TMS zl Module IPS/IDS Signature Reference Guide RLX.10.2.2.94
ProCurve TMS zl Module IPS/IDS Signature
Reference Guide Version RLX.10.2.2.94
658
Signature ID: 30023
Microsoft Multimedia Controls ActiveX control (daxctle.ocx) memory corruption
vulnerability(4)
Threat Level: Severe
Industry ID: CVE-2006-4446 Bugtraq: 19738
Signature Description: Microsoft's DirectAnimation is a suite of development functionality, predating Microsoft
DirectX, that provides animation support for web applications and other software. It includes a number of COM
objects. Microsoft Internet Explorer, version 6.0 SP1, is a denial of serve vulnerability, caused by a heap overflow
when the DirectAnimation.PathControl COM object is instantiated as an ActiveX control with an invalid Spline
method. This signature detects when an attacker sending large number of points via a Spline method. The successful
exploitation may allow an attacker to crash victim's browser or execute arbitrary code on the victim's system. user can
set killbit to the clsid corresponding to the progid DirectAnimation.PathControl to resolve this issue.
Signature ID: 30024
Microsoft Multimedia Controls ActiveX control (daxctle.ocx) memory corruption
vulnerability(5)
Threat Level: Warning
Industry ID: CVE-2006-4777 Bugtraq: 20047
Signature Description: This vulnerability is caused due to an input validation error in the DirectAnimation.PathControl
ActiveX control when processing KeyFrame method. The vulnerable function takes three arguments. Successful
exploits may allow attackers to crash the application, denying further service to users.This issue may also be exploited
to execute arbitrary machine-code.
Signature ID: 30025
Microsoft Internet Explorer File Download Security Warning Bypass Vulnerability
Threat Level: Warning
Industry ID: CVE-2004-1331 Bugtraq: 11686
Signature Description: The execCommand method in Microsoft Internet Explorer 6.0 SP2 and prior allows remote
attackers to bypass the File Download - Security Warning dialog and save arbitrary files with arbitrary extensions via
the SaveAs command. This issue may be exploited to download a malicious file to the client system.
Signature ID: 30026
Microsoft Internet Explorer Install Engine Control Buffer Overflow Vulnerability(1)
Threat Level: Severe
Industry ID: CVE-2004-0216
Bugtraq: 11366
Signature Description: Microsoft Internet Explorer is, versions 5.01, 5.5, and 6, a heap-based overflow vulnerability in
the InstallEngineCtl Object(asctrls.ocx) ActiveX control. This signature detects when a remote attacker could create a
specially-crafted Web page that supplies a long string as the first argument to the SetCifFile method. The successful
exploitation may allow an attacker to overflow a buffer and execute arbitrary code on the victim's system using the
ActiveX control (typically Internet Explorer). Failed exploit attempts will likely result in denial-of-service conditions.
User can set killbit to the clsid 6E449683-C509-11CF-AAFA-00AA00B6015C to resolve this issue.
Signature ID: 30027
Microsoft Internet Explorer Install Engine Control Buffer Overflow Vulnerability(2)
Threat Level: Warning
Industry ID: CVE-2004-0216
Bugtraq: 11366
Signature Description: Microsoft Internet Explorer is, versions 5.01, 5.5, and 6, a heap-based overflow vulnerability in
the InstallEngineCtl Object(asctrls.ocx) ActiveX control. This signature detects when a remote attacker could create a