exploits
      - Severity: Critical
      - Description: This filter detects an attempt to exploit a buffer overflow vulnerability in the EIGRP dissector within Ethereal.
      - Deployment: Not enabled by default in any deployment.
      - References:
        - Common Vulnerabilities and Exposures: CVE-2004-0176 CVSS 5.0

    31619: ZDI-CAN-5553: Zero Day Initiative Vulnerability (Trend Micro Encryption for Email Gateway)
      - IPS Version: 3.6.2 and after.
      - NGFW Version: 1.0.0 and after.
      - TPS Version: 4.0.0 and after.
      - vTPS Version: Not available.
      - Requires: IPS N-Platform, NX-Platform, NGFW, or TPS models.
      - Category: Vulnerabilities
      - Severity: Critical
      - Description: This filter provides protection against exploitation of a zero-day vulnerability affecting Trend Micro Encryption for Email Gateway.
      - Deployments:
        - Deployment: Security-Optimized (Block / Notify)

    31620: ZDI-CAN-5567: Zero Day Initiative Vulnerability (Microsoft Visual Studio)
      - IPS Version: 3.6.2 and after.
      - NGFW Version: 1.0.0 and after.
      - TPS Version: 4.0.0 and after.
      - vTPS Version: Not available.
      - Requires: IPS N-Platform, NX-Platform, NGFW, or TPS models.
      - Category: Vulnerabilities
      - Severity: Critical
      - Description: This filter provides protection against exploitation of a zero-day vulnerability affecting Microsoft Visual Studio.
      - Deployments:
        - Deployment: Security-Optimized (Block / Notify)

    31621: HTTP: McAfee Anti-Virus ZIP Archive Virus Detection Bypass Vulnerability 
      - IPS Version: 3.6.2 and after.
      - NGFW Version: 1.0.0 and after.
      - TPS Version: 4.0.0 and after.
      - vTPS Version: 4.0.1 and after.
      - Category: Exploits
      - Severity: Critical
      - Description: This filter detects an attempt to exploit a virus detection bypass in McAfee Anti-Virus.
      - Deployment: Not enabled by default in any deployment.
      - References:
        - Bugtraq ID: 11448
        - Common Vulnerabilities and Exposures: CVE-2004-0932 CVSS 7.5

    31622: ZDI-CAN-5587: Zero Day Initiative Vulnerability (Advantech WebAccess HMI Designer)
      - IPS Version: 3.6.2 and after.
      - NGFW Version: 1.0.0 and after.
      - TPS Version: 4.0.0 and after.
      - vTPS Version: Not available.
      - Requires: IPS N-Platform, NX-Platform, NGFW, or TPS models.
      - Category: Vulnerabilities
      - Severity: Critical
      - Description: This filter provides protection against exploitation of a zero-day vulnerability affecting Advantech WebAccess HMI Designer.
      - Deployments:
        - Deployment: Security-Optimized (Block / Notify)

    31623: ZDI-CAN-5589: Zero Day Initiative Vulnerability (Microsoft Teams)
      - IPS Version: 3.6.2 and after.
      - NGFW Version: 1.0.0 and after.
      - TPS Version: 4.0.0 and after.
      - vTPS Version: Not available.
      - Requires: IPS N-Platform, NX-Platform, NGFW, or TPS models.
      - Category: Vulnerabilities
      - Severity: Critical
      - Description: This filter provides protection against exploitation of a zero-day vulnerability affecting Microsoft Teams.
      - Deployments:
        - Deployment: Security-Optimized (Block / Notify)

    31624: ZDI-CAN-5590: Zero Day Initiative Vulnerability (Advantech WebAccess Node)
      - IPS Version: 3.6.2 and after.
      - NGFW Version: 1.0.0 and after.
      - TPS Version: 4.0.0 and after.
      - vTPS Version: Not available.
      - Requires: IPS N-Platform, NX-Platform, NGFW, or TPS models.
      - Category: Vulnerabilities
      - Severity: Critical
      - Description: This filter provides protection against exploitation of a zero-day vulnerability affecting Advantech WebAccess Node.
      - Deployments:
        - Deployment: Security-Optimized (Block / Notify)

    31625: ZDI-CAN-5592: Zero Day Initiative Vulnerability (Trend Micro Encryption for Email Gateway)
      - IPS Version: 3.6.2 and after.
      - NGFW Version: 1.0.0 and after.
      - TPS Version: 4.0.0 and after.
      - vTPS Version: Not available.
      - Requires: IPS N-Platform, NX-Platform, NGFW, or TPS models.
      - Category: Vulnerabilities
      - Severity: Critical
      - Description: This filter provides protection against exploitation of a zero-day vulnerability affecting Trend Micro Encryption for Email Gateway.
      - Deployments:
        - Deployment: Security-Optimized (Block / Notify)

    31626: ZDI-CAN-5594: Zero Day Initiative Vulnerability (Trend Micro Encryption for Email Gateway)
      - IPS Version: 3.6.2 and after.
      - NGFW Version: 1.0.0 and after.
      - TPS Version: 4.0.0 and after.
      - vTPS Version: Not available.
      - Requires: IPS N-Platform, NX-Platform, NGFW, or TPS models.
      - Category: Vulnerabilities
      - Severity: Critical
      - Description: This filter provides protection against exploitation of a zero-day vulnerability affecting Trend Micro Encryption for Email Gateway.
      - Deployments:
        - Deployment: Security-Optimized (Block / Notify)

    31627: ZDI-CAN-5595: Zero Day Initiative Vulnerability (Advantech WebAccess Node)
      - IPS Version: 3.2.0 and after.
      - NGFW Version: 1.0.0 and after.
      - TPS Version: 4.0.0 and after.
      - vTPS Version: Not available.
      - Requires: IPS N-Platform, NX-Platform, NGFW, or TPS models.
      - Category: Vulnerabilities
      - Severity: Critical
      - Description: This filter provides protection against exploitation of a zero-day vulnerability affecting Advantech WebAccess Node.
      - Deployments:
        - Deployment: Security-Optimized (Block / Notify)

    31628: ZDI-CAN-5596: Zero Day Initiative Vulnerability (Advantech WebAccess Node)
      - IPS Version: 3.6.2 and after.
      - NGFW Version: 1.0.0 and after.
      - TPS Version: 4.0.0 and after.
      - vTPS Version: Not available.
      - Requires: IPS N-Platform, NX-Platform, NGFW, or TPS models.
      - Category: Vulnerabilities
      - Severity: Critical
      - Description: This filter provides protection against exploitation of a zero-day vulnerability affecting Advantech WebAccess Node.
      - Deployments:
        - Deployment: Security-Optimized (Block / Notify)

