BugZero found this defect 237 days ago.
Data sources
All data on this page is proprietary to BugZero® or gathered from public sources
10/17/2023
Firebox M200
Firebox M300
Firebox M270
Firebox M370
Firebox M470
Firebox M570
Firebox M670
Firebox M290
Firebox M390
Firebox M400
Firebox M500
Firebox M440
All
Fireware
12.x
12.5.x
v18.285
As of Fireware v12.5.12, Application Control and Intrusion Prevention Service use an updated engine and signature set. After you upgrade to Fireware v12.5.12, IPS signature rules 1139797 and 1132092 might block some HTTP traffic. 1139797 Buffer Overflow High WEB HTTP Invalid Content-Length -2 - A buffer overflow exists in several products. 1132092 Buffer Overflow Critical FILE Invalid XML Version -2 - A buffer overflow vulnerability was found in multiple products, caused by improper bounds checking of the version and encoding attributes inside the XML declaration.
Temporarily add IPS signature exceptions to allow port 80 traffic through the Firebox.We will update this article after the issue is resolved.