CVE vulnerability - general information


  • Question
    How can I determine if my Finjan solution provides protection against a specific vulnerability or attack?

  • Answer

    Finjan Vital Security Web Appliances provide both reactive (signature-based) and proactive (behavior-based) protection though their Vulnerability Anti.doteā„¢ and Application Level Behavior Blocking engines, respectively.  These security engines help to mitigate new exploits based on known vulnerabilities.  In many cases, they also stop new threats based on unknown vulnerabilities.

    From time to time vendors publish official statements, revealing details about new vulnerabilities or exposures that are related to their products.  For example, Microsoft typically releases security bulletins on the second Tuesday of every month.  The Common Vulnerabilities and Exposures (CVE) system provides a global, cross-vendor reference method for publicly known information security vulnerabilities and exposures.  Each vendor alert is typically related to one or more CVE numbers.  The CVE web page linked below inlcudes a search mechanism that can be used to look up vulnerabilities by CVE numbers or vendor identifiers.

    http://cve.mitre.org/cve/cve.html

    When researching a particular vulnerability, open a Finjan support case to receive information regarding the level of protection provided by a Finjan solution.  To identify the vulnerability under investigation, please provide its CVE number in the support case.  If there is any other information that could prove helpful, please provide it as well.  Such information can include:

    • vendor identifiers
    • links to web pages that discuss the vulnerability
    • e-mails that discuss the vulnerability

  • Software Version
    all

  • This article was previously published as:
    Finjan KB 12677

    Last Modified 12/24/2009.
    https://support.trustwave.com/kb/KnowledgebaseArticle13676.aspx