\n
\n
\n

\n","status":"PUBLISHED","fileName":null,"link":"https://research.checkpoint.com/2019/cpr-quarterly-q1-2019/","tags":[],"score":0.01302341092377901,"topStoryDate":null},{"id":"616","type":"Release_Letters","name":"Check Point IPS Security Update October 27, 2015","author":"IPS Team","date":1445929200000,"description":"Check Point IPS Security Update\nOctober 27th, 2015 - Package No. 634157184","content":"

Check Point IPS Security Update

\"\"/


Check Point  IPS Security Update
October 27th, 2015 - Package No. 634157184
 
Recommended Profile Updates  

ADDED PROTECTIONS
Ignite Realtime Openfire user-create.jsp Cross-Site Request Forgery (CVE-2015-6973)  NEW!
Industry Reference  CVE-2015-6973  | Check Point Reference  CPAI-2015-1193 
A cross-site request forgery vulnerability has been reported in Openfire's user-create.
This protection will detect and block attempts to exploit this vulnerability.
 
Matt Wright FormMail Multiple cross-site scripting (XSS) vulnerabilities (CVE-2009-1776; CVE-2009-1777)  NEW!
Industry Reference  CVE-2009-1776  | Check Point Reference  CPAI-2015-1082 
FormMail is prone to an HTTP-response-splitting vulnerability and multiple cross-site scripting vulnerabilities because it fails to properly sanitize user-supplied input.
This protection will detect and block attempts to exploit this vulnerability.
 
Oracle Database Client System Analyzer Arbitrary File Upload Code Execution (CVE-2010-3600)  NEW!
Industry Reference  CVE-2010-3600  | Check Point Reference  CPAI-2015-1206 
A directory traversal and remote code-execution vulnerability exists in Oracle Database Server 11 and Enterprise Manager Grid Control 10.
This protection will detect and block attempts to exploit this vulnerability.
 
Paros Proxy Scanner  NEW!
Check Point Reference  CPAI-2015-1223 
Paros is a proxy scanning product. Remote attackers can use Paros to detect proxy servers.
This protection will detect and block attempts to use this scanner.
 
Reprise License Manager HTTP Parameter Parsing Stack Buffer Overflow  NEW!
Check Point Reference  CPAI-2015-1152 
A stack buffer overflow vulnerability exists in the Reprise License Manager.
This protection will detect and block attempts to exploit this vulnerability.
 
Typo3 CMS SanitizeLocalUrl Cross-Site Scripting (CVE-2015-5956)  NEW!
Industry Reference  CVE-2015-5956  | Check Point Reference  CPAI-2015-1191 
A cross-site scripting vulnerability has been reported in Typo3 CMS.
This protection will detect and block attempts to exploit this vulnerability.
 
vBulletin vB_api Remote Code Execution  NEW!
Check Point Reference  CPAI-2015-1233 
A vulnerability exists in the vBulletin software package, allowing an attacker to execute PHP code on any vBulletin server without requiring user authentication.
This protection will detect and block attempts to exploit this vulnerability.
 
