TMS zl Module IPS/IDS Signature Reference Guide RLX.10.2.2.94
ProCurve TMS zl Module IPS/IDS Signature
Reference Guide Version RLX.10.2.2.94
1027
application parses a specially crafted ".aup" project file. Audacity version 1.6.2 is affected.This hits when the remote
AUP file has large strings.
Signature ID: 36414
Safari Browser Integer Array Heap Overflow
Threat Level: Information
Industry ID: CVE-2009-0070 CVE-2008-2307
Signature Description: Safari is a webbrowser, developed by Apple Company. Can run on Windows XP, Vista, Mac
OS etc,. The array index of the arguments array in a JavaScript function may cause Safari web browser to crash. Safari
3.2 is not vulnerable to this attack. This rule hits when the http response has javascript eval function with unesacape
sequence.
Signature ID: 36415
MS Internet Explorer JavaScript Denial of Service with empty screen method
Threat Level: Severe
Industry ID: CVE-2009-0072 Bugtraq: 33149
Signature Description: HTML Body tag can contain onload function. If the function has Empty Screen[""] Value,
Browsers may create empty object and may crash.MS Internet Explorer Version 8.0 Beta2 and Earlier versions are
vulnerable to this attack. This rule hits when http response html body tag has empty screen method.
Signature ID: 36416
MW6 Barcode ActiveX (Barcode.dll) Reamote Heap Overflow
Threat Level: Warning
Industry ID: CVE-2009-0298 Bugtraq: 33451
Signature Description: Barcode Activex has rich set of features to embed the Barcode representation on the Microsoft
products. This Barcode ActiveX Control can be embedded seamlessly into Microsoft Office Products like MS Access,
Excel, Word, and Development products like Visual Basic, development environments, programming languages, web
applications and report generators. Especially Office, VB and VBA developers benefit from the convenient and
powerful programming options. This activex SUPPLEMENT method suffers from the Buffer overflow attack. The
remote attacker can exploit this issue by enticing the users to visit malicious web pages. The successful remote attacker
can execute arbitrary code in the context of the application using the vulnerable activex. No Remedy available. User
can set the killbit to the vulnerable activex.This rule hits when the vulnerable activex and the method found on the http
response.
Signature ID: 36417
MW6 Barcode ActiveX (Barcode.dll) Reamote Heap Overflow
Threat Level: Severe
Industry ID: CVE-2009-0298
Bugtraq: 33451
Signature Description: Barcode Activex has rich set of features to embed the Barcode representation on the Microsoft
products.This Barcode ActiveX Control can be embedded seamlessly into Microsoft Office Products like MS Access,
Excel, Word, and Development products like Visual Basic, development environments, programming languages, web
applications and report generators. Especially Office, VB and VBA developers benefit from the convenient and
powerful programming options. This activex SUPPLEMENT method suffers from the Buffer overflow attack. The
remote attacker can exploit this issue by enticing the users to visit malicious web pages. The successful remote attacker
can execute arbitrary code in the context of the application using the vulnerable activex. No Remedy available. User
can set the killbit to the vulnerable activex.This rule hits when the vulnerable activex and hex encoded data present in
the http response.