Summary
Digital Vaccine #9284 May 5, 2019
Details
Thank you for subscribing to Digital Vaccine updates brought to you by Trend Micro™ TippingPoint DVLabs. New content is now available at the Threat Management Center (TMC): https://tmc.tippingpoint.com. SMS customers can update the Digital Vaccine through the SMS client. From the top line menu, you can open the "File > Download Digital Vaccine from TMC" menu item to detect and load the latest update. |
System Requirements |
The 3.2.0 DV will run on IPS devices with TOS v3.2.0 and above, all NGFW and all TPS systems. The 4.0.0 DV will only run on the Virtual Threat Protection System (vTPS) appliance. Please note that vTPS does not currently support pre-disclosed ZDI filters. |
Adobe Security Bulletins This DV includes coverage for the Adobe vulnerabilities released on or before May 14, 2019. The following table maps TippingPoint filters to the Adobe CVEs. | ||
Bulletin # | CVE # | Filter # |
APSB19-18 | CVE-2019-7140 | *34086 |
APSB19-18 | CVE-2019-7141 | *34085 |
APSB19-18 | CVE-2019-7142 | 35264 |
APSB19-18 | CVE-2019-7143 | *34569 |
APSB19-18 | CVE-2019-7144 | *34570 |
APSB19-18 | CVE-2019-7145 | *34576 |
APSB19-18 | CVE-2019-7758 | *34571 |
APSB19-18 | CVE-2019-7759 | *34572 |
APSB19-18 | CVE-2019-7760 | *34574 |
APSB19-18 | CVE-2019-7761 | 35186 |
APSB19-18 | CVE-2019-7762 | 35187 |
APSB19-18 | CVE-2019-7763 | 35188 |
APSB19-18 | CVE-2019-7764 | 35189 |
APSB19-18 | CVE-2019-7765 | 35190 |
APSB19-18 | CVE-2019-7766 | 35191 |
APSB19-18 | CVE-2019-7767 | 35192 |
APSB19-18 | CVE-2019-7768 | 35193 |
APSB19-18 | CVE-2019-7769 | 35194 |
APSB19-18 | CVE-2019-7770 | 35195 |
APSB19-18 | CVE-2019-7771 | 35196 |
APSB19-18 | CVE-2019-7772 | 35197 |
APSB19-18 | CVE-2019-7773 | 35198 |
APSB19-18 | CVE-2019-7774 | 35199 |
APSB19-18 | CVE-2019-7775 | 35200 |
APSB19-18 | CVE-2019-7776 | 35201 |
APSB19-18 | CVE-2019-7777 | 35202 |
APSB19-18 | CVE-2019-7778 | 35203 |
APSB19-18 | CVE-2019-7779 | 35204 |
APSB19-18 | CVE-2019-7780 | 35205 |
APSB19-18 | CVE-2019-7781 | 35206 |
APSB19-18 | CVE-2019-7782 | 35207 |
APSB19-18 | CVE-2019-7783 | 35208 |
APSB19-18 | CVE-2019-7784 | 35209 |
APSB19-18 | CVE-2019-7785 | 35210 |
APSB19-18 | CVE-2019-7786 | 35211 |
APSB19-18 | CVE-2019-7787 | *35059 |
APSB19-18 | CVE-2019-7788 | 35213 |
APSB19-18 | CVE-2019-7789 | 35214 |
APSB19-18 | CVE-2019-7790 | 35215 |
APSB19-18 | CVE-2019-7791 | 35216 |
APSB19-18 | CVE-2019-7792 | 35217 |
APSB19-18 | CVE-2019-7793 | 35218 |
APSB19-18 | CVE-2019-7794 | 35219 |
APSB19-18 | CVE-2019-7795 | 35220 |
APSB19-18 | CVE-2019-7796 | *34822 |
APSB19-18 | CVE-2019-7797 | *34917 |
APSB19-18 | CVE-2019-7798 | 35223 |
APSB19-18 | CVE-2019-7799 | 35224 |
APSB19-18 | CVE-2019-7800 | 35225 |
APSB19-18 | CVE-2019-7801 | 35226 |
APSB19-18 | CVE-2019-7802 | 35227 |
APSB19-18 | CVE-2019-7803 | *34825 |
APSB19-18 | CVE-2019-7804 | 35229 |
APSB19-18 | CVE-2019-7805 | 35230 |
APSB19-18 | CVE-2019-7806 | 35231 |
APSB19-18 | CVE-2019-7807 | 35232 |
APSB19-18 | CVE-2019-7808 | 35233 |
APSB19-18 | CVE-2019-7809 | *34830 |
APSB19-18 | CVE-2019-7810 | *34829 |
APSB19-18 | CVE-2019-7811 | 35236 |
APSB19-18 | CVE-2019-7812 | 35237 |
APSB19-18 | CVE-2019-7813 | 35268 |
APSB19-18 | CVE-2019-7814 | *34918 |
APSB19-18 | CVE-2019-7817 | *34919 |
APSB19-18 | CVE-2019-7818 | *34920 |
APSB19-18 | CVE-2019-7819 | 35241 |
APSB19-18 | CVE-2019-7820 | *34953 |
APSB19-18 | CVE-2019-7821 | 35243 |
APSB19-18 | CVE-2019-7822 | *34921 |
APSB19-18 | CVE-2019-7823 | *34906 |
APSB19-18 | CVE-2019-7824 | *34986 |
APSB19-18 | CVE-2019-7825 | *34987 |
APSB19-18 | CVE-2019-7826 | *34988 |
APSB19-18 | CVE-2019-7827 | *34997 |
APSB19-18 | CVE-2019-7828 | *34989 |
APSB19-18 | CVE-2019-7829 | 35251 |
APSB19-18 | CVE-2019-7830 | *34998 |
APSB19-18 | CVE-2019-7831 | 35253 |
APSB19-18 | CVE-2019-7832 | 35254 |
APSB19-18 | CVE-2019-7833 | 35255 |
APSB19-18 | CVE-2019-7834 | 35256 |
APSB19-18 | CVE-2019-7835 | 35257 |
APSB19-18 | CVE-2019-7836 | 35258 |
APSB19-18 | CVE-2019-7841 | 35259 |
APSB19-26 | CVE-2019-7837 | *34827 |
Filters marked with * shipped prior to this DV, providing zero-day protection. |
The Digital Vaccine can be manually downloaded from the following URLs: https://tmc.tippingpoint.com/TMC/ViewPackage?parentFolderId=digital_vaccines&contentId=SIG_3.2.0_9284.pkg https://tmc.tippingpoint.com/TMC/ViewPackage?parentFolderId=vsa_dv&contentId=SIG_VTPS_4.0.0_9284.pkg |
Update Details
Table of Contents
--------------------------
Filters
New Filters - 85
Modified Filters (logic changes) - 38
Modified Filters (metadata changes only) - 2
Removed Filters - 0
Filters
----------------
New Filters:
35144: HTTP: Zoho ManageEngine Applications Manager Popup_SLA.jsp sid SQL Injection Vulnerability - IPS Version: 3.6.2 and after. - NGFW Version: 1.0.0 and after. - TPS Version: 4.0.0 and after. - vTPS Version: 4.0.1 and after. - Category: Vulnerabilities - Severity: Critical - Description: This filter detects an attempt to exploit a SQL injection vulnerability in Zoho ManageEngine Applications Manager. - Deployments: - Deployment: Default (Block / Notify) - Deployment: Performance-Optimized (Disabled) - References: - Common Vulnerabilities and Exposures: CVE-2019-11448 CVSS 10.0 35160: ZDI-CAN-7783: Zero Day Initiative Vulnerability (Phoenix Contact Automationworx) - IPS Version: 3.6.2 and after. - NGFW Version: 1.0.0 and after. - TPS Version: 4.0.0 and after. - vTPS Version: Not available. - Requires: N/NX-Platform, NGFW, or TPS devices - Category: Exploits - Severity: Critical - Description: This filter provides protection against exploitation of a zero-day vulnerability affecting Phoenix Contact Automationworx. - Deployments: - Deployment: Security-Optimized (Block / Notify) 35161: ZDI-CAN-7906: Zero Day Initiative Vulnerability (Advantech WebAccess) - IPS Version: 3.6.2 and after. - NGFW Version: 1.0.0 and after. - TPS Version: 4.0.0 and after. - vTPS Version: Not available. - Requires: N/NX-Platform, NGFW, or TPS devices - Category: Vulnerabilities - Severity: Critical - Description: This filter provides protection against exploitation of a zero-day vulnerability affecting Advantech WebAccess. - Deployments: - Deployment: Security-Optimized (Block / Notify) 35162: ZDI-CAN-7951: Zero Day Initiative Vulnerability (Advantech WebAccess) - IPS Version: 3.6.2 and after. - NGFW Version: 1.0.0 and after. - TPS Version: 4.0.0 and after. - vTPS Version: Not available. - Requires: N/NX-Platform, NGFW, or TPS devices - Category: Vulnerabilities - Severity: Critical - Description: This filter provides protection against exploitation of a zero-day vulnerability affecting Advantech WebAccess. - Deployments: - Deployment: Security-Optimized (Block / Notify) 35163: ZDI-CAN-7952: Zero Day Initiative Vulnerability (Advantech WebAccess) - IPS Version: 3.6.2 and after. - NGFW Version: 1.0.0 and after. - TPS Version: 4.0.0 and after. - vTPS Version: Not available. - Requires: N/NX-Platform, NGFW, or TPS devices - Category: Vulnerabilities - Severity: Critical - Description: This filter provides protection against exploitation of a zero-day vulnerability affecting Advantech WebAccess. - Deployments: - Deployment: Security-Optimized (Block / Notify) 35164: ZDI-CAN-7959: Zero Day Initiative Vulnerability (Microsoft Windows) - IPS Version: 3.6.2 and after. - NGFW Version: 1.0.0 and after. - TPS Version: 4.0.0 and after. - vTPS Version: Not available. - Requires: N/NX-Platform, NGFW, or TPS devices - Category: Vulnerabilities - Severity: Critical - Description: This filter provides protection against exploitation of a zero-day vulnerability affecting Microsoft Windows. - Deployments: - Deployment: Security-Optimized (Block / Notify) 35166: ZDI-CAN-7970: Zero Day Initiative Vulnerability (Apple Safari) - IPS Version: 3.6.2 and after. - NGFW Version: 1.0.0 and after. - TPS Version: 4.0.0 and after. - vTPS Version: Not available. - Requires: N/NX-Platform, NGFW, or TPS devices - Category: Vulnerabilities - Severity: Critical - Description: This filter provides protection against exploitation of a zero-day vulnerability affecting Apple Safari. - Deployments: - Deployment: Security-Optimized (Block / Notify) 35167: ZDI-CAN-8028: Zero Day Initiative Vulnerability (EZAutomation EZPLC EZC) - IPS Version: 3.6.2 and after. - NGFW Version: 1.0.0 and after. - TPS Version: 4.0.0 and after. - vTPS Version: Not available. - Requires: N/NX-Platform, NGFW, or TPS devices - Category: Exploits - Severity: Critical - Description: This filter provides protection against exploitation of a zero-day vulnerability affecting EZAutomation EZPLC EZC. - Deployments: - Deployment: Security-Optimized (Block / Notify) 35168: HTTP: Apache Tomcat HTTP2 Denial-of-Service Vulnerability - IPS Version: 3.6.2 and after. - NGFW Version: 1.0.0 and after. - TPS Version: 4.0.0 and after. - vTPS Version: 4.0.1 and after. - Category: Exploits - Severity: High - Description: This filter detects an attempt to exploit a denial-of-service vulnerability in Apache Tomcat. - Deployments: - Deployment: Security-Optimized (Block / Notify) - References: - Bugtraq ID: 107674 - Common Vulnerabilities and Exposures: CVE-2019-0199 CVSS 5.0 35169: HTTP: Eclipse Jetty HTTP2 SETTINGS Frames Denial-of-Service Vulnerability - IPS Version: 3.6.2 and after. - NGFW Version: 1.0.0 and after. - TPS Version: 4.0.0 and after. - vTPS Version: 4.0.1 and after. - Category: Vulnerabilities - Severity: High - Description: This filter detects an attempt to exploit a denial-of-service vulnerability in Eclipse Jetty. - Deployments: - Deployment: Security-Optimized (Block / Notify) - References: - Common Vulnerabilities and Exposures: CVE-2018-12545 CVSS 5.0 35170: ZDI-CAN-8030: Zero Day Initiative Vulnerability (Fuji Electric Alpha7) - IPS Version: 3.6.2 and after. - NGFW Version: 1.0.0 and after. - TPS Version: 4.0.0 and after. - vTPS Version: Not available. - Requires: N/NX-Platform, NGFW, or TPS devices - Category: Exploits - Severity: Critical - Description: This filter provides protection against exploitation of a zero-day vulnerability affecting Fuji Electric Alpha7. - Deployments: - Deployment: Security-Optimized (Block / Notify) 35171: ZDI-CAN-8037: Zero Day Initiative Vulnerability (Microsoft Windows) - IPS Version: 3.6.2 and after. - NGFW Version: 1.0.0 and after. - TPS Version: 4.0.0 and after. - vTPS Version: Not available. - Requires: N/NX-Platform, NGFW, or TPS devices - Category: Exploits - Severity: Critical - Description: This filter provides protection against exploitation of a zero-day vulnerability affecting Microsoft Windows. - Deployments: - Deployment: Security-Optimized (Block / Notify) 35172: ZDI-CAN-8050: Zero Day Initiative Vulnerability (Microsoft Windows) - IPS Version: 3.6.2 and after. - NGFW Version: 1.0.0 and after. - TPS Version: 4.0.0 and after. - vTPS Version: Not available. - Requires: N/NX-Platform, NGFW, or TPS devices - Category: Exploits - Severity: Critical - Description: This filter provides protection against exploitation of a zero-day vulnerability affecting Microsoft Windows. - Deployments: - Deployment: Security-Optimized (Block / Notify) 35173: ZDI-CAN-8063: Zero Day Initiative Vulnerability (Advantech WebAccess) - IPS Version: 3.6.2 and after. - NGFW Version: 1.0.0 and after. - TPS Version: 4.0.0 and after. - vTPS Version: Not available. - Requires: N/NX-Platform, NGFW, or TPS devices - Category: Vulnerabilities - Severity: Critical - Description: This filter provides protection against exploitation of a zero-day vulnerability affecting Advantech WebAccess. - Deployments: - Deployment: Security-Optimized (Block / Notify) 35174: ZDI-CAN-8064: Zero Day Initiative Vulnerability (Advantech WebAccess) - IPS Version: 3.6.2 and after. - NGFW Version: 1.0.0 and after. - TPS Version: 4.0.0 and after. - vTPS Version: Not available. - Requires: N/NX-Platform, NGFW, or TPS devices - Category: Vulnerabilities - Severity: Critical - Description: This filter provides protection against exploitation of a zero-day vulnerability affecting Advantech WebAccess. - Deployments: - Deployment: Security-Optimized (Block / Notify) 35175: ZDI-CAN-8067: Zero Day Initiative Vulnerability (Advantech WebAccess) - IPS Version: 3.6.2 and after. - NGFW Version: 1.0.0 and after. - TPS Version: 4.0.0 and after. - vTPS Version: Not available. - Requires: N/NX-Platform, NGFW, or TPS devices - Category: Vulnerabilities - Severity: Critical - Description: This filter provides protection against exploitation of a zero-day vulnerability affecting Advantech WebAccess. - Deployments: - Deployment: Security-Optimized (Block / Notify) 35176: ZDI-CAN-8068: Zero Day Initiative Vulnerability (Advantech WebAccess) - IPS Version: 3.6.2 and after. - NGFW Version: 1.0.0 and after. - TPS Version: 4.0.0 and after. - vTPS Version: Not available. - Requires: N/NX-Platform, NGFW, or TPS devices - Category: Vulnerabilities - Severity: Critical - Description: This filter provides protection against exploitation of a zero-day vulnerability affecting Advantech WebAccess. - Deployments: - Deployment: Security-Optimized (Block / Notify) 35186: HTTP: Adobe Acrobat Reader Use-After-Free Vulnerability - IPS Version: 3.6.2 and after. - NGFW Version: 1.0.0 and after. - TPS Version: 4.0.0 and after. - vTPS Version: 4.0.1 and after. - Category: Exploits - Severity: Critical - Description: This filter detects an attempt to exploit a use-after-free vulnerability in Adobe Acrobat Reader. - Deployments: - Deployment: Security-Optimized (Block / Notify) - References: - Common Vulnerabilities and Exposures: CVE-2019-7761 35187: HTTP: Adobe Acrobat Reader Use-After-Free Vulnerability - IPS Version: 3.6.2 and after. - NGFW Version: 1.0.0 and after. - TPS Version: 4.0.0 and after. - vTPS Version: 4.0.1 and after. - Category: Exploits - Severity: Critical - Description: This filter detects an attempt to exploit a use-after-free vulnerability in Adobe Acrobat Reader. - Deployments: - Deployment: Security-Optimized (Block / Notify) - References: - Common Vulnerabilities and Exposures: CVE-2019-7762 35188: HTTP: Adobe Acrobat Reader Use-After-Free Vulnerability - IPS Version: 3.6.2 and after. - NGFW Version: 1.0.0 and after. - TPS Version: 4.0.0 and after. - vTPS Version: 4.0.1 and after. - Category: Exploits - Severity: Critical - Description: This filter detects an attempt to exploit a use-after-free vulnerability in Adobe Acrobat Reader. - Deployments: - Deployment: Default (Block / Notify) - Deployment: Performance-Optimized (Disabled) - References: - Common Vulnerabilities and Exposures: CVE-2019-7763 35189: HTTP: Adobe Acrobat Reader Use-After-Free Vulnerability - IPS Version: 3.6.2 and after. - NGFW Version: 1.0.0 and after. - TPS Version: 4.0.0 and after. - vTPS Version: 4.0.1 and after. - Category: Exploits - Severity: Critical - Description: This filter detects an attempt to exploit a use-after-free vulnerability in Adobe Acrobat Reader. - Deployments: - Deployment: Security-Optimized (Block / Notify) - References: - Common Vulnerabilities and Exposures: CVE-2019-7764 35190: HTTP: Adobe Acrobat Reader Use-After-Free Vulnerability - IPS Version: 3.6.2 and after. - NGFW Version: 1.0.0 and after. - TPS Version: 4.0.0 and after. - vTPS Version: 4.0.1 and after. - Category: Exploits - Severity: Critical - Description: This filter detects an attempt to exploit a use-after-free vulnerability in Adobe Acrobat Reader. - Deployments: - Deployment: Default (Block / Notify) - Deployment: Performance-Optimized (Disabled) - References: - Common Vulnerabilities and Exposures: CVE-2019-7765 35191: HTTP: Adobe Acrobat Reader Use-After-Free Vulnerability - IPS Version: 3.6.2 and after. - NGFW Version: 1.0.0 and after. - TPS Version: 4.0.0 and after. - vTPS Version: 4.0.1 and after. - Category: Exploits - Severity: Critical - Description: This filter detects an attempt to exploit a use-after-free