Sign In with your
Trend Micro Account
Need Help?
Need More Help?

Create a technical support case if you need further support.

Digital Vaccine #9288

    • Updated:
    • 4 Jun 2019
    • Product/Version:
    • TippingPoint Digital Vaccine
    • Platform:
Summary
Digital Vaccine #9288      June 4, 2019
Details
Public
Thank you for subscribing to Digital Vaccine updates brought to you by Trend Micro™ TippingPoint DVLabs.

New content is now available at the Threat Management Center (TMC): https://tmc.tippingpoint.com.

SMS customers can update the Digital Vaccine through the SMS client. From the top line menu, you can open the "File > Download Digital Vaccine from TMC" menu item to detect and load the latest update.
 
System Requirements
The 3.2.0 DV will run on IPS devices with TOS v3.2.0 and above,  all NGFW and all TPS systems. The 4.0.0 DV will only run on the Virtual Threat Protection System (vTPS) appliance. Please note that vTPS does not currently support pre-disclosed ZDI filters.
 
The Digital Vaccine can be manually downloaded from the following URLs:
https://tmc.tippingpoint.com/TMC/ViewPackage?parentFolderId=digital_vaccines&contentId=SIG_3.2.0_9288.pkg
https://tmc.tippingpoint.com/TMC/ViewPackage?parentFolderId=vsa_dv&contentId=SIG_VTPS_4.0.0_9288.pkg

Update Details

Table of Contents
--------------------------

Filters
 New Filters - 46
 Modified Filters (logic changes) - 17
 Modified Filters (metadata changes only) - 3
 Removed Filters - 0

Filters
----------------
 New Filters:
    35291: RPC: Advantech WebAccess Node webvrpcs uninstallwa Denial-of-Service Vulnerability (ZDI-19-331)
      - IPS Version: 3.6.2 and after.
      - NGFW Version: 1.0.0 and after.
      - TPS Version: 4.0.0 and after.
      - vTPS Version: 4.0.1 and after.
      - Category: Vulnerabilities
      - Severity: Critical
      - Description: This filter detects an attempt to exploit a denial-of-service vulnerability in Advantech WebAccess.
      - Deployments:
        - Deployment: Security-Optimized (Block / Notify)
      - References:
        - Bugtraq ID: 107675
        - Common Vulnerabilities and Exposures: CVE-2019-6554 CVSS 5.0
        - Zero Day Initiative: ZDI-19-331

    35308: ZDI-CAN-8245: Zero Day Initiative Vulnerability (Red Lion Crimson)
      - IPS Version: 3.6.2 and after.
      - NGFW Version: 1.0.0 and after.
      - TPS Version: 4.0.0 and after.
      - vTPS Version: Not available.
      - Requires: N/NX-Platform, NGFW, or TPS devices
      - Category: Exploits
      - Severity: Critical
      - Description: This filter provides protection against exploitation of a zero-day vulnerability affecting Red Lion Crimson.
      - Deployments:
        - Deployment: Security-Optimized (Block / Notify)

    35316: HTTP: Sierra Wireless Airlink ACEManager iplogging.cgi Command Injection Vulnerability
      - IPS Version: 3.6.2 and after.
      - NGFW Version: 1.0.0 and after.
      - TPS Version: 4.0.0 and after.
      - vTPS Version: 4.0.1 and after.
      - Category: Vulnerabilities
      - Severity: Critical
      - Description: This filter detects an attempt to exploit a command injection vulnerability in Sierra Wireless Airlink wireless router.
      - Deployments:
        - Deployment: Security-Optimized (Block / Notify)
      - References:
        - Bugtraq ID: 108147
        - Common Vulnerabilities and Exposures: CVE-2018-4061

    35317: HTTP: Sierra Wireless Airlink ACEManager upload.cgi File Upload Vulnerability
      - IPS Version: 3.6.2 and after.
      - NGFW Version: 1.0.0 and after.
      - TPS Version: 4.0.0 and after.
      - vTPS Version: 4.0.1 and after.
      - Category: Vulnerabilities
      - Severity: Critical
      - Description: This filter detects an attempt to exploit an unrestricted file upload vulnerability in Sierra Wireless Airlink wireless router.
      - Deployments:
        - Deployment: Default (Block / Notify)
        - Deployment: Performance-Optimized (Disabled)
      - References:
        - Bugtraq ID: 108147
        - Common Vulnerabilities and Exposures: CVE-2018-4063

    35318: HTTP: Sierra Wireless Airlink ACEManager Authentication Request
      - IPS Version: 3.6.2 and after.
      - NGFW Version: 1.0.0 and after.
      - TPS Version: 4.0.0 and after.
      - vTPS Version: 4.0.1 and after.
      - Category: Security Policy
      - Severity: Moderate
      - Description: This filter detects an authentication request in Sierra Wireless Airlink wireless router.
      - Deployment: Not enabled by default in any deployment.
      - References:
        - Bugtraq ID: 108147
        - Common Vulnerabilities and Exposures: CVE-2018-4069

