TMS zl Module IPS/IDS Signature Reference Guide RLX.10.2.2.94
ProCurve TMS zl Module IPS/IDS Signature
Reference Guide Version RLX.10.2.2.94
1012
OpenWebFile() and HttpDownloadFile() methods in Excel Viewer OCX ActiveX control. An attacker can exploit this
issue to execute arbitrary code in the context of an application using the affected ActiveX control. This may aid in
further attacks. No remedy is available as of 29th January 2009 to resolve this issue. Alternately user can Set kill-bit to
the clsid to resolve this issue.
Signature ID: 35828
Office Viewer ActiveX control Multiple Insecure Method Vulnerabilities
Threat Level: Warning
Bugtraq: 33245,33243,33238
Signature Description: Office Viewer ActiveX Control acts as an ActiveX document container for hosting Word
documents in a custom form or Web page. It can be easily integrated into applications written in languages that support
ActiveX control such as Visual C++, Visual Basic, Delphi, C++ Builder and .Net languages. Office Viewer ActiveX
control version 3.2 is vulnerable to arbitrary file overwrite and file manipulation vulnerabilities. The vulnerabilities are
caused due to the presents of insecure Save(), OpenWebFile() and HttpDownloadFile() methods in Office Viewer
ActiveX control. An attacker can exploit this issue to execute arbitrary code in the context of an application using the
affected ActiveX control. This may aid in further attacks. No remedy is available as of 29th January 2009 to resolve
this issue. Alternately user can Set kill-bit to the clsid to resolve this issue.
Signature ID: 35829
Word Viewer OCX 3.2 Remote File Execution Vulnerabilities
Threat Level: Warning
Bugtraq: 33243
Signature Description: Word Viewer ActiveX Control acts as an ActiveX document container for hosting Word
documents in a custom form or Web page. It can be easily integrated into applications written in languages that support
ActiveX control such as Visual C++, Visual Basic, Delphi, C++ Builder and .Net languages. Word Viewer ActiveX
control version 3.2 is vulnerable to arbitrary file overwrite and file manipulation vulnerabilities. The vulnerabilities are
caused due to the presents of insecure Save(), OpenWebFile() and HttpDownloadFile() methods in word Viewer
ActiveX control. An attacker can exploit this issue to execute arbitrary code in the context of an application using the
affected ActiveX control. This may aid in further attacks. No remedy is available as of 3rd February 2009 to resolve
this issue. Alternately user can Set kill-bit to the clsid to resolve this issue.
Signature ID: 35830
Ciansoft PDFBuilderX 2.2 ActiveX Arbitrary File Overwrite Vulnerability
Threat Level: Severe
Bugtraq: 33233
Signature Description: Ciansoft PDFBuilderX Control (ActiveX) is an application for creating PDF documents.
Ciansoft PDFBuilderX ActiveX control version 2.2.0.1 is vulnerable to Arbitrary File Overwrite vulnerability. The
vulnerability is caused due to the PDFBuilderXTrial.PDFDoc ActiveX control (PDFBuilderXTrial.ocx) providing the
insecure "SaveToFile()" method. This can be exploited to overwrite arbitrary files on the system in the context of the
currently logged-on user. Successful exploitation allows execution of arbitrary code. Set the kill-bit for the affected
ActiveX control to resolve this issue.
Signature ID: 35831
AAA EasyGrid ActiveX 3.51 Remote File Overwrite Vulnerability
Threat Level: Warning
Industry ID: CVE-2009-0134
Bugtraq: 33272
Signature Description: AAA EasyGrid Activex is a Easy-to-use interface, and can do form control such as edit, input,
print, print preview, connect to multi-databases. Easy Grid ActiveX 3.51 is vulnerable to remote file overwrite
vulnerability. The vulnerability is caused due to the EasyGrid.SGCtrl.32 ActiveX control in EasyGrid.ocx 1.0.0.1 in