Sign In with your
Trend Micro Account
Need Help?
Need More Help?

Create a technical support case if you need further support.

Digital Vaccine #9111

    • Updated:
    • 5 Jun 2018
    • Product/Version:
    • TippingPoint Digital Vaccine
    • Platform:
Summary
Digital Vaccine #9111      June 5, 2018
Details
Public
Thank you for subscribing to Digital Vaccine updates brought to you by Trend Micro™ TippingPoint DVLabs.

New content is now available at the Threat Management Center (TMC): https://tmc.tippingpoint.com

SMS customers can update the Digital Vaccine through the SMS client. From the top line menu, you can open the "File > Download Digital Vaccine from TMC" menu item to detect and load the latest update.
 
System Requirements
The 3.2.0 DV will run on IPS devices with TOS v3.2.0 and above,  all NGFW and all TPS systems. The 4.0.0 DV will only run on the Virtual Threat Protection System (vTPS) appliance.
Please note that vTPS does not currently support pre-disclosed ZDI filters.
 
The Digital Vaccine can be manually downloaded from the following URLs:
https://tmc.tippingpoint.com/TMC/ViewPackage?parentFolderId=digital_vaccines&contentId=SIG_3.2.0_9111.pkg
https://tmc.tippingpoint.com/TMC/ViewPackage?parentFolderId=vsa_dv&contentId=SIG_VTPS_4.0.0_9111.pkg

Update Details

Table of Contents
--------------------------

Filters
 New Filters
 Modified Filters (logic changes)
 Modified Filters (metadata changes only)
 Removed Filters

Filters
----------------
 New Filters:
    29983: HTTP: OMRON CX-Supervisor SCS Alarm Object Use-After-Free Vulnerability (ZDI-18-255)
      - IPS Version: 3.6.2 and after.
      - NGFW Version: 1.0.0 and after.
      - TPS Version: 4.0.0 and after.
      - vTPS Version: 4.0.1 and after.
      - Category: Exploits
      - Severity: Critical
      - Description: This filter detects an attempt to exploit a use-after-free vulnerability in OMRON CX-Supervisor.
      - Deployments:
        - Deployment: Security-Optimized (Block / Notify)
      - References:
        - Bugtraq ID: 103394
        - Common Vulnerabilities and Exposures: CVE-2018-7521 CVSS 6.8
        - Zero Day Initiative: ZDI-18-255

    31741: ISAKMP: Symantec Multiple Products ISAKMPd Denial-of-Service Vulnerability
      - IPS Version: 3.6.2 and after.
      - NGFW Version: 1.0.0 and after.
      - TPS Version: 4.0.0 and after.
      - vTPS Version: 4.0.1 and after.
      - Category: Exploits
      - Severity: Critical
      - Description: This filter detects an attempt to exploit a denial-of-service vulnerability in multiple Symantec products.
      - Deployment: Not enabled by default in any deployment.
      - References:
        - Bugtraq ID: 11039
        - Common Vulnerabilities and Exposures: CVE-2004-0369 CVSS 7.5

    31767: DNS: ISC BIND CVE-2017-3145 Denial-of-Service Vulnerability
      - IPS Version: 3.6.2 and after.
      - NGFW Version: 1.0.0 and after.
      - TPS Version: 4.0.0 and after.
      - vTPS Version: 4.0.1 and after.
      - Category: Vulnerabilities
      - Severity: High
      - Description: This filter detects an attempt to exploit a denial-of-service vulnerability in ISC BIND.
      - Deployment: Not enabled by default in any deployment.
      - References:
        - Bugtraq ID: 102716
        - Common Vulnerabilities and Exposures: CVE-2017-3145

    31840: HTTP: Novell NetIQ Access Manager FwRequest Unrestricted File Upload (ZDI-18-145)
      - IPS Version: 3.6.2 and after.
      - NGFW Version: 1.0.0 and after.
      - TPS Version: 4.0.0 and after.
      - vTPS Version: 4.0.1 and after.
      - Category: Security Policy
      - Severity: Moderate
      - Description: This filter detects an attempt to upload file in Novell NetIQ Access Manager.
      - Deployments:
        - Deployment: Security-Optimized (Block / Notify)
      - References:
        - Common Vulnerabilities and Exposures: CVE-2018-1342
        - Zero Day Initiative: ZDI-18-145

    31841: SMB: Samba Printer Server spoolss Denial-of-Service Vulnerability
      - IPS Version: 3.6.2 and after.
      - NGFW Version: 1.0.0 and after.
      - TPS Version: 4.0.0 and after.
      - vTPS Version: 4.0.1 and after.
      - Category: Vulnerabilities
      - Severity: Moderate
      - Description: This filter detects an attempt to exploit a denial-of-service vulnerability in Samba Printer Server.
      - Deployments:
        - Deployment: Default (Block / Notify)
        - Deployment: Performance-Optimized (Disabled)
      - References:
        - Common Vulnerabilities and Exposures: CVE-2018-1050

    31848: HTTP: Advantech WebAccess Node uMailLogin Proj SQL Injection Vulnerability (ZDI-18-144)
      - IPS Version: 3.6.2 and after.
      - NGFW Version: 1.0.0 and after.
      - TPS Version: 4.0.0 and after.
      - vTPS Version: 4.0.1 and after.
      - Category: Vulnerabilities
      - Severity: High
      - Description: This filter detects an attempt to exploit a SQL injection vulnerability in Advantech WebAccess Node.
      - Deployments:
        - Deployment: Default (Block / Notify)
        - Deployment: Performance-Optimized (Disabled)
      - References:
        - Bugtraq ID: 102781
        - Common Vulnerabilities and Exposures: CVE-2018-5443
        - Zero Day Initiative: ZDI-18-144

    31869: HTTP: WordPress ProfileGrid Code Injection Vulnerability
      - IPS Version: 3.6.2 and after.
      - NGFW Version: 1.0.0 and after.
      - TPS Version: 4.0.0 and after.
      - vTPS Version: 4.0.1 and after.
      - Category: Vulnerabilities
      - Severity: Critical
      - Description: This filter detects an attempt to exploit a code injection vulnerability in the WordPress ProfileGrid plugin.
      - Deployments:
        - Deployment: Default (Block / Notify)
        - Deployment: Performance-Optimized (Disabled)

    31873: TCP: Oracle Tuxedo JOLT Message Code Usage
      - IPS Version: 3.6.2 and after.
      - NGFW Version: 1.0.0 and after.
      - TPS Version: 4.0.0 and after.
      - vTPS Version: 4.0.1 and after.
      - Category: Security Policy
      - Severity: Moderate
      - Description: This filter detects the use of the JOLT API, which is used in Oracle Tuxedo.
      - Deployment: Not enabled by default in any deployment.
      - References:
        - Bugtraq ID: 101841
        - Common Vulnerabilities and Exposures: CVE-2017-10269 CVSS 7.5

    31879: ZDI-CAN-5788: Zero Day Initiative Vulnerability (WECON LeviStudioU)
      - IPS Version: 3.6.2 and after.
      - NGFW Version: 1.0.0 and after.
      - TPS Version: 4.0.0 and after.
      - vTPS Version: Not available.
      - Requires: IPS N-Platform, NX-Platform, NGFW, or TPS models.
      - Category: Vulnerabilities
      - Severity: Critical
      - Description: This filter provides protection against exploitation of a zero-day vulnerability affecting WECON LeviStudioU.
      - Deployments:
        - Deployment: Security-Optimized (Block / Notify)

    31881: ZDI-CAN-5794,5795: Zero Day Initiative Vulnerability (WECON LeviStudioU)
      - IPS Version: 3.6.2 and after.
      - NGFW Version: 1.0.0 and after.
      - TPS Version: 4.0.0 and after.
      - vTPS Version: Not available.
      - Requires: IPS N-Platform, NX-Platform, NGFW, or TPS models.
      - Category: Vulnerabilities
      - Severity: Critical
      - Description: This filter provides protection against exploitation of a zero-day vulnerability affecting WECON LeviStudioU.
      - Deployments:
        - Deployment: Security-Optimized (Block / Notify)

