TMS zl Module IPS/IDS Signature Reference Guide RLX.10.2.2.94
ProCurve TMS zl Module IPS/IDS Signature
Reference Guide Version RLX.10.2.2.94
1009
SaveEnhWMF() presents in Barcode.dll file. By persuading a victim to visit a specially-crafted Web page, a remote
attacker could exploit this vulnerability using the insecure methods to overwrite or corrupt arbitrary files on the system.
Successful exploits will compromise affected computers and will aid in further attacks. No patch details available
alternately user can set killbit to the clsid DE7DA0B5-7D7B-4CEA-8739-65CF600D511E to resolve this issue.
Signature ID: 35815
MW6 DataMatrix ActiveX (DataMatrix.dll) Insecure Method Vulnerability
Threat Level: Warning
Industry ID: CVE-2008-4925 Bugtraq: 31980
Signature Description: DataMatrix ActiveX is a powerful ATL-based control for handling DataMatrix 2D barcode and
can be used in any ActiveX-compliant environment such as Word, Access, Excel, VB.NET, C#.NET, Visual Basic,
Visual C++, Visual FoxPro, Delphi or C++ Builder. MW6 DataMatrix ActiveX control 3.0.0.1 is vulnerable to remote
file manipulation. The vulnerability is caused due to the presents of insecure methods SaveBarCode() or
SaveEnhWMF() presents in Barcode.dll file. By persuading a victim to visit a specially-crafted Web page, a remote
attacker could exploit this vulnerability using the insecure methods to overwrite or corrupt arbitrary files on the system.
Successful exploits will compromise affected computers and will aid in further attacks. No patch details available
alternately user can set killbit to the clsid corresponding to the progid DATAMATRIXLib.MW6DataMatrix to resolve
this issue.
Signature ID: 35816
MW6 PDF417 ActiveX (MW6PDF417.dll) Remote Insecure Method Vulnerability
Threat Level: Warning
Industry ID: CVE-2008-4926 Bugtraq: 31983
Signature Description: PDF417 ActiveX is a powerful ATL-based control for handling PDF417 2D barcode and can be
used in any ActiveX-compliant environment such as Word, Access, Excel, VB.NET, C#.NET, Visual Basic, Visual
C++, Visual FoxPro, Delphi or C++ Builder. MW6 PDF417 ActiveX control 3.0.0.1 is vulnerable to remote file
manipulation vulnerability. The vulnerability is caused due to the presents of insecure methods SaveBarCode() or
SaveEnhWMF() presents in Barcode.dll file. By persuading a victim to visit a specially-crafted Web page, a remote
attacker could exploit this vulnerability using the insecure methods to overwrite or corrupt arbitrary files on the system.
Successful exploits will compromise affected computers and will aid in further attacks. No patch details available
alternately user can set killbit to the clsid to resolve this issue.
Signature ID: 35817
MW6 PDF417 ActiveX (MW6PDF417.dll) Remote Insecure Method Vulnerability
Threat Level: Warning
Industry ID: CVE-2008-4926 Bugtraq: 31983
Signature Description: PDF417 ActiveX is a powerful ATL-based control for handling PDF417 2D barcode and can be
used in any ActiveX-compliant environment such as Word, Access, Excel, VB.NET, C#.NET, Visual Basic, Visual
C++, Visual FoxPro, Delphi or C++ Builder. MW6 PDF417 ActiveX control 3.0.0.1 is vulnerable to remote file
manipulation vulnerability. The vulnerability is caused due to the presents of insecure methods SaveBarCode() or
SaveEnhWMF() presents in Barcode.dll file. By persuading a victim to visit a specially-crafted Web page, a remote
attacker could exploit this vulnerability using the insecure methods to overwrite or corrupt arbitrary files on the system.
Successful exploits will compromise affected computers and will aid in further attacks. No patch details available
alternately user can set killbit to the clsid corresponding to the progid MW6PDF417Lib.PDF417 to resolve this issue.
Signature ID: 35819
Cain & Abel Malformed '.rdp' File Buffer Overflow Vulnerability
Threat Level: Severe
Bugtraq: 32543
Signature Description: Cain & Abel is a password recovery tool for Microsoft Operating Systems. Cain & Abel is an