IPS Security Update - September 26th, 2017

Document created by Danny Jung Champion on Sep 27, 2017
Version 1Show Document
  • View in full screen mode
Check Point IPS Security Update

September 26th, 2017 

Package No. 635176441 & 634176441

New IPS Protections

 R7x Profile
R80 Profiles
Severity
Protection Name
Recommended
Basic
Optimized
Strict
   
CRITICAL  EMC VMAX3 VASA Provider UploadConfigurator Directory Traversal
(CVE-2017-4997)
OnOffOffOn
Joomla LDAP Information Disclosure
(CVE-2017-14596)
OnOffOnOn
 
McAfee SaaS Remote Command ExecutionOnOffOffOn
 
Microsoft Windows Search Type Confusion
(CVE-2017-8620)
OnOffOnOn
   
HIGH  HPE Intelligent Management Center dbman RestoreDBase Command Injection
(CVE-2017-5817; CVE-2017-5819)
OnOffOffOn
 
PostgreSQL Database Core Server non-libpq Client Policy Bypass
(CVE-2017-7546)
OnOffOffOn
 
Trend Micro Control Manager cmdHandlerStatusMonitor SQL Injection
(CVE-2017-11385)
OnOffOnOn
 
Trend Micro Control Manager cmdHandlerTVCSCommander SQL Injection
(CVE-2017-11383)
OnOffOnOn
   
MEDIUM  Disk Pulse Enterprise GET Buffer OverflowOnOffOffOn
Firefox PDF.js Javascript Injection
(CVE-2015-0816; CVE-2015-0802)
OnOffOnOn
 
GnuTLS status_request Extension Null Pointer Dereference
(CVE-2017-7507)
OnOffOnOn
 
HPE Intelligent Management Center saveSelectedDevices Expression Language Injection
(CVE-2017-12491)
OnOffOnOn
 
IBM Domino IMAP Mailbox Name Stack Buffer Overflow
(CVE-2017-1274)
OnOffOnOn
 
IPFire ids.cgi OINKCODE Parameter Command Injection
(CVE-2017-9757)
OnOffOffOn
 
Nginx ngx_http_range_filter_module Integer Overflow
(CVE-2017-7529)
OnOffOffOn
 
Symantec Messaging Gateway performRestore Command Injection
(CVE-2017-6327)
OnOffOffOn

Updated Protections

 
R7x Profile
R80 Profiles
Protection Name
Recommended
Basic
Optimized
Strict
  
ASUSWRT LAN Backdoor Remote Command Execution
(CVE-2014-9583)
OnOnOnOn
Adobe Acrobat And Reader Use After Free
(APSB17-24; CVE-2017-11223)
OnOffOnOn
Adobe Acrobat and Reader Heap Overflow
(APSB17-24; CVE-2017-11220)
OnOffOnOn
Adobe Acrobat and Reader Memory Corruption
(APSB17-24; CVE-2017-11209)
OnOffOnOn
Adobe Acrobat and Reader Memory Corruption
(APSB17-24; CVE-2017-11222)
OnOffOnOn
Adobe Acrobat and Reader Type Confusion
(APSB17-24; CVE-2017-11221)
OnOffOnOn
Adobe Flash Player Heap Buffer Overflow
(APSB17-02; CVE-2017-2927)
OnOffOnOn
Internet Explorer GetMarkupPtr Use After Free Code Execution
(MS13-021; CVE-2013-0092)
OnOffOnOn
Microsoft Browser Scripting Engine Memory Corruption
(CVE-2017-8636)
OnOffOnOn
Microsoft Windows Media Player RTSP Use after Free Code Execution
(MS10-075; CVE-2010-3225)
OnOffOnOn
Microsoft Windows Shell Handler URL Validation Code Execution
(MS10-007; CVE-2010-0027)
OnOffOnOn
Multiple Websites Mine Cryptocurrencies CPU HijackingOnOffOnOn
RIG Exploit Kit Landing Page URLOnOffOnOn
SQL Servers Time-based SQL InjectionOnOffOnOn
Sun Solaris printd Daemon Arbitrary File Deletion
(CVE-2005-4797)
OnOffOffOn
Threat wiki
App wiki
IPS Advisories
 Copyright © Check Point
Software Technologies LTD.

Attachments

    Outcomes