TMS zl Module IPS/IDS Signature Reference Guide RLX.10.2.2.94
ProCurve TMS zl Module IPS/IDS Signature
Reference Guide Version RLX.10.2.2.94
219
Signature ID: 1526
Microsoft XML Core Service XMLHTTP ActiveX Control Remote Code Execution
Vulnerability
Threat Level: Severe
Industry ID: CVE-2006-5745 Bugtraq: 20915
Signature Description: Microsoft XML Core Services (MSXML) allow developers who use applications such as
JScript, Visual Basic Scripting Edition (VBScript), and Microsoft Visual Studio to create XML-based applications.
MSXML includes the XMLHTTP ActiveX control, which allows web pages to transmit or receive XML data via
HTTP operations. The XMLHTTP 4.0 ActiveX control contains an unspecified memory corruption vulnerability. A
remote attacker could exploit this vulnerability to execute arbitrary code on a victim's system, if the attacker could
persuade the victim to visit a Web page containing hex encoded malicious data . Apply the available patch provided by
vendor or alternately user can set a kill bit to the clsids 88d969c5-f192-11d4-a65f-0040963251e5 and 88d96a0a-f192-
11d4-a65f-0040963251e5
Signature ID: 1527
Microsoft XML Core Service XMLHTTP ActiveX Control Remote Code Execution
Vulnerability
Threat Level: Severe
Industry ID: CVE-2006-5745 Bugtraq: 20915
Signature Description: Microsoft XML Core Services (MSXML) allow developers who use applications such as
JScript, Visual Basic Scripting Edition (VBScript), and Microsoft Visual Studio to create XML-based applications.
MSXML includes the XMLHTTP ActiveX control, which allows web pages to transmit or receive XML data via
HTTP operations. The XMLHTTP 4.0 ActiveX control contains an unspecified memory corruption vulnerability. A
remote attacker could exploit this vulnerability to execute arbitrary code on a victim's system, if the attacker could
persuade the victim to visit a Web page containing a malicious XMLHTTP ActiveX control. Microsoft has released
updates in Microsoft Security Bulletin MS06-071 to address this issue. This Signature detects the Progid.
Signature ID: 1528
WinZip FileView ActiveX Control Unsafe filepattern() Method Exposure Vulnerability(1)
Threat Level: Warning
Industry ID: CVE-2006-5198
Bugtraq: 21060
Signature Description: Winzip is a proprietary file archiver and compressor for Microsoft windows, developed by
WinZip Computing (Nico Mak Computing). Winzip's FileView ActiveX control version 10.0 prior to Build 7245 is
vulnerable to a stack-based buffer overflow. By persuading a victim to visit a specially-crafted web page that passes an
overly long string to the filepattern() method, a remote attacker could overflow a buffer and execute arbitrary code on
the system with the privileges of the user or cause the victim's browser to crash. As a workaround set the kill bit for
affected ActiveX control A09AE68F-B14D-43ED-B713-BA413F034904.
Signature ID: 1529
WinZip FileView ActiveX Control Unsafe filepattern() Method Exposure Vulnerability(2)
Threat Level: Severe
Industry ID: CVE-2006-5198 Bugtraq: 21060
Signature Description: Winzip is a proprietary file archiver and compressor for Microsoft windows, developed by
WinZip Computing (Nico Mak Computing). Winzip's FileView ActiveX control version 10.0 prior to Build 7245 is
vulnerable to a stack-based buffer overflow. By persuading a victim to visit a specially-crafted web page that passes the
progid WZFILEVIEW.FileViewCtrl.61 via insecure filepattern() method, a remote attacker could overflow a buffer
and execute arbitrary code on the system with the privileges of the user or cause the victim's browser to crash.