TMS zl Module IPS/IDS Signature Reference Guide RLX.10.2.2.94
ProCurve TMS zl Module IPS/IDS Signature
Reference Guide Version RLX.10.2.2.94
688
Signature ID: 30324
VMWare WorkStation Vielib.DLL ActiveX Control StartProcess Method Code Execution
Vulnerability
Threat Level: Severe
Industry ID: CVE-2007-4058 Bugtraq: 25118
Signature Description: VMware Workstation software consists of a virtual-machine suite for x86 and x86-64
computers. VMware Workstation version 6.0 installs VIELIB.DLL ActiveX Control which is vulnerable to code
execution via StartProcess method. By persuading a victim to open a specially-crafted Web page, a remote attacker
could exploit this vulnerability to execute arbitrary code on the system with the privileges of the victim. Upgrade to
latest version of the software or use Microsoft's killbit mechanism for CLSIDs to disable affected Controls.
Signature ID: 30325
VMWare WorkStation Vielib.DLL ActiveX Control StartProcess Method Code Execution
Vulnerability
Threat Level: Severe
Industry ID: CVE-2007-4058
Bugtraq: 25118
Signature Description: VMware Workstation software consists of a virtual-machine suite for x86 and x86-64
computers. VMware Workstation version 6.0 installs VIELIB.DLL ActiveX Control which is vulnerable to code
execution via StartProcess method. By persuading a victim to open a specially-crafted Web page containing malicious
UTF-16 encoded data, a remote attacker could exploit this vulnerability to execute arbitrary code on the system with
the privileges of the victim. Upgrade to latest version of the software or use Microsoft's killbit mechanism for CLSIDs
to disable affected Controls.
Signature ID: 30326
VMWare WorkStation Vielib.DLL ActiveX Control StartProcess Method Code Execution
Vulnerability
Threat Level: Severe
Industry ID: CVE-2007-4058 Bugtraq: 25118
Signature Description: VMware Workstation software consists of a virtual-machine suite for x86 and x86-64
computers. VMware Workstation version 6.0 installs VIELIB.DLL ActiveX Control which is vulnerable to code
execution via StartProcess method. By persuading a victim to open a specially-crafted Web page, a remote attacker
could exploit this vulnerability to execute arbitrary code on the system with the privileges of the victim. Upgrade to
latest version of the software or users are advised to set killbit to the CLSID corresponding to the progid
VieLib2.Vie2Process to resolve this issue.
Signature ID: 30327
VMWare WorkStation Vielib.DLL ActiveX Control StartProcess Method Code Execution
Vulnerability
Threat Level: Severe
Industry ID: CVE-2007-4058
Bugtraq: 25118
Signature Description: VMware Workstation software consists of a virtual-machine suite for x86 and x86-64
computers. VMware Workstation version 6.0 installs VIELIB.DLL ActiveX Control which is vulnerable to code
execution via StartProcess method. By persuading a victim to open a specially-crafted Web page containing malicious
UTF-16 encoded data, a remote attacker could exploit this vulnerability to execute arbitrary code on the system with
the privileges of the victim. Upgrade to latest version of the software or users are advised to set killbit to the CLSID
corresponding to the progid VieLib2.Vie2Process to resolve this issue.