    31629: ZDI-CAN-5597: Zero Day Initiative Vulnerability (Advantech WebAccess Node)
      - IPS Version: 3.6.2 and after.
      - NGFW Version: 1.0.0 and after.
      - TPS Version: 4.0.0 and after.
      - vTPS Version: Not available.
      - Requires: IPS N-Platform, NX-Platform, NGFW, or TPS models.
      - Category: Vulnerabilities
      - Severity: Critical
      - Description: This filter provides protection against exploitation of a zero-day vulnerability affecting Advantech WebAccess Node.
      - Deployments:
        - Deployment: Security-Optimized (Block / Notify)

    31630: HTTP: Telerik UI RadAsyncUpload Request
      - IPS Version: 3.6.2 and after.
      - NGFW Version: 1.0.0 and after.
      - TPS Version: 4.0.0 and after.
      - vTPS Version: 4.0.1 and after.
      - Category: Security Policy
      - Severity: Low
      - Description: This filter detects an attempt to make an HTTP POST request to a custom handler that uses RadAsyncUpload.
      - Deployment: Not enabled by default in any deployment.

    31682: TCP: CollabNet Subversion svn Protocol String Parsing Buffer Overflow Vulnerability
      - IPS Version: 3.6.2 and after.
      - NGFW Version: 1.0.0 and after.
      - TPS Version: 4.0.0 and after.
      - vTPS Version: 4.0.1 and after.
      - Category: Exploits
      - Severity: Critical
      - Description: This filter detects an attempt to exploit a buffer overflow vulnerability in CollabNet Subversion.
      - Deployment: Not enabled by default in any deployment.
      - References:
        - Bugtraq ID: 10519
        - Common Vulnerabilities and Exposures: CVE-2004-0413 CVSS 10.0

    31683: TCP: Oracle Database Server String Conversion Function Buffer Overflow Vulnerability
      - IPS Version: 3.6.2 and after.
      - NGFW Version: 1.0.0 and after.
      - TPS Version: 4.0.0 and after.
      - vTPS Version: 4.0.1 and after.
      - Category: Exploits
      - Severity: Critical
      - Description: This filter detects an attempt to exploit a buffer overflow vulnerability in Oracle Database Server.
      - Deployment: Not enabled by default in any deployment.
      - References:
        - Bugtraq ID: 10871

    31684: UDP: Microsoft DirectPlay Denial-of-Service Vulnerability
      - IPS Version: 3.6.2 and after.
      - NGFW Version: 1.0.0 and after.
      - TPS Version: 4.0.0 and after.
      - vTPS Version: 4.0.1 and after.
      - Category: Exploits
      - Severity: Critical
      - Description: This filter detects an attempt to exploit a denial-of-service vulnerability in Microsoft DirectPlay.
      - Deployment: Not enabled by default in any deployment.
      - References:
        - Bugtraq ID: 10487
        - Common Vulnerabilities and Exposures: CVE-2004-0202 CVSS 5.0
        - Microsoft Security Bulletin: MS04-016

    31685: HTTP: Apache Tomcat Directory Listing Information Disclosure Vulnerability
      - IPS Version: 3.6.2 and after.
      - NGFW Version: 1.0.0 and after.
      - TPS Version: 4.0.0 and after.
      - vTPS Version: 4.0.1 and after.
      - Category: Exploits
      - Severity: Critical
      - Description: This filter detects an attempt to exploit an information disclosure vulnerability in Apache Tomcat.
      - Deployment: Not enabled by default in any deployment.
      - References:
        - Bugtraq ID: 19106

    31691: ISAKMP: Tcpdump ISAKMP Payload Handling Denial-of-Service Vulnerability
      - IPS Version: 3.6.2 and after.
      - NGFW Version: 1.0.0 and after.
      - TPS Version: 4.0.0 and after.
      - vTPS Version: 4.0.1 and after.
      - Category: Exploits
      - Severity: Critical
      - Description: This filter detects an attempt to exploit a denial-of-service vulnerability in Tcpdump ISAKMP.
      - Deployment: Not enabled by default in any deployment.
      - References:
        - Bugtraq ID: 10003
        - Common Vulnerabilities and Exposures: CVE-2004-0183 CVSS 5.0

    31695: HTTP: Adobe Acrobat Reader XFA Parsing Use-After-Free Vulnerability
      - IPS Version: 3.6.2 and after.
      - NGFW Version: 1.0.0 and after.
      - TPS Version: 4.0.0 and after.
      - vTPS Version: 4.0.1 and after.
      - Category: Exploits
      - Severity: Critical
      - Description: This filter detects an attempt to exploit a use-after-free vulnerability in Adobe Acrobat Reader.
      - Deployments:
        - Deployment: Default (Block / Notify)
        - Deployment: Performance-Optimized (Disabled)
      - References:
        - Common Vulnerabilities and Exposures: CVE-2018-4952

    31696: HTTP: Adobe Acrobat Reader XFA Parsing Type Confusion Vulnerability
      - IPS Version: 3.6.2 and after.
      - NGFW Version: 1.0.0 and after.
      - TPS Version: 4.0.0 and after.
      - vTPS Version: 4.0.1 and after.
      - Category: Exploits
      - Severity: Critical
      - Description: This filter detects an attempt to exploit a type confusion vulnerability in Adobe Acrobat Reader.
      - Deployments:
        - Deployment: Default (Block / Notify)
        - Deployment: Performance-Optimized (Disabled)
      - References:
        - Common Vulnerabilities and Exposures: CVE-2018-4953

    31697: HTTP: Adobe Acrobat Reader XFA Parsing Use-After-Free Vulnerability
      - IPS Version: 3.6.2 and after.
      - NGFW Version: 1.0.0 and after.
      - TPS Version: 4.0.0 and after.
      - vTPS Version: 4.0.1 and after.
      - Category: Exploits
      - Severity: Critical
      - Description: This filter detects an attempt to exploit a use-after-free vulnerability in Adobe Acrobat Reader.
      - Deployments:
        - Deployment: Default (Block / Notify)
        - Deployment: Performance-Optimized (Disabled)
      - References:
        - Common Vulnerabilities and Exposures: CVE-2018-4954

