TMS zl Module IPS/IDS Signature Reference Guide RLX.10.2.2.94

ManualsBrandsHP ManualsComputer AccessoriesHP ProCurve Switch xl Access Controller Module

221

222

223

224

225

226

227

228

229

230

ProCurve TMS zl Module IPS/IDS Signature

Reference Guide Version RLX.10.2.2.94

224

Signature ID: 1547

Microsoft Internet Explorer DXImageTransform.Microsoft.MMSpecialEffectInplace1Input

ActiveX Arbitrary Code Execution Vulnerability

Threat Level: Warning

Industry ID: CVE-2006-1303 Bugtraq: 18328

Signature Description: Microsoft Directx is a collection of industry-leading technologies designed to deliver the most

advanced, stable, and visually impressive graphics experience on Microsoft platforms. Microsoft Internet Explorer

(Microsoft Internet Explorer versions 5.01 SP4, 6, 6 SP1) is a memory corruption vulnerability regarding the handling

of COM objects. By persuading a malicious web page containing an invalid DXImage

Transform.Microsoft.MMSpecialEffectInplace1Input ActiveX object, a remote attacker could execute arbitrary code

and gain complete control over the victim's system.

Signature ID: 1548

Microsoft Internet Explorer Mdt2dd.dll Insecure COM Instantiation Vulnerability

Threat Level: Warning

Industry ID: CVE-2006-1186 Bugtraq: 17453

Signature Description: Microsoft Directx is a collection of industry-leading technologies designed to deliver the most

advanced, stable, and visually impressive graphics experience on Microsoft platforms. Microsoft Internet Explorer

(Microsoft Internet Explorer versions 5.01 SP4, 6, 6 SP1) is a memory corruption vulnerability regarding the handling

of COM objects in Mdt2dd.dll, Mdt2gddr.dll, Mdt2gddo.dll. By persuading a victim to visit a specially-crafted web

page containing an invalid COM objects, a remote attacker could execute arbitrary code and gain complete control over

the victim's system.

Signature ID: 1549

Novell SUSE Linux Enterprise Server Remote Manager Heap Overflow Vulnerability

Threat Level: Severe

Industry ID: CVE-2005-3655 Bugtraq: 16226

Signature Description: Novell SUSE Linux Enterprise Server is a platform for open source computing in an enterprise

environment. Open-Enterprise-Server 9.0 is vulnerable to heap based buffer overflow via sending an HTTP request

with a negative Content-Length header. A successful exploitation of this vulnerability allows an attacker to execute

arbitrary commands on the vulnerable system. This vulnerability is fixed and patches are available from vendors web

site.

Signature ID: 1550

Novell GroupWise Messenger Accept-Language Remote Buffer Overflow Vulnerability

Threat Level: Severe

Industry ID: CVE-2006-0992 Bugtraq: 17503

Signature Description: Novell Messenger is a corporate, cross-platform instant messaging product that is based on

Novell eDirectory. Novell GroupWise Messenger 2.0 and prior are vulnerable to a stack based buffer overflow via a

long Accept-Language value without a comma or semicolon. A successful exploitation of this vulnerability allows an

attacker to execute arbitrary commands on the vulnerable system. This vulnerability is fixed in GroupWise Messenger

2.0 Public Beta 2 version. Users are advised to update the GroupWise Messenger 2.0 Public Beta 2 or later version to

resolve this issue.