    35327: ZDI-CAN-8282: Zero Day Initiative Vulnerability (Delta Industrial Automation DOPSoft)
      - IPS Version: 3.6.2 and after.
      - NGFW Version: 1.0.0 and after.
      - TPS Version: 4.0.0 and after.
      - vTPS Version: Not available.
      - Requires: N/NX-Platform, NGFW, or TPS devices
      - Category: Exploits
      - Severity: Critical
      - Description: This filter provides protection against exploitation of a zero-day vulnerability affecting Delta Industrial Automation DOPSoft.
      - Deployments:
        - Deployment: Security-Optimized (Block / Notify)

    35328: ZDI-CAN-8290: Zero Day Initiative Vulnerability (Microsoft JET Database)
      - IPS Version: 3.6.2 and after.
      - NGFW Version: 1.0.0 and after.
      - TPS Version: 4.0.0 and after.
      - vTPS Version: Not available.
      - Requires: N/NX-Platform, NGFW, or TPS devices
      - Category: Exploits
      - Severity: Critical
      - Description: This filter provides protection against exploitation of a zero-day vulnerability affecting Microsoft JET Database.
      - Deployments:
        - Deployment: Security-Optimized (Block / Notify)

    35329: ZDI-CAN-8300: Zero Day Initiative Vulnerability (Red Lion Crimson)
      - IPS Version: 3.6.2 and after.
      - NGFW Version: 1.0.0 and after.
      - TPS Version: 4.0.0 and after.
      - vTPS Version: Not available.
      - Requires: N/NX-Platform, NGFW, or TPS devices
      - Category: Exploits
      - Severity: Critical
      - Description: This filter provides protection against exploitation of a zero-day vulnerability affecting Red Lion Crimson.
      - Deployments:
        - Deployment: Security-Optimized (Block / Notify)

    35331: ZDI-CAN-8301: Zero Day Initiative Vulnerability (Red Lion Crimson)
      - IPS Version: 3.6.2 and after.
      - NGFW Version: 1.0.0 and after.
      - TPS Version: 4.0.0 and after.
      - vTPS Version: Not available.
      - Requires: N/NX-Platform, NGFW, or TPS devices
      - Category: Exploits
      - Severity: Critical
      - Description: This filter provides protection against exploitation of a zero-day vulnerability affecting Red Lion Crimson.
      - Deployments:
        - Deployment: Security-Optimized (Block / Notify)

    35332: ZDI-CAN-8302: Zero Day Initiative Vulnerability (Red Lion Crimson)
      - IPS Version: 3.6.2 and after.
      - NGFW Version: 1.0.0 and after.
      - TPS Version: 4.0.0 and after.
      - vTPS Version: Not available.
      - Requires: N/NX-Platform, NGFW, or TPS devices
      - Category: Exploits
      - Severity: Critical
      - Description: This filter provides protection against exploitation of a zero-day vulnerability affecting Red Lion Crimson.
      - Deployments:
        - Deployment: Security-Optimized (Block / Notify)

    35333: ZDI-CAN-8305: Zero Day Initiative Vulnerability (Red Lion Crimson)
      - IPS Version: 3.6.2 and after.
      - NGFW Version: 1.0.0 and after.
      - TPS Version: 4.0.0 and after.
      - vTPS Version: Not available.
      - Requires: N/NX-Platform, NGFW, or TPS devices
      - Category: Exploits
      - Severity: Critical
      - Description: This filter provides protection against exploitation of a zero-day vulnerability affecting Red Lion Crimson.
      - Deployments:
        - Deployment: Security-Optimized (Block / Notify)

    35334: ZDI-CAN-8307: Zero Day Initiative Vulnerability (Red Lion Crimson)
      - IPS Version: 3.6.2 and after.
      - NGFW Version: 1.0.0 and after.
      - TPS Version: 4.0.0 and after.
      - vTPS Version: Not available.
      - Requires: N/NX-Platform, NGFW, or TPS devices
      - Category: Exploits
      - Severity: Critical
      - Description: This filter provides protection against exploitation of a zero-day vulnerability affecting Red Lion Crimson.
      - Deployments:
        - Deployment: Security-Optimized (Block / Notify)

    35335: ZDI-CAN-8332: Zero Day Initiative Vulnerability (Microsoft Windows)
      - IPS Version: 3.6.2 and after.
      - NGFW Version: 1.0.0 and after.
      - TPS Version: 4.0.0 and after.
      - vTPS Version: Not available.
      - Requires: N/NX-Platform, NGFW, or TPS devices
      - Category: Exploits
      - Severity: Critical
      - Description: This filter provides protection against exploitation of a zero-day vulnerability affecting Microsoft Windows.
      - Deployments:
        - Deployment: Default (Block / Notify / Trace)
        - Deployment: Performance-Optimized (Disabled)