    31698: HTTP: Adobe Acrobat Reader XPS Embedded TIF Memory Corruption Vulnerability
      - IPS Version: 3.6.2 and after.
      - NGFW Version: 1.0.0 and after.
      - TPS Version: 4.0.0 and after.
      - vTPS Version: 4.0.1 and after.
      - Category: Exploits
      - Severity: Critical
      - Description: This filter detects an attempt to exploit a memory corruption vulnerability in Adobe Acrobat Reader.
      - Deployments:
        - Deployment: Default (Block / Notify)
        - Deployment: Performance-Optimized (Disabled)
      - References:
        - Common Vulnerabilities and Exposures: CVE-2018-4955

    31699: HTTP: Adobe Acrobat Pro HTML Progress Tag Information Disclosure Vulnerability
      - IPS Version: 3.6.2 and after.
      - NGFW Version: 1.0.0 and after.
      - TPS Version: 4.0.0 and after.
      - vTPS Version: 4.0.1 and after.
      - Category: Exploits
      - Severity: High
      - Description: This filter detects an attempt to exploit an information disclosure vulnerability in Adobe Acrobat Pro.
      - Deployments:
        - Deployment: Default (Block / Notify)
        - Deployment: Performance-Optimized (Disabled)
      - References:
        - Common Vulnerabilities and Exposures: CVE-2018-4957

    31700: HTTP: Adobe Acrobat Reader Annotation JavaScript Object Use-After-Free Vulnerability
      - IPS Version: 3.6.2 and after.
      - NGFW Version: 1.0.0 and after.
      - TPS Version: 4.0.0 and after.
      - vTPS Version: 4.0.1 and after.
      - Category: Exploits
      - Severity: Critical
      - Description: This filter detects an attempt to exploit a use-after-free vulnerability in Adobe Acrobat Reader.
      - Deployments:
        - Deployment: Default (Block / Notify)
        - Deployment: Performance-Optimized (Disabled)
      - References:
        - Common Vulnerabilities and Exposures: CVE-2018-4958

    31701: HTTP: Adobe Acrobat Reader Annotation Objects Manipulation Use-After-Free Vulnerability
      - IPS Version: 3.6.2 and after.
      - NGFW Version: 1.0.0 and after.
      - TPS Version: 4.0.0 and after.
      - vTPS Version: 4.0.1 and after.
      - Category: Exploits
      - Severity: Critical
      - Description: This filter detects an attempt to exploit a use-after-free vulnerability in Adobe Acrobat Reader.
      - Deployments:
        - Deployment: Security-Optimized (Block / Notify)
      - References:
        - Common Vulnerabilities and Exposures: CVE-2018-4959

    31702: HTTP: Adobe Acrobat Pro XPSPDF Conversion Information Disclosure Vulnerability
      - IPS Version: 3.6.2 and after.
      - NGFW Version: 1.0.0 and after.
      - TPS Version: 4.0.0 and after.
      - vTPS Version: 4.0.1 and after.
      - Category: Exploits
      - Severity: High
      - Description: This filter detects an attempt to exploit an information disclosure vulnerability in Adobe Acrobat Reader.
      - Deployments:
        - Deployment: Security-Optimized (Block / Notify)
      - References:
        - Common Vulnerabilities and Exposures: CVE-2018-4960

    31703: HTTP: Adobe Acrobat Reader Doc Object Use-After-Free Vulnerability
      - IPS Version: 3.6.2 and after.
      - NGFW Version: 1.0.0 and after.
      - TPS Version: 4.0.0 and after.
      - vTPS Version: 4.0.1 and after.
      - Category: Exploits
      - Severity: Critical
      - Description: This filter detects an attempt to exploit a use-after-free vulnerability in Adobe Acrobat Reader.
      - Deployments:
        - Deployment: Default (Block / Notify)
        - Deployment: Performance-Optimized (Disabled)
      - References:
        - Common Vulnerabilities and Exposures: CVE-2018-4961

    31704: HTTP: Adobe Acrobat Reader Optional Content Group Information Disclosure Vulnerability
      - IPS Version: 3.6.2 and after.
      - NGFW Version: 1.0.0 and after.
      - TPS Version: 4.0.0 and after.
      - vTPS Version: 4.0.1 and after.
      - Category: Exploits
      - Severity: High
      - Description: This filter detects an attempt to exploit an information disclosure vulnerability in Adobe Acrobat Reader.
      - Deployments:
        - Deployment: Default (Block / Notify)
        - Deployment: Performance-Optimized (Disabled)
      - References:
        - Common Vulnerabilities and Exposures: CVE-2018-4962

    31705: HTTP: Adobe Acrobat Pro EMR_STRETCHDIBITS Information Disclosure Vulnerability
      - IPS Version: 3.6.2 and after.
      - NGFW Version: 1.0.0 and after.
      - TPS Version: 4.0.0 and after.
      - vTPS Version: 4.0.1 and after.
      - Category: Exploits
      - Severity: High
      - Description: This filter detects an attempt to exploit an information disclosure vulnerability in Adobe Acrobat Pro.
      - Deployments:
        - Deployment: Default (Block / Notify)
        - Deployment: Performance-Optimized (Disabled)
      - References:
        - Common Vulnerabilities and Exposures: CVE-2018-4963

    31706: HTTP: Adobe Acrobat Pro EMR_STRETCHDIBITS Information Disclosure Vulnerability
      - IPS Version: 3.6.2 and after.
      - NGFW Version: 1.0.0 and after.
      - TPS Version: 4.0.0 and after.
      - vTPS Version: 4.0.1 and after.
      - Category: Exploits
      - Severity: Critical
      - Description: This filter detects an attempt to exploit an information disclosure vulnerability in Adobe Acrobat Pro.
      - Deployments:
        - Deployment: Default (Block / Notify)
        - Deployment: Performance-Optimized (Disabled)
      - References:
        - Common Vulnerabilities and Exposures: CVE-2018-4964

    31707: HTTP: Adobe Acrobat Pro PathPoints Buffer Overflow Vulnerability
      - IPS Version: 3.6.2 and after.
      - NGFW Version: 1.0.0 and after.
      - TPS Version: 4.0.0 and after.
      - vTPS Version: 4.0.1 and after.
      - Category: Exploits
      - Severity: Critical
      - Description: This filter detects an attempt to exploit a buffer overflow vulnerability in Adobe Acrobat Pro.
      - Deployments:
        - Deployment: Security-Optimized (Block / Notify)
      - References:
        - Common Vulnerabilities and Exposures: CVE-2018-4965