vulnerability in Adobe Acrobat Reader. - Deployments: - Deployment: Security-Optimized (Block / Notify) - References: - Common Vulnerabilities and Exposures: CVE-2019-7766 35192: HTTP: Adobe Acrobat Reader Use-After-Free Vulnerability - IPS Version: 3.6.2 and after. - NGFW Version: 1.0.0 and after. - TPS Version: 4.0.0 and after. - vTPS Version: 4.0.1 and after. - Category: Exploits - Severity: Critical - Description: This filter detects an attempt to exploit a use-after-free vulnerability in Adobe Acrobat Reader. - Deployments: - Deployment: Default (Block / Notify) - Deployment: Performance-Optimized (Disabled) - References: - Common Vulnerabilities and Exposures: CVE-2019-7767 35193: HTTP: Adobe Acrobat Reader Use-After-Free Vulnerability - IPS Version: 3.6.2 and after. - NGFW Version: 1.0.0 and after. - TPS Version: 4.0.0 and after. - vTPS Version: 4.0.1 and after. - Category: Exploits - Severity: Critical - Description: This filter detects an attempt to exploit a use-after-free vulnerability in Adobe Acrobat Reader. - Deployments: - Deployment: Security-Optimized (Block / Notify) - References: - Common Vulnerabilities and Exposures: CVE-2019-7768 35194: HTTP: Adobe Acrobat Reader spellDictionaryOrder Out-of-Bounds Read Vulnerability - IPS Version: 3.6.2 and after. - NGFW Version: 1.0.0 and after. - TPS Version: 4.0.0 and after. - vTPS Version: 4.0.1 and after. - Category: Exploits - Severity: High - Description: This filter detects an attempt to exploit an out-of-bounds read vulnerability in Adobe Acrobat Reader. - Deployments: - Deployment: Security-Optimized (Block / Notify) - References: - Common Vulnerabilities and Exposures: CVE-2019-7769 35195: HTTP: Adobe Acrobat Reader spellLanguageOrder Out-of-Bounds Read Vulnerability - IPS Version: 3.6.2 and after. - NGFW Version: 1.0.0 and after. - TPS Version: 4.0.0 and after. - vTPS Version: 4.0.1 and after. - Category: Exploits - Severity: High - Description: This filter detects an attempt to exploit an out-of-bounds read vulnerability in Adobe Acrobat Reader. - Deployments: - Deployment: Security-Optimized (Block / Notify) - References: - Common Vulnerabilities and Exposures: CVE-2019-7770 35196: HTTP: Adobe Acrobat Reader TIF Out-of-Bounds Read Vulnerability - IPS Version: 3.6.2 and after. - NGFW Version: 1.0.0 and after. - TPS Version: 4.0.0 and after. - vTPS Version: 4.0.1 and after. - Category: Exploits - Severity: High - Description: This filter detects an attempt to exploit an out-of-bounds read vulnerability in Adobe Acrobat Reader. - Deployments: - Deployment: Security-Optimized (Block / Notify) - References: - Common Vulnerabilities and Exposures: CVE-2019-7771 35197: HTTP: Adobe Acrobat Reader XFA Use-After-Free Vulnerability - IPS Version: 3.6.2 and after. - NGFW Version: 1.0.0 and after. - TPS Version: 4.0.0 and after. - vTPS Version: 4.0.1 and after. - Category: Exploits - Severity: Critical - Description: This filter detects an attempt to exploit a use-after-free vulnerability in Adobe Acrobat Reader. - Deployments: - Deployment: Default (Block / Notify) - Deployment: Performance-Optimized (Disabled) - References: - Common Vulnerabilities and Exposures: CVE-2019-7772 35198: HTTP: Adobe Acrobat Reader Widget Out-of-Bounds Read Vulnerability - IPS Version: 3.6.2 and after. - NGFW Version: 1.0.0 and after. - TPS Version: 4.0.0 and after. - vTPS Version: 4.0.1 and after. - Category: Exploits - Severity: High - Description: This filter detects an attempt to exploit an out-of-bounds read vulnerability in Adobe Acrobat Reader. - Deployments: - Deployment: Default (Block / Notify) - Deployment: Performance-Optimized (Disabled) - References: - Common Vulnerabilities and Exposures: CVE-2019-7773 35199: HTTP: Adobe Acrobat Reader resolveNode Out-of-Bounds Read Vulnerability - IPS Version: 3.6.2 and after. - NGFW Version: 1.0.0 and after. - TPS Version: 4.0.0 and after. - vTPS Version: 4.0.1 and after. - Category: Exploits - Severity: High - Description: This filter detects an attempt to exploit an out-of-bounds read vulnerability in Adobe Acrobat Reader. - Deployments: - Deployment: Default (Block / Notify) - Deployment: Performance-Optimized (Disabled) - References: - Common Vulnerabilities and Exposures: CVE-2019-7774 35200: HTTP: Adobe Acrobat Reader XFA Out-of-Bounds Read Vulnerability - IPS Version: 3.6.2 and after. - NGFW Version: 1.0.0 and after. - TPS Version: 4.0.0 and after. - vTPS Version: 4.0.1 and after. - Category: Exploits - Severity: High - Description: This filter detects an attempt to exploit an out-of-bounds read vulnerability in Adobe Acrobat Reader. - Deployments: - Deployment: Security-Optimized (Block / Notify) - References: - Common Vulnerabilities and Exposures: CVE-2019-7775 35201: HTTP: Adobe Acrobat Reader addAnnot Out-of-Bounds Read Vulnerability - IPS Version: 3.6.2 and after. - NGFW Version: 1.0.0 and after. - TPS Version: 4.0.0 and after. - vTPS Version: 4.0.1 and after. - Category: Exploits - Severity: High - Description: This filter detects an attempt to exploit an out-of-bounds read vulnerability in Adobe Acrobat Reader. - Deployments: - Deployment: Security-Optimized (Block / Notify) - References: - Common Vulnerabilities and Exposures: CVE-2019-7776 35202: HTTP: Adobe Acrobat Reader isPropertySpecified Out-of-Bounds Read Vulnerability - IPS Version: 3.6.2 and after. - NGFW Version: 1.0.0 and after. - TPS Version: 4.0.0 and after. - vTPS Version: 4.0.1 and after. - Category: Exploits - Severity: High - Description: This filter detects an attempt to exploit an out-of-bounds read vulnerability in Adobe Acrobat Reader. - Deployments: - Deployment: Security-Optimized (Block / Notify) - References: - Common Vulnerabilities and Exposures: CVE-2019-7777 35203: HTTP: Adobe Acrobat Reader remerge Out-of-Bounds Read Vulnerability - IPS Version: 3.6.2 and after. - NGFW Version: 1.0.0 and after. - TPS Version: 4.0.0 and after. - vTPS Version: 4.0.1 and after. - Category: Exploits - Severity: High - Description: This filter detects an attempt to exploit an out-of-bounds read vulnerability in Adobe Acrobat Reader. - Deployments: - Deployment: Default (Block / Notify) - Deployment: Performance-Optimized (Disabled) - References: - Common Vulnerabilities and Exposures: CVE-2019-7778 35204: HTTP: Adobe Acrobat Reader browseForDoc Security Bypass Vulnerability - IPS Version: 3.6.2 and after. - NGFW Version: 1.0.0 and after. - TPS Version: 4.0.0 and after. - vTPS Version: 4.0.1 and after. - Category: Exploits - Severity: High - Description: This filter detects an attempt to exploit a security bypass vulnerability in Adobe Acrobat Reader. - Deployments: - Deployment: Default (Block / Notify) - Deployment: Performance-Optimized (Disabled) - References: - Common Vulnerabilities and Exposures: CVE-2019-7779 35205: HTTP: Adobe Acrobat Reader Out-of-Bounds Read Vulnerability - IPS Version: 3.6.2 and after. - NGFW Version: 1.0.0 and after. - TPS Version: 4.0.0 and after. - vTPS Version: 4.0.1 and after. - Category: Exploits - Severity: High - Description: This filter detects an attempt to exploit an out-of-bounds read vulnerability in Adobe Acrobat Reader. - Deployments: - Deployment: Security-Optimized (Block / Notify) - References: - Common Vulnerabilities and Exposures: CVE-2019-7780 35206: HTTP: Adobe Acrobat Reader Use-After-Free Vulnerability - IPS Version: 3.6.2 and after. - NGFW Version: 1.0.0 and after. - TPS Version: 4.0.0 and after. - vTPS Version: 4.0.1 and after. - Category: Exploits - Severity: Critical - Description: This filter detects an attempt to exploit a use-after-free vulnerability in Adobe Acrobat Reader. - Deployments: - Deployment: Default (Block / Notify) - Deployment: Performance-Optimized (Disabled) - References: - Common Vulnerabilities and Exposures: CVE-2019-7781 35207: HTTP: Adobe Acrobat Reader Use-After-Free Vulnerability - IPS Version: 3.6.2 and after. - NGFW Version: 1.0.0 and after. - TPS