• CheckPoint.com
• 
• 
• 
• 
• 
• 

Check Point  IPS Security Update October 27th, 2015 - Package No. 634157184   Recommended Profile Updates   ADDED PROTECTIONS Ignite Realtime Openfire user-create.jsp Cross-Site Request Forgery (CVE-2015-6973)  NEW! Industry Reference  CVE-2015-6973  | Check Point Reference  CPAI-2015-1193  A cross-site request forgery vulnerability has been reported in Openfire's user-create. This protection will detect and block attempts to exploit this vulnerability.   Matt Wright FormMail Multiple cross-site scripting (XSS) vulnerabilities (CVE-2009-1776; CVE-2009-1777)  NEW! Industry Reference  CVE-2009-1776  | Check Point Reference  CPAI-2015-1082  FormMail is prone to an HTTP-response-splitting vulnerability and multiple cross-site scripting vulnerabilities because it fails to properly sanitize user-supplied input. This protection will detect and block attempts to exploit this vulnerability.   Oracle Database Client System Analyzer Arbitrary File Upload Code Execution (CVE-2010-3600)  NEW! Industry Reference  CVE-2010-3600  | Check Point Reference  CPAI-2015-1206  A directory traversal and remote code-execution vulnerability exists in Oracle Database Server 11 and Enterprise Manager Grid Control 10. This protection will detect and block attempts to exploit this vulnerability.   Paros Proxy Scanner  NEW! Check Point Reference  CPAI-2015-1223  Paros is a proxy scanning product. Remote attackers can use Paros to detect proxy servers. This protection will detect and block attempts to use this scanner.   Reprise License Manager HTTP Parameter Parsing Stack Buffer Overflow  NEW! Check Point Reference  CPAI-2015-1152  A stack buffer overflow vulnerability exists in the Reprise License Manager. This protection will detect and block attempts to exploit this vulnerability.   Typo3 CMS SanitizeLocalUrl Cross-Site Scripting (CVE-2015-5956)  NEW! Industry Reference  CVE-2015-5956  | Check Point Reference  CPAI-2015-1191  A cross-site scripting vulnerability has been reported in Typo3 CMS. This protection will detect and block attempts to exploit this vulnerability.   vBulletin vB_api Remote Code Execution  NEW! Check Point Reference  CPAI-2015-1233  A vulnerability exists in the vBulletin software package, allowing an attacker to execute PHP code on any vBulletin server without requiring user authentication. This protection will detect and block attempts to exploit this vulnerability.   UPDATED PROTECTIONS CPAI-2015-0260  Acunetix Web Vulnerability Scanner CPAI-2015-1218  Adobe Flash Player IExternalizable Remote Code Execution (APSA15-05; CVE-2015-7645) CPAI-2015-1080  Ajax File Browser settings.inc.php File Inclusion (CVE-2007-4921) CPAI-2014-1222  Dlink IP Camera Video Stream Authentication Bypass - Ver2 (CVE-2013-1600) CPAI-2014-2103  E107 userjournals_menu Plugin SQL Injection CPAI-2015-1073  Focus SIS staticpath File Inclusion (CVE-2007-4807) CPAI-2013-2481  HP Data Protector CRS Opcode 259 Stack Buffer Overflow (CVE-2013-2329) CPAI-2006-290  Ipswitch IMail Server SMTP Service Buffer Overflow (CVE-2006-4379) CPAI-2014-2127  Joomla Component com_webring Remote File Inclusion (CVE-2006-4129) CPAI-2010-449  Linux Kernel sctp_rcv_ootb Remote Denial of Service (CVE-2010-0008) CPAI-2014-2232  Malformed PDF Version Header CPAI-2015-0206  ManageEngine Multiple Products FailOverHelperServlet copyfile Information Disclosure (CVE-2014-7863) CPAI-2006-216  McAfee WebShield SMTP Bounce Message Format String (CVE-2006-0559) CPAI-2014-2352  Microsoft FrontPage Server Extensions Buffer Overrun (MS03-051; CVE-2003-0822) - Ver2 CPAI-2007-223  Microsoft Help Workshop CNT Help Contents Buffer Overflow (CVE-2007-0352) CPAI-2009-331  Microsoft IIS Filename Extension Parsing Security Bypass (CVE-2009-4444) CPAI-2014-2375  Microsoft IIS WebDAV Remote Buffer Overflow (MS03-007; CVE-2003-0109) - Ver2 CPAI-2014-2377  Microsoft IIS idq.dll IDAIDQ ISAPI Overflow Buffer Overflow - Ver2 (CVE-2001-0500) CPAI-2015-0931  Microsoft Internet Explorer