    31708: HTTP: Adobe Acrobat Pro Buffer Overflow Vulnerability
      - IPS Version: 3.6.2 and after.
      - NGFW Version: 1.0.0 and after.
      - TPS Version: 4.0.0 and after.
      - vTPS Version: 4.0.1 and after.
      - Category: Exploits
      - Severity: Critical
      - Description: This filter detects an attempt to exploit a buffer overflow vulnerability in Adobe Acrobat Pro.
      - Deployments:
        - Deployment: Security-Optimized (Block / Notify)
      - References:
        - Common Vulnerabilities and Exposures: CVE-2018-4966

    31709: HTTP: Adobe Acrobat Pro Path RenderTransform Memory Corruption Vulnerability
      - IPS Version: 3.6.2 and after.
      - NGFW Version: 1.0.0 and after.
      - TPS Version: 4.0.0 and after.
      - vTPS Version: 4.0.1 and after.
      - Category: Exploits
      - Severity: Critical
      - Description: This filter detects an attempt to exploit a memory corruption vulnerability in Adobe Acrobat Pro.
      - Deployments:
        - Deployment: Security-Optimized (Block / Notify)
      - References:
        - Common Vulnerabilities and Exposures: CVE-2018-4967

    31710: HTTP: Adobe Acrobat Pro EMF EMR_CREATEDIBPATTERNBRUSHPT Buffer Overflow Vulnerability
      - IPS Version: 3.6.2 and after.
      - NGFW Version: 1.0.0 and after.
      - TPS Version: 4.0.0 and after.
      - vTPS Version: 4.0.1 and after.
      - Category: Exploits
      - Severity: Critical
      - Description: This filter detects an attempt to exploit a buffer overflow vulnerability in Adobe Acrobat Pro.
      - Deployments:
        - Deployment: Security-Optimized (Block / Notify)
      - References:
        - Common Vulnerabilities and Exposures: CVE-2018-4968

    31711: HTTP: Adobe Acrobat LZW Memory Corruption Vulnerability
      - IPS Version: 3.6.2 and after.
      - NGFW Version: 1.0.0 and after.
      - TPS Version: 4.0.0 and after.
      - vTPS Version: 4.0.1 and after.
      - Category: Exploits
      - Severity: Critical
      - Description: This filter detects an attempt to exploit a memory corruption vulnerability in Adobe Acrobat Reader.
      - Deployments:
        - Deployment: Security-Optimized (Block / Notify)
      - References:
        - Common Vulnerabilities and Exposures: CVE-2018-4969

    31712: HTTP: Adobe Acrobat Pro EMF EmfPlusPath Memory Corruption Vulnerability
      - IPS Version: 3.6.2 and after.
      - NGFW Version: 1.0.0 and after.
      - TPS Version: 4.0.0 and after.
      - vTPS Version: 4.0.1 and after.
      - Category: Exploits
      - Severity: Critical
      - Description: This filter detects an attempt to exploit a memory corruption vulnerability in Adobe Acrobat Pro.
      - Deployments:
        - Deployment: Security-Optimized (Block / Notify)
      - References:
        - Common Vulnerabilities and Exposures: CVE-2018-4970

    31713: HTTP: Adobe Acrobat Reader Font Engine Use-After-Free Vulnerability
      - IPS Version: 3.6.2 and after.
      - NGFW Version: 1.0.0 and after.
      - TPS Version: 4.0.0 and after.
      - vTPS Version: 4.0.1 and after.
      - Category: Exploits
      - Severity: Critical
      - Description: This filter detects an attempt to exploit a use-after-free vulnerability in Adobe Acrobat Reader.
      - Deployments:
        - Deployment: Security-Optimized (Block / Notify)
      - References:
        - Common Vulnerabilities and Exposures: CVE-2018-4971

    31714: HTTP: Adobe Acrobat Pro EMR_EXTTEXTOUTA Information Disclosure Vulnerability
      - IPS Version: 3.6.2 and after.
      - NGFW Version: 1.0.0 and after.
      - TPS Version: 4.0.0 and after.
      - vTPS Version: 4.0.1 and after.
      - Category: Exploits
      - Severity: Critical
      - Description: This filter detects an attempt to exploit a information disclosure vulnerability in Adobe Acrobat Pro.
      - Deployments:
        - Deployment: Security-Optimized (Block / Notify)
      - References:
        - Common Vulnerabilities and Exposures: CVE-2018-4972

    31715: HTTP: Adobe Acrobat Pro EXIF Memory Corruption Vulnerability
      - IPS Version: 3.6.2 and after.
      - NGFW Version: 1.0.0 and after.
      - TPS Version: 4.0.0 and after.
      - vTPS Version: 4.0.1 and after.
      - Category: Exploits
      - Severity: Critical
      - Description: This filter detects an attempt to exploit a memory corruption vulnerability in Adobe Acrobat Pro.
      - Deployments:
        - Deployment: Security-Optimized (Block / Notify)
      - References:
        - Common Vulnerabilities and Exposures: CVE-2018-4973

    31716: HTTP: Adobe Acrobat XFA Use-After-Free Vulnerability
      - IPS Version: 3.6.2 and after.
      - NGFW Version: 1.0.0 and after.
      - TPS Version: 4.0.0 and after.
      - vTPS Version: 4.0.1 and after.
      - Category: Exploits
      - Severity: Critical
      - Description: This filter detects an attempt to exploit a use-after-free vulnerability in Adobe Acrobat Reader.
      - Deployments:
        - Deployment: Security-Optimized (Block / Notify)
      - References:
        - Common Vulnerabilities and Exposures: CVE-2018-4974

    31717: HTTP: Adobe Acrobat Pro StrokeThickness Property Memory Corruption Vulnerability
      - IPS Version: 3.6.2 and after.
      - NGFW Version: 1.0.0 and after.
      - TPS Version: 4.0.0 and after.
      - vTPS Version: 4.0.1 and after.
      - Category: Exploits
      - Severity: Critical
      - Description: This filter detects an attempt to exploit a memory corruption vulnerability in Adobe Acrobat Pro.
      - Deployments:
        - Deployment: Security-Optimized (Block / Notify)
      - References:
        - Common Vulnerabilities and Exposures: CVE-2018-4975

