Issue
As of Fireware v12.5.12, Application Control and Intrusion Prevention Service use an updated engine and signature set. After you upgrade to Fireware v12.5.12, IPS signature rules 1139797 and 1132092 might block some HTTP traffic.
1139797 Buffer Overflow High WEB HTTP Invalid Content-Length -2 - A buffer overflow exists in several products. 1132092 Buffer Overflow Critical FILE Invalid XML Version -2 - A buffer overflow vulnerability was found in multiple products, caused by improper bounds checking of the version and encoding attributes inside the XML declaration.
Workaround/Solution
Temporarily add IPS signature exceptions to allow port 80 traffic through the Firebox.We will update this article after the issue is resolved.
