Sign In with your
Trend Micro Account
Need Help?
Need More Help?

Create a technical support case if you need further support.

Digital Vaccine #9427

    • Updated:
    • 24 Jun 2020
    • Product/Version:
    • TippingPoint Digital Vaccine
    • Platform:
Summary
Digital Vaccine #9427      June 23, 2020
Details
Public
Thank you for subscribing to Digital Vaccine updates brought to you by Trend Micro™ TippingPoint DVLabs.

New content is now available at the Threat Management Center (TMC): https://tmc.tippingpoint.com.

SMS customers can update the Digital Vaccine through the SMS client. From the top-line menu, you can open the "File > Download Digital Vaccine from TMC" menu item to detect and load the latest update.

Note: Customers with TP10 devices should perform a soft reboot of their IPS before installing the new DV to avoid a memory issue during the install.
 
System Requirements
The 3.2.0 DV will run on IPS devices with TOS v3.2.0 and above,  all NGFW and all TPS systems. The 4.0.0 DV will only run on the Virtual Threat Protection System (vTPS) appliance. Please note that vTPS does not currently support pre-disclosed ZDI filters.
 
The Digital Vaccine can be manually downloaded from the following URLs:
https://tmc.tippingpoint.com/TMC/ViewPackage?parentFolderId=digital_vaccines&contentId=SIG_3.2.0_9427.pkg
https://tmc.tippingpoint.com/TMC/ViewPackage?parentFolderId=vsa_dv&contentId=SIG_VTPS_4.0.0_9427.pkg

Update Details

Table of Contents
--------------------------

Filters
 New Filters - 22
 Modified Filters (logic changes) - 16
 Modified Filters (metadata changes only) - 1
 Removed Filters - 0

Filters
----------------
 New Filters:
    32894: HTTP: Microsoft Internet Explorer AutoVariantRef Type Confusion Vulnerability
      - IPS Version: 3.6.2 and after.
      - NGFW Version: 1.0.0 and after.
      - TPS Version: 4.0.0 and after.
      - vTPS Version: 4.0.1 and after.
      - Category: Exploits
      - Severity: Critical
      - Description: This filter detects an attempt to exploit a type confusion vulnerability in Microsoft Internet Explorer.
      - Deployments:
        - Deployment: Security-Optimized (Block / Notify)
      - References:
        - Common Vulnerabilities and Exposures: CVE-2020-1216
      - Classification: Vulnerability - Other
      - Protocol: HTTP
      - Platform: Windows Client Application

    32913: HTTP: Microsoft Internet Explorer VariantCopy Use-After-Free Vulnerability
      - IPS Version: 3.6.2 and after.
      - NGFW Version: 1.0.0 and after.
      - TPS Version: 4.0.0 and after.
      - vTPS Version: 4.0.1 and after.
      - Category: Exploits
      - Severity: Critical
      - Description: This filter detects an attempt to exploit a use-after-free vulnerability in Microsoft Internet Explorer.
      - Deployments:
        - Deployment: Security-Optimized (Block / Notify)
      - References:
        - Common Vulnerabilities and Exposures: CVE-2020-1260
      - Classification: Vulnerability - Other
      - Protocol: HTTP
      - Platform: Windows Client Application

    35343: ZDI-CAN-11148-50,62,64: Zero Day Initiative Vulnerability (Adobe Acrobat Pro DC)
      - IPS Version: 3.6.2 and after.
      - NGFW Version: 1.0.0 and after.
      - TPS Version: 4.0.0 and after.
      - vTPS Version: Not available.
      - Requires: N/NX-Platform, NGFW, or TPS devices
      - Category: Vulnerabilities
      - Severity: Critical
      - Description: This filter provides protection against exploitation of a zero-day vulnerability affecting Adobe Acrobat Pro DC.
      - Deployments:
        - Deployment: Security-Optimized (Block / Notify / Trace)
      - Classification: Vulnerability - Other
      - Protocol: Other Protocol
      - Platform: Other Server Application or Service

    37040: HTTP: Oracle E-Business Suite Advanced Outbound Telephony Cross-Site Scripting Vulnerability
      - IPS Version: 3.6.2 and after.
      - NGFW Version: 1.0.0 and after.
      - TPS Version: 4.0.0 and after.
      - vTPS Version: 4.0.1 and after.
      - Category: Vulnerabilities
      - Severity: Critical
      - Description: This filter detects an attempt to exploit a cross-site scripting vulnerability in Oracle E-Business Suite.
      - Deployments:
        - Deployment: Security-Optimized (Block / Notify)
      - References:
        - Common Vulnerabilities and Exposures: CVE-2020-2871 CVSS 5.8
      - Classification: Vulnerability - Input Validation (Command injection, XSS, SQL injection, etc)
      - Protocol: HTTP
      - Platform: Multi-Platform Server Application or Service