    31937: HTTP: HL7 C-CDA Table onmouseover Event Usage
      - IPS Version: 3.6.2 and after.
      - NGFW Version: 1.0.0 and after.
      - TPS Version: 4.0.0 and after.
      - vTPS Version: 4.0.1 and after.
      - Category: Security Policy
      - Severity: Moderate
      - Description: This filter detects an attempt to upload an xml document using the CDA.xsl stylesheet template that contains a table element with an onmouseover event.
      - Deployment: Not enabled by default in any deployment.
      - References:
        - Bugtraq ID: 69633
        - Common Vulnerabilities and Exposures: CVE-2014-5452 CVSS 4.3

    31939: HTTP: HL7 C-CDA renderMultiMedia Template Usage
      - IPS Version: 3.6.2 and after.
      - NGFW Version: 1.0.0 and after.
      - TPS Version: 4.0.0 and after.
      - vTPS Version: 4.0.1 and after.
      - Category: Security Policy
      - Severity: Moderate
      - Description: This filter detects an attempt to upload an xml document using the CDA.xsl stylesheet template that contains a renderMultiMedia template definition.
      - Deployment: Not enabled by default in any deployment.
      - References:
        - Common Vulnerabilities and Exposures: CVE-2014-3862 CVSS 4.3

    31941: HTTP: Foxit Reader Text Annotations Use-After-Free Vulnerability (ZDI-18-342)
      - IPS Version: 3.6.2 and after.
      - NGFW Version: 1.0.0 and after.
      - TPS Version: 4.0.0 and after.
      - vTPS Version: 4.0.1 and after.
      - Category: Vulnerabilities
      - Severity: Critical
      - Description: This filter detects an attempt to exploit a use-after-free vulnerability in Foxit Reader.
      - Deployments:
        - Deployment: Security-Optimized (Block / Notify)
      - References:
        - Common Vulnerabilities and Exposures: CVE-2018-9958
        - Zero Day Initiative: ZDI-18-342

    31942: HTTP: D-Link DSL-2750B Command Injection Vulnerability
      - IPS Version: 3.6.2 and after.
      - NGFW Version: 1.0.0 and after.
      - TPS Version: 4.0.0 and after.
      - vTPS Version: 4.0.1 and after.
      - Category: Vulnerabilities
      - Severity: Critical
      - Description: This filter detects an attempt to exploit a command injection vulnerability in D-Link DSL-2750B.
      - Deployments:
        - Deployment: Security-Optimized (Block / Notify)

    31943: HTTP: Apple Safari Spread Operator Type Confusion Vulnerability (ZDI-18-271)
      - IPS Version: 3.6.2 and after.
      - NGFW Version: 1.0.0 and after.
      - TPS Version: 4.0.0 and after.
      - vTPS Version: 4.0.1 and after.
      - Category: Vulnerabilities
      - Severity: Critical
      - Description: This filter detects an attempt to exploit a type confusion vulnerability in Apple Safari.
      - Deployments:
        - Deployment: Default (Block / Notify)
        - Deployment: Performance-Optimized (Disabled)
      - References:
        - Common Vulnerabilities and Exposures: CVE-2018-4122
        - Zero Day Initiative: ZDI-18-271

    31945: HTTP: Foxit Reader XFA execEvent Use-After-Free Vulnerability (ZDI-18-354)
      - IPS Version: 3.6.2 and after.
      - NGFW Version: 1.0.0 and after.
      - TPS Version: 4.0.0 and after.
      - vTPS Version: 4.0.1 and after.
      - Category: Vulnerabilities
      - Severity: Critical
      - Description: This filter detects an attempt to exploit a use-after-free vulnerability in Foxit Reader.
      - Deployments:
        - Deployment: Default (Block / Notify)
        - Deployment: Performance-Optimized (Disabled)
      - References:
        - Common Vulnerabilities and Exposures: CVE-2018-9970
        - Zero Day Initiative: ZDI-18-354

    31949: HTTP: Trend Micro Smart Protection Server Auth Command Injection Vulnerability (ZDI-18-218)
      - IPS Version: 3.6.2 and after.
      - NGFW Version: 1.0.0 and after.
      - TPS Version: 4.0.0 and after.
      - vTPS Version: 4.0.1 and after.
      - Category: Vulnerabilities
      - Severity: Critical
      - Description: This filter detects an attempt to exploit a code injection vulnerability in Trend Micro Smart Protection Server.
      - Deployments:
        - Deployment: Security-Optimized (Block / Notify)
      - References:
        - Bugtraq ID: 103529
        - Common Vulnerabilities and Exposures: CVE-2018-6231
        - Zero Day Initiative: ZDI-18-218

    31950: HTTP: Adobe Acrobat Pro DC ImageConversion EMF Parsing Out-Of-Bounds Read Vulnerability (ZDI-18-213)
      - IPS Version: 3.6.2 and after.
      - NGFW Version: 1.0.0 and after.
      - TPS Version: 4.0.0 and after.
      - vTPS Version: 4.0.1 and after.
      - Category: Exploits
      - Severity: Critical
      - Description: This filter detects an attempt to exploit an out-of-bounds read vulnerability in Adobe Acrobat Pro DC.
      - Deployments:
        - Deployment: Default (Block / Notify)
        - Deployment: Performance-Optimized (Disabled)
      - References:
        - Bugtraq ID: 102995
        - Common Vulnerabilities and Exposures: CVE-2018-4911
        - Zero Day Initiative: ZDI-18-213

    31951: HTTP: Apple Safari RenderLayer Use-After-Free Vulnerability (ZDI-18-274)
      - IPS Version: 3.6.2 and after.
      - NGFW Version: 1.0.0 and after.
      - TPS Version: 4.0.0 and after.
      - vTPS Version: 4.0.1 and after.
      - Category: Vulnerabilities
      - Severity: Critical
      - Description: This filter detects an attempt to exploit a spread operator type confusion vulnerability in Apple Safari.
      - Deployments:
        - Deployment: Default (Block / Notify)
        - Deployment: Performance-Optimized (Disabled)
      - References:
        - Common Vulnerabilities and Exposures: CVE-2018-4127
        - Zero Day Initiative: ZDI-18-274

    31952: HTTP: Microsoft Windows VBScript Filter Function Memory Corruption Vulnerability (ZDI-18-296)
      - IPS Version: 3.6.2 and after.
      - NGFW Version: 1.0.0 and after.
      - TPS Version: 4.0.0 and after.
      - vTPS Version: 4.0.1 and after.
      - Category: Exploits
      - Severity: Critical
      - Description: This filter detects an attempt to exploit a memory corruption vulnerability in Microsoft Windows.
      - Deployments:
        - Deployment: Default (Block / Notify)
        - Deployment: Performance-Optimized (Disabled)
      - References:
        - Common Vulnerabilities and Exposures: CVE-2018-1000
        - Zero Day Initiative: ZDI-18-296

    31954: HTTP: Advantech WebAccess Node screnc Buffer Overflow Vulnerability (ZDI-18-498)
      - IPS Version: 3.6.2 and after.
      - NGFW Version: 1.0.0 and after.
      - TPS Version: 4.0.0 and after.
      - vTPS Version: 4.0.1 and after.
      - Category: Vulnerabilities
      - Severity: Critical
      - Description: This filter detects an attempt to exploit a buffer overflow vulnerability in Advantech WebAccess.
      - Deployments:
        - Deployment: Security-Optimized (Block / Notify)
      - References:
        - Common Vulnerabilities and Exposures: CVE-2018-7499
        - Zero Day Initiative: ZDI-18-498

    31956: HTTP: LibreOffice WEBSERVICE Information Disclosure Vulnerability
      - IPS Version: 3.6.2 and after.
      - NGFW Version: 1.0.0 and after.
      - TPS Version: 4.0.0 and after.
      - vTPS Version: 4.0.1 and after.
      - Category: Vulnerabilities
      - Severity: Critical
      - Description: This filter detects an attempt to exploit an information disclosure vulnerability in LibreOffice.
      - Deployments:
        - Deployment: Default (Block / Notify)
        - Deployment: Performance-Optimized (Disabled)
      - References:
        - Common Vulnerabilities and Exposures: CVE-2018-6871