    31718: HTTP: Adobe Acrobat Pro EmfPlusDrawCurve Memory Corruption Vulnerability
      - IPS Version: 3.6.2 and after.
      - NGFW Version: 1.0.0 and after.
      - TPS Version: 4.0.0 and after.
      - vTPS Version: 4.0.1 and after.
      - Category: Exploits
      - Severity: Critical
      - Description: This filter detects an attempt to exploit a out-of-bounds read vulnerability in Adobe Acrobat Pro.
      - Deployments:
        - Deployment: Security-Optimized (Block / Notify)
      - References:
        - Common Vulnerabilities and Exposures: CVE-2018-4976

    31719: HTTP: Adobe Acrobat Reader XFA Use-After-Free Vulnerability
      - IPS Version: 3.6.2 and after.
      - NGFW Version: 1.0.0 and after.
      - TPS Version: 4.0.0 and after.
      - vTPS Version: 4.0.1 and after.
      - Category: Exploits
      - Severity: Critical
      - Description: This filter detects an attempt to exploit a use-after-free vulnerability in Adobe Acrobat Reader.
      - Deployments:
        - Deployment: Security-Optimized (Block / Notify)
      - References:
        - Common Vulnerabilities and Exposures: CVE-2018-4977

    31720: HTTP: Adobe Acrobat Pro EMF EmfPlusObject Buffer Overflow Vulnerability
      - IPS Version: 3.6.2 and after.
      - NGFW Version: 1.0.0 and after.
      - TPS Version: 4.0.0 and after.
      - vTPS Version: 4.0.1 and after.
      - Category: Exploits
      - Severity: Critical
      - Description: This filter detects an attempt to exploit a buffer overflow vulnerability in Adobe Acrobat Pro.
      - Deployments:
        - Deployment: Security-Optimized (Block / Notify)
      - References:
        - Common Vulnerabilities and Exposures: CVE-2018-4978

    31721: HTTP: Adobe Acrobat Reader launchURL Security bypass Vulnerability
      - IPS Version: 3.6.2 and after.
      - NGFW Version: 1.0.0 and after.
      - TPS Version: 4.0.0 and after.
      - vTPS Version: 4.0.1 and after.
      - Category: Exploits
      - Severity: Critical
      - Description: This filter detects an attempt to exploit a security bypass vulnerability in Adobe Acrobat Reader.
      - Deployments:
        - Deployment: Security-Optimized (Block / Notify)
      - References:
        - Common Vulnerabilities and Exposures: CVE-2018-4979

    31722: HTTP: Adobe Acrobat Pro CBBBRInit ADBCAnnotEnumerator Use-After-Free Vulnerability
      - IPS Version: 3.6.2 and after.
      - NGFW Version: 1.0.0 and after.
      - TPS Version: 4.0.0 and after.
      - vTPS Version: 4.0.1 and after.
      - Category: Exploits
      - Severity: Critical
      - Description: This filter detects an attempt to exploit a use-after-free vulnerability in Adobe Acrobat Pro.
      - Deployments:
        - Deployment: Security-Optimized (Block / Notify)
      - References:
        - Common Vulnerabilities and Exposures: CVE-2018-4980

    31723: HTTP: Adobe Acrobat Pro JPEG Memory Corruption Vulnerability
      - IPS Version: 3.6.2 and after.
      - NGFW Version: 1.0.0 and after.
      - TPS Version: 4.0.0 and after.
      - vTPS Version: 4.0.1 and after.
      - Category: Exploits
      - Severity: Critical
      - Description: This filter detects an attempt to exploit a memory corruption vulnerability in Adobe Acrobat Pro.
      - Deployments:
        - Deployment: Security-Optimized (Block / Notify)
      - References:
        - Common Vulnerabilities and Exposures: CVE-2018-4981

    31724: HTTP: Adobe Acrobat Pro BMP Buffer Overflow Vulnerability
      - IPS Version: 3.6.2 and after.
      - NGFW Version: 1.0.0 and after.
      - TPS Version: 4.0.0 and after.
      - vTPS Version: 4.0.1 and after.
      - Category: Exploits
      - Severity: Critical
      - Description: This filter detects an attempt to exploit a buffer overflow vulnerability in Adobe Acrobat Pro.
      - Deployments:
        - Deployment: Security-Optimized (Block / Notify)
      - References:
        - Common Vulnerabilities and Exposures: CVE-2018-4982

    31725: HTTP: Adobe Acrobat Reader JavaScript Use-After-Free Vulnerability
      - Name (NGFW): 31725: HTTP: Adobe Acrobat Reader JavaScript Twice Invoked Use-After-Free Vulnerability
      - Name (TPS): 31725: HTTP: Adobe Acrobat Reader JavaScript Twice Invoked Use-After-Free Vulnerability
      - Name (vTPS): 31725: HTTP: Adobe Acrobat Reader JavaScript Twice Invoked Use-After-Free Vulnerability
      - IPS Version: 3.6.2 and after.
      - NGFW Version: 1.0.0 and after.
      - TPS Version: 4.0.0 and after.
      - vTPS Version: 4.0.1 and after.
      - Category: Exploits
      - Severity: Critical
      - Description: This filter detects an attempt to exploit a use-after-free vulnerability in Adobe Acrobat Reader.
      - Deployments:
        - Deployment: Security-Optimized (Block / Notify)
      - References:
        - Common Vulnerabilities and Exposures: CVE-2018-4983

    31726: HTTP: Adobe Acrobat Pro Array Pointer Buffer Overflow Vulnerability
      - IPS Version: 3.6.2 and after.
      - NGFW Version: 1.0.0 and after.
      - TPS Version: 4.0.0 and after.
      - vTPS Version: 4.0.1 and after.
      - Category: Exploits
      - Severity: Critical
      - Description: This filter detects an attempt to exploit a buffer overflow vulnerability in Adobe Acrobat Pro.
      - Deployments:
        - Deployment: Security-Optimized (Block / Notify)
      - References:
        - Common Vulnerabilities and Exposures: CVE-2018-4984

    31727: HTTP: Adobe Acrobat Reader JPEG2000 Memory Corruption Vulnerability
      - Name (NGFW): 31727: HTTP: Adobe Acrobat Reader JP2 Memory Corruption Vulnerability
      - Name (TPS): 31727: HTTP: Adobe Acrobat Reader JP2 Memory Corruption Vulnerability
      - Name (vTPS): 31727: HTTP: Adobe Acrobat Reader JP2 Memory Corruption Vulnerability
      - IPS Version: 3.6.2 and after.
      - NGFW Version: 1.0.0 and after.
      - TPS Version: 4.0.0 and after.
      - vTPS Version: 4.0.1 and after.
      - Category: Exploits
      - Severity: Critical
      - Description: This filter detects an attempt to exploit a memory corruption vulnerability in Adobe Acrobat Reader.
      - Deployments:
        - Deployment: Security-Optimized (Block / Notify)
      - References:
        - Common Vulnerabilities and Exposures: CVE-2018-4985