    37042: HTTP: Nuclei User Agent
      - IPS Version: 3.6.2 and after.
      - NGFW Version: 1.0.0 and after.
      - TPS Version: 4.0.0 and after.
      - vTPS Version: 4.0.1 and after.
      - Category: Security Policy
      - Severity: Moderate
      - Description: This filter detects the presence of Nuclei User Agent.
      - Deployment: Not enabled by default in any deployment.
      - Classification: Reconnaissance / Suspicious Access - Host Scan
      - Protocol: HTTP
      - Platform: Multi-Platform Server Application or Service

    37043: ZDI-CAN-10834: Zero Day Initiative Vulnerability (Microsoft Internet Explorer)
      - IPS Version: 3.6.2 and after.
      - NGFW Version: 1.0.0 and after.
      - TPS Version: 4.0.0 and after.
      - vTPS Version: Not available.
      - Requires: N/NX-Platform, NGFW, or TPS devices
      - Category: Exploits
      - Severity: Critical
      - Description: This filter provides protection against exploitation of a zero-day vulnerability affecting Microsoft Internet Explorer.
      - Deployments:
        - Deployment: Default (Block / Notify / Trace)
        - Deployment: Performance-Optimized (Disabled)
      - Classification: Vulnerability - Other
      - Protocol: Other Protocol
      - Platform: Other Server Application or Service

    37044: ZDI-CAN-10911: Zero Day Initiative Vulnerability (D-Link Multiple Routers)
      - IPS Version: 3.6.2 and after.
      - NGFW Version: 1.0.0 and after.
      - TPS Version: 4.0.0 and after.
      - vTPS Version: Not available.
      - Requires: N/NX-Platform, NGFW, or TPS devices
      - Category: Vulnerabilities
      - Severity: Critical
      - Description: This filter provides protection against exploitation of a zero-day vulnerability affecting multiple D-Link Routers.
      - Deployments:
        - Deployment: Security-Optimized (Block / Notify / Trace)
      - Classification: Vulnerability - Other
      - Protocol: Other Protocol
      - Platform: Other Server Application or Service

    37045: ZDI-CAN-10912: Zero Day Initiative Vulnerability (D-Link Multiple Routers)
      - IPS Version: 3.6.2 and after.
      - NGFW Version: 1.0.0 and after.
      - TPS Version: 4.0.0 and after.
      - vTPS Version: Not available.
      - Requires: N/NX-Platform, NGFW, or TPS devices
      - Category: Vulnerabilities
      - Severity: Critical
      - Description: This filter provides protection against exploitation of a zero-day vulnerability affecting multiple D-Link Routers.
      - Deployments:
        - Deployment: Security-Optimized (Block / Notify / Trace)
      - Classification: Vulnerability - Other
      - Protocol: Other Protocol
      - Platform: Other Server Application or Service

    37046: ZDI-CAN-11032: Zero Day Initiative Vulnerability (Microsoft 3D Viewer)
      - IPS Version: 3.6.2 and after.
      - NGFW Version: 1.0.0 and after.
      - TPS Version: 4.0.0 and after.
      - vTPS Version: Not available.
      - Requires: N/NX-Platform, NGFW, or TPS devices
      - Category: Exploits
      - Severity: Critical
      - Description: This filter provides protection against exploitation of a zero-day vulnerability affecting Microsoft 3D Viewer.
      - Deployments:
        - Deployment: Default (Block / Notify / Trace)
        - Deployment: Performance-Optimized (Disabled)
      - Classification: Vulnerability - Other
      - Protocol: Other Protocol
      - Platform: Other Server Application or Service

    37047: ZDI-CAN-11095: Zero Day Initiative Vulnerability (Microsoft Visual Studio)
      - IPS Version: 3.6.2 and after.
      - NGFW Version: 1.0.0 and after.
      - TPS Version: 4.0.0 and after.
      - vTPS Version: Not available.
      - Requires: N/NX-Platform, NGFW, or TPS devices
      - Category: Exploits
      - Severity: Critical
      - Description: This filter provides protection against exploitation of a zero-day vulnerability affecting Microsoft Visual Studio.
      - Deployments:
        - Deployment: Security-Optimized (Block / Notify / Trace)
      - Classification: Vulnerability - Other
      - Protocol: Other Protocol
      - Platform: Other Server Application or Service