    31957: RPC: Advantech WebAccess Node bwmakdir Buffer Overflow Vulnerability (ZDI-18-497)
      - IPS Version: 3.6.2 and after.
      - NGFW Version: 1.0.0 and after.
      - TPS Version: 4.0.0 and after.
      - vTPS Version: 4.0.1 and after.
      - Category: Vulnerabilities
      - Severity: Critical
      - Description: This filter detects an attempt to exploit a buffer overflow vulnerability in Advantech WebAccess Node.
      - Deployments:
        - Deployment: Security-Optimized (Block / Notify)
      - References:
        - Bugtraq ID: 104190
        - Common Vulnerabilities and Exposures: CVE-2018-7499
        - Zero Day Initiative: ZDI-18-497

    31958: HTTP: Spotify Music Player URI Parsing Command Injection Vulnerability (ZDI-18-280)
      - IPS Version: 3.6.2 and after.
      - NGFW Version: 1.0.0 and after.
      - TPS Version: 4.0.0 and after.
      - vTPS Version: 4.0.1 and after.
      - Category: Vulnerabilities
      - Severity: Critical
      - Description: This filter detects an attempt to exploit a command injection vulnerability in Spotify Music Player.
      - Deployments:
        - Deployment: Security-Optimized (Block / Notify)
      - References:
        - Common Vulnerabilities and Exposures: CVE-2018-1167
        - Zero Day Initiative: ZDI-18-280

    31961: HTTP: Cisco Prime Infrastructure and DCNM XmpFileUploadServlet Directory Traversal Vulnerability
      - IPS Version: 3.6.2 and after.
      - NGFW Version: 1.0.0 and after.
      - TPS Version: 4.0.0 and after.
      - vTPS Version: 4.0.1 and after.
      - Category: Vulnerabilities
      - Severity: Critical
      - Description: This filter detects an attempt to exploit a directory traversal vulnerability in Cisco Prime Infrastructure and Data Center Network Manager (DCNM).
      - Deployments:
        - Deployment: Default (Block / Notify)
        - Deployment: Performance-Optimized (Disabled)
      - References:
        - Bugtraq ID: 104074
        - Common Vulnerabilities and Exposures: CVE-2018-0258

    31962: HTTPS: Cisco Prime Infrastructure and DCNM XmpFileUploadServlet Directory Traversal Vulnerability
      - IPS Version: 3.6.2 and after.
      - NGFW Version: 1.0.0 and after.
      - TPS Version: 4.0.0 and after.
      - vTPS Version: 4.0.1 and after.
      - Category: Exploits
      - Severity: Critical
      - Description: This filter detects an attempt to exploit a directory traversal vulnerability in Cisco Prime Infrastructure and Data Center Network Manager (DCNM).
      - Deployments:
        - Deployment: Default (Block / Notify)
        - Deployment: Performance-Optimized (Disabled)
      - References:
        - Bugtraq ID: 104074
        - Common Vulnerabilities and Exposures: CVE-2018-0258

    31964: HTTP: Apache Tika tika-server Command Injection Vulnerability
      - IPS Version: 3.6.2 and after.
      - NGFW Version: 1.0.0 and after.
      - TPS Version: 4.0.0 and after.
      - vTPS Version: 4.0.1 and after.
      - Category: Vulnerabilities
      - Severity: Critical
      - Description: This filter detects an attempt to exploit a command injection vulnerability in Apache Tika.
      - Deployments:
        - Deployment: Security-Optimized (Block / Notify)
      - References:
        - Bugtraq ID: 104001
        - Common Vulnerabilities and Exposures: CVE-2018-1335

    31966: HTTP: Novell iManager eDirectory Plugin Schema Buffer Overflow Vulnerability
      - IPS Version: 3.6.2 and after.
      - NGFW Version: 1.0.0 and after.
      - TPS Version: 4.0.0 and after.
      - vTPS Version: 4.0.1 and after.
      - Category: Vulnerabilities
      - Severity: Critical
      - Description: This filter detects an attempt to exploit a buffer overflow vulnerability in Novell iManager.
      - Deployments:
        - Deployment: Security-Optimized (Block / Notify)
      - References:
        - Bugtraq ID: 37672
        - Common Vulnerabilities and Exposures: CVE-2009-4486 CVSS 7.5
        - Zero Day Initiative: ZDI-10-001

    31973: HTTP: Advantech WebAccess NMS DownloadAction Directory Traversal Vulnerability (ZDI-18-471)
      - IPS Version: 3.6.2 and after.
      - NGFW Version: 1.0.0 and after.
      - TPS Version: 4.0.0 and after.
      - vTPS Version: 4.0.1 and after.
      - Category: Vulnerabilities
      - Severity: High
      - Description: This filter detects an attempt to exploit a directory traversal vulnerability in Advantech WebAccess.
      - Deployments:
        - Deployment: Security-Optimized (Block / Notify)
      - References:
        - Common Vulnerabilities and Exposures: CVE-2018-7503
        - Zero Day Initiative: ZDI-18-471

    32025: HTTP: Adobe Acrobat Reader XFA Client-Side Request Injection Vulnerability
      - IPS Version: 3.6.2 and after.
      - NGFW Version: 1.0.0 and after.
      - TPS Version: 4.0.0 and after.
      - vTPS Version: 4.0.1 and after.
      - Category: Vulnerabilities
      - Severity: High
      - Description: This filter detects an attempt to exploit a client-side request injection vulnerability in Adobe Acrobat Reader.
      - Deployments:
        - Deployment: Security-Optimized (Block / Notify)
      - References:
        - Common Vulnerabilities and Exposures: CVE-2018-4995

  Modified Filters (logic changes):
    * = Enabled in Default deployments

    8776: SMTP: Novell GroupWise RCPT Command Buffer Overflow (ZDI-09-010)
      - IPS Version: 1.0.0 and after.
      - NGFW Version: 1.0.0 and after.
      - TPS Version: 4.0.0 and after.
      - vTPS Version: 4.0.1 and after.
      - Detection logic updated.

    28210: DNS: Request with an Uncommon Order of CNAME and DNAME Records
      - IPS Version: 3.1.3 and after.
      - NGFW Version: 1.0.0 and after.
      - TPS Version: 4.0.0 and after.
      - vTPS Version: 4.0.1 and after.
      - Detection logic updated.

    * 29794: HTTP: Microsoft Windows VBScript Join Function Integer Overflow Vulnerability(ZDI-18-247,ZDI-17-916)
      - IPS Version: 3.6.2 and after.
      - NGFW Version: 1.0.0 and after.
      - TPS Version: 4.0.0 and after.
      - vTPS Version: 4.0.1 and after.
      - Name changed from "29794: HTTP: Microsoft Windows VBScript Join Function Integer Overflow Vulnerability (ZDI-17-916)".
      - Description updated.
      - Detection logic updated.
      - Vulnerability references updated.

    30274: HTTP: Microsoft Edge CSS Custom Property Type Confusion Vulnerability (ZDI-18-310)
      - IPS Version: 3.6.2 and after.
      - NGFW Version: 1.0.0 and after.
      - TPS Version: 4.0.0 and after.
      - vTPS Version: 4.0.1 and after.
      - Name changed from "30274: ZDI-CAN-5322: Zero Day Initiative Vulnerability (Microsoft Edge)".
      - Description updated.
      - Detection logic updated.
      - Vulnerability references updated.

    30360: HTTP: Foxit Reader getField Use-After-Free Vulnerability (ZDI-18-329)
      - IPS Version: 3.6.2 and after.
      - NGFW Version: 1.0.0 and after.
      - TPS Version: 4.0.0 and after.
      - vTPS Version: 4.0.1 and after.
      - Name changed from "30360: ZDI-CAN-5382: Zero Day Initiative Vulnerability (Foxit Reader)".
      - Description updated.
      - Detection logic updated.
      - Vulnerability references updated.

