Critical: This Content Update contains 20 new events to address vulnerabilities in VoIP, LDAP, Javascript, and a critical vulnerability in Microsoft Exchange Server. Also in this XPU are 2 new blocking responses and 4 security content updates. Refer to the following X-Force alert for details about the critical vulnerability: http://xforce.iss.net/xforce/alerts/id/221
Checks:
| Risk | VulnID | Check Name | Category |
| Medium | 14105 | HTML_JS_showHelp_Code_Exec | Unauthorized Access Attempt |
| High | 20610 | HTTP_MailEnable_Auth_Overflow | Unauthorized Access Attempt |
| Low | 24605 | LDAP_Sun_Search_Dos | Denial of Service |
| Medium | 24637 | Zip_Directory_Traversal | Suspicious Activity |
| High | 24872 | ARJ_Header_Block_BO | Unauthorized Access Attempt |
| High | 24923 | Script_IE_IsComponentInstalled_BO | Unauthorized Access Attempt |
| High | 25006 | JavaScript_WScript_Shell_Object | Unauthorized Access Attempt |
| High | 25556 | Email_Exchange_Calendar_Malformed | Unauthorized Access Attempt |
| Low | 25557 | JavaScript_Flash_AddressBar_Spoofing | Suspicious Activity |
| Low | 25559 | MSRPC_MSDTC_VA_DoS | Denial of Service |
| Low | 25845 | VOIP_DRDoS | Denial of Service |
| Low | 25847 | VOIP_New_Call_Dos | Denial of Service |
| Medium | 25978 | HTML_Object_Styles_Overflow | Unauthorized Access Attempt |
| Low | 26094 | SSL_Google_Desktop_Indexing | Suspicious Activity |
| Low | 26098 | HTTP_Google_Desktop_Installed | Suspicious Activity |
| Medium | 26121 | Proxy_Bounce_Deep | Suspicious Activity |
| Medium | 26128 | HTTP_GET_SQL_Select_Count | Pre-attack Probe |
| Medium | 26128 | HTTP_POST_SQL_Select_Count | Pre-attack Probe |
| Low | 26146 | VOIP_Account_Without_Passwd | Protocol Signature |
| Medium | 26147 | VOIP_Brute_Force | Unauthorized Access Attempt |
If you are an existing customer or partner, and you wish to download X-Press Updates from our download center, click here.