Manualshelf

TMS zl Module IPS/IDS Signature Reference Guide RLX.10.2.2.94

ManualsBrandsHP ManualsComputer AccessoriesHP ProCurve Switch xl Access Controller Module
1051105210531054105510561057105810591060
ProCurve TMS zl Module IPS/IDS Signature
Reference Guide Version RLX.10.2.2.94
1051
Signature ID: 38200
Media Wiki XSS Attempt
Threat Level: Severe
Industry ID: CVE-CVE-2006-2611
Signature Description: Media Wiki versions 1.6.x or earlier vulnerable to Cross-Site scripting (XSS) attacks. An
attacker can inject an arbitary java script into Media Wiki Post, which can be executed in the genuine users context
when that post is visited. This is a client targetted attack rather than attack on media wiki servers.
Signature ID: 38201
Buffer Overflow attempt on Microsoft Visual Studio Database Project
Threat Level: Severe
Industry ID: CVE-CVE-2006-1043
Signature Description: Description : Microsoft Visual Studio 6.0 and Microsoft Visual InterDev 6.0 contains Stack-
based buffer overflow vulnerability. This vulnerability allows user-assisted attackers to execute arbitrary code via a
long DataProject field in a Visual Studio Database Project File (.dbp) or Visual Studio Solution (.sln)
Signature ID: 38202
Stack Buffer overflow attempt on Microsoft Visual studio via solution file
Threat Level: Severe
Industry ID: CVE-CVE-2006-1043
Signature Description: Description : Microsoft Visual Studio 6.0 and Microsoft Visual InterDev 6.0 contains Stack-
based buffer overflow vulnerability. This vulnerability allows user-assisted attackers to execute arbitrary code via a
long DataProject field in a Visual Studio Database Project File (.dbp) or Visual Studio Solution (.sln)
Signature ID: 38204
WMF parser in IE5.01 exploitation
Threat Level: Severe
Industry ID: CVE-2006-0020
Signature Description: A Microsoft WMF parsing application, as used in Internet Explorer 5.01 SP4 on Windows 2000
SP4, and 5.5 SP2 on Windows Millennium, and possibly other versions, contains stack based buffer overflow
vulnerability. This allows an attacker to cause a denial of service (crash) and possibly execute code via a crafted WMF
file with a manipulated WMF header size
Signature ID: 38205
McAfee Virus Scan Security Center vulnerability
Threat Level: Severe
Industry ID: CVE-2005-3657
Signature Description: Description : The ActiveX control in MCINSCTL.DLL for McAfee VirusScan Security Center
does not use the IObjectSafetySiteLock API to restrict access to required domains, which allows remote attackers to
create or append to arbitrary files via the StartLog and AddLog methods in the MCINSTALL.McLog object.<br>
Signature ID: 38206
Microsoft Outlook Improper handling of Object tags
Threat Level: Severe
Industry ID: CVE-2004-2482
Signature Description: Mircosoft Outlook 2000 to 2003 contains a vulnerability in handling improperly encoded object
tags while microsoft word is used as an email editor. While forwarding the email it does not properly handle an
opening object tag, without a closing object tag. This results outlook to download the URI in the data property tag of