UPDATED PROTECTIONS
CPAI-2015-0260  Acunetix Web Vulnerability Scanner
CPAI-2015-1218  Adobe Flash Player IExternalizable Remote Code Execution (APSA15-05; CVE-2015-7645)
CPAI-2015-1080  Ajax File Browser settings.inc.php File Inclusion (CVE-2007-4921)
CPAI-2014-1222  Dlink IP Camera Video Stream Authentication Bypass - Ver2 (CVE-2013-1600)
CPAI-2014-2103  E107 userjournals_menu Plugin SQL Injection
CPAI-2015-1073  Focus SIS staticpath File Inclusion (CVE-2007-4807)
CPAI-2013-2481  HP Data Protector CRS Opcode 259 Stack Buffer Overflow (CVE-2013-2329)
CPAI-2006-290  Ipswitch IMail Server SMTP Service Buffer Overflow (CVE-2006-4379)
CPAI-2014-2127  Joomla Component com_webring Remote File Inclusion (CVE-2006-4129)
CPAI-2010-449  Linux Kernel sctp_rcv_ootb Remote Denial of Service (CVE-2010-0008)
CPAI-2014-2232  Malformed PDF Version Header
CPAI-2015-0206  ManageEngine Multiple Products FailOverHelperServlet copyfile Information Disclosure (CVE-2014-7863)
CPAI-2006-216  McAfee WebShield SMTP Bounce Message Format String (CVE-2006-0559)
CPAI-2014-2352  Microsoft FrontPage Server Extensions Buffer Overrun (MS03-051; CVE-2003-0822) - Ver2
CPAI-2007-223  Microsoft Help Workshop CNT Help Contents Buffer Overflow (CVE-2007-0352)
CPAI-2009-331  Microsoft IIS Filename Extension Parsing Security Bypass (CVE-2009-4444)
CPAI-2014-2375  Microsoft IIS WebDAV Remote Buffer Overflow (MS03-007; CVE-2003-0109) - Ver2
CPAI-2014-2377  Microsoft IIS idq.dll IDAIDQ ISAPI Overflow Buffer Overflow - Ver2 (CVE-2001-0500)
CPAI-2015-0931  Microsoft Internet Explorer Information Disclosure (MS15-079; CVE-2015-2423)
CPAI-2015-1163  Microsoft Internet Explorer Use After Free Remote Code Execution (MS15-109; CVE-2015-2548)
CPAI-2015-0914  Microsoft Office Memory Corruption (MS15-081; CVE-2015-2477)
CPAI-2012-306  Microsoft SharePoint XSS scriptresx.ashx Elevation of Privilege (MS12-050; CVE-2012-1859)
CPAI-2015-0410  Microsoft Windows HTTP.sys Remote Code Execution (MS15-034; CVE-2015-1635)
CPAI-2012-084  Microsoft Windows Remote Desktop Protocol Code Execution (MS12-020; CVE-2012-0002)
CPAI-2015-0835  Microsoft Windows Remote Desktop Protocol Code Execution (MS15-067; CVE-2015-2373)
CPAI-2015-0237  Microsoft Windows Remote Desktop Protocol Denial of Service (MS15-030; CVE-2015-0079)
CPAI-2015-1063  Muieblackcat PHP Vulnerability Scanner
CPAI-2015-0013  Netscape NSS Library Record Parsing Buffer Overflow (CVE-2004-0826)
CPAI-2015-1072  Nmap Scripting Engine Scanner Over HTTP Request
CPAI-2014-1182  PHP JavaScript Website Redirection
CPAI-2015-0669  Shodan Scanner BACNET Request
CPAI-2015-0671  Shodan Scanner ENIP Request
CPAI-2015-0673  Shodan Scanner GTP Request
CPAI-2015-0674  Shodan Scanner ISAKMP Request
CPAI-2014-1326  Sqlmap Automated SQL Injection tool
CPAI-2013-1682  Squid Proxy strHdrAcptLangGetItem Value Denial of Service (CVE-2013-1839)
CPAI-2015-1076  Tropicalm Crowell Resource RESPATH File Inclusion (CVE-2007-2530)
CPAI-2013-2749  Web Servers Malicious URL Directory Traversal (CVE-2011-2474; CVE-2014-0130; CVE-2010-4598)
CPAI-2014-2206  Web Servers Suspicious File Upload
CPAI-2012-337  Zend Technologies Zend Framework Zend_XmlRpc Information Disclosure (CVE-2012-3363)
 
 
Other Updates  
 
 
 
UPDATED PROTECTIONS
CPAI-2015-0313  Dlink IP Camera Authenticated Arbitrary Command Execution - Ver2 (CVE-2013-1599)
CPAI-2015-0705  HP Intelligent Management Center img Buffer Overflow - Ver2 (CVE-2011-1848)
CPAI-2015-0726  Monkey HTTPD Server Denial of Service - Ver2 (CVE-2013-3724)
CPAI-2015-0678  PDF Containing Unsupported Filter
 
