Manualshelf

TMS zl Module IPS/IDS Signature Reference Guide RLX.10.2.2.94

ManualsBrandsHP ManualsComputer AccessoriesHP ProCurve Switch xl Access Controller Module
1051105210531054105510561057105810591060
ProCurve TMS zl Module IPS/IDS Signature
Reference Guide Version RLX.10.2.2.94
1052
the object tag, which might allow remote attacker to execute arbitrary code. It uses SMTP protocol for exploiting the
vulnerability
Signature ID: 38207
Microsoft Outlook object handling vulnerability
Threat Level: Severe
Industry ID: CVE-2004-2482
Signature Description: Mircosoft Outlook 2000 to 2003 contains a vulnerability in handling improperly encoded object
tags while microsoft word is used as an email editor. While forwarding the email it does not properly handle an
opening object tag, without a closing object tag. This results outlook to download the URI in the data property tag of
the object tag, which might allow remote attacker to execute arbitrary code. This rule hits when attack pattern found in
the traffic,flowing towards POP3 Server.
Signature ID: 38208
Microsoft Outlook object handling vulnerability
Threat Level: Severe
Industry ID: CVE-2004-2482
Signature Description: Mircosoft Outlook 2000 to 2003 contains a vulnerability in handling improperly encoded object
tags while microsoft word is used as an email editor. While forwarding the email it does not properly handle an
opening object tag, without a closing object tag. This results outlook to download the URI in the data property tag of
the object tag, which might allow remote attacker to execute arbitrary code. It uses HTTP protocol to execute the attack
pattern.
Signature ID: 38209
BMP file based exploit
Threat Level: Severe
Industry ID: CVE-2004-0566
Signature Description: An Integer overflow vulnerability exits in imgbmp.cxx for Windows 2000. A remote attacker
may send a .bmp file with invalid/large bfOffBits fields, which can lead to crash the application on windows, and
execute an arbitrary code to gain access of the machine.<br><br>
Signature ID: 38210
DOS attack on Oracle database Manager
Threat Level: Severe
Industry ID: CVE-2007-5530
Signature Description: Database Control component in Oracle Database 10.1.0.5 and 10.2.0.3 and Enterprise Manager
has a vulnerability in handling invalid flags value while processing the Transparent Network Substrate Protocol. This
can cause the remote service to crash or 100% cpu utilization.
Signature ID: 38211
Shell script execution via Mozilla/Firefox
Threat Level: Severe
Industry ID: CVE-2004-0648
Signature Description: Earlier versions of Mozilla 1.7.1, Firefox 0.9.2, and Thunderbird 0.72 allows execution of shell
protocol via uri referencing. This is a client side attack, and When user clicks on the uri, it can launch arbitrary
programs which allows a remote attacker to gain access to the machine and sensitive data.