    35336: HTTP: Microsoft Office MSO.dll Information Disclosure Vulnerability
      - IPS Version: 3.6.2 and after.
      - NGFW Version: 1.0.0 and after.
      - TPS Version: 4.0.0 and after.
      - vTPS Version: 4.0.1 and after.
      - Category: Exploits
      - Severity: High
      - Description: This filter detects an attempt to exploit an information disclosure vulnerability in Microsoft Office.
      - Deployments:
        - Deployment: Security-Optimized (Block / Notify)
      - References:
        - Bugtraq ID: 106398
        - Common Vulnerabilities and Exposures: CVE-2019-0560 CVSS 4.3

    35337: HTTP: Adobe Flash Zlib Codec Buffer Overflow Vulnerability (Upload)
      - IPS Version: 3.6.2 and after.
      - NGFW Version: 1.0.0 and after.
      - TPS Version: 4.0.0 and after.
      - vTPS Version: 4.0.1 and after.
      - Category: Exploits
      - Severity: Critical
      - Description: This filter detects an attempt to exploit a buffer overflow vulnerability in Adobe Flash.
      - Deployments:
        - Deployment: Security-Optimized (Block / Notify)
      - References:
        - Common Vulnerabilities and Exposures: CVE-2016-1001

    35338: HTTP: WordPress Ninja Forms Plugin Code Execution Vulnerability
      - IPS Version: 3.6.2 and after.
      - NGFW Version: 1.0.0 and after.
      - TPS Version: 4.0.0 and after.
      - vTPS Version: 4.0.1 and after.
      - Category: Vulnerabilities
      - Severity: Critical
      - Description: This filter detects an attempt to exploit a code execution vulnerability in WordPress Ninja Forms plugin.
      - Deployments:
        - Deployment: Security-Optimized (Block / Notify)
      - References:
        - Common Vulnerabilities and Exposures: CVE-2019-10869 CVSS 6.8

    35339: RPC: Advantech WebAccess Node BwSyncLg Buffer Overflow Vulnerability (ZDI-19-318)
      - IPS Version: 3.6.2 and after.
      - NGFW Version: 1.0.0 and after.
      - TPS Version: 4.0.0 and after.
      - vTPS Version: 4.0.1 and after.
      - Category: Vulnerabilities
      - Severity: Critical
      - Description: This filter detects an attempt to exploit a buffer overflow vulnerability in Advantech WebAccess.
      - Deployments:
        - Deployment: Security-Optimized (Block / Notify)
      - References:
        - Bugtraq ID: 107675
        - Common Vulnerabilities and Exposures: CVE-2019-6550 CVSS 7.5
        - Zero Day Initiative: ZDI-19-318

    35340: RPC: Advantech WebAccess Node bwmakdir Buffer Overflow Vulnerability (ZDI-19-320)
      - IPS Version: 3.6.2 and after.
      - NGFW Version: 1.0.0 and after.
      - TPS Version: 4.0.0 and after.
      - vTPS Version: 4.0.1 and after.
      - Category: Vulnerabilities
      - Severity: Critical
      - Description: This filter detects an attempt to exploit a buffer overflow vulnerability in Advantech WebAccess.
      - Deployments:
        - Deployment: Security-Optimized (Block / Notify)
      - References:
        - Bugtraq ID: 107675
        - Common Vulnerabilities and Exposures: CVE-2019-6550 CVSS 7.5
        - Zero Day Initiative: ZDI-19-320

    35341: RPC: Advantech WebAccess Client upandpr sprintf Buffer Overflow Vulnerability (ZDI-19-329)
      - IPS Version: 3.6.2 and after.
      - NGFW Version: 1.0.0 and after.
      - TPS Version: 4.0.0 and after.
      - vTPS Version: 4.0.1 and after.
      - Category: Vulnerabilities
      - Severity: Critical
      - Description: This filter detects an attempt to exploit a buffer overflow vulnerability in Advantech WebAccess.
      - Deployments:
        - Deployment: Security-Optimized (Block / Notify)
      - References:
        - Common Vulnerabilities and Exposures: CVE-2019-6550 CVSS 7.5
        - Zero Day Initiative: ZDI-19-329

    35346: ZDI-CAN-8310: Zero Day Initiative Vulnerability (Red Lion Crimson)
      - IPS Version: 3.6.2 and after.
      - NGFW Version: 1.0.0 and after.
      - TPS Version: 4.0.0 and after.
      - vTPS Version: Not available.
      - Requires: N/NX-Platform, NGFW, or TPS devices
      - Category: Exploits
      - Severity: Critical
      - Description: This filter provides protection against exploitation of a zero-day vulnerability affecting Red Lion Crimson.
      - Deployments:
        - Deployment: Security-Optimized (Block / Notify)