","status":"PUBLISHED","fileName":"1010","link":null,"tags":["IPS"],"score":0.010754252783954144,"topStoryDate":null},{"id":"620","type":"Release_Letters","name":"Check Point IPS Security Update November 10, 2015","author":"IPS Team","date":1447142400000,"description":"Check Point IPS Security Update\nNovember 10th, 2015 - Package No. 634157526","content":"

Check Point IPS Security Update

\"\"/


Check Point  IPS Security Update
November 10th, 2015 - Package No. 634157526
 
Recommended Profile Updates  

ADDED PROTECTIONS
Advantech WebAccess ActiveX ConvToSafeArray Stack Buffer Overflow (CVE-2014-9208)  NEW!
Industry Reference  CVE-2014-9208  | Check Point Reference  CPAI-2015-1236 
A stack buffer overflow vulnerability exists in Advantech's WebAccess SCADA software.
This protection will detect and block attempts to exploit this vulnerability.
 
IBM Lotus Domino Web Server iNotes Buffer Overflow (CVE-2003-0178)  NEW!
Industry Reference  CVE-2003-0178  | Check Point Reference  CPAI-2015-1252 
A buffer overflow vulnerability exists in IBM Lotus Domino iNotes Web Server.
This protection will detect and block attempts to exploit this vulnerability.
 
ManageEngine Applications Manager CommonAPIUtil moveSubGroup haid tohaid SQL Injection  NEW!
Check Point Reference  CPAI-2015-1241 
An SQL injection vulnerability exists in ManageEngine Applications Manager.
This protection will detect and block attempts to exploit this vulnerability.
 
ManageEngine Applications Manager CommonAPIUtil removeMonitorFrmMG haid SQL Injection  NEW!
Check Point Reference  CPAI-2015-1216 
An SQL injection vulnerability exists in ManageEngine Applications Manager.
This protection will detect and block attempts to exploit this vulnerability.
 
Microsoft .NET Information Disclosure Vulnerability (MS15-118; CVE-2015-6096)  NEW!
Industry Reference  CVE-2015-6096  | Check Point Reference  CPAI-2015-1284 
An information disclosure vulnerability exists in Microsoft .NET Framework.
This protection will detect and block attempts to exploit this vulnerability.
 
Microsoft Graphics Component Remote Code Execution (MS15-115; CVE-2015-6103)  NEW!
Industry Reference  CVE-2015-6103  | Check Point Reference  CPAI-2015-1273 
A remote code execution vulnerability has been reported in Windows Graphics Component.
This protection will detect and block attempts to exploit this vulnerability.
 
Microsoft Internet Explorer ASLR Bypass (MS15-112; CVE-2015-6088)  NEW!
Industry Reference  CVE-2015-6088  | Check Point Reference  CPAI-2015-1275 
A security feature bypass vulnerability has been reported in Microsoft Internet Explorer.
This protection will detect and block attempts to exploit this vulnerability.
 
Microsoft Internet Explorer Information Disclosure (MS15-112; CVE-2015-6086)  NEW!
Industry Reference  CVE-2015-6086  | Check Point Reference  CPAI-2015-1283 
An information disclosure vulnerability has been reported in Microsoft Internet Explorer.
This protection will detect and block attempts to exploit this vulnerability.
 
Microsoft Internet Explorer Memory Corruption (MS15-112; CVE-2015-6065)  NEW!
Industry Reference  CVE-2015-6065  | Check Point Reference  CPAI-2015-1258 
A remote code execution vulnerability has been reported in Microsoft Internet Explorer.
This protection will detect and block attempts to exploit this vulnerability.
 
Microsoft Internet Explorer Memory Corruption (MS15-112; CVE-2015-6066)  NEW!
Industry Reference  CVE-2015-6066  | Check Point Reference  CPAI-2015-1263 
A remote code execution vulnerability has been reported in Microsoft Internet Explorer.
This protection will detect and block attempts to exploit this vulnerability.
 