Version: 4.0.0 and after. - vTPS Version: 4.0.1 and after. - Category: Exploits - Severity: Critical - Description: This filter detects an attempt to exploit a use-after-free vulnerability in Adobe Acrobat Reader. - Deployments: - Deployment: Security-Optimized (Block / Notify) - References: - Common Vulnerabilities and Exposures: CVE-2019-7782 35208: HTTP: Adobe Acrobat Reader Use-After-Free Vulnerability - IPS Version: 3.6.2 and after. - NGFW Version: 1.0.0 and after. - TPS Version: 4.0.0 and after. - vTPS Version: 4.0.1 and after. - Category: Exploits - Severity: Critical - Description: This filter detects an attempt to exploit a use-after-free vulnerability in Adobe Acrobat Reader. - Deployments: - Deployment: Security-Optimized (Block / Notify) - References: - Common Vulnerabilities and Exposures: CVE-2019-7783 35209: HTTP: Adobe Acrobat Reader Double Free Vulnerability - IPS Version: 3.6.2 and after. - NGFW Version: 1.0.0 and after. - TPS Version: 4.0.0 and after. - vTPS Version: 4.0.1 and after. - Category: Exploits - Severity: Critical - Description: This filter detects an attempt to exploit a double free vulnerability in Adobe Acrobat Reader. - Deployments: - Deployment: Security-Optimized (Block / Notify) - References: - Common Vulnerabilities and Exposures: CVE-2019-7784 35210: HTTP: Adobe Acrobat Pro DC PostScript colorimage Use-After-Free Vulnerability (ZDI-19-488) - IPS Version: 3.6.2 and after. - NGFW Version: 1.0.0 and after. - TPS Version: 4.0.0 and after. - vTPS Version: 4.0.1 and after. - Category: Exploits - Severity: Critical - Description: This filter detects an attempt to exploit a use-after-free vulnerability in Adobe Acrobat Pro DC. - Deployments: - Deployment: Default (Block / Notify) - Deployment: Performance-Optimized (Disabled) - References: - Common Vulnerabilities and Exposures: CVE-2019-7785 - Zero Day Initiative: ZDI-19-488 35211: HTTP: Adobe Acrobat Pro DC PostScript File Parsing Use-After-Free Vulnerability (ZDI-19-487) - IPS Version: 3.6.2 and after. - NGFW Version: 1.0.0 and after. - TPS Version: 4.0.0 and after. - vTPS Version: 4.0.1 and after. - Category: Exploits - Severity: Critical - Description: This filter detects an attempt to exploit a use-after-free vulnerability in Adobe Acrobat Pro DC. - Deployments: - Deployment: Security-Optimized (Block / Notify) - References: - Common Vulnerabilities and Exposures: CVE-2019-7786 - Zero Day Initiative: ZDI-19-487 35213: HTTP: Adobe Acrobat Reader Use-After-Free Vulnerability - IPS Version: 3.6.2 and after. - NGFW Version: 1.0.0 and after. - TPS Version: 4.0.0 and after. - vTPS Version: 4.0.1 and after. - Category: Exploits - Severity: Critical - Description: This filter detects an attempt to exploit a use-after-free vulnerability in Adobe Acrobat Reader. - Deployments: - Deployment: Security-Optimized (Block / Notify) - References: - Common Vulnerabilities and Exposures: CVE-2019-7788 35214: HTTP: Adobe Acrobat Reader Out-of-Bounds Read Vulnerability - IPS Version: 3.6.2 and after. - NGFW Version: 1.0.0 and after. - TPS Version: 4.0.0 and after. - vTPS Version: 4.0.1 and after. - Category: Exploits - Severity: High - Description: This filter detects an attempt to exploit a out-of-bounds read vulnerability in Adobe Acrobat Reader. - Deployments: - Deployment: Security-Optimized (Block / Notify) - References: - Common Vulnerabilities and Exposures: CVE-2019-7789 35215: HTTP: Adobe Acrobat Reader Out-of-Bounds Read Vulnerability - IPS Version: 3.6.2 and after. - NGFW Version: 1.0.0 and after. - TPS Version: 4.0.0 and after. - vTPS Version: 4.0.1 and after. - Category: Exploits - Severity: High - Description: This filter detects an attempt to exploit an out-of-bounds read vulnerability in Adobe Acrobat Reader. - Deployments: - Deployment: Default (Block / Notify) - Deployment: Performance-Optimized (Disabled) - References: - Common Vulnerabilities and Exposures: CVE-2019-7790 35216: HTTP: Adobe Acrobat Reader Use-After-Free Vulnerability - IPS Version: 3.6.2 and after. - NGFW Version: 1.0.0 and after. - TPS Version: 4.0.0 and after. - vTPS Version: 4.0.1 and after. - Category: Exploits - Severity: Critical - Description: This filter detects an attempt to exploit a use-after-free vulnerability in Adobe Acrobat Reader. - Deployments: - Deployment: Default (Block / Notify) - Deployment: Performance-Optimized (Disabled) - References: - Common Vulnerabilities and Exposures: CVE-2019-7791 35217: HTTP: Adobe Acrobat Reader Use-After-Free Vulnerability - IPS Version: 3.6.2 and after. - NGFW Version: 1.0.0 and after. - TPS Version: 4.0.0 and after. - vTPS Version: 4.0.1 and after. - Category: Exploits - Severity: Critical - Description: This filter detects an attempt to exploit a use-after-free vulnerability in Adobe Acrobat Reader. - Deployments: - Deployment: Default (Block / Notify) - Deployment: Performance-Optimized (Disabled) - References: - Common Vulnerabilities and Exposures: CVE-2019-7792 35218: HTTP: Adobe Acrobat Reader Out-of-Bounds Read Vulnerability - IPS Version: 3.6.2 and after. - NGFW Version: 1.0.0 and after. - TPS Version: 4.0.0 and after. - vTPS Version: 4.0.1 and after. - Category: Exploits - Severity: High - Description: This filter detects an attempt to exploit an out-of-bounds read vulnerability in Adobe Acrobat Reader. - Deployments: - Deployment: Security-Optimized (Block / Notify) - References: - Common Vulnerabilities and Exposures: CVE-2019-7793 35219: HTTP: Adobe Acrobat Pro DC JPEG2000 Parsing Out-of-Bounds Read Vulnerability (ZDI-19-489) - IPS Version: 3.6.2 and after. - NGFW Version: 1.0.0 and after. - TPS Version: 4.0.0 and after. - vTPS Version: 4.0.1 and after. - Category: Exploits - Severity: High - Description: This filter detects an attempt to exploit an out-of-bounds read vulnerability in Adobe Acrobat Pro DC. - Deployments: - Deployment: Security-Optimized (Block / Notify) - References: - Common Vulnerabilities and Exposures: CVE-2019-7794 - Zero Day Initiative: ZDI-19-489 35220: HTTP: Adobe Acrobat Reader Out-of-Bounds Read Vulnerability - IPS Version: 3.6.2 and after. - NGFW Version: 1.0.0 and after. - TPS Version: 4.0.0 and after. - vTPS Version: 4.0.1 and after. - Category: Exploits - Severity: High - Description: This filter detects an attempt to exploit an out-of-bounds read vulnerability in Adobe Acrobat Reader. - Deployments: - Deployment: Security-Optimized (Block / Notify) - References: - Common Vulnerabilities and Exposures: CVE-2019-7795 35223: HTTP: Adobe Acrobat Pro DC PostScript File Parsing Out-of-Bounds Read Vulnerability (ZDI-19-497) - IPS Version: 3.6.2 and after. - NGFW Version: 1.0.0 and after. - TPS Version: 4.0.0 and after. - vTPS Version: 4.0.1 and after. - Category: Exploits - Severity: High - Description: This filter detects an attempt to exploit an out-of-bounds read vulnerability in Adobe Acrobat Pro DC. - Deployments: - Deployment: Security-Optimized (Block / Notify) - References: - Common Vulnerabilities and Exposures: CVE-2019-7798 - Zero Day Initiative: ZDI-19-497 35224: HTTP: Adobe Acrobat Pro DC PostScript Out-Of-Bounds Read Vulnerability (ZDI-19-495) - IPS Version: 3.6.2 and after. - NGFW Version: 1.0.0 and after. - TPS Version: 4.0.0 and after. - vTPS Version: 4.0.1 and after. - Category: Exploits - Severity: High - Description: This filter detects an attempt to exploit an out-of-bounds read vulnerability in Adobe Acrobat Pro DC. - Deployments: - Deployment: Security-Optimized (Block / Notify) - References: - Common Vulnerabilities and Exposures: CVE-2019-7799 - Zero Day Initiative: ZDI-19-495 35225: HTTP: Adobe Acrobat Reader PostScript File Parsing Out-of-Bounds Write Vulnerability (ZDI-19-494) - IPS Version: 3.6.2 and after. - NGFW Version: 1.0.0 and after. - TPS Version: 4.0.0 and after. - vTPS Version: 4.0.1 and after. - Category: Exploits - Severity: Critical - Description: This filter detects an attempt to exploit an out-of-bounds write