    35347: ZDI-CAN-8500: Zero Day Initiative Vulnerability (Adobe Photoshop)
      - IPS Version: 3.6.2 and after.
      - NGFW Version: 1.0.0 and after.
      - TPS Version: 4.0.0 and after.
      - vTPS Version: Not available.
      - Requires: N/NX-Platform, NGFW, or TPS devices
      - Category: Exploits
      - Severity: Critical
      - Description: This filter provides protection against exploitation of a zero-day vulnerability affecting Adobe Photoshop.
      - Deployments:
        - Deployment: Security-Optimized (Block / Notify)

    35348: ZDI-CAN-8501: Zero Day Initiative Vulnerability (Adobe Photoshop)
      - IPS Version: 3.6.2 and after.
      - NGFW Version: 1.0.0 and after.
      - TPS Version: 4.0.0 and after.
      - vTPS Version: Not available.
      - Requires: N/NX-Platform, NGFW, or TPS devices
      - Category: Exploits
      - Severity: Critical
      - Description: This filter provides protection against exploitation of a zero-day vulnerability affecting Adobe Photoshop.
      - Deployments:
        - Deployment: Security-Optimized (Block / Notify)

    35349: ZDI-CAN-8502: Zero Day Initiative Vulnerability (Adobe Photoshop)
      - IPS Version: 3.6.2 and after.
      - NGFW Version: 1.0.0 and after.
      - TPS Version: 4.0.0 and after.
      - vTPS Version: Not available.
      - Requires: N/NX-Platform, NGFW, or TPS devices
      - Category: Exploits
      - Severity: Critical
      - Description: This filter provides protection against exploitation of a zero-day vulnerability affecting Adobe Photoshop.
      - Deployments:
        - Deployment: Security-Optimized (Block / Notify)

    35350: ZDI-CAN-8337: Zero Day Initiative Vulnerability (Microsoft JET Database)
      - IPS Version: 3.6.2 and after.
      - NGFW Version: 1.0.0 and after.
      - TPS Version: 4.0.0 and after.
      - vTPS Version: Not available.
      - Requires: N/NX-Platform, NGFW, or TPS devices
      - Category: Exploits
      - Severity: Critical
      - Description: This filter provides protection against exploitation of a zero-day vulnerability affecting Microsoft JET Database.
      - Deployments:
        - Deployment: Security-Optimized (Block / Notify)

    35351: ZDI-CAN-8503: Zero Day Initiative Vulnerability (Adobe Photoshop)
      - IPS Version: 3.6.2 and after.
      - NGFW Version: 1.0.0 and after.
      - TPS Version: 4.0.0 and after.
      - vTPS Version: Not available.
      - Requires: N/NX-Platform, NGFW, or TPS devices
      - Category: Exploits
      - Severity: Critical
      - Description: This filter provides protection against exploitation of a zero-day vulnerability affecting Adobe Photoshop.
      - Deployments:
        - Deployment: Security-Optimized (Block / Notify)

    35352: ZDI-CAN-8504: Zero Day Initiative Vulnerability (Adobe Photoshop)
      - IPS Version: 3.6.2 and after.
      - NGFW Version: 1.0.0 and after.
      - TPS Version: 4.0.0 and after.
      - vTPS Version: Not available.
      - Requires: N/NX-Platform, NGFW, or TPS devices
      - Category: Exploits
      - Severity: Critical
      - Description: This filter provides protection against exploitation of a zero-day vulnerability affecting Adobe Photoshop.
      - Deployments:
        - Deployment: Security-Optimized (Block / Notify)

    35353: ZDI-CAN-8505: Zero Day Initiative Vulnerability (Adobe Photoshop)
      - IPS Version: 3.6.2 and after.
      - NGFW Version: 1.0.0 and after.
      - TPS Version: 4.0.0 and after.
      - vTPS Version: Not available.
      - Requires: N/NX-Platform, NGFW, or TPS devices
      - Category: Exploits
      - Severity: Critical
      - Description: This filter provides protection against exploitation of a zero-day vulnerability affecting Adobe Photoshop.
      - Deployments:
        - Deployment: Security-Optimized (Block / Notify)

    35354: ZDI-CAN-8342: Zero Day Initiative Vulnerability (Adobe Acrobat Pro DC)
      - IPS Version: 3.6.2 and after.
      - NGFW Version: 1.0.0 and after.
      - TPS Version: 4.0.0 and after.
      - vTPS Version: Not available.
      - Requires: N/NX-Platform, NGFW, or TPS devices
      - Category: Exploits
      - Severity: Critical
      - Description: This filter provides protection against exploitation of a zero-day vulnerability affecting Adobe Acrobat Pro DC.
      - Deployments:
        - Deployment: Security-Optimized (Block / Notify)