Microsoft Internet Explorer Memory Corruption (MS15-112; CVE-2015-6068)  NEW!
Industry Reference  CVE-2015-6068  | Check Point Reference  CPAI-2015-1259 
A remote code execution vulnerability has been reported in Microsoft Internet Explorer.
This protection will detect and block attempts to exploit this vulnerability.
 
Microsoft Internet Explorer Memory Corruption (MS15-112; CVE-2015-6070)  NEW!
Industry Reference  CVE-2015-6070  | Check Point Reference  CPAI-2015-1277 
A remote code execution vulnerability has been reported in Microsoft Internet Explorer.
This protection will detect and block attempts to exploit this vulnerability.
 
Microsoft Internet Explorer Memory Corruption (MS15-112; CVE-2015-6071)  NEW!
Industry Reference  CVE-2015-6071  | Check Point Reference  CPAI-2015-1279 
A remote code execution vulnerability has been reported in Microsoft Internet Explorer.
This protection will detect and block attempts to exploit this vulnerability.
 
Microsoft Internet Explorer Memory Corruption (MS15-112; CVE-2015-6072)  NEW!
Industry Reference  CVE-2015-6072  | Check Point Reference  CPAI-2015-1268 
A remote code execution vulnerability has been reported in Microsoft Internet Explorer.
This protection will detect and block attempts to exploit this vulnerability.
 
Microsoft Internet Explorer Memory Corruption (MS15-112; CVE-2015-6073)  NEW!
Industry Reference  CVE-2015-6073  | Check Point Reference  CPAI-2015-1269 
A remote code execution vulnerability has been reported in Microsoft Internet Explorer.
This protection will detect and block attempts to exploit this vulnerability.
 
Microsoft Internet Explorer Memory Corruption (MS15-112; CVE-2015-6075)  NEW!
Industry Reference  CVE-2015-6075  | Check Point Reference  CPAI-2015-1271 
A remote code execution vulnerability has been reported in Microsoft Internet Explorer.
This protection will detect and block attempts to exploit this vulnerability.
 
Microsoft Internet Explorer Memory Corruption (MS15-112; CVE-2015-6076)  NEW!
Industry Reference  CVE-2015-6076  | Check Point Reference  CPAI-2015-1272 
A remote code execution vulnerability has been reported in Microsoft Internet Explorer.
This protection will detect and block attempts to exploit this vulnerability.
 
Microsoft Internet Explorer Memory Corruption (MS15-112; CVE-2015-6077)  NEW!
Industry Reference  CVE-2015-6077  | Check Point Reference  CPAI-2015-1266 
A remote code execution vulnerability has been reported in Microsoft Internet Explorer.
This protection will detect and block attempts to exploit this vulnerability.
 
Microsoft Internet Explorer Memory Corruption (MS15-112; CVE-2015-6078)  NEW!
Industry Reference  CVE-2015-6078  | Check Point Reference  CPAI-2015-1261 
A use-after-free vulnerability has been reported in Microsoft Internet Explorer.
This protection will detect and block attempts to exploit this vulnerability.
 
Microsoft Internet Explorer Memory Corruption (MS15-112; CVE-2015-6079)  NEW!
Industry Reference  CVE-2015-6079  | Check Point Reference  CPAI-2015-1260 
A remote code execution vulnerability has been reported in Microsoft Internet Explorer.
This protection will detect and block attempts to exploit this vulnerability.
 
Microsoft Internet Explorer Memory Corruption (MS15-112; CVE-2015-6080)  NEW!
Industry Reference  CVE-2015-6080  | Check Point Reference  CPAI-2015-1255 
A A use-after-free vulnerability has been reported in Microsoft Internet Explorer.
This protection will detect and block attempts to exploit this vulnerability.
 
Microsoft Internet Explorer Memory Corruption (MS15-112; CVE-2015-6081)  NEW!
Industry Reference  CVE-2015-6081  | Check Point Reference  CPAI-2015-1256 
A remote code execution vulnerability has been reported in Microsoft Internet Explorer.
This protection will detect and block attempts to exploit this vulnerability.
 