    30389: HTTP: Microsoft Edge Select Element Information Disclosure Vulnerability (ZDI-18-167, ZDI-18-264)
      - IPS Version: 3.0.0 and after.
      - NGFW Version: 1.0.0 and after.
      - TPS Version: 4.0.0 and after.
      - vTPS Version: 4.0.1 and after.
      - Name changed from "30389: HTTP: Microsoft Edge Select Element Information Disclosure Vulnerability (ZDI-18-167)".
      - Description updated.
      - Detection logic updated.
      - Vulnerability references updated.

    * 30489: HTTP: HPE Integrated Lights-Out 4 Buffer Overflow Vulnerability
      - IPS Version: 3.6.2 and after.
      - NGFW Version: 1.0.0 and after.
      - TPS Version: 4.0.0 and after.
      - vTPS Version: 4.0.1 and after.
      - Name changed from "30489: HTTP: HPE Integrated Lights-out 4 Authentication Bypass Vulnerability".
      - Category changed from "Exploits" to "Vulnerabilities".
      - Description updated.
      - Detection logic updated.
      - Vulnerability references updated.

    31030: HTTP: VideoLAN VLC Media Player MKV Demuxer Memory Corruption Vulnerability
      - IPS Version: 3.6.2 and after.
      - NGFW Version: 1.0.0 and after.
      - TPS Version: 4.0.0 and after.
      - vTPS Version: 4.0.1 and after.
      - Detection logic updated.

    * 31561: HTTP: Microsoft Windows Memory Corruption Vulnerability
      - IPS Version: 3.6.2 and after.
      - NGFW Version: 1.0.0 and after.
      - TPS Version: 4.0.0 and after.
      - vTPS Version: 4.0.1 and after.
      - Description updated.
      - Detection logic updated.
      - Vulnerability references updated.

  Modified Filters (metadata changes only):
    * = Enabled in Default deployments

    * 12695: TCP: HP LeftHand Virtual SAN dbd_manager Buffer Overflow Vulnerability (ZDI-14-051)
      - IPS Version: 1.0.0 and after.
      - NGFW Version: 1.0.0 and after.
      - TPS Version: 4.0.0 and after.
      - vTPS Version: 4.0.1 and after.
      - Miscellaneous modification.

    20815: HTTP: Microsoft Windows VBScript Filter Function Use-After-Free Vulnerability(ZDI-15-592,ZDI-18-123)
      - IPS Version: 1.0.0 and after.
      - NGFW Version: 1.0.0 and after.
      - TPS Version: 4.0.0 and after.
      - vTPS Version: 4.0.1 and after.
      - Name changed from "20815: HTTP: Microsoft Windows VBScript Filter Function Use-After-Free Vulnerability (ZDI-15-592)".
      - Description updated.

    27228: HTTP: HPE Intelligent Management Center dbman Opcode 10008 Command Injection (ZDI-17-340)
      - IPS Version: 3.1.3 and after.
      - NGFW Version: 1.0.0 and after.
      - TPS Version: 4.0.0 and after.
      - vTPS Version: 4.0.1 and after.
      - Miscellaneous modification.

    29457: HTTP: File Download Request from a Specific Top-Level Domain (.de)
      - IPS Version: 3.6.2 and after.
      - NGFW Version: 1.0.0 and after.
      - TPS Version: 4.0.0 and after.
      - vTPS Version: 4.0.1 and after.
      - Miscellaneous modification.

    29657: RPC: Advantech WebAccess Malicious IOCTL Usage (ZDI-17-938-940,ZDI-18-009-025,18-029-054,18-058-063)
      - IPS Version: 3.2.2 and after.
      - NGFW Version: 1.0.0 and after.
      - TPS Version: 4.0.0 and after.
      - vTPS Version: 4.0.1 and after.
      - Description updated.
      - Vulnerability references updated.

    * 29695: HTTP: Microsoft Chakra Array.splice Memory Corruption Vulnerability (ZDI-18-239)
      - IPS Version: 3.1.3 and after.
      - NGFW Version: 1.0.0 and after.
      - TPS Version: 4.0.0 and after.
      - vTPS Version: 4.0.1 and after.
      - Name changed from "29695: ZDI-CAN-5067: Zero Day Initiative Vulnerability (Microsoft Chakra)".
      - Description updated.
      - Vulnerability references updated.

    * 29848: HTTP: Microsoft Chakra Typed Array JIT Optimization Use-After-Free Vulnerability (ZDI-18-301)
      - IPS Version: 3.6.2 and after.
      - NGFW Version: 1.0.0 and after.
      - TPS Version: 4.0.0 and after.
      - vTPS Version: 4.0.1 and after.
      - Name changed from "29848: ZDI-CAN-5215,5297: Zero Day Initiative Vulnerability (Microsoft Chakra)".
      - Description updated.
      - Vulnerability references updated.

    29861: HTTP: Delta Industrial Automation DOPSoft DOP File TagTotalSize Buffer Overflow (ZDI-18-220)
      - IPS Version: 3.6.2 and after.
      - NGFW Version: 1.0.0 and after.
      - TPS Version: 4.0.0 and after.
      - vTPS Version: 4.0.1 and after.
      - Name changed from "29861: ZDI-CAN-5265: Zero Day Initiative Vulnerability (Delta Industrial Automation DOPSoft)".
      - Description updated.
      - Vulnerability references updated.

    29862: HTTP: Delta Industrial Automation DOPSoft DOP File BackgroundMacro Buffer Overflow (ZDI-18-221)
      - IPS Version: 3.6.2 and after.
      - NGFW Version: 1.0.0 and after.
      - TPS Version: 4.0.0 and after.
      - vTPS Version: 4.0.1 and after.
      - Name changed from "29862: ZDI-CAN-5266: Zero Day Initiative Vulnerability (Delta Industrial Automation DOPSoft)".
      - Description updated.
      - Vulnerability references updated.

    29863: HTTP: Delta Industrial Automation DOPSoft DPA File BeforeExecMacro Buffer Overflow (ZDI-18-222)
      - IPS Version: 3.6.2 and after.
      - NGFW Version: 1.0.0 and after.
      - TPS Version: 4.0.0 and after.
      - vTPS Version: 4.0.1 and after.
      - Name changed from "29863: ZDI-CAN-5267: Zero Day Initiative Vulnerability (Delta Industrial Automation DOPSoft)".
      - Description updated.
      - Vulnerability references updated.

    29864: HTTP: Delta Industrial Automation DOPSoft DPA File ButtonOffMacro Buffer Overflow (ZDI-18-223)
      - IPS Version: 3.6.2 and after.
      - NGFW Version: 1.0.0 and after.
      - TPS Version: 4.0.0 and after.
      - vTPS Version: 4.0.1 and after.
      - Name changed from "29864: ZDI-CAN-5268: Zero Day Initiative Vulnerability (Delta Industrial Automation DOPSoft)".
      - Description updated.
      - Vulnerability references updated.

    29867: HTTP: Delta Industrial Automation DOPSoft DOP File AfterExecMacro Buffer Overflow (ZDI-18-224,230)
      - IPS Version: 3.6.2 and after.
      - NGFW Version: 1.0.0 and after.
      - TPS Version: 4.0.0 and after.
      - vTPS Version: 4.0.1 and after.
      - Name changed from "29867: ZDI-CAN-5269,5276: Zero Day Initiative Vulnerability (Delta Industrial Automation DOPSoft)".
      - Description updated.
      - Vulnerability references updated.

    29868: HTTP: Delta Industrial Automation DOPSoft DOP File BeforeExecMacro Buffer Overflow (ZDI-18-225)
      - IPS Version: 3.6.2 and after.
      - NGFW Version: 1.0.0 and after.
      - TPS Version: 4.0.0 and after.
      - vTPS Version: 4.0.1 and after.
      - Name changed from "29868: ZDI-CAN-5270: Zero Day Initiative Vulnerability (Delta Industrial Automation DOPSoft)".
      - Description updated.
      - Vulnerability references updated.