    35355: ZDI-CAN-8351: Zero Day Initiative Vulnerability (Microsoft JET Database)
      - IPS Version: 3.6.2 and after.
      - NGFW Version: 1.0.0 and after.
      - TPS Version: 4.0.0 and after.
      - vTPS Version: Not available.
      - Requires: N/NX-Platform, NGFW, or TPS devices
      - Category: Exploits
      - Severity: Critical
      - Description: This filter provides protection against exploitation of a zero-day vulnerability affecting Microsoft JET Database.
      - Deployments:
        - Deployment: Security-Optimized (Block / Notify)

    35356: ZDI-CAN-8353: Zero Day Initiative Vulnerability (Microsoft Windows)
      - IPS Version: 3.6.2 and after.
      - NGFW Version: 1.0.0 and after.
      - TPS Version: 4.0.0 and after.
      - vTPS Version: Not available.
      - Requires: N/NX-Platform, NGFW, or TPS devices
      - Category: Exploits
      - Severity: Critical
      - Description: This filter provides protection against exploitation of a zero-day vulnerability affecting Microsoft Windows.
      - Deployments:
        - Deployment: Security-Optimized (Block / Notify)

    35357: HTTP: BlazeVideo BlazeDVD Pro PLF File Processing Buffer Overflow Vulnerability (Upload)
      - IPS Version: 3.6.2 and after.
      - NGFW Version: 1.0.0 and after.
      - TPS Version: 4.0.0 and after.
      - vTPS Version: 4.0.1 and after.
      - Category: Exploits
      - Severity: Critical
      - Description: This filter detects an attempt to exploit a buffer overflow vulnerability in BlazeVideo BlazeDVD Pro.
      - Deployment: Not enabled by default in any deployment.
      - References:
        - Bugtraq ID: 69220

    35358: ZDI-CAN-8442: Zero Day Initiative Vulnerability (Adobe Acrobat Pro DC)
      - IPS Version: 3.6.2 and after.
      - NGFW Version: 1.0.0 and after.
      - TPS Version: 4.0.0 and after.
      - vTPS Version: Not available.
      - Requires: N/NX-Platform, NGFW, or TPS devices
      - Category: Exploits
      - Severity: Critical
      - Description: This filter provides protection against exploitation of a zero-day vulnerability affecting Adobe Acrobat Pro DC.
      - Deployments:
        - Deployment: Default (Block / Notify / Trace)
        - Deployment: Performance-Optimized (Disabled)

    35359: ZDI-CAN-8453: Zero Day Initiative Vulnerability (Adobe Flash)
      - IPS Version: 3.6.2 and after.
      - NGFW Version: 1.0.0 and after.
      - TPS Version: 4.0.0 and after.
      - vTPS Version: Not available.
      - Requires: N/NX-Platform, NGFW, or TPS devices
      - Category: Exploits
      - Severity: Critical
      - Description: This filter provides protection against exploitation of a zero-day vulnerability affecting Adobe Flash.
      - Deployments:
        - Deployment: Default (Block / Notify / Trace)
        - Deployment: Performance-Optimized (Disabled)

    35360: ZDI-CAN-8475: Zero Day Initiative Vulnerability (Adobe Photoshop)
      - IPS Version: 3.6.2 and after.
      - NGFW Version: 1.0.0 and after.
      - TPS Version: 4.0.0 and after.
      - vTPS Version: Not available.
      - Requires: N/NX-Platform, NGFW, or TPS devices
      - Category: Exploits
      - Severity: Critical
      - Description: This filter provides protection against exploitation of a zero-day vulnerability affecting Adobe Photoshop.
      - Deployments:
        - Deployment: Security-Optimized (Block / Notify)

    35361: ZDI-CAN-8479: Zero Day Initiative Vulnerability (Adobe Photoshop)
      - IPS Version: 3.6.2 and after.
      - NGFW Version: 1.0.0 and after.
      - TPS Version: 4.0.0 and after.
      - vTPS Version: Not available.
      - Requires: N/NX-Platform, NGFW, or TPS devices
      - Category: Exploits
      - Severity: Critical
      - Description: This filter provides protection against exploitation of a zero-day vulnerability affecting Adobe Photoshop.
      - Deployments:
        - Deployment: Security-Optimized (Block / Notify)

    35362: HTTP: ECShop HTTP Referer Header Remote Code Injection Vulnerability
      - IPS Version: 3.6.2 and after.
      - NGFW Version: 1.0.0 and after.
      - TPS Version: 4.0.0 and after.
      - vTPS Version: 4.0.1 and after.
      - Category: Vulnerabilities
      - Severity: Critical
      - Description: This filter detects an attempt to exploit a code injection vulnerability in ECShop.
      - Deployments:
        - Deployment: Default (Block / Notify)
        - Deployment: Performance-Optimized (Disabled)