    37048: ZDI-CAN-11103: Zero Day Initiative Vulnerability (CA ARCserve D2D)
      - IPS Version: 3.6.2 and after.
      - NGFW Version: 1.0.0 and after.
      - TPS Version: 4.0.0 and after.
      - vTPS Version: Not available.
      - Requires: N/NX-Platform, NGFW, or TPS devices
      - Category: Exploits
      - Severity: Critical
      - Description: This filter provides protection against exploitation of a zero-day vulnerability affecting CA ARCserve D2D.
      - Deployments:
        - Deployment: Security-Optimized (Block / Notify / Trace)
      - Classification: Vulnerability - Other
      - Protocol: Other Protocol
      - Platform: Other Server Application or Service

    37052: ZDI-CAN-11143: Zero Day Initiative Vulnerability (SaltStack Salt)
      - IPS Version: 3.6.2 and after.
      - NGFW Version: 1.0.0 and after.
      - TPS Version: 4.0.0 and after.
      - vTPS Version: Not available.
      - Requires: N/NX-Platform, NGFW, or TPS devices
      - Category: Exploits
      - Severity: Critical
      - Description: This filter provides protection against exploitation of a zero-day vulnerability affecting SaltStack Salt.
      - Deployments:
        - Deployment: Security-Optimized (Block / Notify / Trace)
      - Classification: Vulnerability - Other
      - Protocol: Other Protocol
      - Platform: Other Server Application or Service

    37054: ZDI-CAN-11154: Zero Day Initiative Vulnerability (Microsoft JET Database)
      - IPS Version: 3.6.2 and after.
      - NGFW Version: 1.0.0 and after.
      - TPS Version: 4.0.0 and after.
      - vTPS Version: Not available.
      - Requires: N/NX-Platform, NGFW, or TPS devices
      - Category: Exploits
      - Severity: Critical
      - Description: This filter provides protection against exploitation of a zero-day vulnerability affecting Microsoft JET Database.
      - Deployments:
        - Deployment: Security-Optimized (Block / Notify / Trace)
      - Classification: Vulnerability - Other
      - Protocol: Other Protocol
      - Platform: Other Server Application or Service

    37055: ZDI-CAN-11156: Zero Day Initiative Vulnerability (Microsoft Visual Studio)
      - IPS Version: 3.6.2 and after.
      - NGFW Version: 1.0.0 and after.
      - TPS Version: 4.0.0 and after.
      - vTPS Version: Not available.
      - Requires: N/NX-Platform, NGFW, or TPS devices
      - Category: Exploits
      - Severity: Critical
      - Description: This filter provides protection against exploitation of a zero-day vulnerability affecting Microsoft Visual Studio.
      - Deployments:
        - Deployment: Security-Optimized (Block / Notify / Trace)
      - Classification: Vulnerability - Other
      - Protocol: Other Protocol
      - Platform: Other Server Application or Service

    37056: HTTP: PHP-Fusion Administration Banner Stored Cross-Site Scripting Vulnerability 
      - IPS Version: 3.6.2 and after.
      - NGFW Version: 1.0.0 and after.
      - TPS Version: 4.0.0 and after.
      - vTPS Version: 4.0.1 and after.
      - Category: Vulnerabilities
      - Severity: Critical
      - Description: This filter detects an attempt to exploit a cross-site scripting vulnerability exist in PHP-Fusion Banner feature.
      - Deployments:
        - Deployment: Security-Optimized (Block / Notify)
      - References:
        - Common Vulnerabilities and Exposures: CVE-2020-12438 CVSS 3.5
      - Classification: Vulnerability - Input Validation (Command injection, XSS, SQL injection, etc)
      - Protocol: HTTP
      - Platform: Multi-Platform Server Application or Service

    37059: HTTP: Apache Solr Server Request 
      - IPS Version: 3.6.2 and after.
      - NGFW Version: 1.0.0 and after.
      - TPS Version: 4.0.0 and after.
      - vTPS Version: 4.0.1 and after.
      - Category: Security Policy
      - Severity: Moderate
      - Description: This filter detects an attempt to access an Apache Solr server.
      - Deployment: Not enabled by default in any deployment.
      - References:
        - Common Vulnerabilities and Exposures: CVE-2020-8606
        - Zero Day Initiative: ZDI-20-677
      - Classification: Security Policy - Other
      - Protocol: HTTP
      - Platform: Multi-Platform Server Application or Service

