TippingPoint Threat Intelligence and Zero-Day Coverage – Week of March 5, 2018

Credit to Author: Elisa Lippincott (TippingPoint Global Product Marketing)| Date: Fri, 09 Mar 2018 15:40:21 +0000

Today marks the first day of South by Southwest (SXSW) here in Austin and if you happen to be in town for the event, Trend Micro will be there! Starting tomorrow, Trend Micro will be exhibiting at the SXSW Job Market in booth 523. The SXSW Job Market is being held on March 10-11, 2018 at the Palmer Events Center. In addition, our very own Mark Nunnikhoven will be speaking during SXSW Interactive on Monday, March 12th at 11am Central on the topic of “Rogue Robots and the Potential for Cyber Attack.” For a sneak peek of what his session will cover, you can watch Marc’s two minute video here: https://youtu.be/O0fTloMXKns.

Next week, a number of us will be at CanSecWest in Vancouver where the Zero Day Initiative will host the 2018 Pwn2Own contest. For the latest developments during the contest, please follow the Zero Day Initiative on Twitter at twitter.com/thezdi. Daily wrap-ups will be posted on the Zero Day Initiative blog at www.zerodayinitiative.com/blog. I’ll also be blogging on the upcoming coverage we’ll have for any of the vulnerabilities found during the contest. Stay tuned!

Zero-Day Filters

There are 20 new zero-day filters covering seven vendors in this week’s Digital Vaccine (DV) package. A number of existing filters in this week’s DV package were modified to update the filter description, update specific filter deployment recommendation, increase filter accuracy and/or optimize performance. You can browse the list of published advisories and upcoming advisories on the Zero Day Initiative website. You can also follow the Zero Day Initiative on Twitter @thezdi and on their blog.

Adobe (9)

  • 30494: HTTP: Adobe Acrobat Pro DC colorConvertPage Buffer Overflow Vulnerability (ZDI-18-212)
  • 30511: HTTP: Adobe Acrobat Pro DC XFA picture Use-After-Free Vulnerability (ZDI-18-176)
  • 30515: HTTP: Adobe Acrobat Pro DC XPS Font Parsing Memory Corruption Vulnerability (ZDI-18-172)
  • 30527: HTTP: Adobe Acrobat Pro TIFF Information Disclosure Vulnerability (ZDI-18-210)
  • 30528: HTTP: Adobe Acrobat Pro XPS Vector Memory Corruption Vulnerability (ZDI-18-208)
  • 30531: HTTP: Adobe Acrobat Pro DC ImageConversion JPEG Parsing Out-Of-Bounds Read Vulnerability(ZDI-18-194)
  • 30535: HTTP: Adobe Acrobat Pro JP2 Vector Information Disclosure Vulnerability (ZDI-18-175)
  • 30538: HTTP: Adobe Acrobat Pro XPS Parsing Information Disclosure Vulnerability (ZDI-18-211)
  • 30539: HTTP: Adobe Acrobat Reader OCG objects Array Memory Corruption Vulnerability (ZDI-18-173)

Advantech (1)

  • 30463: HTTP: Advantech WebAccess SCADA certUpdate.asp filename Directory Traversal (ZDI-18-142)

Dell (1)

  • 30480: HTTPS: Dell EMC Storage Manager EmConfigMigration Servlet Directory Traversal (ZDI-18-129)

Foxit (4)

  • 30406: ZDI-CAN-5437: Zero Day Initiative Vulnerability (Foxit Reader)
  • 30407: ZDI-CAN-5438: Zero Day Initiative Vulnerability (Foxit Reader)
  • 30485: ZDI-CAN-5489: Zero Day Initiative Vulnerability (Foxit Reader)
  • 30486: ZDI-CAN-5491: Zero Day Initiative Vulnerability (Foxit Reader)

GE (1)

  • 30516: ZDI-CAN-5517: Zero Day Initiative Vulnerability (GE MDS PulseNET)

Microsoft (3)

  • 30389: HTTP: Microsoft Edge Select Element Information Disclosure Vulnerability (ZDI-18-167)
  • 30493: SMB: Microsoft JET Database Engine Excel Component Buffer Overflow (ZDI-17-839)
  • 30505: HTTP: Microsoft JET Database Engine Excel Component Buffer Overflow (ZDI-17-839) 

Rockwell (1)

  • 30487: ZDI-CAN-5496: Zero Day Initiative Vulnerability (Rockwell Automation Arena)

Missed Last Week’s News?

Catch up on last week’s news in my weekly recap.

The post TippingPoint Threat Intelligence and Zero-Day Coverage – Week of March 5, 2018 appeared first on .

http://feeds.trendmicro.com/TrendMicroSimplySecurity