    29869: HTTP: Delta Industrial Automation DOPSoft DOP File ButtonOffMacro Buffer Overflow (ZDI-18-226)
      - IPS Version: 3.6.2 and after.
      - NGFW Version: 1.0.0 and after.
      - TPS Version: 4.0.0 and after.
      - vTPS Version: 4.0.1 and after.
      - Name changed from "29869: ZDI-CAN-5271: Zero Day Initiative Vulnerability (Delta Industrial Automation DOPSoft)".
      - Description updated.
      - Vulnerability references updated.

    29870: HTTP: Delta Industrial Automation DOPSoft DPA FIle BackgroundMacro Buffer Overflow (ZDI-18-227)
      - IPS Version: 3.6.2 and after.
      - NGFW Version: 1.0.0 and after.
      - TPS Version: 4.0.0 and after.
      - vTPS Version: 4.0.1 and after.
      - Name changed from "29870: ZDI-CAN-5272: Zero Day Initiative Vulnerability (Delta Industrial Automation DOPSoft)".
      - Description updated.
      - Vulnerability references updated.

    29872: HTTP: Delta Industrial Automation DOPSoft DPA File ButtonOnMacro Buffer Overflow (ZDI-18-228)
      - IPS Version: 3.6.2 and after.
      - NGFW Version: 1.0.0 and after.
      - TPS Version: 4.0.0 and after.
      - vTPS Version: 4.0.1 and after.
      - Name changed from "29872: ZDI-CAN-5274: Zero Day Initiative Vulnerability (Delta Industrial Automation DOPSoft)".
      - Description updated.
      - Vulnerability references updated.

    29873: HTTP: Delta Industrial Automation DOPSoft DPA File CloseMacro Buffer Overflow (ZDI-18-229)
      - IPS Version: 3.6.2 and after.
      - NGFW Version: 1.0.0 and after.
      - TPS Version: 4.0.0 and after.
      - vTPS Version: 4.0.1 and after.
      - Name changed from "29873: ZDI-CAN-5275: Zero Day Initiative Vulnerability (Delta Industrial Automation DOPSoft)".
      - Description updated.
      - Vulnerability references updated.

    29877: HTTP: Delta Industrial Automation DOPSoft DPA File Application Attribute Buffer Overflow(ZDI-18-231)
      - IPS Version: 3.6.2 and after.
      - NGFW Version: 1.0.0 and after.
      - TPS Version: 4.0.0 and after.
      - vTPS Version: 4.0.1 and after.
      - Name changed from "29877: ZDI-CAN-5283: Zero Day Initiative Vulnerability (Delta Industrial Automation DOPSoft)".
      - Description updated.
      - Vulnerability references updated.

    29878: HTTP: Delta Industrial Automation DOPSoft DPA File wTextLen Buffer Overflow (ZDI-18-232)
      - IPS Version: 3.6.2 and after.
      - NGFW Version: 1.0.0 and after.
      - TPS Version: 4.0.0 and after.
      - vTPS Version: 4.0.1 and after.
      - Name changed from "29878: ZDI-CAN-5284: Zero Day Initiative Vulnerability (Delta Industrial Automation DOPSoft)".
      - Description updated.
      - Vulnerability references updated.

    29879: HTTP: Delta Industrial Automation DOPSoft DPA File LinkSize Buffer Overflow (ZDI-18-233)
      - IPS Version: 3.6.2 and after.
      - NGFW Version: 1.0.0 and after.
      - TPS Version: 4.0.0 and after.
      - vTPS Version: 4.0.1 and after.
      - Name changed from "29879: ZDI-CAN-5285: Zero Day Initiative Vulnerability (Delta Industrial Automation DOPSoft)".
      - Description updated.
      - Vulnerability references updated.

    29882: HTTP: Delta Industrial Automation DOPSoft DPA File ListTotalSize Buffer Overflow (ZDI-18-234)
      - IPS Version: 3.6.2 and after.
      - NGFW Version: 1.0.0 and after.
      - TPS Version: 4.0.0 and after.
      - vTPS Version: 4.0.1 and after.
      - Name changed from "29882: ZDI-CAN-5286: Zero Day Initiative Vulnerability (Delta Industrial Automation DOPSoft)".
      - Description updated.
      - Vulnerability references updated.

    29883: HTTP: Delta Industrial Automation DOPSoft DPA File SysKeyPwd Buffer Overflow (ZDI-18-235)
      - IPS Version: 3.6.2 and after.
      - NGFW Version: 1.0.0 and after.
      - TPS Version: 4.0.0 and after.
      - vTPS Version: 4.0.1 and after.
      - Name changed from "29883: ZDI-CAN-5287: Zero Day Initiative Vulnerability (Delta Industrial Automation DOPSoft)".
      - Description updated.
      - Vulnerability references updated.

    * 29897: HTTP: Microsoft Windows PDF Library JPEG2000 Parsing Out-Of-Bounds Read Vulnerability (ZDI-18-195)
      - IPS Version: 3.6.2 and after.
      - NGFW Version: 1.0.0 and after.
      - TPS Version: 4.0.0 and after.
      - vTPS Version: 4.0.1 and after.
      - Name changed from "29897: ZDI-CAN-5090: Zero Day Initiative Vulnerability (Microsoft Windows)".
      - Description updated.
      - Vulnerability references updated.

    29934: HTTP: Adobe Acrobat Pro DC ImageConversion EMR_EXTTEXTOUTA Parsing Out-of-Bounds Read (ZDI-18-197)
      - IPS Version: 3.6.2 and after.
      - NGFW Version: 1.0.0 and after.
      - TPS Version: 4.0.0 and after.
      - vTPS Version: 4.0.1 and after.
      - Name changed from "29934: ZDI-CAN-5140: Zero Day Initiative Vulnerability (Adobe Acrobat Pro DC)".
      - Description updated.
      - Vulnerability references updated.

    29935: HTTP: Adobe Acrobat Pro DC ImageConversion EMF TIFF Parsing Out-Of-Bounds Write (ZDI-18-206)
      - IPS Version: 3.6.2 and after.
      - NGFW Version: 1.0.0 and after.
      - TPS Version: 4.0.0 and after.
      - vTPS Version: 4.0.1 and after.
      - Name changed from "29935: ZDI-CAN-5141: Zero Day Initiative Vulnerability (Adobe Acrobat Pro DC)".
      - Description updated.
      - Vulnerability references updated.

    * 29937: HTTP: Adobe Acrobat Pro DC ImageConversion EMF EMR_COMMENT Parsing Out-of-Bounds Read (ZDI-18-200)
      - IPS Version: 3.6.2 and after.
      - NGFW Version: 1.0.0 and after.
      - TPS Version: 4.0.0 and after.
      - vTPS Version: 4.0.1 and after.
      - Name changed from "29937: ZDI-CAN-5143: Zero Day Initiative Vulnerability (Adobe Acrobat Pro DC)".
      - Description updated.
      - Vulnerability references updated.

    29938: HTTP: Adobe Acrobat Pro DC ImageConversion EMF JPEG Parsing Out-Of-Bounds Read (ZDI-18-201)
      - IPS Version: 3.6.2 and after.
      - NGFW Version: 1.0.0 and after.
      - TPS Version: 4.0.0 and after.
      - vTPS Version: 4.0.1 and after.
      - Name changed from "29938: ZDI-CAN-5144: Zero Day Initiative Vulnerability (Adobe Acrobat Pro DC)".
      - Description updated.
      - Vulnerability references updated.

    29939: HTTP: Adobe Acrobat Pro DC ImageConversion EMF GIF Buffer Overflow Vulnerability (ZDI-18-202)
      - IPS Version: 3.6.2 and after.
      - NGFW Version: 1.0.0 and after.
      - TPS Version: 4.0.0 and after.
      - vTPS Version: 4.0.1 and after.
      - Name changed from "29939: ZDI-CAN-5145: Zero Day Initiative Vulnerability (Adobe Acrobat Pro DC)".
      - Description updated.
      - Vulnerability references updated.