    35363: ZDI-CAN-8480: Zero Day Initiative Vulnerability (Adobe Photoshop)
      - IPS Version: 3.6.2 and after.
      - NGFW Version: 1.0.0 and after.
      - TPS Version: 4.0.0 and after.
      - vTPS Version: Not available.
      - Requires: N/NX-Platform, NGFW, or TPS devices
      - Category: Exploits
      - Severity: Critical
      - Description: This filter provides protection against exploitation of a zero-day vulnerability affecting Adobe Photoshop.
      - Deployments:
        - Deployment: Security-Optimized (Block / Notify)

    35365: ZDI-CAN-8481: Zero Day Initiative Vulnerability (Adobe Photoshop)
      - IPS Version: 3.6.2 and after.
      - NGFW Version: 1.0.0 and after.
      - TPS Version: 4.0.0 and after.
      - vTPS Version: Not available.
      - Requires: N/NX-Platform, NGFW, or TPS devices
      - Category: Exploits
      - Severity: Critical
      - Description: This filter provides protection against exploitation of a zero-day vulnerability affecting Adobe Photoshop.
      - Deployments:
        - Deployment: Security-Optimized (Block / Notify)

    35366: ZDI-CAN-8499: Zero Day Initiative Vulnerability (Adobe Photoshop)
      - IPS Version: 3.6.2 and after.
      - NGFW Version: 1.0.0 and after.
      - TPS Version: 4.0.0 and after.
      - vTPS Version: Not available.
      - Requires: N/NX-Platform, NGFW, or TPS devices
      - Category: Exploits
      - Severity: Critical
      - Description: This filter provides protection against exploitation of a zero-day vulnerability affecting Adobe Photoshop.
      - Deployments:
        - Deployment: Security-Optimized (Block / Notify)

    35367: ZDI-CAN-8498: Zero Day Initiative Vulnerability (Adobe Photoshop)
      - IPS Version: 3.6.2 and after.
      - NGFW Version: 1.0.0 and after.
      - TPS Version: 4.0.0 and after.
      - vTPS Version: Not available.
      - Requires: N/NX-Platform, NGFW, or TPS devices
      - Category: Exploits
      - Severity: Critical
      - Description: This filter provides protection against exploitation of a zero-day vulnerability affecting Adobe Photoshop.
      - Deployments:
        - Deployment: Security-Optimized (Block / Notify)

    35368: ZDI-CAN-8497: Zero Day Initiative Vulnerability (Adobe Photoshop)
      - IPS Version: 3.6.2 and after.
      - NGFW Version: 1.0.0 and after.
      - TPS Version: 4.0.0 and after.
      - vTPS Version: Not available.
      - Requires: N/NX-Platform, NGFW, or TPS devices
      - Category: Exploits
      - Severity: Critical
      - Description: This filter provides protection against exploitation of a zero-day vulnerability affecting Adobe Photoshop.
      - Deployments:
        - Deployment: Security-Optimized (Block / Notify)

    35369: ZDI-CAN-8496: Zero Day Initiative Vulnerability (Adobe Photoshop)
      - IPS Version: 3.6.2 and after.
      - NGFW Version: 1.0.0 and after.
      - TPS Version: 4.0.0 and after.
      - vTPS Version: Not available.
      - Requires: N/NX-Platform, NGFW, or TPS devices
      - Category: Exploits
      - Severity: Critical
      - Description: This filter provides protection against exploitation of a zero-day vulnerability affecting Adobe Photoshop.
      - Deployments:
        - Deployment: Security-Optimized (Block / Notify)

    35370: ZDI-CAN-8494: Zero Day Initiative Vulnerability (Microsoft Windows)
      - IPS Version: 3.6.2 and after.
      - NGFW Version: 1.0.0 and after.
      - TPS Version: 4.0.0 and after.
      - vTPS Version: Not available.
      - Requires: N/NX-Platform, NGFW, or TPS devices
      - Category: Vulnerabilities
      - Severity: Critical
      - Description: This filter provides protection against exploitation of a zero-day vulnerability affecting Microsoft Windows.
      - Deployments:
        - Deployment: Security-Optimized (Block / Notify)

    35371: ZDI-CAN-8482: Zero Day Initiative Vulnerability (Adobe Photoshop)
      - IPS Version: 3.6.2 and after.
      - NGFW Version: 1.0.0 and after.
      - TPS Version: 4.0.0 and after.
      - vTPS Version: Not available.
      - Requires: N/NX-Platform, NGFW, or TPS devices
      - Category: Exploits
      - Severity: Critical
      - Description: This filter provides protection against exploitation of a zero-day vulnerability affecting Adobe Photoshop.
      - Deployments:
        - Deployment: Security-Optimized (Block / Notify)

