TMS zl Module IPS/IDS Signature Reference Guide RLX.10.2.2.94
ProCurve TMS zl Module IPS/IDS Signature
Reference Guide Version RLX.10.2.2.94
200
Signature ID: 1402
Microsoft Internet Explorer Content-Type Denial Of Service Vulnerability
Threat Level: Warning
Industry ID: CVE-2006-5162 Bugtraq: 19092
Signature Description: Internet Explorer is a graphical web browser developed by Microsoft. Microsoft Internet
Explorer version 6.x is vulnerable to a denial of service via a stack-based buffer overflow in wininet.dll. By persuading
a victim to visit a specially-crafted Web page that sends an overly long HTTP "Content-Type" header, a remote
attacker could overflow a buffer and cause the victim's Web browser to crash.
Signature ID: 1403
MS Windows HTML Help HHCtrl ActiveX Control Memory Corruption Vulnerability
Threat Level: Warning
Industry ID: CVE-2006-3357 Bugtraq: 18769
Signature Description: Windows Internet Explorer commonly abbreviated to IE, is a series of graphical web browsers
developed by Microsoft, and it included as part of the Microsoft Windows line of operating systems, it has been the
most widely used web browser. <br>Microsoft, Internet Explorer 6, Microsoft, Internet Explorer 6 SP1, Microsoft,
Internet Explorer 6 SP2 are vulnerable to a heap-based buffer overflow in the HTML Help ActiveX control
(HHCtrl.ocx), because after received this type of responses the browser does not validate properly 'Image' property. So
a remote attacker may exploit this issue via a malicious web page to execute arbitrary code in the context of the
currently logged-in user. Exploitation attempts may lead to a denial-of-service condition as well. Attackers may also
employ HTML email to carry out an attack. Here a remote attackers to cause a denial of service (application crash) and
possibly execute arbitrary code by repeatedly setting the Image field of an Internet.HHCtrl.1 object to certain values.
Signature ID: 1404
Microsoft IE DataSourceControl DoS Vulnerability
Threat Level: Warning
Industry ID: CVE-2006-3729 Bugtraq: 19069
Signature Description: Windows Internet Explorer commonly abbreviated to IE, is a series of graphical web browsers
developed by Microsoft, and it included as part of the Microsoft Windows line of operating systems, it has been the
most widely used web browser. Microsoft, Internet Explorer 6, Microsoft, Internet Explorer 6 SP2, Microsoft, Internet
Explorer 6 SP1 are vulnerable to a denial of service, caused by an integer underflow and a NULL pointer dereference
that can occur when processing a malformed DataSourceControl ActiveX object with a negative
"getDataMemberName" property. A remote attacker could exploit this vulnerability to cause a victim's browser to
crash, if the attacker could persuade the victim to visit a malicious Web page.
Signature ID: 1405
MS IE/Apple Safari Browser Table Tag Status Bar URI Spoofing Vulnerability
Threat Level: Warning
Industry ID: CVE-2004-1121 Bugtraq: 11561,11573
Signature Description: Microsoft Internet Explorer is commonly abbreviated to IE, it is a series of graphical web
browsers. Apple Safari is a fastest, easiest-to-use web browser in the world. Apple, Mac OS X 10.2.8, Apple, Mac OS
X 10.3.6, Apple, Mac OS X Server 10.2.8, Apple, Mac OS X Server 10.3.6, Microsoft, Internet Explorer
6.0.2800.1106, Microsoft, Outlook Express 6.0 are vulnerable versions. A remote attacker could create a specially-
crafted URL link containing A HREF tags that specify a spoofed address and within these tags, TABLE tags that
specify the destination address, which will cause the spoofed URL to be displayed in the status bar, once the victim
clicked the mouse over the link. An attacker could exploit this vulnerability by creating a malicious Web page and
hosting it on a Web site or by sending it to a victim as an HTML email.