Information Disclosure (MS15-079; CVE-2015-2423) CPAI-2015-1163  Microsoft Internet Explorer Use After Free Remote Code Execution (MS15-109; CVE-2015-2548) CPAI-2015-0914  Microsoft Office Memory Corruption (MS15-081; CVE-2015-2477) CPAI-2012-306  Microsoft SharePoint XSS scriptresx.ashx Elevation of Privilege (MS12-050; CVE-2012-1859) CPAI-2015-0410  Microsoft Windows HTTP.sys Remote Code Execution (MS15-034; CVE-2015-1635) CPAI-2012-084  Microsoft Windows Remote Desktop Protocol Code Execution (MS12-020; CVE-2012-0002) CPAI-2015-0835  Microsoft Windows Remote Desktop Protocol Code Execution (MS15-067; CVE-2015-2373) CPAI-2015-0237  Microsoft Windows Remote Desktop Protocol Denial of Service (MS15-030; CVE-2015-0079) CPAI-2015-1063  Muieblackcat PHP Vulnerability Scanner CPAI-2015-0013  Netscape NSS Library Record Parsing Buffer Overflow (CVE-2004-0826) CPAI-2015-1072  Nmap Scripting Engine Scanner Over HTTP Request CPAI-2014-1182  PHP JavaScript Website Redirection CPAI-2015-0669  Shodan Scanner BACNET Request CPAI-2015-0671  Shodan Scanner ENIP Request CPAI-2015-0673  Shodan Scanner GTP Request CPAI-2015-0674  Shodan Scanner ISAKMP Request CPAI-2014-1326  Sqlmap Automated SQL Injection tool CPAI-2013-1682  Squid Proxy strHdrAcptLangGetItem Value Denial of Service (CVE-2013-1839) CPAI-2015-1076  Tropicalm Crowell Resource RESPATH File Inclusion (CVE-2007-2530) CPAI-2013-2749  Web Servers Malicious URL Directory Traversal (CVE-2011-2474; CVE-2014-0130; CVE-2010-4598) CPAI-2014-2206  Web Servers Suspicious File Upload CPAI-2012-337  Zend Technologies Zend Framework Zend_XmlRpc Information Disclosure (CVE-2012-3363)     Other Updates         UPDATED PROTECTIONS CPAI-2015-0313  Dlink IP Camera Authenticated Arbitrary Command Execution - Ver2 (CVE-2013-1599) CPAI-2015-0705  HP Intelligent Management Center img Buffer Overflow - Ver2 (CVE-2011-1848) CPAI-2015-0726  Monkey HTTPD Server Denial of Service - Ver2 (CVE-2013-3724) CPAI-2015-0678  PDF Containing Unsupported Filter

Check Point  IPS Security Update November 10th, 2015 - Package No. 634157526   Recommended Profile Updates   ADDED PROTECTIONS Advantech WebAccess ActiveX ConvToSafeArray Stack Buffer Overflow (CVE-2014-9208)  NEW! Industry Reference  CVE-2014-9208  | Check Point Reference  CPAI-2015-1236  A stack buffer overflow vulnerability exists in Advantech's WebAccess SCADA software. This protection will detect and block attempts to exploit this vulnerability.   IBM Lotus Domino Web Server iNotes Buffer Overflow (CVE-2003-0178)  NEW! Industry Reference  CVE-2003-0178  | Check Point Reference  CPAI-2015-1252  A buffer overflow vulnerability exists in IBM Lotus Domino iNotes Web Server. This protection will detect and block attempts to exploit this vulnerability.   ManageEngine Applications Manager CommonAPIUtil moveSubGroup haid tohaid SQL Injection  NEW! Check Point Reference  CPAI-2015-1241  An SQL injection vulnerability exists in ManageEngine Applications Manager. This protection will detect and block attempts to exploit this vulnerability.   ManageEngine Applications Manager CommonAPIUtil removeMonitorFrmMG haid SQL Injection  NEW! Check Point Reference  CPAI-2015-1216  An SQL injection vulnerability exists in ManageEngine Applications Manager. This protection will detect and block attempts to exploit this vulnerability.   Microsoft .NET Information Disclosure Vulnerability (MS15-118; CVE-2015-6096)  NEW! Industry Reference  CVE-2015-6096  | Check Point Reference  CPAI-2015-1284  An information disclosure vulnerability exists in Microsoft .NET Framework. This protection will detect and block attempts to exploit this vulnerability.   Microsoft Graphics Component Remote Code Execution (MS15-115; CVE-2015-6103)  NEW! Industry Reference  CVE-2015-6103  | Check Point Reference  CPAI-2015-1273  A remote code execution vulnerability has been reported in Windows Graphics Component. This protection will detect and block attempts to exploit this vulnerability.   