vulnerability in Adobe Acrobat Reader. - Deployments: - Deployment: Security-Optimized (Block / Notify) - References: - Common Vulnerabilities and Exposures: CVE-2019-7800 - Zero Day Initiative: ZDI-19-494 35226: HTTP: Adobe Acrobat Reader PostScript File Parsing Out-of-Bounds Read Vulnerability (ZDI-19-492) - IPS Version: 3.6.2 and after. - NGFW Version: 1.0.0 and after. - TPS Version: 4.0.0 and after. - vTPS Version: 4.0.1 and after. - Category: Exploits - Severity: High - Description: This filter detects an attempt to exploit an out-of-bounds read vulnerability in Adobe Acrobat Reader. - Deployments: - Deployment: Security-Optimized (Block / Notify) - References: - Common Vulnerabilities and Exposures: CVE-2019-7801 - Zero Day Initiative: ZDI-19-492 35227: HTTP: Adobe Acrobat Reader PostScript File Parsing Out-of-Bounds Read Vulnerability (ZDI-19-491) - IPS Version: 3.6.2 and after. - NGFW Version: 1.0.0 and after. - TPS Version: 4.0.0 and after. - vTPS Version: 4.0.1 and after. - Category: Exploits - Severity: High - Description: This filter detects an attempt to exploit an out-of-bounds read vulnerability in Adobe Acrobat Reader. - Deployments: - Deployment: Security-Optimized (Block / Notify) - References: - Common Vulnerabilities and Exposures: CVE-2019-7802 - Zero Day Initiative: ZDI-19-491 35229: HTTP: Adobe Acrobat Reader Out-of-Bounds Write Vulnerability - IPS Version: 3.6.2 and after. - NGFW Version: 1.0.0 and after. - TPS Version: 4.0.0 and after. - vTPS Version: 4.0.1 and after. - Category: Exploits - Severity: Critical - Description: This filter detects an attempt to exploit an out-of-bounds write vulnerability in Adobe Acrobat Reader. - Deployments: - Deployment: Security-Optimized (Block / Notify) - References: - Common Vulnerabilities and Exposures: CVE-2019-7804 35230: HTTP: Adobe Acrobat Reader Use-After-Free Vulnerability - IPS Version: 3.6.2 and after. - NGFW Version: 1.0.0 and after. - TPS Version: 4.0.0 and after. - vTPS Version: 4.0.1 and after. - Category: Exploits - Severity: Critical - Description: This filter detects an attempt to exploit a use-after-free vulnerability in Adobe Acrobat Reader. - Deployments: - Deployment: Security-Optimized (Block / Notify) - References: - Common Vulnerabilities and Exposures: CVE-2019-7805 35231: HTTP: Adobe Acrobat Reader XFA Use-After-Free Vulnerability - IPS Version: 3.6.2 and after. - NGFW Version: 1.0.0 and after. - TPS Version: 4.0.0 and after. - vTPS Version: 4.0.1 and after. - Category: Exploits - Severity: Critical - Description: This filter detects an attempt to exploit a use-after-free vulnerability in Adobe Acrobat Reader. - Deployments: - Deployment: Default (Block / Notify) - Deployment: Performance-Optimized (Disabled) - References: - Common Vulnerabilities and Exposures: CVE-2019-7806 35232: HTTP: Adobe Acrobat Reader bookmarkRoot Use-After-Free Vulnerability - IPS Version: 3.6.2 and after. - NGFW Version: 1.0.0 and after. - TPS Version: 4.0.0 and after. - vTPS Version: 4.0.1 and after. - Category: Exploits - Severity: Critical - Description: This filter detects an attempt to exploit a use-after-free vulnerability in Adobe Acrobat Reader. - Deployments: - Deployment: Default (Block / Notify) - Deployment: Performance-Optimized (Disabled) - References: - Common Vulnerabilities and Exposures: CVE-2019-7807 35233: HTTP: Adobe Acrobat Reader XFA bookendTrailer Use-After-Free Vulnerability - IPS Version: 3.6.2 and after. - NGFW Version: 1.0.0 and after. - TPS Version: 4.0.0 and after. - vTPS Version: 4.0.1 and after. - Category: Exploits - Severity: Critical - Description: This filter detects an attempt to exploit a use-after-free vulnerability in Adobe Acrobat Reader. - Deployments: - Deployment: Security-Optimized (Block / Notify) - References: - Common Vulnerabilities and Exposures: CVE-2019-7808 35236: HTTP: Adobe Acrobat Reader Out-of-Bounds Read Vulnerability - IPS Version: 3.6.2 and after. - NGFW Version: 1.0.0 and after. - TPS Version: 4.0.0 and after. - vTPS Version: 4.0.1 and after. - Category: Exploits - Severity: Critical - Description: This filter detects an attempt to exploit an out-of-bounds read vulnerability in Adobe Acrobat Reader. - Deployments: - Deployment: Security-Optimized (Block / Notify) - References: - Common Vulnerabilities and Exposures: CVE-2019-7811 35237: HTTP: Adobe Acrobat Reader Out-of-Bounds Read Vulnerability - IPS Version: 3.6.2 and after. - NGFW Version: 1.0.0 and after. - TPS Version: 4.0.0 and after. - vTPS Version: 4.0.1 and after. - Category: Exploits - Severity: High - Description: This filter detects an attempt to exploit an out-of-bounds read vulnerability in Adobe Acrobat Reader. - Deployments: - Deployment: Security-Optimized (Block / Notify) - References: - Common Vulnerabilities and Exposures: CVE-2019-7812 35241: HTTP: Adobe Acrobat Reader Font Processing Out-of-Bounds Read Vulnerability - IPS Version: 3.6.2 and after. - NGFW Version: 1.0.0 and after. - TPS Version: 4.0.0 and after. - vTPS Version: 4.0.1 and after. - Category: Exploits - Severity: High - Description: This filter detects an attempt to exploit an out-of-bounds read vulnerability in Adobe Acrobat Reader. - Deployments: - Deployment: Security-Optimized (Block / Notify) - References: - Common Vulnerabilities and Exposures: CVE-2019-7819 35243: HTTP: Adobe Acrobat Pro DC JPEG File Parsing Use-After-Free Vulnerability (ZDI-19-506) - IPS Version: 3.6.2 and after. - NGFW Version: 1.0.0 and after. - TPS Version: 4.0.0 and after. - vTPS Version: 4.0.1 and after. - Category: Exploits - Severity: Critical - Description: This filter detects an attempt to exploit a use-after-free vulnerability in Adobe Acrobat Reader Pro DC. - Deployments: - Deployment: Security-Optimized (Block / Notify) - References: - Common Vulnerabilities and Exposures: CVE-2019-7821 - Zero Day Initiative: ZDI-19-506 35251: HTTP: Adobe Acrobat Pro DC PostScript File Parsing Out-Of-Bounds Write Vulnerability (ZDI-19-511) - IPS Version: 3.6.2 and after. - NGFW Version: 1.0.0 and after. - TPS Version: 4.0.0 and after. - vTPS Version: 4.0.1 and after. - Category: Exploits - Severity: Critical - Description: This filter detects an attempt to exploit an out-of-bounds write vulnerability in Adobe Acrobat Pro DC. - Deployments: - Deployment: Security-Optimized (Block / Notify) - References: - Common Vulnerabilities and Exposures: CVE-2019-7829 - Zero Day Initiative: ZDI-19-511 35253: HTTP: Adobe Acrobat Reader JavaScript API Use-After-Free Vulnerability - IPS Version: 3.6.2 and after. - NGFW Version: 1.0.0 and after. - TPS Version: 4.0.0 and after. - vTPS Version: 4.0.1 and after. - Category: Exploits - Severity: Critical - Description: This filter detects an attempt to exploit a use-after-free vulnerability in Adobe Acrobat Reader. - Deployments: - Deployment: Security-Optimized (Block / Notify) - References: - Common Vulnerabilities and Exposures: CVE-2019-7831 35254: HTTP: Adobe Acrobat Reader XFA Node Use-After-Free Vulnerability - IPS Version: 3.6.2 and after. - NGFW Version: 1.0.0 and after. - TPS Version: 4.0.0 and after. - vTPS Version: 4.0.1 and after. - Category: Exploits - Severity: Critical - Description: This filter detects an attempt to exploit a use-after-free vulnerability in Adobe Acrobat Reader. - Deployments: - Deployment: Default (Block / Notify) - Deployment: Performance-Optimized (Disabled) - References: - Common Vulnerabilities and Exposures: CVE-2019-7832 35255: HTTP: Adobe Acrobat Reader XFA Node Use-After-Free Vulnerability - IPS Version: 3.6.2 and after. - NGFW Version: 1.0.0 and after. - TPS Version: 4.0.0 and after. - vTPS Version: 4.0.1 and after. - Category: Exploits - Severity: Critical - Description: This filter detects an attempt to exploit a use-after-free vulnerability in Adobe Acrobat Reader. - Deployments: - Deployment: Default (Block / Notify) - Deployment: Performance-Optimized (Disabled) - References: - Common Vulnerabilities