    37060: TCP: IBM WebSphere Application Server Insecure Deserialization Vulnerability (ZDI-20-689,ZDI-20-690)
      - IPS Version: 3.6.2 and after.
      - NGFW Version: 1.0.0 and after.
      - TPS Version: 4.0.0 and after.
      - vTPS Version: 4.0.1 and after.
      - Category: Vulnerabilities
      - Severity: Critical
      - Description: This filter detects an attempt to exploit an insecure deserialization vulnerability in IBM WebSphere Application Server.
      - Deployments:
        - Deployment: Security-Optimized (Block / Notify)
      - References:
        - Common Vulnerabilities and Exposures: CVE-2020-4449, CVE-2020-4450
        - Zero Day Initiative: ZDI-20-689, ZDI-20-690
      - Classification: Vulnerability - Input Validation (Command injection, XSS, SQL injection, etc)
      - Protocol: TCP (Generic)
      - Platform: Multi-Platform Server Application or Service

    37783: HTTP: UPnP SUBSCRIBE Request
      - IPS Version: 3.6.2 and after.
      - NGFW Version: 1.0.0 and after.
      - TPS Version: 4.0.0 and after.
      - vTPS Version: 4.0.1 and after.
      - Category: Security Policy
      - Severity: Moderate
      - Description: This filter detects SUBSCRIBE requests to a UPnP service.
      - Deployment: Not enabled by default in any deployment.
      - Classification: Vulnerability - Input Validation (Command injection, XSS, SQL injection, etc)
      - Protocol: HTTP
      - Platform: Multi-Platform Server Application or Service

    37785: ZDI-CAN-10925: Zero Day Initiative Vulnerability (Microsoft Chakra)
      - IPS Version: 3.6.2 and after.
      - NGFW Version: 1.0.0 and after.
      - TPS Version: 4.0.0 and after.
      - vTPS Version: Not available.
      - Requires: N/NX-Platform, NGFW, or TPS devices
      - Category: Vulnerabilities
      - Severity: Critical
      - Description: This filter provides protection against exploitation of a zero-day vulnerability affecting Microsoft Chakra.
      - Deployments:
        - Deployment: Security-Optimized (Block / Notify / Trace)
      - Classification: Vulnerability - Other
      - Protocol: Other Protocol
      - Platform: Other Server Application or Service

    37787: ZDI-CAN-11127: Zero Day Initiative Vulnerability (ManageEngine OpManager)
      - IPS Version: 3.6.2 and after.
      - NGFW Version: 1.0.0 and after.
      - TPS Version: 4.0.0 and after.
      - vTPS Version: Not available.
      - Requires: N/NX-Platform, NGFW, or TPS devices
      - Category: Vulnerabilities
      - Severity: Critical
      - Description: This filter provides protection against exploitation of a zero-day vulnerability affecting ManageEngine OpManager.
      - Deployments:
        - Deployment: Security-Optimized (Block / Notify / Trace)
      - Classification: Vulnerability - Other
      - Protocol: Other Protocol
      - Platform: Other Server Application or Service

    37788: TCP: IBM WebSphere UploadFileArgument Deserialization Vulnerability (ZDI-20-688)
      - IPS Version: 3.6.2 and after.
      - NGFW Version: 1.0.0 and after.
      - TPS Version: 4.0.0 and after.
      - vTPS Version: 4.0.1 and after.
      - Category: Vulnerabilities
      - Severity: Critical
      - Description: This filter detects an attempt to exploit an insecure deserialization vulnerability in IBM WebSphere Application Server.
      - Deployments:
        - Deployment: Security-Optimized (Block / Notify)
      - References:
        - Common Vulnerabilities and Exposures: CVE-2020-4448
        - Zero Day Initiative: ZDI-20-688
      - Classification: Vulnerability - Input Validation (Command injection, XSS, SQL injection, etc)
      - Protocol: TCP (Generic)
      - Platform: Multi-Platform Server Application or Service

    37789: ZDI-CAN-11167,11169,11172,11173: Zero Day Initiative Vulnerability (SaltStack Salt)
      - IPS Version: 3.6.2 and after.
      - NGFW Version: 1.0.0 and after.
      - TPS Version: 4.0.0 and after.
      - vTPS Version: Not available.
      - Requires: N/NX-Platform, NGFW, or TPS devices
      - Category: Exploits
      - Severity: Critical
      - Description: This filter provides protection against exploitation of a zero-day vulnerability affecting SaltStack Salt.
      - Deployments:
        - Deployment: Security-Optimized (Block / Notify / Trace)
      - Classification: Vulnerability - Other
      - Protocol: Other Protocol
      - Platform: Other Server Application or Service

  Modified Filters (logic changes):
    * = Enabled in Default deployments

    0350: HTTP: Shell Command Execution (chmod command)
      - IPS Version: 1.0.0 and after.
      - NGFW Version: 1.0.0 and after.
      - TPS Version: 4.0.0 and after.
      - vTPS Version: 4.0.1 and after.
      - Detection logic updated.