Microsoft Internet Explorer Memory Corruption (MS15-112; CVE-2015-6082)  NEW!
Industry Reference  CVE-2015-6082  | Check Point Reference  CPAI-2015-1257 
A remote code execution vulnerability has been reported in Microsoft Internet Explorer.
This protection will detect and block attempts to exploit this vulnerability.
 
Microsoft Internet Explorer Memory Corruption (MS15-112; CVE-2015-6084)  NEW!
Industry Reference  CVE-2015-6084  | Check Point Reference  CPAI-2015-1262 
A remote code execution vulnerability has been reported in Microsoft Internet Explorer.
This protection will detect and block attempts to exploit this vulnerability.
 
Microsoft Internet Explorer Memory Corruption (MS15-112; CVE-2015-6085)  NEW!
Industry Reference  CVE-2015-6085  | Check Point Reference  CPAI-2015-1265 
A remote code execution vulnerability has been reported in Microsoft Internet Explorer.
This protection will detect and block attempts to exploit this vulnerability.
 
Microsoft Internet Explorer Memory Corruption (MS15-112; CVE-2015-6087)  NEW!
Industry Reference  CVE-2015-6087  | Check Point Reference  CPAI-2015-1291 
A remote code execution vulnerability has been reported in Microsoft Internet Explorer.
This protection will detect and block attempts to exploit this vulnerability.
 
Microsoft Internet Explorer Scripting Engine Memory Corruption (MS15-112; CVE-2015-6089)  NEW!
Industry Reference  CVE-2015-6089  | Check Point Reference  CPAI-2015-1264 
A remote code execution vulnerability has been reported in Microsoft Internet Explorer.
This protection will detect and block attempts to exploit this vulnerability.
 
Microsoft Internet Explorer Use After Free Remote Code Execution (MS15-106; CVE-2015-6045)  NEW!
Industry Reference  CVE-2015-6045  | Check Point Reference  CPAI-2015-1292 
A remote code execution vulnerability has been reported in Microsoft Internet Explorer.
This protection will detect and block attempts to exploit this vulnerability.
 
Microsoft Internet Explorer Use After Free Remote Code Execution (MS15-112; CVE-2015-6064)  NEW!
Industry Reference  CVE-2015-6064  | Check Point Reference  CPAI-2015-1254 
A use after free vulnerability exists in Microsoft Internet Explorer.
This protection will detect and block attempts to exploit this vulnerability.
 
Microsoft Office Memory Corruption (MS15-116; CVE-2015-6038)  NEW!
Industry Reference  CVE-2015-6038  | Check Point Reference  CPAI-2015-1278 
A remote code execution vulnerability exists in Microsoft Office.
This protection will detect and block attempts to exploit this vulnerability.
 
Microsoft Office Memory Corruption (MS15-116; CVE-2015-6092)  NEW!
Industry Reference  CVE-2015-6092  | Check Point Reference  CPAI-2015-1287 
A remote code execution vulnerability exists in Microsoft Office.
This protection will detect and block attempts to exploit this vulnerability.
 
Microsoft Office Memory Corruption (MS15-116; CVE-2015-6093)  NEW!
Industry Reference  CVE-2015-6093  | Check Point Reference  CPAI-2015-1276 
A remote code execution vulnerability exists in Microsoft Office.
This protection will detect and block attempts to exploit this vulnerability.
 
Microsoft Office Memory Corruption (MS15-116; CVE-2015-6094)  NEW!
Industry Reference  CVE-2015-6094  | Check Point Reference  CPAI-2015-1280 
A use-after-free vulnerability exists in Microsoft Excel.
This protection will detect and block attempts to exploit this vulnerability.
 
Microsoft Outlook for Mac Spoofing Vulnerability (MS15-116; CVE-2015-6123)  NEW!
Industry Reference  CVE-2015-6123  | Check Point Reference  CPAI-2015-1294 
A spoofing vulnerability has been reported in Microsoft outlook for Mac.
This protection will detect and block attempts to exploit this vulnerability.
 