and Exposures: CVE-2019-7833 35256: HTTP: Adobe Acrobat Reader XFA Node Use-After-Free Vulnerability - IPS Version: 3.6.2 and after. - NGFW Version: 1.0.0 and after. - TPS Version: 4.0.0 and after. - vTPS Version: 4.0.1 and after. - Category: Exploits - Severity: Critical - Description: This filter detects an attempt to exploit a use-after-free vulnerability in Adobe Acrobat Reader. - Deployments: - Deployment: Default (Block / Notify) - Deployment: Performance-Optimized (Disabled) - References: - Common Vulnerabilities and Exposures: CVE-2019-7834 35257: HTTP: Adobe Acrobat Reader JavaScript API Use-After-Free Vulnerability - IPS Version: 3.6.2 and after. - NGFW Version: 1.0.0 and after. - TPS Version: 4.0.0 and after. - vTPS Version: 4.0.1 and after. - Category: Exploits - Severity: Critical - Description: This filter detects an attempt to exploit a use-after-free vulnerability in Adobe Acrobat Reader. - Deployments: - Deployment: Default (Block / Notify) - Deployment: Performance-Optimized (Disabled) - References: - Common Vulnerabilities and Exposures: CVE-2019-7835 35258: HTTP: Adobe Acrobat Reader XFA Node Out-of-Bounds Read Vulnerability - IPS Version: 3.6.2 and after. - NGFW Version: 1.0.0 and after. - TPS Version: 4.0.0 and after. - vTPS Version: 4.0.1 and after. - Category: Exploits - Severity: High - Description: This filter detects an attempt to exploit an out-of-bounds read vulnerability in Adobe Acrobat Reader. - Deployments: - Deployment: Default (Block / Notify) - Deployment: Performance-Optimized (Disabled) - References: - Common Vulnerabilities and Exposures: CVE-2019-7836 35259: HTTP: Adobe Acrobat Reader XFA Node Out-of-Bounds Read Vulnerability - IPS Version: 3.6.2 and after. - NGFW Version: 1.0.0 and after. - TPS Version: 4.0.0 and after. - vTPS Version: 4.0.1 and after. - Category: Exploits - Severity: High - Description: This filter detects an attempt to exploit an out-of-bounds read vulnerability in Adobe Acrobat Reader. - Deployments: - Deployment: Security-Optimized (Block / Notify) - References: - Common Vulnerabilities and Exposures: CVE-2019-7841 35261: HTTP: Nagios XI Autodiscovery Job Command Injection Vulnerability - IPS Version: 3.6.2 and after. - NGFW Version: 1.0.0 and after. - TPS Version: 4.0.0 and after. - vTPS Version: 4.0.1 and after. - Category: Vulnerabilities - Severity: Critical - Description: This filter detects an attempt to exploit a command injection vulnerability in Nagios XI. - Deployments: - Deployment: Default (Block / Notify) - Deployment: Performance-Optimized (Disabled) - References: - Common Vulnerabilities and Exposures: CVE-2019-9164 CVSS 6.5 35262: TCP: Memcached lru mode and temp_ttl Commands Denial-of-Service Vulnerability - IPS Version: 3.6.2 and after. - NGFW Version: 1.0.0 and after. - TPS Version: 4.0.0 and after. - vTPS Version: 4.0.1 and after. - Category: Vulnerabilities - Severity: High - Description: This filter detects an attempt to exploit a denial-of-service vulnerability in Memcached. - Deployments: - Deployment: Security-Optimized (Block / Notify) - References: - Common Vulnerabilities and Exposures: CVE-2019-11596 CVSS 5.0 35263: RPC: Advantech WebAccess bwstwww giffconv Buffer Overflow Vulnerability (ZDI-19-309, ZDI-19-311) - IPS Version: 3.6.2 and after. - NGFW Version: 1.0.0 and after. - TPS Version: 4.0.0 and after. - vTPS Version: 4.0.1 and after. - Category: Vulnerabilities - Severity: Critical - Description: This filter detects an attempt to exploit a buffer overflow vulnerability in Advantech WebAccess. - Deployments: - Deployment: Security-Optimized (Block / Notify) - References: - Bugtraq ID: 107675 - Common Vulnerabilities and Exposures: CVE-2019-6550 CVSS 7.5 - Zero Day Initiative: ZDI-19-309, ZDI-19-311 35264: HTTP: Adobe Acrobat Reader TIF Parsing Out-of-Bounds Read Vulnerability - IPS Version: 3.6.2 and after. - NGFW Version: 1.0.0 and after. - TPS Version: 4.0.0 and after. - vTPS Version: 4.0.1 and after. - Category: Exploits - Severity: High - Description: This filter detects an attempt to exploit an out-of-bounds read vulnerability in Adobe Acrobat Reader. - Deployments: - Deployment: Security-Optimized (Block / Notify) - References: - Common Vulnerabilities and Exposures: CVE-2019-7142 35266: HTTP: Oracle Java Font Parsing sc_FindExtrema4 Memory Corruption Vulnerability - IPS Version: 3.6.2 and after. - NGFW Version: 1.0.0 and after. - TPS Version: 4.0.0 and after. - vTPS Version: 4.0.1 and after. - Category: Exploits - Severity: Critical - Description: This filter detects an attempt to exploit a memory corruption vulnerability in Oracle Java. - Deployments: - Deployment: Security-Optimized (Block / Notify) - References: - Common Vulnerabilities and Exposures: CVE-2019-2697 35267: HTTP: Oracle Java Font Parsing GlyphIterator Memory Corruption Vulnerability - IPS Version: 3.6.2 and after. - NGFW Version: 1.0.0 and after. - TPS Version: 4.0.0 and after. - vTPS Version: 4.0.1 and after. - Category: Exploits - Severity: Critical - Description: This filter detects an attempt to exploit a memory corruption vulnerability in Oracle Java. - Deployments: - Deployment: Security-Optimized (Block / Notify) - References: - Common Vulnerabilities and Exposures: CVE-2019-2698 35268: HTTP: Adobe Acrobat Reader Out-of-Bounds Read Vulnerability - IPS Version: 3.6.2 and after. - NGFW Version: 1.0.0 and after. - TPS Version: 4.0.0 and after. - vTPS Version: 4.0.1 and after. - Category: Exploits - Severity: High - Description: This filter detects an attempt to exploit an out-of-bounds read vulnerability in Adobe Acrobat Reader. - Deployments: - Deployment: Security-Optimized (Block / Notify) - References: - Common Vulnerabilities and Exposures: CVE-2019-7813 35272: ZDI-CAN-8516: Zero Day Initiative Vulnerability (Adobe Photoshop) - IPS Version: 3.6.2 and after. - NGFW Version: 1.0.0 and after. - TPS Version: 4.0.0 and after. - vTPS Version: Not available. - Requires: N/NX-Platform, NGFW, or TPS devices - Category: Exploits - Severity: Critical - Description: This filter provides protection against exploitation of a zero-day vulnerability affecting Adobe Photoshop. - Deployments: - Deployment: Security-Optimized (Block / Notify) 35273: ZDI-CAN-8519: Zero Day Initiative Vulnerability (Adobe Photoshop) - IPS Version: 3.6.2 and after. - NGFW Version: 1.0.0 and after. - TPS Version: 4.0.0 and after. - vTPS Version: Not available. - Requires: N/NX-Platform, NGFW, or TPS devices - Category: Exploits - Severity: Critical - Description: This filter provides protection against exploitation of a zero-day vulnerability affecting Adobe Photoshop. - Deployments: - Deployment: Security-Optimized (Block / Notify) 35274: ZDI-CAN-8520: Zero Day Initiative Vulnerability (Adobe Photoshop) - IPS Version: 3.6.2 and after. - NGFW Version: 1.0.0 and after. - TPS Version: 4.0.0 and after. - vTPS Version: Not available. - Requires: N/NX-Platform, NGFW, or TPS devices - Category: Exploits - Severity: Critical - Description: This filter provides protection against exploitation of a zero-day vulnerability affecting Adobe Photoshop. - Deployments: - Deployment: Security-Optimized (Block / Notify) 35275: ZDI-CAN-8521: Zero Day Initiative Vulnerability (Adobe Photoshop) - IPS Version: 3.6.2 and after. - NGFW Version: 1.0.0 and after. - TPS Version: 4.0.0 and after. - vTPS Version: Not available. - Requires: N/NX-Platform, NGFW, or TPS devices - Category: Exploits - Severity: Critical - Description: This filter provides protection against exploitation of a zero-day vulnerability affecting Adobe Photoshop. - Deployments: - Deployment: Security-Optimized (Block / Notify) 35276: ZDI-CAN-8522: Zero Day Initiative Vulnerability (Adobe Photoshop) - IPS Version: 3.6.2 and after. - NGFW Version: 1.0.0 and after. - TPS Version: 4.0.0 and after. - vTPS Version: Not available. - Requires: N/NX-Platform, NGFW, or TPS devices - Category: Exploits - Severity: Critical - Description: This filter provides protection against exploitation of a zero-day vulnerability affecting Adobe Photoshop. - Deployments: - Deployment: Security-Optimized (Block / Notify) Modified Filters (logic changes): * = Enabled in Default deployments * 3691: HTTP: Authorization Header Buffer Overflow - IPS Version: 1.0.0 and after. - NGFW Version: 1.0.0 and after. - TPS Version: 4.0.0 and after. - vTPS Version: 4.0.1 and after. - Description updated. - Detection logic updated. 