    0352: HTTP: Shell Command Execution (chown command)
      - IPS Version: 1.0.0 and after.
      - NGFW Version: 1.0.0 and after.
      - TPS Version: 4.0.0 and after.
      - vTPS Version: 4.0.1 and after.
      - Detection logic updated.

    4560: HTTP: HTTP Request Smuggling
      - IPS Version: 1.0.0 and after.
      - NGFW Version: 1.0.0 and after.
      - TPS Version: 4.0.0 and after.
      - vTPS Version: 4.0.1 and after.
      - Detection logic updated.
      - Vulnerability references updated.

    22622: HTTP: ThinkPHP Framework Code Injection Vulnerability
      - IPS Version: 3.1.3 and after.
      - NGFW Version: 1.0.0 and after.
      - TPS Version: 4.0.0 and after.
      - vTPS Version: 4.0.1 and after.
      - Detection logic updated.

    31391: HTTP: Zoho ManageEngine OpManager cachestart Directory Traversal Vulnerability
      - IPS Version: 3.6.2 and after.
      - NGFW Version: 1.0.0 and after.
      - TPS Version: 4.0.0 and after.
      - vTPS Version: 4.0.1 and after.
      - Name changed from "31391: HTTP: Zoho ManageEngine OpManager fluidicv2 UI Directory Traversal Vulnerability".
      - Description updated.
      - Detection logic updated.
      - Vulnerability references updated.

    34049: HTTP: Oracle E-Business Suite Advanced Outbound Telephony Calendar Cross-Site Scripting 
      - IPS Version: 3.6.2 and after.
      - NGFW Version: 1.0.0 and after.
      - TPS Version: 4.0.0 and after.
      - vTPS Version: 4.0.1 and after.
      - Detection logic updated.

    36184: HTTP: Cisco Data Center Network Manager getEndDeviceList SQL Injection Vulnerability (ZDI-20-053)
      - IPS Version: 3.6.2 and after.
      - NGFW Version: 1.0.0 and after.
      - TPS Version: 4.0.0 and after.
      - vTPS Version: 4.0.1 and after.
      - Name changed from "36184: ZDI-CAN-9128: Zero Day Initiative Vulnerability (Cisco Data Center Network Manager)".
      - Description updated.
      - Detection logic updated.
      - Vulnerability references updated.

    36473: HTTP: Foxit PhantomPDF AcroForm addWatermarkFromText Use-After-Free Vulnerability (ZDI-20-201)
      - IPS Version: 3.6.2 and after.
      - NGFW Version: 1.0.0 and after.
      - TPS Version: 4.0.0 and after.
      - vTPS Version: 4.0.1 and after.
      - Description updated.
      - Detection logic updated.
      - Vulnerability references updated.

    36474: HTTP: Cisco Data Center Network Manager getConfigTemplateFileName SQL Injection (ZDI-20-111)
      - IPS Version: 3.6.2 and after.
      - NGFW Version: 1.0.0 and after.
      - TPS Version: 4.0.0 and after.
      - vTPS Version: 4.0.1 and after.
      - Detection logic updated.
      - Vulnerability references updated.

    36942: HTTP: Advantech WebAccess/NMS DBUtil SQL Injection Vulnerability (ZDI-20-399)
      - IPS Version: 3.6.2 and after.
      - NGFW Version: 1.0.0 and after.
      - TPS Version: 4.0.0 and after.
      - vTPS Version: 4.0.1 and after.
      - Name changed from "36942: ZDI-CAN-9613: Zero Day Initiative Vulnerability (Advantech WebAccess/SCADA)".
      - Description updated.
      - Detection logic updated.
      - Vulnerability references updated.