    29944: HTTP: Adobe Acrobat Pro DC ImageConversion EMF TIFF Buffer Overflow Vulnerability (ZDI-18-207)
      - IPS Version: 3.6.2 and after.
      - NGFW Version: 1.0.0 and after.
      - TPS Version: 4.0.0 and after.
      - vTPS Version: 4.0.1 and after.
      - Name changed from "29944: ZDI-CAN-5150: Zero Day Initiative Vulnerability (Adobe Acrobat Pro DC)".
      - Description updated.
      - Vulnerability references updated.

    29962: HTTP: Adobe Acrobat Pro DC PDF Forms Information Disclosure Vulnerability (ZDI-18-203)
      - IPS Version: 3.6.2 and after.
      - NGFW Version: 1.0.0 and after.
      - TPS Version: 4.0.0 and after.
      - vTPS Version: 4.0.1 and after.
      - Name changed from "29962: ZDI-CAN-5210: Zero Day Initiative Vulnerability (Adobe Acrobat Pro DC)".
      - Severity changed from "Critical" to "High".
      - Description updated.
      - Vulnerability references updated.

    * 29967: HTTP: Adobe Acrobat Pro DC ImageConversion JPEG Parsing Buffer Overflow Vulnerability (ZDI-18-204)
      - IPS Version: 3.6.2 and after.
      - NGFW Version: 1.0.0 and after.
      - TPS Version: 4.0.0 and after.
      - vTPS Version: 4.0.1 and after.
      - Name changed from "29967: ZDI-CAN-5223: Zero Day Initiative Vulnerability (Adobe Acrobat Pro DC)".
      - Description updated.
      - Vulnerability references updated.

    29972: HTTP: Adobe Acrobat Pro DC ImageConversion BMP Information Disclosure Vulnerability (ZDI-18-217)
      - IPS Version: 3.6.2 and after.
      - NGFW Version: 1.0.0 and after.
      - TPS Version: 4.0.0 and after.
      - vTPS Version: 4.0.1 and after.
      - Name changed from "29972: ZDI-CAN-5236: Zero Day Initiative Vulnerability (Adobe Acrobat Pro DC)".
      - Severity changed from "Critical" to "High".
      - Description updated.
      - Vulnerability references updated.

    29973: HTTP: Adobe Acrobat Pro DC JPEG Parsing Buffer Overflow Vulnerability (ZDI-18-205)
      - IPS Version: 3.6.2 and after.
      - NGFW Version: 1.0.0 and after.
      - TPS Version: 4.0.0 and after.
      - vTPS Version: 4.0.1 and after.
      - Name changed from "29973: ZDI-CAN-5239: Zero Day Initiative Vulnerability (Adobe Acrobat Pro DC)".
      - Description updated.
      - Vulnerability references updated.

    29976: HTTP: OMRON CX-Supervisor SCS File Parsing Buffer Overflow Vulnerability (ZDI-18-250)
      - IPS Version: 3.6.2 and after.
      - NGFW Version: 1.0.0 and after.
      - TPS Version: 4.0.0 and after.
      - vTPS Version: 4.0.1 and after.
      - Name changed from "29976: ZDI-CAN-5299: Zero Day Initiative Vulnerability (OMRON CX-Supervisor)".
      - Description updated.
      - Vulnerability references updated.

    29977: HTTP: OMRON CX-Supervisor SCS File Parsing Use-After-Free Vulnerability (ZDI-18-251)
      - IPS Version: 3.6.2 and after.
      - NGFW Version: 1.0.0 and after.
      - TPS Version: 4.0.0 and after.
      - vTPS Version: 4.0.1 and after.
      - Name changed from "29977: ZDI-CAN-5300: Zero Day Initiative Vulnerability (OMRON CX-Supervisor)".
      - Description updated.
      - Vulnerability references updated.

    29978: HTTP: OMRON CX-Supervisor SCS File Uninitialized Pointer Memory Corruption Vulnerability(ZDI-18-252)
      - IPS Version: 3.6.2 and after.
      - NGFW Version: 1.0.0 and after.
      - TPS Version: 4.0.0 and after.
      - vTPS Version: 4.0.1 and after.
      - Name changed from "29978: ZDI-CAN-5301: Zero Day Initiative Vulnerability (OMRON CX-Supervisor)".
      - Description updated.
      - Vulnerability references updated.

    29981: HTTP: OMRON CX-Supervisor SCS File Uninitialized Pointer Memory Corruption Vulnerability(ZDI-18-253)
      - IPS Version: 3.6.2 and after.
      - NGFW Version: 1.0.0 and after.
      - TPS Version: 4.0.0 and after.
      - vTPS Version: 4.0.1 and after.
      - Name changed from "29981: ZDI-CAN-5302: Zero Day Initiative Vulnerability (OMRON CX-Supervisor)".
      - Description updated.
      - Vulnerability references updated.

    29982: HTTP: OMRON CX-Supervisor SCS Scatter Chart Object Memory Corruption Vulnerability (ZDI-18-254)
      - IPS Version: 3.6.2 and after.
      - NGFW Version: 1.0.0 and after.
      - TPS Version: 4.0.0 and after.
      - vTPS Version: 4.0.1 and after.
      - Name changed from "29982: ZDI-CAN-5303,5304: Zero Day Initiative Vulnerability (OMRON CX-Supervisor)".
      - Description updated.
      - Vulnerability references updated.

    29984: HTTP: OMRON CX-Supervisor SCS File Parsing Out-Of-Bounds Write Vulnerability (ZDI-18-256)
      - IPS Version: 3.6.2 and after.
      - NGFW Version: 1.0.0 and after.
      - TPS Version: 4.0.0 and after.
      - vTPS Version: 4.0.1 and after.
      - Name changed from "29984: ZDI-CAN-5305: Zero Day Initiative Vulnerability (OMRON CX-Supervisor)".
      - Description updated.
      - Vulnerability references updated.

    29985: HTTP: OMRON CX-Supervisor SCS File Parsing Use-After-Free Vulnerability (ZDI-18-257)
      - IPS Version: 3.6.2 and after.
      - NGFW Version: 1.0.0 and after.
      - TPS Version: 4.0.0 and after.
      - vTPS Version: 4.0.1 and after.
      - Name changed from "29985: ZDI-CAN-5306: Zero Day Initiative Vulnerability (OMRON CX-Supervisor)".
      - Description updated.
      - Vulnerability references updated.

    29990: HTTP: OMRON CX-Supervisor CDM File Parsing Untrusted Pointer Dereference Vulnerability (ZDI-18-260)
      - IPS Version: 3.6.2 and after.
      - NGFW Version: 1.0.0 and after.
      - TPS Version: 4.0.0 and after.
      - vTPS Version: 4.0.1 and after.
      - Name changed from "29990: ZDI-CAN-5309: Zero Day Initiative Vulnerability (OMRON CX-Supervisor)".
      - Description updated.
      - Vulnerability references updated.

    * 30276: HTTP: Microsoft Chakra String Concatenation Integer Overflow Vulnerability (ZDI-18-165)
      - IPS Version: 3.6.2 and after.
      - NGFW Version: 1.0.0 and after.
      - TPS Version: 4.0.0 and after.
      - vTPS Version: 4.0.1 and after.
      - Name changed from "30276: ZDI-CAN-5324: Zero Day Initiative Vulnerability (Microsoft Chakra)".
      - Description updated.
      - Vulnerability references updated.

    * 30277: HTTP: Microsoft Office Excel Formula Type Confusion Vulnerability (ZDI-18-161)
      - IPS Version: 3.6.2 and after.
      - NGFW Version: 1.0.0 and after.
      - TPS Version: 4.0.0 and after.
      - vTPS Version: 4.0.1 and after.
      - Name changed from "30277: ZDI-CAN-5325: Zero Day Initiative Vulnerability (Microsoft Excel)".
      - Description updated.
      - Vulnerability references updated.