Microsoft Windows Graphics Memory Remote Code Execution (MS15-115; CVE-2015-6104)  NEW!
Industry Reference  CVE-2015-6104  | Check Point Reference  CPAI-2015-1274 
A remote code execution vulnerability has been reported in Windows Graphics Component.
This protection will detect and block attempts to exploit this vulnerability.
 
Microsoft Windows Journal Heap Overflow Vulnerability (MS15-114; CVE-2015-6097)  NEW!
Industry Reference  CVE-2015-6097  | Check Point Reference  CPAI-2015-1267 
A remote code execution vulnerability has been reported in Microsoft Windows Journal.
This protection will detect and block attempts to exploit this vulnerability.
 
Microsoft Windows Kernel Security Feature Bypass Vulnerability (MS15-115; CVE-2015-6113)  NEW!
Industry Reference  CVE-2015-6113  | Check Point Reference  CPAI-2015-1293 
A kernel security feature bypass vulnerability has been reported in Microsoft Windows.
This protection will detect and block attempts to exploit this vulnerability.
 
Microsoft Windows Winsock Elevation of Privilege (MS15-119; CVE-2015-2478)  NEW!
Industry Reference  CVE-2015-2478  | Check Point Reference  CPAI-2015-1281 
An elevation of privilege vulnerability exists in Windows Winsock.
This protection will detect and block attempts to exploit this vulnerability.
 
OpenEMR globals.php Authentication Bypass (CVE-2015-4453)  NEW!
Industry Reference  CVE-2015-4453  | Check Point Reference  CPAI-2015-1240 
An authentication weakness vulnerability exists in OpenEMR, specifically in the globals.
This protection will detect and block attempts to exploit this vulnerability.
 
Uniscan Security Scanner  NEW!
Check Point Reference  CPAI-2015-1289 
Uniscan is a vulnerability scanning product.
This protection will detect and block Uniscan vulnerability scanning attempts.
 
VMware vCenter Server JMX Remote Code Execution (CVE-2015-2342)  NEW!
Industry Reference  CVE-2015-2342  | Check Point Reference  CPAI-2015-1231 
A code execution vulnerability exists in VMware vCenter Server.
This protection will detect and block attempts to exploit this vulnerability.
 
UPDATED PROTECTIONS
CPAI-2013-2455  IBM Cognos tm1admsd.exe Buffer Overflow (CVE-2012-0202)
CPAI-2015-0938  Microsoft Graphics Component Remote Code Execution (MS15-080; CVE-2015-2462)
CPAI-2014-1896  Microsoft Internet Explorer Memory Corruption (MS14-056; CVE-2014-4140)
CPAI-2014-0080  Microsoft OpenType Font Format Driver Index Code Execution (MS10-091; CVE-2010-3956) - Ver2
CPAI-2010-221  Microsoft Windows Shell LNK File Parsing Code Execution (MS10-046; CVE-2010-2568)
CPAI-2014-1951  Nuclear Exploit Kit Landing Page
CPAI-2015-0234  PHP Date Time Object Unserialize Memory Corruption (CVE-2015-0273)
CPAI-2015-0881  Potentially Malicious Web Site
CPAI-2015-0445  Web Clients HTTP URL HTML Entity Cross-Site Scripting
CPAI-2015-0446  Web Clients HTTP URL JavaScript Function Cross-Site Scripting (CVE-2015-1159; CVE-2015-6972; CVE-2015-6099)
CPAI-2015-1233  vBulletin vB_api Remote Code Execution (CVE-2015-7808)
 
PROTECTIONS REMOVED FROM THE RECOMMENDED PROFILE
CPAI-2009-204  Microsoft GDI+ TIFF Buffer Overflow (MS09-062; CVE-2009-2502)
","status":"PUBLISHED","fileName":"1010","link":null,"tags":["IPS"],"score":0.009811971336603165,"topStoryDate":null}],"mapData":null,"topMalwareFamilies":null};