Microsoft Internet Explorer ASLR Bypass (MS15-112; CVE-2015-6088)  NEW! Industry Reference  CVE-2015-6088  | Check Point Reference  CPAI-2015-1275  A security feature bypass vulnerability has been reported in Microsoft Internet Explorer. This protection will detect and block attempts to exploit this vulnerability.   Microsoft Internet Explorer Information Disclosure (MS15-112; CVE-2015-6086)  NEW! Industry Reference  CVE-2015-6086  | Check Point Reference  CPAI-2015-1283  An information disclosure vulnerability has been reported in Microsoft Internet Explorer. This protection will detect and block attempts to exploit this vulnerability.   Microsoft Internet Explorer Memory Corruption (MS15-112; CVE-2015-6065)  NEW! Industry Reference  CVE-2015-6065  | Check Point Reference  CPAI-2015-1258  A remote code execution vulnerability has been reported in Microsoft Internet Explorer. This protection will detect and block attempts to exploit this vulnerability.   Microsoft Internet Explorer Memory Corruption (MS15-112; CVE-2015-6066)  NEW! Industry Reference  CVE-2015-6066  | Check Point Reference  CPAI-2015-1263  A remote code execution vulnerability has been reported in Microsoft Internet Explorer. This protection will detect and block attempts to exploit this vulnerability.   Microsoft Internet Explorer Memory Corruption (MS15-112; CVE-2015-6068)  NEW! Industry Reference  CVE-2015-6068  | Check Point Reference  CPAI-2015-1259  A remote code execution vulnerability has been reported in Microsoft Internet Explorer. This protection will detect and block attempts to exploit this vulnerability.   Microsoft Internet Explorer Memory Corruption (MS15-112; CVE-2015-6070)  NEW! Industry Reference  CVE-2015-6070  | Check Point Reference  CPAI-2015-1277  A remote code execution vulnerability has been reported in Microsoft Internet Explorer. This protection will detect and block attempts to exploit this vulnerability.   Microsoft Internet Explorer Memory Corruption (MS15-112; CVE-2015-6071)  NEW! Industry Reference  CVE-2015-6071  | Check Point Reference  CPAI-2015-1279  A remote code execution vulnerability has been reported in Microsoft Internet Explorer. This protection will detect and block attempts to exploit this vulnerability.   Microsoft Internet Explorer Memory Corruption (MS15-112; CVE-2015-6072)  NEW! Industry Reference  CVE-2015-6072  | Check Point Reference  CPAI-2015-1268  A remote code execution vulnerability has been reported in Microsoft Internet Explorer. This protection will detect and block attempts to exploit this vulnerability.   Microsoft Internet Explorer Memory Corruption (MS15-112; CVE-2015-6073)  NEW! Industry Reference  CVE-2015-6073  | Check Point Reference  CPAI-2015-1269  A remote code execution vulnerability has been reported in Microsoft Internet Explorer. This protection will detect and block attempts to exploit this vulnerability.   Microsoft Internet Explorer Memory Corruption (MS15-112; CVE-2015-6075)  NEW! Industry Reference  CVE-2015-6075  | Check Point Reference  CPAI-2015-1271  A remote code execution vulnerability has been reported in Microsoft Internet Explorer. This protection will detect and block attempts to exploit this vulnerability.   Microsoft Internet Explorer Memory Corruption (MS15-112; CVE-2015-6076)  NEW! Industry Reference  CVE-2015-6076  | Check Point Reference  CPAI-2015-1272  A remote code execution vulnerability has been reported in Microsoft Internet Explorer. This protection will detect and block attempts to exploit this vulnerability.   Microsoft Internet Explorer Memory Corruption (MS15-112; CVE-2015-6077)  NEW! Industry Reference  CVE-2015-6077  | Check Point Reference  CPAI-2015-1266  A remote code execution vulnerability has been reported in Microsoft Internet Explorer. This protection will detect and block attempts to exploit this vulnerability.   