19806: HTTP: Magento Forwarded Parameter Usage - IPS Version: 3.1.3 and after. - NGFW Version: 1.0.0 and after. - TPS Version: 4.0.0 and after. - vTPS Version: 4.0.1 and after. - Description updated. - Detection logic updated. - Vulnerability references updated. 22622: HTTP: ThinkPHP Framework Code Injection Vulnerability - IPS Version: 3.1.3 and after. - NGFW Version: 1.0.0 and after. - TPS Version: 4.0.0 and after. - vTPS Version: 4.0.1 and after. - Detection logic updated. 29718: SMB: NTLMv2 Authentication Request - IPS Version: 3.1.3 and after. - NGFW Version: 1.0.0 and after. - TPS Version: 4.0.0 and after. - vTPS Version: 4.0.1 and after. - Description updated. - Detection logic updated. 33373: HTTP: LAquis SCADA Web Server relatorioindividual TAG Command Injection Vulnerability (ZDI-19-059) - IPS Version: 3.6.2 and after. - NGFW Version: 1.0.0 and after. - TPS Version: 4.0.0 and after. - vTPS Version: 4.0.1 and after. - Detection logic updated. - Vulnerability references updated. 33619: HTTP: Cisco Webex Teams Cisco URI Handler Memory Corruption Vulnerability (ZDI-19-129) - IPS Version: 3.6.2 and after. - NGFW Version: 1.0.0 and after. - TPS Version: 4.0.0 and after. - vTPS Version: 4.0.1 and after. - Name changed from "33619: HTTP: Cisco Webex Teams Cisco Spark URI Handler Memory Corruption Vulnerability (ZDI-19-129)". - Description updated. - Detection logic updated. - Vulnerability references updated. 34085: HTTP: Adobe Acrobat Reader PostScript JPEG Parsing Out-of-Bounds Read Vulnerability (ZDI-19-478) - IPS Version: 3.6.2 and after. - NGFW Version: 1.0.0 and after. - TPS Version: 4.0.0 and after. - vTPS Version: 4.0.1 and after. - Name changed from "34085: ZDI-CAN-7774: Zero Day Initiative Vulnerability (Adobe Acrobat Pro DC)". - Severity changed from "Critical" to "High". - Description updated. - Detection logic updated. - Vulnerability references updated. 34086: HTTP: Adobe Acrobat Reader PostScript JPEG Parsing Out-of-Bounds Read Vulnerability (ZDI-19-479) - IPS Version: 3.6.2 and after. - NGFW Version: 1.0.0 and after. - TPS Version: 4.0.0 and after. - vTPS Version: 4.0.1 and after. - Name changed from "34086: ZDI-CAN-7775: Zero Day Initiative Vulnerability (Adobe Acrobat Pro DC)". - Severity changed from "Critical" to "High". - Description updated. - Detection logic updated. - Vulnerability references updated. 34359: SMB: Microsoft Windows SMB Server SMBv2 Buffer Overflow Vulnerability - IPS Version: 3.6.2 and after. - NGFW Version: 1.0.0 and after. - TPS Version: 4.0.0 and after. - vTPS Version: 4.0.1 and after. - Name changed from "34359: SMB: Microsoft SMB Buffer Overflow Vulnerability". - Description updated. - Detection logic updated. - Vulnerability references updated. * 34569: HTTP: Adobe Acrobat Reader Font Parsing Out-of-Bounds Read Vulnerability (ZDI-19-480) - IPS Version: 3.6.2 and after. - NGFW Version: 1.0.0 and after. - TPS Version: 4.0.0 and after. - vTPS Version: 4.0.1 and after. - Name changed from "34569: ZDI-CAN-7676: Zero Day Initiative Vulnerability (Adobe Acrobat Pro DC)". - Severity changed from "Critical" to "High". - Description updated. - Detection logic updated. - Vulnerability references updated. 34570: HTTP: Adobe Acrobat Reader PostScript File Parsing Out-of-Bounds Read Vulnerability (ZDI-19-481) - IPS Version: 3.6.2 and after. - NGFW Version: 1.0.0 and after. - TPS Version: 4.0.0 and after. - vTPS Version: 4.0.1 and after. - Name changed from "34570: ZDI-CAN-7748: Zero Day Initiative Vulnerability (Adobe Acrobat Pro DC)". - Severity changed from "Critical" to "High". - Description updated. - Detection logic updated. - Vulnerability references updated. 34571: HTTP: Adobe Acrobat Reader HTML2PDF HTML Parsing Out-of-Bounds Read Vulnerability (ZDI-19-482) - IPS Version: 3.6.2 and after. - NGFW Version: 1.0.0 and after. - TPS Version: 4.0.0 and after. - vTPS Version: 4.0.1 and after. - Name changed from "34571: ZDI-CAN-7680: Zero Day Initiative Vulnerability (Adobe Acrobat Pro DC)". - Severity changed from "Critical" to "High". - Description updated. - Detection logic updated. - Vulnerability references updated. 34572: HTTP: Adobe Acrobat Reader AcroForm XFA Parsing Use-After-Free Vulnerability (ZDI-19-483) - IPS Version: 3.6.2 and after. - NGFW Version: 1.0.0 and after. - TPS Version: 4.0.0 and after. - vTPS Version: 4.0.1 and after. - Name changed from "34572: ZDI-CAN-7684: Zero Day Initiative Vulnerability (Adobe Acrobat Pro DC)". - Description updated. - Detection logic updated. - Vulnerability references updated. 34574: HTTP: Adobe Acrobat Reader AcroForm XFA removeInstance Use-After-Free Vulnerability (ZDI-19-484) - IPS Version: 3.6.2 and after. - NGFW Version: 1.0.0 and after. - TPS Version: 4.0.0 and after. - vTPS Version: 4.0.1 and after. - Name changed from "34574: ZDI-CAN-7917: Zero Day Initiative Vulnerability (Adobe Acrobat Pro DC)". - Description updated. - Detection logic updated. - Vulnerability references updated. 34576: HTTP: Adobe Acrobat Reader PostScript File Parsing Out-of-Bounds Read Vulnerability (ZDI-19-485) - IPS Version: 3.6.2 and after. - NGFW Version: 1.0.0 and after. - TPS Version: 4.0.0 and after. - vTPS Version: 4.0.1 and after. - Name changed from "34576: ZDI-CAN-7938: Zero Day Initiative Vulnerability (Adobe Acrobat Pro DC)". - Severity changed from "Critical" to "High". - Description updated. - Detection logic updated. - Vulnerability references updated. 34785: ZDI-CAN-8149: Zero Day Initiative Vulnerability (Microsoft Windows) - IPS Version: 3.6.2 and after. - NGFW Version: 1.0.0 and after. - TPS Version: 4.0.0 and after. - vTPS Version: 4.0.1 and after. - Requires: N/NX-Platform, NGFW, or TPS devices - Detection logic updated. * 34822: HTTP: Adobe Acrobat Pro DC HTML2PDF HTML Parsing Use-After-Free Vulnerability (ZDI-19-496) - IPS Version: 3.6.2 and after. - NGFW Version: 1.0.0 and after. - TPS Version: 4.0.0 and after. - vTPS Version: 4.0.1 and after. - Name changed from "34822: ZDI-CAN-8125: Zero Day Initiative Vulnerability (Adobe Acrobat Pro DC)". - Description updated. - Detection logic updated. - Vulnerability references updated. 34825: HTTP: Adobe Acrobat Reader JPEG File Parsing Out-of-Bounds Read Vulnerability (ZDI-19-493) - IPS Version: 3.6.2 and after. - NGFW Version: 1.0.0 and after. - TPS Version: 4.0.0 and after. - vTPS Version: 4.0.1 and after. - Name changed from "34825: ZDI-CAN-8019: Zero Day Initiative Vulnerability (Adobe Acrobat Pro DC)". - Severity changed from "Critical" to "High". - Description updated. - Detection logic updated. - Vulnerability references updated. - Deployments updated and are now: - Deployment: Security-Optimized (Block / Notify) * 34827: HTTP: Adobe Flash PSDK Use-After-Free Vulnerability (ZDI-19-498) - IPS Version: 3.6.2 and after. - NGFW Version: 1.0.0 and after. - TPS Version: 4.0.0 and after. - vTPS Version: 4.0.1 and after. - Name changed from "34827: ZDI-CAN-8279: Zero Day Initiative Vulnerability (Adobe Flash)". - Description updated. - Detection logic updated. - Vulnerability references updated. 