    35372: ZDI-CAN-8490: Zero Day Initiative Vulnerability (Adobe Photoshop)
      - IPS Version: 3.6.2 and after.
      - NGFW Version: 1.0.0 and after.
      - TPS Version: 4.0.0 and after.
      - vTPS Version: Not available.
      - Requires: N/NX-Platform, NGFW, or TPS devices
      - Category: Exploits
      - Severity: Critical
      - Description: This filter provides protection against exploitation of a zero-day vulnerability affecting Adobe Photoshop.
      - Deployments:
        - Deployment: Security-Optimized (Block / Notify)

    35374: ZDI-CAN-8491: Zero Day Initiative Vulnerability (Foxit Reader)
      - IPS Version: 3.6.2 and after.
      - NGFW Version: 1.0.0 and after.
      - TPS Version: 4.0.0 and after.
      - vTPS Version: Not available.
      - Requires: N/NX-Platform, NGFW, or TPS devices
      - Category: Vulnerabilities
      - Severity: Critical
      - Description: This filter provides protection against exploitation of a zero-day vulnerability affecting Foxit Reader.
      - Deployments:
        - Deployment: Security-Optimized (Block / Notify)

  Modified Filters (logic changes):
    * = Enabled in Default deployments

    16246: RTSP: VideoLAN VLC RTSP Buffer Overflow Vulnerability
      - IPS Version: 1.0.0 and after.
      - NGFW Version: 1.0.0 and after.
      - TPS Version: 4.0.0 and after.
      - vTPS Version: 4.0.1 and after.
      - Description updated.
      - Detection logic updated.

    * 16686: HTTP: BlazeVideo BlazeDVD Pro PLF File Processing Buffer Overflow Vulnerability
      - IPS Version: 1.0.0 and after.
      - NGFW Version: 1.0.0 and after.
      - TPS Version: 4.0.0 and after.
      - vTPS Version: 4.0.1 and after.
      - Description updated.
      - Detection logic updated.

    29547: DHCP: FreeRADIUS fr_dhcp_attr2vp Integer Underflow Out-of-Bounds Read Vulnerability
      - IPS Version: 3.1.3 and after.
      - NGFW Version: 1.0.0 and after.
      - TPS Version: 4.0.0 and after.
      - vTPS Version: 4.0.1 and after.
      - Detection logic updated.

    32489: HTTP: PHPUnit File eval-stdin.php Code Execution Vulnerability
      - IPS Version: 3.6.2 and after.
      - NGFW Version: 1.0.0 and after.
      - TPS Version: 4.0.0 and after.
      - vTPS Version: 4.0.1 and after.
      - Name changed from "32489: HTTP: Php Code usage in PHPUnit".
      - Category changed from "Security Policy" to "Vulnerabilities".
      - Severity changed from "Moderate" to "Critical".
      - Description updated.
      - Detection logic updated.
      - Deployments updated and are now:
        - Deployment: Security-Optimized (Block / Notify)

    33593: HTTP: Samsung Galaxy S9 GameServiceReceiver Unsafe Updates Vulnerability (PWN2OWN ZDI-19-255)
      - IPS Version: 3.6.2 and after.
      - NGFW Version: 1.0.0 and after.
      - TPS Version: 4.0.0 and after.
      - vTPS Version: 4.0.1 and after.
      - Name changed from "33593: PWN2OWN ZDI-CAN-7477: Zero Day Initiative Vulnerability (Samsung Galaxy S9)".
      - Description updated.
      - Detection logic updated.
      - Vulnerability references updated.

    * 33686: HTTP: Microsoft Edge Chakra InlineArrayPush InlineArrayPop Type Confusion Vulnerability
      - IPS Version: 3.6.2 and after.
      - NGFW Version: 1.0.0 and after.
      - TPS Version: 4.0.0 and after.
      - vTPS Version: 4.0.1 and after.
      - Name changed from "33686: HTTP: Microsoft Edge Chakra InlineArrayPush Type Confusion Vulnerability".
      - Description updated.
      - Detection logic updated.
      - Vulnerability references updated.

    33948: HTTP: Microsoft Edge Chakra InitClass Type Confusion Vulnerability
      - IPS Version: 3.6.2 and after.
      - NGFW Version: 1.0.0 and after.
      - TPS Version: 4.0.0 and after.
      - vTPS Version: 4.0.1 and after.
      - Name changed from "33948: HTTP: Microsoft Edge Type Confusion Vulnerability".
      - Description updated.
      - Detection logic updated.
      - Vulnerability references updated.

    34094: HTTP: Adobe Flash Zlib Codec Buffer Overflow Vulnerability
      - IPS Version: 3.6.2 and after.
      - NGFW Version: 1.0.0 and after.
      - TPS Version: 4.0.0 and after.
      - vTPS Version: 4.0.1 and after.
      - Detection logic updated.