Microsoft Internet Explorer Memory Corruption (MS15-112; CVE-2015-6078)  NEW! Industry Reference  CVE-2015-6078  | Check Point Reference  CPAI-2015-1261  A use-after-free vulnerability has been reported in Microsoft Internet Explorer. This protection will detect and block attempts to exploit this vulnerability.   Microsoft Internet Explorer Memory Corruption (MS15-112; CVE-2015-6079)  NEW! Industry Reference  CVE-2015-6079  | Check Point Reference  CPAI-2015-1260  A remote code execution vulnerability has been reported in Microsoft Internet Explorer. This protection will detect and block attempts to exploit this vulnerability.   Microsoft Internet Explorer Memory Corruption (MS15-112; CVE-2015-6080)  NEW! Industry Reference  CVE-2015-6080  | Check Point Reference  CPAI-2015-1255  A A use-after-free vulnerability has been reported in Microsoft Internet Explorer. This protection will detect and block attempts to exploit this vulnerability.   Microsoft Internet Explorer Memory Corruption (MS15-112; CVE-2015-6081)  NEW! Industry Reference  CVE-2015-6081  | Check Point Reference  CPAI-2015-1256  A remote code execution vulnerability has been reported in Microsoft Internet Explorer. This protection will detect and block attempts to exploit this vulnerability.   Microsoft Internet Explorer Memory Corruption (MS15-112; CVE-2015-6082)  NEW! Industry Reference  CVE-2015-6082  | Check Point Reference  CPAI-2015-1257  A remote code execution vulnerability has been reported in Microsoft Internet Explorer. This protection will detect and block attempts to exploit this vulnerability.   Microsoft Internet Explorer Memory Corruption (MS15-112; CVE-2015-6084)  NEW! Industry Reference  CVE-2015-6084  | Check Point Reference  CPAI-2015-1262  A remote code execution vulnerability has been reported in Microsoft Internet Explorer. This protection will detect and block attempts to exploit this vulnerability.   Microsoft Internet Explorer Memory Corruption (MS15-112; CVE-2015-6085)  NEW! Industry Reference  CVE-2015-6085  | Check Point Reference  CPAI-2015-1265  A remote code execution vulnerability has been reported in Microsoft Internet Explorer. This protection will detect and block attempts to exploit this vulnerability.   Microsoft Internet Explorer Memory Corruption (MS15-112; CVE-2015-6087)  NEW! Industry Reference  CVE-2015-6087  | Check Point Reference  CPAI-2015-1291  A remote code execution vulnerability has been reported in Microsoft Internet Explorer. This protection will detect and block attempts to exploit this vulnerability.   Microsoft Internet Explorer Scripting Engine Memory Corruption (MS15-112; CVE-2015-6089)  NEW! Industry Reference  CVE-2015-6089  | Check Point Reference  CPAI-2015-1264  A remote code execution vulnerability has been reported in Microsoft Internet Explorer. This protection will detect and block attempts to exploit this vulnerability.   Microsoft Internet Explorer Use After Free Remote Code Execution (MS15-106; CVE-2015-6045)  NEW! Industry Reference  CVE-2015-6045  | Check Point Reference  CPAI-2015-1292  A remote code execution vulnerability has been reported in Microsoft Internet Explorer. This protection will detect and block attempts to exploit this vulnerability.   Microsoft Internet Explorer Use After Free Remote Code Execution (MS15-112; CVE-2015-6064)  NEW! Industry Reference  CVE-2015-6064  | Check Point Reference  CPAI-2015-1254  A use after free vulnerability exists in Microsoft Internet Explorer. This protection will detect and block attempts to exploit this vulnerability.   Microsoft Office Memory Corruption (MS15-116; CVE-2015-6038)  NEW! Industry Reference  CVE-2015-6038  | Check Point Reference  CPAI-2015-1278  A remote code execution vulnerability exists in Microsoft Office. This protection will detect and block attempts to exploit this vulnerability.   Microsoft Office Memory Corruption (MS15-116; CVE-2015-6092)  NEW! Industry Reference  CVE-2015-6092  | Check Point Reference  CPAI-2015-1287  A remote code execution vulnerability exists in Microsoft Office. This protection will detect and block attempts to exploit this vulnerability.   