34829: HTTP: Adobe Acrobat Pro DC JPEG File Parsing Out-of-Bounds Read (ZDI-19-499) - IPS Version: 3.6.2 and after. - NGFW Version: 1.0.0 and after. - TPS Version: 4.0.0 and after. - vTPS Version: 4.0.1 and after. - Name changed from "34829: ZDI-CAN-8021: Zero Day Initiative Vulnerability (Adobe Acrobat Pro DC)". - Severity changed from "Critical" to "High". - Description updated. - Detection logic updated. - Vulnerability references updated. - Deployments updated and are now: - Deployment: Security-Optimized (Block / Notify) * 34830: HTTP: Adobe Acrobat Reader DC removeField Use-After-Free Vulnerability (ZDI-19-500) - IPS Version: 3.6.2 and after. - NGFW Version: 1.0.0 and after. - TPS Version: 4.0.0 and after. - vTPS Version: 4.0.1 and after. - Name changed from "34830: ZDI-CAN-8180: Zero Day Initiative Vulnerability (Adobe Reader DC)". - Description updated. - Detection logic updated. - Vulnerability references updated. 34906: HTTP: Adobe Acrobat Reader DC EScript Information Disclosure Vulnerability (ZDI-19-507) - IPS Version: 3.6.2 and after. - NGFW Version: 1.0.0 and after. - TPS Version: 4.0.0 and after. - vTPS Version: 4.0.1 and after. - Name changed from "34906: ZDI-CAN-8341: Zero Day Initiative Vulnerability (Adobe Reader DC)". - Severity changed from "Critical" to "High". - Description updated. - Detection logic updated. - Vulnerability references updated. * 34917: HTTP: Adobe Acrobat Pro DC XFA Use-After-Free Vulnerability (ZDI-19-490) - IPS Version: 3.6.2 and after. - NGFW Version: 1.0.0 and after. - TPS Version: 4.0.0 and after. - vTPS Version: 4.0.1 and after. - Name changed from "34917: ZDI-CAN-7787: Zero Day Initiative Vulnerability (Adobe Acrobat Pro DC)". - Description updated. - Detection logic updated. - Vulnerability references updated. * 34918: HTTP: Adobe Acrobat Pro DC XDA Form Parsing Use-After-Free Vulnerability (ZDI-19-501) - IPS Version: 3.6.2 and after. - NGFW Version: 1.0.0 and after. - TPS Version: 4.0.0 and after. - vTPS Version: 4.0.1 and after. - Name changed from "34918: ZDI-CAN-7858: Zero Day Initiative Vulnerability (Adobe Acrobat Pro DC)". - Description updated. - Detection logic updated. - Vulnerability references updated. * 34919: HTTP: Adobe Acrobat Pro DC JavaScript Annotations Use-After-Free Vulnerability (ZDI-19-502) - IPS Version: 3.6.2 and after. - NGFW Version: 1.0.0 and after. - TPS Version: 4.0.0 and after. - vTPS Version: 4.0.1 and after. - Name changed from "34919: ZDI-CAN-7939: Zero Day Initiative Vulnerability (Adobe Acrobat Pro DC)". - Description updated. - Detection logic updated. - Vulnerability references updated. * 34920: HTTP: Adobe Acrobat Pro DC PostScript File Parsing Out-Of-Bounds Write Vulnerability (ZDI-19-503) - IPS Version: 3.6.2 and after. - NGFW Version: 1.0.0 and after. - TPS Version: 4.0.0 and after. - vTPS Version: 4.0.1 and after. - Name changed from "34920: ZDI-CAN-8228: Zero Day Initiative Vulnerability (Adobe Acrobat Pro DC)". - Description updated. - Detection logic updated. - Vulnerability references updated. * 34921: HTTP: Adobe Acrobat Pro DC Use-After-Free Vulnerability (ZDI-19-505) - IPS Version: 3.6.2 and after. - NGFW Version: 1.0.0 and after. - TPS Version: 4.0.0 and after. - vTPS Version: 4.0.1 and after. - Name changed from "34921: ZDI-CAN-8265: Zero Day Initiative Vulnerability (Adobe Acrobat Pro DC)". - Description updated. - Detection logic updated. - Vulnerability references updated. 34953: HTTP: Adobe Acrobat Pro DC XFA Template Type Confusion Vulnerability (ZDI-19-504) - IPS Version: 3.6.2 and after. - NGFW Version: 1.0.0 and after. - TPS Version: 4.0.0 and after. - vTPS Version: 4.0.1 and after. - Name changed from "34953: ZDI-CAN-8293: Zero Day Initiative Vulnerability (Adobe Acrobat Pro DC)". - Description updated. - Detection logic updated. - Vulnerability references updated. 34986: HTTP: Adobe Acrobat Pro DC JOBOPTIONS Buffer Overflow Vulnerability (ZDI-19-508) - IPS Version: 3.6.2 and after. - NGFW Version: 1.0.0 and after. - TPS Version: 4.0.0 and after. - vTPS Version: 4.0.1 and after. - Name changed from "34986: ZDI-CAN-8104: Zero Day Initiative Vulnerability (Adobe Acrobat Pro DC)". - Description updated. - Detection logic updated. - Vulnerability references updated. 34987: HTTP: Adobe Acrobat Pro DC PostScript File Parsing Out-Of-Bounds Write Vulnerability (ZDI-19-509) - IPS Version: 3.6.2 and after. - NGFW Version: 1.0.0 and after. - TPS Version: 4.0.0 and after. - vTPS Version: 4.0.1 and after. - Name changed from "34987: ZDI-CAN-8266: Zero Day Initiative Vulnerability (Adobe Acrobat Pro DC)". - Description updated. - Detection logic updated. - Vulnerability references updated. 34988: HTTP: Adobe Acrobat Pro DC XFA Template Out-Of-Bounds Read Vulnerability (ZDI-19-510) - IPS Version: 3.6.2 and after. - NGFW Version: 1.0.0 and after. - TPS Version: 4.0.0 and after. - vTPS Version: 4.0.1 and after. - Name changed from "34988: ZDI-CAN-8348: Zero Day Initiative Vulnerability (Adobe Acrobat Pro DC)". - Severity changed from "Critical" to "High". - Description updated. - Detection logic updated. - Vulnerability references updated. 34989: HTTP: Adobe Acrobat Pro DC ASCII85Decode Buffer Overflow Vulnerability (ZDI-19-512) - IPS Version: 3.6.2 and after. - NGFW Version: 1.0.0 and after. - TPS Version: 4.0.0 and after. - vTPS Version: 4.0.1 and after. - Name changed from "34989: ZDI-CAN-8419: Zero Day Initiative Vulnerability (Adobe Acrobat Pro DC)". - Description updated. - Detection logic updated. - Vulnerability references updated. * 34997: HTTP: Adobe Acrobat Pro DC imageDistiller Buffer Overflow Vulnerability (ZDI-19-513) - IPS Version: 3.6.2 and after. - NGFW Version: 1.0.0 and after. - TPS Version: 4.0.0 and after. - vTPS Version: 4.0.1 and after. - Name changed from "34997: ZDI-CAN-8421: Zero Day Initiative Vulnerability (Adobe Acrobat Pro DC)". - Description updated. - Detection logic updated. - Vulnerability references updated. * 34998: HTTP: Adobe Acrobat Pro DC JavaScript Annotation Object Use-After-Free Vulnerability (ZDI-19-514) - IPS Version: 3.6.2 and after. - NGFW Version: 1.0.0 and after. - TPS Version: 4.0.0 and after. - vTPS Version: 4.0.1 and after. - Name changed from "34998: ZDI-CAN-8437: Zero Day Initiative Vulnerability (Adobe Acrobat Pro DC)". - Description updated. - Detection logic updated. - Vulnerability references updated. 35034: HTTP: Centreon Enterprise Server SQL Injection Vulnerability - IPS Version: 3.6.2 and after. - NGFW Version: 1.0.0 and after. - TPS Version: 4.0.0 and after. - vTPS Version: 4.0.1 and after. - Detection logic updated. 35059: HTTP: Adobe Acrobat Pro DC PostScript File Parsing Out-Of-Bounds Read Vulnerability (ZDI-19-486) - IPS Version: 3.6.2 and after. - NGFW Version: 1.0.0 and after. - TPS Version: 4.0.0 and after. - vTPS Version: 4.0.1 and after. - Name changed from "35059: ZDI-CAN-7896: Zero Day Initiative Vulnerability (Adobe Acrobat Pro DC)". - Severity changed from "Critical" to "High". - Description updated. - Detection logic updated. - Vulnerability references updated. 35065: HTTP: Atlassian Confluence Server Widget Connector Template Injection Vulnerability - IPS Version: 3.6.2 and after. - NGFW Version: 1.0.0 and after. - TPS Version: 4.0.0 and after. - vTPS Version: 4.0.1 and after. - Name changed from "35065: HTTP: Confluence Widget Connector Vulnerability". - Description updated. - Detection logic updated. - Vulnerability references updated. * 35157: HTTP: Google Chrome V8 Array IndexOf Type Confusion Vulnerability - IPS Version: 3.6.2 and after. - NGFW Version: 1.0.0 and after. - TPS Version: 4.0.0 and after. - vTPS Version: 4.0.1 and after. - Category changed from "Exploits" to "Vulnerabilities". - Description updated. - Detection logic updated. Modified Filters (metadata changes only): * = Enabled in Default deployments 32071: HTTP: JavaScript Obfuscation (jjencode) - IPS Version: 3.6.2 and after. - NGFW Version: 1.0.0 and after. - TPS Version: 4.0.0 and after. - vTPS Version: 4.0.1 and after. - Name changed from "32071: HTTP: Javascript Obfuscation (jjencode) ". 35141: DHCPv6: dhcpcd DHCPv6 dhcp6_findna Buffer Overflow Vulnerability - IPS Version: 3.6.2 and after. - NGFW Version: 1.0.0 and after. - TPS Version: 4.0.0 and after. - vTPS Version: 4.0.1 and after. - Description updated. Removed Filters: NoneTop of the Page