    30318: HTTP: Foxit Reader addField Use-After-Free Vulnerability (ZDI-18-319)
      - IPS Version: 3.6.2 and after.
      - NGFW Version: 1.0.0 and after.
      - TPS Version: 4.0.0 and after.
      - vTPS Version: 4.0.1 and after.
      - Name changed from "30318: ZDI-CAN-5312: Zero Day Initiative Vulnerability (Foxit Reader)".
      - Description updated.
      - Vulnerability references updated.

    30319: HTTP: Foxit Reader XFA field and XFA absPageSpan Type Confusion Vulnerability(ZDI-18-320,ZDI-18-322)
      - IPS Version: 3.6.2 and after.
      - NGFW Version: 1.0.0 and after.
      - TPS Version: 4.0.0 and after.
      - vTPS Version: 4.0.1 and after.
      - Name changed from "30319: ZDI-CAN-5370,5372: Zero Day Initiative Vulnerability (Foxit Reader)".
      - Description updated.
      - Vulnerability references updated.

    30355: HTTP: Foxit Reader XFA record and XFA openList remove Type Confusion (ZDI-18-326,ZDI-18-327)
      - IPS Version: 3.6.2 and after.
      - NGFW Version: 1.0.0 and after.
      - TPS Version: 4.0.0 and after.
      - vTPS Version: 4.0.1 and after.
      - Name changed from "30355: ZDI-CAN-5376,5377: Zero Day Initiative Vulnerability (Foxit Reader)".
      - Description updated.
      - Vulnerability references updated.

    30357: HTTP: Microsoft Windows Remote Assistance XML Information Disclosure Vulnerability (ZDI-18-242)
      - IPS Version: 3.6.2 and after.
      - NGFW Version: 1.0.0 and after.
      - TPS Version: 4.0.0 and after.
      - vTPS Version: 4.0.1 and after.
      - Name changed from "30357: ZDI-CAN-5378: Zero Day Initiative Vulnerability (Microsoft Windows)".
      - Severity changed from "Critical" to "High".
      - Description updated.
      - Vulnerability references updated.

    30358: HTTP: Foxit Reader addLink Use-After-Free Vulnerability (ZDI-18-328)
      - IPS Version: 3.6.2 and after.
      - NGFW Version: 1.0.0 and after.
      - TPS Version: 4.0.0 and after.
      - vTPS Version: 4.0.1 and after.
      - Name changed from "30358: ZDI-CAN-5379: Zero Day Initiative Vulnerability (Foxit Reader)".
      - Description updated.
      - Vulnerability references updated.

    * 30359: HTTP: Adobe Flash Player QOSProvider Use-After-Free Vulnerability (ZDI-18-178)
      - IPS Version: 3.6.2 and after.
      - NGFW Version: 1.0.0 and after.
      - TPS Version: 4.0.0 and after.
      - vTPS Version: 4.0.1 and after.
      - Name changed from "30359: ZDI-CAN-5381: Zero Day Initiative Vulnerability (Adobe Flash Player)".
      - Description updated.
      - Vulnerability references updated.

    * 30537: HTTP: Adobe Acrobat Reader JavaScript API Annotation Use-After-Free Vulnerability (ZDI-18-174)
      - IPS Version: 3.6.2 and after.
      - NGFW Version: 1.0.0 and after.
      - TPS Version: 4.0.0 and after.
      - vTPS Version: 4.0.1 and after.
      - Name changed from "30537: HTTP: Adobe Acrobat Reader JavaScript API Annotation Use-After-Free Vulnerability".
      - Description updated.
      - Vulnerability references updated.

    * 31069: HTTP: Internet Explorer Scripting Engine link Memory Corruption Vulnerability (ZDI-18-294)
      - IPS Version: 3.6.2 and after.
      - NGFW Version: 1.0.0 and after.
      - TPS Version: 4.0.0 and after.
      - vTPS Version: 4.0.1 and after.
      - Name changed from "31069: HTTP: Internet Explorer Scripting Engine link Memory Corruption Vulnerability".
      - Description updated.
      - Vulnerability references updated.

    31074: HTTP: Microsoft Excel Binary Workbook Use-After-Free Vulnerability (ZDI-18-292)
      - IPS Version: 3.6.2 and after.
      - NGFW Version: 1.0.0 and after.
      - TPS Version: 4.0.0 and after.
      - vTPS Version: 4.0.1 and after.
      - Name changed from "31074: HTTP: Microsoft Excel Binary Workbook Use-After-Free Vulnerability".
      - Description updated.
      - Vulnerability references updated.

    * 31075: HTTP: Microsoft Internet Explorer iframe Memory Corruption Vulnerability (ZDI-18-295)
      - IPS Version: 3.6.2 and after.
      - NGFW Version: 1.0.0 and after.
      - TPS Version: 4.0.0 and after.
      - vTPS Version: 4.0.1 and after.
      - Name changed from "31075: HTTP: Microsoft Internet Explorer iframe Memory Corruption Vulnerability".
      - Description updated.
      - Vulnerability references updated.

    31585: HTTP: Adobe Acrobat Reader Javascript Use-After-Free Vulnerability
      - IPS Version: 3.6.2 and after.
      - NGFW Version: 1.0.0 and after.
      - TPS Version: 4.0.0 and after.
      - vTPS Version: 4.0.1 and after.
      - Description updated.

    * 31589: HTTP: Adobe Acrobat EMF Parsing Buffer Overflow Vulnerability (ZDI-18-436)
      - IPS Version: 3.6.2 and after.
      - NGFW Version: 1.0.0 and after.
      - TPS Version: 4.0.0 and after.
      - vTPS Version: 4.0.1 and after.
      - Name changed from "31589: HTTP: Adobe Acrobat EMF Parsing Buffer Overflow Vulnerability".
      - Description updated.
      - Vulnerability references updated.

    31591: HTTP: Adobe Acrobat JPEG2000 Out-of-Bounds Read Vulnerability
      - IPS Version: 3.6.2 and after.
      - NGFW Version: 1.0.0 and after.
      - TPS Version: 4.0.0 and after.
      - vTPS Version: 4.0.1 and after.
      - Name changed from "31591: HTTP: Adobe Acrobat JPEG2000 Double-Free Vulnerability".
      - Description updated.
      - Vulnerability references updated.

    * 31592: HTTP: Adobe Acrobat EMF Parsing Memory Corruption Vulnerability (ZDI-18-437)
      - IPS Version: 3.6.2 and after.
      - NGFW Version: 1.0.0 and after.
      - TPS Version: 4.0.0 and after.
      - vTPS Version: 4.0.1 and after.
      - Description updated.

    * 31698: HTTP: Adobe Acrobat Reader XPS Embedded TIF Memory Corruption Vulnerability (ZDI-18-443)
      - IPS Version: 3.6.2 and after.
      - NGFW Version: 1.0.0 and after.
      - TPS Version: 4.0.0 and after.
      - vTPS Version: 4.0.1 and after.
      - Name changed from "31698: HTTP: Adobe Acrobat Reader XPS Embedded TIF Memory Corruption Vulnerability".
      - Description updated.
      - Vulnerability references updated.

    * 31704: HTTP: Adobe Acrobat Reader Optional Content Group Information Disclosure Vulnerability (ZDI-18-446)
      - IPS Version: 3.6.2 and after.
      - NGFW Version: 1.0.0 and after.
      - TPS Version: 4.0.0 and after.
      - vTPS Version: 4.0.1 and after.
      - Name changed from "31704: HTTP: Adobe Acrobat Reader Optional Content Group Information Disclosure Vulnerability".
      - Description updated.
      - Vulnerability references updated.

    * 31705: HTTP: Adobe Acrobat Pro EMR_STRETCHDIBITS Information Disclosure Vulnerability (ZDI-18-447)
      - IPS Version: 3.6.2 and after.
      - NGFW Version: 1.0.0 and after.
      - TPS Version: 4.0.0 and after.
      - vTPS Version: 4.0.1 and after.
      - Name changed from "31705: HTTP: Adobe Acrobat Pro EMR_STRETCHDIBITS Information Disclosure Vulnerability".
      - Description updated.
      - Vulnerability references updated.