Microsoft Office Memory Corruption (MS15-116; CVE-2015-6093)  NEW! Industry Reference  CVE-2015-6093  | Check Point Reference  CPAI-2015-1276  A remote code execution vulnerability exists in Microsoft Office. This protection will detect and block attempts to exploit this vulnerability.   Microsoft Office Memory Corruption (MS15-116; CVE-2015-6094)  NEW! Industry Reference  CVE-2015-6094  | Check Point Reference  CPAI-2015-1280  A use-after-free vulnerability exists in Microsoft Excel. This protection will detect and block attempts to exploit this vulnerability.   Microsoft Outlook for Mac Spoofing Vulnerability (MS15-116; CVE-2015-6123)  NEW! Industry Reference  CVE-2015-6123  | Check Point Reference  CPAI-2015-1294  A spoofing vulnerability has been reported in Microsoft outlook for Mac. This protection will detect and block attempts to exploit this vulnerability.   Microsoft Windows Graphics Memory Remote Code Execution (MS15-115; CVE-2015-6104)  NEW! Industry Reference  CVE-2015-6104  | Check Point Reference  CPAI-2015-1274  A remote code execution vulnerability has been reported in Windows Graphics Component. This protection will detect and block attempts to exploit this vulnerability.   Microsoft Windows Journal Heap Overflow Vulnerability (MS15-114; CVE-2015-6097)  NEW! Industry Reference  CVE-2015-6097  | Check Point Reference  CPAI-2015-1267  A remote code execution vulnerability has been reported in Microsoft Windows Journal. This protection will detect and block attempts to exploit this vulnerability.   Microsoft Windows Kernel Security Feature Bypass Vulnerability (MS15-115; CVE-2015-6113)  NEW! Industry Reference  CVE-2015-6113  | Check Point Reference  CPAI-2015-1293  A kernel security feature bypass vulnerability has been reported in Microsoft Windows. This protection will detect and block attempts to exploit this vulnerability.   Microsoft Windows Winsock Elevation of Privilege (MS15-119; CVE-2015-2478)  NEW! Industry Reference  CVE-2015-2478  | Check Point Reference  CPAI-2015-1281  An elevation of privilege vulnerability exists in Windows Winsock. This protection will detect and block attempts to exploit this vulnerability.   OpenEMR globals.php Authentication Bypass (CVE-2015-4453)  NEW! Industry Reference  CVE-2015-4453  | Check Point Reference  CPAI-2015-1240  An authentication weakness vulnerability exists in OpenEMR, specifically in the globals. This protection will detect and block attempts to exploit this vulnerability.   Uniscan Security Scanner  NEW! Check Point Reference  CPAI-2015-1289  Uniscan is a vulnerability scanning product. This protection will detect and block Uniscan vulnerability scanning attempts.   VMware vCenter Server JMX Remote Code Execution (CVE-2015-2342)  NEW! Industry Reference  CVE-2015-2342  | Check Point Reference  CPAI-2015-1231  A code execution vulnerability exists in VMware vCenter Server. This protection will detect and block attempts to exploit this vulnerability.   UPDATED PROTECTIONS CPAI-2013-2455  IBM Cognos tm1admsd.exe Buffer Overflow (CVE-2012-0202) CPAI-2015-0938  Microsoft Graphics Component Remote Code Execution (MS15-080; CVE-2015-2462) CPAI-2014-1896  Microsoft Internet Explorer Memory Corruption (MS14-056; CVE-2014-4140) CPAI-2014-0080  Microsoft OpenType Font Format Driver Index Code Execution (MS10-091; CVE-2010-3956) - Ver2 CPAI-2010-221  Microsoft Windows Shell LNK File Parsing Code Execution (MS10-046; CVE-2010-2568) CPAI-2014-1951  Nuclear Exploit Kit Landing Page CPAI-2015-0234  PHP Date Time Object Unserialize Memory Corruption (CVE-2015-0273) CPAI-2015-0881  Potentially Malicious Web Site CPAI-2015-0445  Web Clients HTTP URL HTML Entity Cross-Site Scripting CPAI-2015-0446  Web Clients HTTP URL JavaScript Function Cross-Site Scripting (CVE-2015-1159; CVE-2015-6972; CVE-2015-6099) CPAI-2015-1233  vBulletin vB_api Remote Code Execution (CVE-2015-7808)   PROTECTIONS REMOVED FROM THE RECOMMENDED PROFILE CPAI-2009-204  Microsoft GDI+ TIFF Buffer Overflow (MS09-062; CVE-2009-2502)