    * 34249: HTTP: Adobe Flash FileReference Type Confusion Vulnerability (Upload)
      - IPS Version: 3.6.2 and after.
      - NGFW Version: 1.0.0 and after.
      - TPS Version: 4.0.0 and after.
      - vTPS Version: 4.0.1 and after.
      - Detection logic updated.

    34477: HTTP: Adobe Flash Player SetInterval Use-After-Free Vulnerability
      - IPS Version: 3.6.2 and after.
      - NGFW Version: 1.0.0 and after.
      - TPS Version: 4.0.0 and after.
      - vTPS Version: 4.0.1 and after.
      - Detection logic updated.

    34478: HTTP: Adobe Flash Player SetInterval Use-After-Free Vulnerability (Upload)
      - IPS Version: 3.6.2 and after.
      - NGFW Version: 1.0.0 and after.
      - TPS Version: 4.0.0 and after.
      - vTPS Version: 4.0.1 and after.
      - Detection logic updated.

    34490: HTTP: Adobe Flash Player loadPCMFromByteArray Use-After-Free Vulnerability (Upload)
      - IPS Version: 3.6.2 and after.
      - NGFW Version: 1.0.0 and after.
      - TPS Version: 4.0.0 and after.
      - vTPS Version: 4.0.1 and after.
      - Detection logic updated.

    34869: HTTP: Adobe Flash Player MovieClip Object.unwatch Use-After-Free Vulnerability
      - IPS Version: 3.6.2 and after.
      - NGFW Version: 1.0.0 and after.
      - TPS Version: 4.0.0 and after.
      - vTPS Version: 4.0.1 and after.
      - Detection logic updated.

    34870: HTTP: Adobe Flash Player MovieClip Object.unwatch Use-After-Free Vulnerability (Upload)
      - IPS Version: 3.6.2 and after.
      - NGFW Version: 1.0.0 and after.
      - TPS Version: 4.0.0 and after.
      - vTPS Version: 4.0.1 and after.
      - Detection logic updated.

    34973: HTTP: Adobe Acrobat Reader Text Buffer Overflow Vulnerability
      - IPS Version: 3.6.2 and after.
      - NGFW Version: 1.0.0 and after.
      - TPS Version: 4.0.0 and after.
      - vTPS Version: 4.0.1 and after.
      - Name changed from "34973: HTTP: Adobe Acrobat Reader Buffer Overflow Vulnerability".
      - Description updated.
      - Detection logic updated.
      - Vulnerability references updated.

    35047: HTTP: Adobe Flash Player Color copyPixels Integer Overflow Vulnerability (Upload)
      - IPS Version: 3.6.2 and after.
      - NGFW Version: 1.0.0 and after.
      - TPS Version: 4.0.0 and after.
      - vTPS Version: 4.0.1 and after.
      - Detection logic updated.

    35048: HTTP: Adobe Flash Player Color copyPixels Integer Overflow Vulnerability
      - IPS Version: 3.6.2 and after.
      - NGFW Version: 1.0.0 and after.
      - TPS Version: 4.0.0 and after.
      - vTPS Version: 4.0.1 and after.
      - Detection logic updated.

  Modified Filters (metadata changes only):
    * = Enabled in Default deployments

    * 4270: HTTP: PHP Code Injection
      - IPS Version: 3.0.0 and after.
      - NGFW Version: 1.0.0 and after.
      - TPS Version: 4.0.0 and after.
      - vTPS Version: 4.0.1 and after.
      - Miscellaneous modification.

    13004: TCP: ActFax LPD Server Buffer Overflow Vulnerability
      - IPS Version: 1.0.0 and after.
      - NGFW Version: 1.0.0 and after.
      - TPS Version: 4.0.0 and after.
      - vTPS Version: 4.0.1 and after.
      - Miscellaneous modification.

    * 21137: RPC: Advantech WebAccess webvrpcs ViewSrv.dll BwBuildPath Buffer Overflow Vulnerability (ZDI-16-083)
      - IPS Version: 3.2.2 and after.
      - NGFW Version: 1.0.0 and after.
      - TPS Version: 4.0.0 and after.
      - vTPS Version: 4.0.1 and after.
      - Vulnerability references updated.

  Removed Filters: None
      

Top of the Page
Premium
Internal
Rating:
Category:
Configure; Troubleshoot; Deploy
Solution Id:
TP000136510
Feedback
Did this article help you?

Thank you for your feedback!

To help us improve the quality of this article, please leave your email here so we can clarify further your feedback, if neccessary:
We will not send you spam or share your email address.

*This form is automated system. General questions, technical, sales, and product-related issues submitted through this form will not be answered.

If you need additional help, you may try to contact the support team. Contact Support

To help us improve the quality of this article, please leave your email here so we can clarify further your feedback, if neccessary:
We will not send you spam or share your email address.

*This form is automated system. General questions, technical, sales, and product-related issues submitted through this form will not be answered.