    31734: HTTP: Winamp XM File Buffer Overflow Vulnerability
      - IPS Version: 3.6.2 and after.
      - NGFW Version: 1.0.0 and after.
      - TPS Version: 4.0.0 and after.
      - vTPS Version: 4.0.1 and after.
      - Category: Exploits
      - Severity: Critical
      - Description: This filter detects an attempt to exploit a buffer overflow vulnerability in Winamp.
      - Deployment: Not enabled by default in any deployment.
      - References:
        - Bugtraq ID: 10045
        - Common Vulnerabilities and Exposures: CVE-2004-1896 CVSS 7.6

  Modified Filters (logic changes):
    * = Enabled in Default deployments

    2644: WINS: WINS Service Buffer Overflow
      - IPS Version: 1.0.0 and after.
      - NGFW Version: 1.0.0 and after.
      - TPS Version: 4.0.0 and after.
      - vTPS Version: 4.0.1 and after.
      - Description updated.
      - Detection logic updated.
      - Vulnerability references updated.

    2674: LDAP: Ipswitch IMail LDAP Daemon Buffer Overflow
      - IPS Version: 1.0.0 and after.
      - NGFW Version: 1.0.0 and after.
      - TPS Version: 4.0.0 and after.
      - vTPS Version: 4.0.1 and after.
      - Description updated.
      - Detection logic updated.
      - Vulnerability references updated.

    * 2753: HTTP: Windows Help Center Argument Injection Vulnerability
      - IPS Version: 1.0.0 and after.
      - NGFW Version: 1.0.0 and after.
      - TPS Version: 4.0.0 and after.
      - vTPS Version: 4.0.1 and after.
      - Detection logic updated.
      - Vulnerability references updated.

    2808: NetBIOS: Symantec Multiple Firewall NBNS Buffer Overflow
      - IPS Version: 1.0.0 and after.
      - NGFW Version: 1.0.0 and after.
      - TPS Version: 4.0.0 and after.
      - vTPS Version: 4.0.1 and after.
      - Description updated.
      - Detection logic updated.
      - Vulnerability references updated.

    2925: POP/IMAP: AOL Instant Messenger Away Message Buffer Overflow Vulnerability
      - IPS Version: 1.0.0 and after.
      - NGFW Version: 1.0.0 and after.
      - TPS Version: 4.0.0 and after.
      - vTPS Version: 4.0.1 and after.
      - Name changed from "2925: POP/IMAP: AOL IM Away Message Buffer Overflow".
      - Description updated.
      - Detection logic updated.
      - Vulnerability references updated.

    2933: SMTP: AOL Instant Messenger Away Message Buffer Overflow Vulnerability
      - IPS Version: 1.0.0 and after.
      - NGFW Version: 1.0.0 and after.
      - TPS Version: 4.0.0 and after.
      - vTPS Version: 4.0.1 and after.
      - Name changed from "2933: SMTP: AOL IM Away Message Buffer Overflow".
      - Description updated.
      - Detection logic updated.
      - Vulnerability references updated.

    2943: CVS: Argumentx Anomaly
      - IPS Version: 1.0.0 and after.
      - NGFW Version: 1.0.0 and after.
      - TPS Version: 4.0.0 and after.
      - vTPS Version: 4.0.1 and after.
      - Description updated.
      - Detection logic updated.
      - Vulnerability references updated.

    3255: Oracle: MDSYS Package Multiple Vulnerabilities
      - IPS Version: 1.0.0 and after.
      - NGFW Version: 1.0.0 and after.
      - TPS Version: 4.0.0 and after.
      - vTPS Version: 4.0.1 and after.
      - Description updated.
      - Detection logic updated.
      - Vulnerability references updated.

    3499: SMTP: Overly Long Mail From Parameter
      - IPS Version: 1.0.0 and after.
      - NGFW Version: 1.0.0 and after.
      - TPS Version: 4.0.0 and after.
      - vTPS Version: 4.0.1 and after.
      - Description updated.
      - Detection logic updated.
      - Vulnerability references updated.

    5563: DNS: Iodine DNS Response - Version Check
      - IPS Version: 1.0.0 and after.
      - NGFW Version: 1.0.0 and after.
      - TPS Version: 4.0.0 and after.
      - vTPS Version: 4.0.1 and after.
      - Name changed from "5563: Tunneling: Iodine DNS Tunneling Response".
      - Description updated.
      - Detection logic updated.
      - NGFW Application Groups updated.

    12144: TOR: Certificate Exchange
      - IPS Version: 1.0.0 and after.
      - NGFW Version: 1.0.0 and after.
      - TPS Version: 4.0.0 and after.
      - vTPS Version: 4.0.1 and after.
      - Detection logic updated.

    30435: HTTP: Omron CX-One CX-FLnet Version Buffer Overflow Vulnerability (ZDI-18-289)
      - IPS Version: 3.6.2 and after.
      - NGFW Version: 1.0.0 and after.
      - TPS Version: 4.0.0 and after.
      - vTPS Version: 4.0.1 and after.
      - Name changed from "30435: ZDI-CAN-5454: Zero Day Initiative Vulnerability (OMRON CX-One)".
      - Category changed from "Exploits" to "Vulnerabilities".
      - Description updated.
      - Detection logic updated.
      - Vulnerability references updated.

    * 31493: HTTP: Microsoft Windows VBScript Engine Class_Terminate Use-after-Free Vulnerability
      - IPS Version: 3.6.2 and after.
      - NGFW Version: 1.0.0 and after.
      - TPS Version: 4.0.0 and after.
      - vTPS Version: 4.0.1 and after.
      - Detection logic updated.

  Modified Filters (metadata changes only):
    * = Enabled in Default deployments

    1714: Backdoor: Backdoor 2.0.1
      - IPS Version: 1.0.0 and after.
      - NGFW Version: 1.0.0 and after.
      - TPS Version: 4.0.0 and after.
      - vTPS Version: 4.0.1 and after.
      - Description updated.
      - Vulnerability references updated.

