TMS zl Module IPS/IDS Signature Reference Guide RLX.10.2.2.94
ProCurve TMS zl Module IPS/IDS Signature
Reference Guide Version RLX.10.2.2.94
202
Signature ID: 1412
Mozilla Firefox Deleted Object Reference Vulnerability
Threat Level: Warning
Industry ID: CVE-CVE-2006-1993 Bugtraq: 17671
Signature Description: Mozilla Firefox is a free and open source web browser descended from the Mozilla Application
Suite, managed by the Mozilla Corporation. Firefox includes tabbed browsing, a spell checker, incremental find, live
bookmarking, a download manager, and an integrated search system that uses the user's desired search engine. Firefox
versions 1.5 through to 1.5.0.2 running on Windows and Linux platforms are vulnerable. A malicious user(remote
attacker) can exploit this vulnerability to execute arbitrary code or cause a victim's browser to crash by creating a
malicious Web page that uses the contentWindows.focus() JavaScript control to reference a deleted object. This
vulnerability resides in the implementation of based Command controller functions, where objects are not properly
initialized when designMode is enabled. Some malware known use to this exploit.
Signature ID: 1413
Mozilla Browser Marquee Denial of Service Vulnerability
Threat Level: Information
Industry ID: CVE-2006-272 CVE-2006-2723 Bugtraq: 18165
Signature Description: Web browser is a software application which enables a user to display and interact with text,
images, videos, music, games and other information typically located on a Web page at a website on the World Wide
Web or a local area network. Text and images on a Web page can contain hyperlinks to other Web pages at the same or
different website, Web browsers allow a user to quickly and easily access information provided on many Web pages at
many websites by traversing hyperlinks. pera Software Opera Web Browser 8.51 and prior versions, Mozilla
SeaMonkey 1.1.11, Mozilla Grand Paradiso 3.0a1, Mozilla Firefox 2.0.0.3, Mozilla Firefox 1.5.0.3, Microsoft Internet
Explorer 6.0 SP1, Microsoft Internet Explorer 6.0 versions are vulnerable denial of service. A remote attacker could
send a malicious Web page as a mail, after received thia type of mails the brower will consume all available CPU
resources on a victim's system, once the page is loaded.
Signature ID: 1414
Microsoft Windows Media Player PNG Buffer Overflow Vulnerability
Threat Level: Critical
Industry ID: CVE-2006-0025
Bugtraq: 18385
Signature Description: Windows Media Player (WMP) is a digital media player and media library application
developed by Microsoft that is used for playing audio, video and viewing images on personal computers running the
Microsoft Windows operating system, as well as on Pocket PC and Windows Mobile-based devices. Microsoft
Windows Media Player XP, Microsoft Windows Media Player 9.0, Microsoft Windows Media Player 7.1, Microsoft
Windows Media Player 10.0 are vulnerable to stack-based buffer overflow. PNG files come as a part of MP Skin
upgrade. If a Windows Media Player skin (.WMZ) file were downloaded from a malicious web site it could potentially
be used to run Java code to read and browse files on a local machine. After received(downloded) these skins, not doing
proper validation(bound checks) of PNG files. So a remote attacker could overflow a buffer and execute arbitrary code
on the system, once the file is opened.
Signature ID: 1415
Microsoft Windows Media Player PNG Buffer Overflow Vulnerability
Threat Level: Critical
Industry ID: CVE-2006-0025
Bugtraq: 18385
Signature Description: Microsoft Windows Media Player 7 and above, is vulnerable to a stack-based buffer overflow,
caused by improper bounds checking of PNG files. These PNG files come as a part of MP Skin upgrade. If a Windows
Media Player skin (.WMZ) file were downloaded from a malicious web site it could potentially be used to run Java