    * 31706: HTTP: Adobe Acrobat Pro EMR_STRETCHDIBITS Information Disclosure Vulnerability (ZDI-18-448)
      - IPS Version: 3.6.2 and after.
      - NGFW Version: 1.0.0 and after.
      - TPS Version: 4.0.0 and after.
      - vTPS Version: 4.0.1 and after.
      - Name changed from "31706: HTTP: Adobe Acrobat Pro EMR_STRETCHDIBITS Information Disclosure Vulnerability".
      - Description updated.
      - Vulnerability references updated.

    31707: HTTP: Adobe Acrobat Pro PathPoints Buffer Overflow Vulnerability (ZDI-18-449)
      - IPS Version: 3.6.2 and after.
      - NGFW Version: 1.0.0 and after.
      - TPS Version: 4.0.0 and after.
      - vTPS Version: 4.0.1 and after.
      - Name changed from "31707: HTTP: Adobe Acrobat Pro PathPoints Buffer Overflow Vulnerability".
      - Description updated.
      - Vulnerability references updated.

    31708: HTTP: Adobe Acrobat Pro Buffer Overflow Vulnerability (ZDI-18-450)
      - IPS Version: 3.6.2 and after.
      - NGFW Version: 1.0.0 and after.
      - TPS Version: 4.0.0 and after.
      - vTPS Version: 4.0.1 and after.
      - Name changed from "31708: HTTP: Adobe Acrobat Pro Buffer Overflow Vulnerability".
      - Description updated.
      - Vulnerability references updated.

    31710: HTTP: Adobe Acrobat Pro EMF EMR_CREATEDIBPATTERNBRUSHPT Buffer Overflow Vulnerability (ZDI-18-452)
      - IPS Version: 3.6.2 and after.
      - NGFW Version: 1.0.0 and after.
      - TPS Version: 4.0.0 and after.
      - vTPS Version: 4.0.1 and after.
      - Name changed from "31710: HTTP: Adobe Acrobat Pro EMF EMR_CREATEDIBPATTERNBRUSHPT Buffer Overflow Vulnerability".
      - Description updated.
      - Vulnerability references updated.

    31711: HTTP: Adobe Acrobat LZW Memory Corruption Vulnerability (ZDI-18-453)
      - IPS Version: 3.6.2 and after.
      - NGFW Version: 1.0.0 and after.
      - TPS Version: 4.0.0 and after.
      - vTPS Version: 4.0.1 and after.
      - Name changed from "31711: HTTP: Adobe Acrobat LZW Memory Corruption Vulnerability".
      - Description updated.
      - Vulnerability references updated.

    31712: HTTP: Adobe Acrobat Pro EMF EmfPlusPath Memory Corruption Vulnerability (ZDI-18-454)
      - IPS Version: 3.6.2 and after.
      - NGFW Version: 1.0.0 and after.
      - TPS Version: 4.0.0 and after.
      - vTPS Version: 4.0.1 and after.
      - Name changed from "31712: HTTP: Adobe Acrobat Pro EMF EmfPlusPath Memory Corruption Vulnerability".
      - Description updated.
      - Vulnerability references updated.

    31713: HTTP: Adobe Acrobat Reader Font Engine Use-After-Free Vulnerability (ZDI-18-455)
      - IPS Version: 3.6.2 and after.
      - NGFW Version: 1.0.0 and after.
      - TPS Version: 4.0.0 and after.
      - vTPS Version: 4.0.1 and after.
      - Name changed from "31713: HTTP: Adobe Acrobat Reader Font Engine Use-After-Free Vulnerability".
      - Description updated.
      - Vulnerability references updated.

    31714: HTTP: Adobe Acrobat Pro EMR_EXTTEXTOUTA Information Disclosure Vulnerability (ZDI-18-456)
      - IPS Version: 3.6.2 and after.
      - NGFW Version: 1.0.0 and after.
      - TPS Version: 4.0.0 and after.
      - vTPS Version: 4.0.1 and after.
      - Name changed from "31714: HTTP: Adobe Acrobat Pro EMR_EXTTEXTOUTA Information Disclosure Vulnerability".
      - Description updated.
      - Vulnerability references updated.

    31715: HTTP: Adobe Acrobat Pro EXIF Memory Corruption Vulnerability (ZDI-18-457)
      - IPS Version: 3.6.2 and after.
      - NGFW Version: 1.0.0 and after.
      - TPS Version: 4.0.0 and after.
      - vTPS Version: 4.0.1 and after.
      - Name changed from "31715: HTTP: Adobe Acrobat Pro EXIF Memory Corruption Vulnerability".
      - Description updated.
      - Vulnerability references updated.

    31717: HTTP: Adobe Acrobat Pro StrokeThickness Property Memory Corruption Vulnerability (ZDI-18-459)
      - IPS Version: 3.6.2 and after.
      - NGFW Version: 1.0.0 and after.
      - TPS Version: 4.0.0 and after.
      - vTPS Version: 4.0.1 and after.
      - Name changed from "31717: HTTP: Adobe Acrobat Pro StrokeThickness Property Memory Corruption Vulnerability".
      - Description updated.
      - Vulnerability references updated.

    31718: HTTP: Adobe Acrobat Pro EmfPlusDrawCurve Memory Corruption Vulnerability (ZDI-18-460)
      - IPS Version: 3.6.2 and after.
      - NGFW Version: 1.0.0 and after.
      - TPS Version: 4.0.0 and after.
      - vTPS Version: 4.0.1 and after.
      - Name changed from "31718: HTTP: Adobe Acrobat Pro EmfPlusDrawCurve Memory Corruption Vulnerability".
      - Description updated.
      - Vulnerability references updated.

    31720: HTTP: Adobe Acrobat Pro EMF EmfPlusObject Buffer Overflow Vulnerability (ZDI-18-462)
      - IPS Version: 3.6.2 and after.
      - NGFW Version: 1.0.0 and after.
      - TPS Version: 4.0.0 and after.
      - vTPS Version: 4.0.1 and after.
      - Name changed from "31720: HTTP: Adobe Acrobat Pro EMF EmfPlusObject Buffer Overflow Vulnerability".
      - Description updated.
      - Vulnerability references updated.

    31721: HTTP: Adobe Acrobat Reader launchURL Security bypass Vulnerability (ZDI-18-463)
      - IPS Version: 3.6.2 and after.
      - NGFW Version: 1.0.0 and after.
      - TPS Version: 4.0.0 and after.
      - vTPS Version: 4.0.1 and after.
      - Name changed from "31721: HTTP: Adobe Acrobat Reader launchURL Security bypass Vulnerability".
      - Description updated.
      - Vulnerability references updated.

    31724: HTTP: Adobe Acrobat Pro BMP Buffer Overflow Vulnerability (ZDI-18-466)
      - IPS Version: 3.6.2 and after.
      - NGFW Version: 1.0.0 and after.
      - TPS Version: 4.0.0 and after.
      - vTPS Version: 4.0.1 and after.
      - Name changed from "31724: HTTP: Adobe Acrobat Pro BMP Buffer Overflow Vulnerability".
      - Description updated.
      - Vulnerability references updated.

  Removed Filters: None
Top of the Page
Premium
Internal
Rating:
Category:
Configure; Troubleshoot; Deploy
Solution Id:
TP000109006
Feedback
Did this article help you?

Thank you for your feedback!

To help us improve the quality of this article, please leave your email here so we can clarify further your feedback, if neccessary:
We will not send you spam or share your email address.

*This form is automated system. General questions, technical, sales, and product-related issues submitted through this form will not be answered.

If you need additional help, you may try to contact the support team. Contact Support

To help us improve the quality of this article, please leave your email here so we can clarify further your feedback, if neccessary:
We will not send you spam or share your email address.

*This form is automated system. General questions, technical, sales, and product-related issues submitted through this form will not be answered.