TMS zl Module IPS/IDS Signature Reference Guide RLX.10.2.2.94
ProCurve TMS zl Module IPS/IDS Signature
Reference Guide Version RLX.10.2.2.94
1010
application for recovering passwords by sniffing them from the connected network. It is developed for Microsoft
operating system. Cain & Abel version 4.9.23 and 4.9.24 are vulnerable to remote buffer overflow vulnerability. When
using remote desktop password decoder in Cain and while importing ".rdp" file contains long Chars the program will
crash. Patch details are available and please upgrade to Cain & Able version 4.9.25 to resolve this issue.
Signature ID: 35820
ECentrex VOIP Client UACOMX.OCX ActiveX Control Buffer Overflow Vulnerability
Threat Level: Warning
Industry ID: CVE-2007-4489 Bugtraq: 25383
Signature Description: ECentrex is a popular developer of Voice-over-IP (VoIP) solutions. The eCentrex VOIP Client
ActiveX control (uacomx.ocx) version 2.0.1 is vulnerable to a stack-based buffer overflow. This ActiveX Control is
included in several VoIP products.By persuading a victim to visit a specially-crafted Web page containing %uHHHH
encoded data, that passes an overly long username argument to the ReInit method, a remote attacker could overflow a
buffer and execute arbitrary code on the system or cause the victim's browser to crash.
Signature ID: 35821
NCTsoft NCTAudioFile2 ActiveX Control NCTWMAFILE2.DLL Arbitrary File Overwrite
Vulnerability
Threat Level: Warning
Bugtraq: 24613
Signature Description: NCTVideoStudio is a set of ActiveX DLLs to process video data. With these controls you can
convert video files between different formats, create new video files from a sequence of separate images, export video
frames to separate image files etc. NCTsoft NCTAudioEditor ActiveX DLL 2 version 2.6.2.157 is vulnerable to remote
file manipulation vulnerability. This issue occurs because the application fails to sanitize user-supplied input to the
'CreateFile' method of the 'NCTWMAFile2.dll' library. An attacker can exploit this issue to overwrite arbitrary files on
the victim's computer in the context of the vulnerable application using the ActiveX control. No updates are available
to resolve this issue or user can set killbit to the clsid 6ED74AE3-8066-4385-AABA-243E033F75A3 to resolve this
issue.
Signature ID: 35822
NCTsoft NCTAudioFile2 ActiveX Control NCTWMAFILE2.DLL Arbitrary File Overwrite
Vulnerability
Threat Level: Warning
Signature Description: NCTVideoStudio is a set of ActiveX DLLs to process video data. With these controls you can
convert video files between different formats, create new video files from a sequence of separate images, export video
frames to separate image files etc. NCTsoft NCTAudioEditor ActiveX DLL 2 version 2.6.2.157 is vulnerable to remote
file manipulation vulnerability. This issue occurs because the application fails to sanitize user-supplied input to the
'CreateFile' method of the 'NCTWMAFile2.dll' library. An attacker can exploit this issue to overwrite arbitrary files on
the victim's computer in the context of the vulnerable application using the ActiveX control. No updates are available
to resolve this issue or user can set killbit to the clsid corresponding to the progid NCTWMAFile2.WMAFile2.2 to
resolve this issue.
Signature ID: 35823
FlexCell Grid Control Remote File Overwrite Vulnerability
Threat Level: Warning
Industry ID: CVE-2009-0301 Bugtraq: 33453
Signature Description: FlexCell is a flexible and easy to use grid control, it provides comprehensive functions,such as
exporting to Excel/CSV/HTML/PDF/XML, importing from XML, printing, print preview, sorting, virtual mode,
ownerdraw mode, etc. FlexCell grid control contains a grid designer that allows you to design report templates and user