    36953: HTTP: Advantech WebAccess/NMS DBUtil SQL Injection Vulnerability (ZDI-20-403)
      - IPS Version: 3.6.2 and after.
      - NGFW Version: 1.0.0 and after.
      - TPS Version: 4.0.0 and after.
      - vTPS Version: 4.0.1 and after.
      - Name changed from "36953: ZDI-CAN-9628: Zero Day Initiative Vulnerability (Advantech WebAccess/SCADA)".
      - Description updated.
      - Detection logic updated.
      - Vulnerability references updated.

    37036: HTTP: Fuji Electric V-Server Lite VPR File Parsing Buffer Overflow Vulnerability (ZDI-20-452)
      - IPS Version: 3.6.2 and after.
      - NGFW Version: 1.0.0 and after.
      - TPS Version: 4.0.0 and after.
      - vTPS Version: 4.0.1 and after.
      - Name changed from "37036: ZDI-CAN-10120: Zero Day Initiative Vulnerability (Fuji Electric V-Server Lite)".
      - Description updated.
      - Detection logic updated.
      - Vulnerability references updated.

    37037: HTTP: Fuji Electric V-Server Lite VPR File Parsing Buffer Overflow Vulnerability (ZDI-20-451)
      - IPS Version: 3.6.2 and after.
      - NGFW Version: 1.0.0 and after.
      - TPS Version: 4.0.0 and after.
      - vTPS Version: 4.0.1 and after.
      - Name changed from "37037: ZDI-CAN-10119: Zero Day Initiative Vulnerability (Fuji Electric V-Server Lite)".
      - Description updated.
      - Detection logic updated.
      - Vulnerability references updated.

    37184: HTTP: Advantech WebAccess/NMS DBUtil SQL Injection Vulnerability (ZDI-20-426)
      - IPS Version: 3.6.2 and after.
      - NGFW Version: 1.0.0 and after.
      - TPS Version: 4.0.0 and after.
      - vTPS Version: 4.0.1 and after.
      - Name changed from "37184: ZDI-CAN-9805: Zero Day Initiative Vulnerability (Advantech WebAccess/NMS)".
      - Severity changed from "Critical" to "High".
      - Description updated.
      - Detection logic updated.
      - Vulnerability references updated.

    37186: HTTP: Advantech WebAccess/NMS DBUtil SQL Injection Vulnerability (ZDI-20-429)
      - IPS Version: 3.6.2 and after.
      - NGFW Version: 1.0.0 and after.
      - TPS Version: 4.0.0 and after.
      - vTPS Version: 4.0.1 and after.
      - Name changed from "37186: ZDI-CAN-9810: Zero Day Initiative Vulnerability (Advantech WebAccess/NMS)".
      - Severity changed from "Critical" to "High".
      - Description updated.
      - Detection logic updated.
      - Vulnerability references updated.

    37328: HTTP: Fuji Electric V-Server Lite VPR File Parsing Out-Of-Bounds Read Vulnerability (ZDI-20-454)
      - IPS Version: 3.6.2 and after.
      - NGFW Version: 1.0.0 and after.
      - TPS Version: 4.0.0 and after.
      - vTPS Version: 4.0.1 and after.
      - Name changed from "37328: ZDI-CAN-10137: Zero Day Initiative Vulnerability (Fuji Electric V-Server)".
      - Description updated.
      - Detection logic updated.
      - Vulnerability references updated.

  Modified Filters (metadata changes only):
    * = Enabled in Default deployments

    * 32236: HTTP: Microsoft Internet Explorer insertRow Memory Corruption Vulnerability (ZDI-18-1048)
      - IPS Version: 3.6.2 and after.
      - NGFW Version: 1.0.0 and after.
      - TPS Version: 4.0.0 and after.
      - vTPS Version: 4.0.1 and after.
      - Name changed from "32236: HTTP: Microsoft Internet Explorer insertRow Memory Corruption Vulnerability".
      - Description updated.
      - Vulnerability references updated.

  Removed Filters: None

Top of the Page
Premium
Internal
Partner
Rating:
Category:
Configure; Troubleshoot; Deploy
Solution Id:
TP000257046
Feedback
Did this article help you?

Thank you for your feedback!

To help us improve the quality of this article, please leave your email here so we can clarify further your feedback, if neccessary:
We will not send you spam or share your email address.

*This form is automated system. General questions, technical, sales, and product-related issues submitted through this form will not be answered.

If you need additional help, you may try to contact the support team. Contact Support

To help us improve the quality of this article, please leave your email here so we can clarify further your feedback, if neccessary:
We will not send you spam or share your email address.

*This form is automated system. General questions, technical, sales, and product-related issues submitted through this form will not be answered.