    1715: Backdoor: Backdoor 2.0.2
      - IPS Version: 1.0.0 and after.
      - NGFW Version: 1.0.0 and after.
      - TPS Version: 4.0.0 and after.
      - vTPS Version: 4.0.1 and after.
      - Vulnerability references updated.

    1716: Backdoor: Backdoor 2.0.3
      - IPS Version: 1.0.0 and after.
      - NGFW Version: 1.0.0 and after.
      - TPS Version: 4.0.0 and after.
      - vTPS Version: 4.0.1 and after.
      - Vulnerability references updated.

    1896: Backdoor: One 0.12b
      - IPS Version: 1.0.0 and after.
      - NGFW Version: 1.0.0 and after.
      - TPS Version: 4.0.0 and after.
      - vTPS Version: 4.0.1 and after.
      - Vulnerability references updated.

    1949: Backdoor: R3C 1.45
      - IPS Version: 1.0.0 and after.
      - NGFW Version: 1.0.0 and after.
      - TPS Version: 4.0.0 and after.
      - vTPS Version: 4.0.1 and after.
      - Miscellaneous modification.

    1973: Backdoor: TCC 0.9x
      - IPS Version: 1.0.0 and after.
      - NGFW Version: 1.0.0 and after.
      - TPS Version: 4.0.0 and after.
      - vTPS Version: 4.0.1 and after.
      - Description updated.

    1986: Backdoor: Ultors Telnet
      - IPS Version: 1.0.0 and after.
      - NGFW Version: 1.0.0 and after.
      - TPS Version: 4.0.0 and after.
      - vTPS Version: 4.0.1 and after.
      - Miscellaneous modification.

    * 2640: Backdoor: Novarg.A DoomJuice/Exploitation
      - IPS Version: 1.0.0 and after.
      - NGFW Version: 1.0.0 and after.
      - TPS Version: 4.0.0 and after.
      - vTPS Version: 4.0.1 and after.
      - Miscellaneous modification.

    * 2889: SMB: Windows Task Scheduler .job Buffer Overflow Vulnerability
      - IPS Version: 1.0.0 and after.
      - NGFW Version: 1.0.0 and after.
      - TPS Version: 4.0.0 and after.
      - vTPS Version: 4.0.1 and after.
      - Name changed from "2889: SMB: Windows Task Scheduler .job Buffer Overflow".
      - Description updated.
      - Vulnerability references updated.

    3368: HTTP: Trojan OLE Document
      - IPS Version: 1.0.0 and after.
      - NGFW Version: 1.0.0 and after.
      - TPS Version: 4.0.0 and after.
      - vTPS Version: 4.0.1 and after.
      - Vulnerability references updated.

    3369: SMTP: Trojan OLE Document
      - IPS Version: 1.4.2 and after.
      - NGFW Version: 1.0.0 and after.
      - TPS Version: 4.0.0 and after.
      - vTPS Version: 4.0.1 and after.
      - Vulnerability references updated.

    3370: POP/IMAP: Trojan OLE Document
      - IPS Version: 1.4.2 and after.
      - NGFW Version: 1.0.0 and after.
      - TPS Version: 4.0.0 and after.
      - vTPS Version: 4.0.1 and after.
      - Vulnerability references updated.

    * 3920: IMAP: LIST Command Buffer Overflow Vulnerability (General)
      - IPS Version: 1.0.0 and after.
      - NGFW Version: 1.0.0 and after.
      - TPS Version: 4.0.0 and after.
      - vTPS Version: 4.0.1 and after.
      - Name changed from "3920: IMAP: LIST Command Buffer Overflow (General)".
      - Description updated.
      - Vulnerability references updated.

    4117: Spyware: Home Search Assistant Browser Communication
      - IPS Version: 1.0.0 and after.
      - NGFW Version: 1.0.0 and after.
      - TPS Version: 4.0.0 and after.
      - vTPS Version: 4.0.1 and after.
      - Vulnerability references updated.

    * 4739: PHP: Backdoor Access Attempt
      - IPS Version: 1.0.0 and after.
      - NGFW Version: 1.0.0 and after.
      - TPS Version: 4.0.0 and after.
      - vTPS Version: 4.0.1 and after.
      - Vulnerability references updated.

    5561: DNS: Iodine DNS Version Request
      - IPS Version: 1.0.0 and after.
      - NGFW Version: 1.0.0 and after.
      - TPS Version: 4.0.0 and after.
      - vTPS Version: 4.0.1 and after.
      - Name changed from "5561: Tunneling: Iodine DNS Tunneling Request".
      - Description updated.

    5882: HTTP: Automated Attack Tool Request (User Agent)
      - IPS Version: 1.0.0 and after.
      - NGFW Version: 1.0.0 and after.
      - TPS Version: 4.0.0 and after.
      - vTPS Version: 4.0.1 and after.
      - Vulnerability references updated.

    6628: IRC: Suspicious IRC Traffic (Possible Bot Net Command and Control Channel)
      - IPS Version: 1.0.0 and after.
      - NGFW Version: 1.0.0 and after.
      - TPS Version: 4.0.0 and after.
      - vTPS Version: 4.0.1 and after.
      - Vulnerability references updated.

    6629: IRC: Suspicious IRC Traffic (Possible Bot Net Command and Control Channel)
      - IPS Version: 1.0.0 and after.
      - NGFW Version: 1.0.0 and after.
      - TPS Version: 4.0.0 and after.
      - vTPS Version: 4.0.1 and after.
      - Vulnerability references updated.

    6631: IRC: Suspicious IRC Traffic (Possible Bot Net Command and Control Channel)
      - IPS Version: 1.0.0 and after.
      - NGFW Version: 1.0.0 and after.
      - TPS Version: 4.0.0 and after.
      - vTPS Version: 4.0.1 and after.
      - Vulnerability references updated.

    6817: IRC: Suspicious IRC Traffic (Possible Bot Net Command and Control Channel)
      - IPS Version: 1.0.0 and after.
      - NGFW Version: 1.0.0 and after.
      - TPS Version: 4.0.0 and after.
      - vTPS Version: 4.0.1 and after.
      - Vulnerability references updated.

    8133: HTTP: Automated Attack Tool Request
      - IPS Version: 1.0.0 and after.
      - NGFW Version: 1.0.0 and after.
      - TPS Version: 4.0.0 and after.
      - vTPS Version: 4.0.1 and after.
      - Vulnerability references updated.

    8134: HTTP: Automated Attack Tool Request
      - IPS Version: 1.0.0 and after.
      - NGFW Version: 1.0.0 and after.
      - TPS Version: 4.0.0 and after.
      - vTPS Version: 4.0.1 and after.
      - Vulnerability references updated.

