https://live.paloaltonetworks.com/t5/virustotal/firewall-block-file-docx-is-vulnerability-as-a-cve-2018-16021/m-p/396765#M1831 <P>Hi,</P><P>&nbsp;</P><P>My Inbound-Internet firewalls have blocked a Benign files and do not allow us to send this file to our organization.</P><DIV class="section-title">File Information</DIV><TABLE><TBODY><TR><TD>File Type</TD><TD>Microsoft Word Document</TD></TR><TR><TD>File Signer</TD><TD>&nbsp;</TD></TR><TR><TD>SHA-256</TD><TD>8cc853801a08620ba4fca8e85faf71f328238ab75d5a896f7d90c3fa4e0c731d</TD></TR><TR><TD>SHA-1</TD><TD>f9a8ae351155bdee15f6ba0bb1f546e841ee5458</TD></TR><TR><TD>MD5</TD><TD>02427a769d9d7742694d6f1e8d74b6fd</TD></TR><TR><TD>File Size</TD><TD>1402449 bytes</TD></TR><TR><TD>First Seen Timestamp</TD><TD>2021-03-30 10:14:36 UTC</TD></TR><TR><TD>Verdict</TD><TD><SPAN class="label label-success">Benign</SPAN></TD></TR></TBODY></TABLE><P>&nbsp;</P><DIV class="section-title">Session Information</DIV><TABLE><TBODY><TR><TD>File Source</TD><TD>&nbsp;</TD></TR><TR><TD>File Destination</TD><TD>&nbsp;</TD></TR><TR><TD>User-ID</TD></TR><TR><TD>Timestamp</TD><TD>2021-04-09 04:31:53 UTC</TD></TR><TR><TD>Source Zone</TD><TD>&nbsp;</TD></TR><TR><TD>Source IP</TD><TD>&nbsp;</TD></TR><TR><TD>Serial Number</TD><TD>Manual</TD></TR><TR><TD>Firewall Hostname/IP</TD><TD>&nbsp;</TD></TR><TR><TD>Virtual System</TD><TD>&nbsp;</TD></TR><TR><TD>Application</TD><TD>&nbsp;</TD></TR><TR><TD>URL</TD><TD>&nbsp;</TD></TR><TR><TD>File Name</TD><TD>TCB_eKYC_TKHT-v1.2_240321.docx</TD></TR><TR><TD>Status</TD></TR></TBODY></TABLE><P>This is the link to download file sample:</P><P><A href="https://ibm.box.com/s/54b4kni9jaaf8ukkwuvgpjvo4i9wc5tc" target="_blank" rel="noopener">https://ibm.box.com/s/54b4kni9jaaf8ukkwuvgpjvo4i9wc5tc</A></P><P>Please review all the files once again.</P><P>If the file is clean please mark this as not CVE-2018-16021</P><P>Thank you.</P> Sat, 10 Apr 2021 10:46:41 GMT AuDucLong 2021-04-10T10:46:41Z https://live.paloaltonetworks.com/t5/virustotal/firewall-block-file-docx-is-vulnerability-as-a-cve-2018-16021/m-p/396765#M1831 <P>Hi,</P><P>&nbsp;</P><P>My Inbound-Internet firewalls have blocked a Benign files and do not allow us to send this file to our organization.</P><DIV class="section-title">File Information</DIV><TABLE><TBODY><TR><TD>File Type</TD><TD>Microsoft Word Document</TD></TR><TR><TD>File Signer</TD><TD>&nbsp;</TD></TR><TR><TD>SHA-256</TD><TD>8cc853801a08620ba4fca8e85faf71f328238ab75d5a896f7d90c3fa4e0c731d</TD></TR><TR><TD>SHA-1</TD><TD>f9a8ae351155bdee15f6ba0bb1f546e841ee5458</TD></TR><TR><TD>MD5</TD><TD>02427a769d9d7742694d6f1e8d74b6fd</TD></TR><TR><TD>File Size</TD><TD>1402449 bytes</TD></TR><TR><TD>First Seen Timestamp</TD><TD>2021-03-30 10:14:36 UTC</TD></TR><TR><TD>Verdict</TD><TD><SPAN class="label label-success">Benign</SPAN></TD></TR></TBODY></TABLE><P>&nbsp;</P><DIV class="section-title">Session Information</DIV><TABLE><TBODY><TR><TD>File Source</TD><TD>&nbsp;</TD></TR><TR><TD>File Destination</TD><TD>&nbsp;</TD></TR><TR><TD>User-ID</TD></TR><TR><TD>Timestamp</TD><TD>2021-04-09 04:31:53 UTC</TD></TR><TR><TD>Source Zone</TD><TD>&nbsp;</TD></TR><TR><TD>Source IP</TD><TD>&nbsp;</TD></TR><TR><TD>Serial Number</TD><TD>Manual</TD></TR><TR><TD>Firewall Hostname/IP</TD><TD>&nbsp;</TD></TR><TR><TD>Virtual System</TD><TD>&nbsp;</TD></TR><TR><TD>Application</TD><TD>&nbsp;</TD></TR><TR><TD>URL</TD><TD>&nbsp;</TD></TR><TR><TD>File Name</TD><TD>TCB_eKYC_TKHT-v1.2_240321.docx</TD></TR><TR><TD>Status</TD></TR></TBODY></TABLE><P>This is the link to download file sample:</P><P><A href="https://ibm.box.com/s/54b4kni9jaaf8ukkwuvgpjvo4i9wc5tc" target="_blank" rel="noopener">https://ibm.box.com/s/54b4kni9jaaf8ukkwuvgpjvo4i9wc5tc</A></P><P>Please review all the files once again.</P><P>If the file is clean please mark this as not CVE-2018-16021</P><P>Thank you.</P> Sat, 10 Apr 2021 10:46:41 GMT https://live.paloaltonetworks.com/t5/virustotal/firewall-block-file-docx-is-vulnerability-as-a-cve-2018-16021/m-p/396765#M1831 AuDucLong 2021-04-10T10:46:41Z