    * 9307: HTTP: Reverse Shell PHP Backdoor Upload
      - IPS Version: 1.0.0 and after.
      - NGFW Version: 1.0.0 and after.
      - TPS Version: 4.0.0 and after.
      - vTPS Version: 4.0.1 and after.
      - Vulnerability references updated.

    * 9889: Backdoor: Malicious PHP Backdoor Access
      - IPS Version: 1.0.0 and after.
      - NGFW Version: 1.0.0 and after.
      - TPS Version: 4.0.0 and after.
      - vTPS Version: 4.0.1 and after.
      - Vulnerability references updated.

    11080: HTTP: Possible Malware Communication Attempt
      - IPS Version: 1.0.0 and after.
      - NGFW Version: 1.0.0 and after.
      - TPS Version: 4.0.0 and after.
      - vTPS Version: 4.0.1 and after.
      - Vulnerability references updated.

    11106: HTTP: Suspicious Request for an Executable (Possible Malware Download Attempt)
      - IPS Version: 1.0.0 and after.
      - NGFW Version: 1.0.0 and after.
      - TPS Version: 4.0.0 and after.
      - vTPS Version: 4.0.1 and after.
      - Vulnerability references updated.

    11112: HTTP: Suspicious Request for an Executable (Possible Malware Download Attempt)
      - IPS Version: 1.0.0 and after.
      - NGFW Version: 1.0.0 and after.
      - TPS Version: 4.0.0 and after.
      - vTPS Version: 4.0.1 and after.
      - Vulnerability references updated.

    * 12411: Backdoor: Packed Web Shell by Orb (WSO)
      - IPS Version: 1.0.0 and after.
      - NGFW Version: 1.0.0 and after.
      - TPS Version: 4.0.0 and after.
      - vTPS Version: 4.0.1 and after.
      - Vulnerability references updated.

    * 12857: Backdoor: Backdoor-DOI Trojan Communication Attempt
      - IPS Version: 1.0.0 and after.
      - NGFW Version: 1.0.0 and after.
      - TPS Version: 4.0.0 and after.
      - vTPS Version: 4.0.1 and after.
      - Miscellaneous modification.

    12984: FTP: Compromised ProFTPD HELP Request Backdoor
      - IPS Version: 1.0.0 and after.
      - NGFW Version: 1.0.0 and after.
      - TPS Version: 4.0.0 and after.
      - vTPS Version: 4.0.1 and after.
      - Vulnerability references updated.

    * 13385: HTTP: Malicious Executable Download
      - IPS Version: 1.0.0 and after.
      - NGFW Version: 1.0.0 and after.
      - TPS Version: 4.0.0 and after.
      - vTPS Version: 4.0.1 and after.
      - Description updated.
      - Vulnerability references updated.

    * 21153: RPC: Advantech WebAccess webvrpcs DrawSrv.dll TagGroup Buffer Overflow (ZDI-16-095 - ZDI-16-098)
      - IPS Version: 3.2.2 and after.
      - NGFW Version: 1.0.0 and after.
      - TPS Version: 4.0.0 and after.
      - vTPS Version: 4.0.1 and after.
      - Vulnerability references updated.

    * 22435: HTTP: Adobe Flash AS2 Object addProperty Use-After-Free Vulnerability
      - IPS Version: 3.1.3 and after.
      - NGFW Version: 1.0.0 and after.
      - TPS Version: 4.0.0 and after.
      - vTPS Version: 4.0.1 and after.
      - Vulnerability references updated.

    22638: HTTP: Adobe Flash URLRequest Use-After-Free Vulnerability (ZDI-16-161)
      - IPS Version: 3.1.3 and after.
      - NGFW Version: 1.0.0 and after.
      - TPS Version: 4.0.0 and after.
      - vTPS Version: 4.0.1 and after.
      - Vulnerability references updated.

    30439: HTTP: Omron CX-One CX-FLnet Node Name Buffer Overflow Vulnerability (ZDI-18-290)
      - IPS Version: 3.6.2 and after.
      - NGFW Version: 1.0.0 and after.
      - TPS Version: 4.0.0 and after.
      - vTPS Version: 4.0.1 and after.
      - Name changed from "30439: HTTP: OMRON CX-One CX-FLnet Node Name Buffer Overflow Vulnerability (ZDI-18-290)".
      - Description updated.

    * 30821: PWN2OWN ZDI-CAN-5828: Zero Day Initiative Vulnerability (Apple Safari)
      - IPS Version: 3.6.2 and after.
      - NGFW Version: 1.0.0 and after.
      - TPS Version: 4.0.0 and after.
      - vTPS Version: Not available.
      - Requires: IPS N-Platform, NX-Platform, NGFW, or TPS models.
      - Name changed from "30821: PWN2OWN ZDI-CAN-5827: Zero Day Initiative Vulnerability (Apple Safari)".

    31351: HTTP: McAfee/F-Secure Multiple Products LHA File Handling Buffer Overflow Vulnerability
      - IPS Version: 3.6.2 and after.
      - NGFW Version: 1.0.0 and after.
      - TPS Version: 4.0.0 and after.
      - vTPS Version: 4.0.1 and after.
      - Name changed from "31351: HTTP: McAfee Multiple Products LHA File Handling Buffer Overflow Vulnerability".
      - Description updated.
      - Vulnerability references updated.

    31570: TCP: PDF Reader Possible NTLM Credentials Leakage
      - IPS Version: 3.6.2 and after.
      - NGFW Version: 1.0.0 and after.
      - TPS Version: 4.0.0 and after.
      - vTPS Version: 4.0.1 and after.
      - Description updated.
      - Vulnerability references updated.

  Removed Filters: None


Top of the Page
Premium
Internal
Rating:
Category:
Configure; Troubleshoot; Deploy
Solution Id:
TP000106997
Feedback
Did this article help you?

Thank you for your feedback!

To help us improve the quality of this article, please leave your email here so we can clarify further your feedback, if neccessary:
We will not send you spam or share your email address.

*This form is automated system. General questions, technical, sales, and product-related issues submitted through this form will not be answered.

If you need additional help, you may try to contact the support team. Contact Support

To help us improve the quality of this article, please leave your email here so we can clarify further your feedback, if neccessary:
We will not send you spam or share your email address.

*This form is automated system. General questions, technical, sales, and product-related issues submitted through this form will not be answered.