TMS zl Module IPS/IDS Signature Reference Guide RLX.10.2.2.94
ProCurve TMS zl Module IPS/IDS Signature
Reference Guide Version RLX.10.2.2.94
692
Signature ID: 30339
Symantec Norton Products NAVCOMUI.DLL ActiveX Control Remote Code Execution
Vulnerability
Threat Level: Severe
Industry ID: CVE-2007-2955 Bugtraq: 24983
Signature Description: The NACOMUI.DLL library, installed by several Symantec Norton products, exports two
ActiveX controls that are vulnerable to code execution. The issue is due to the ActiveX Controls AxSysListView32 and
AxSysListView32OAA in NavComUI.dll, do not properly handle the VARIANT* argument provided for
'AnomalyList' and 'Anomaly' properties respectively. By convincing a victim to visit a malicious web page containing
UTF-16 encoded data, a remote attacker could exploit this vulnerability to execute arbitrary code on the vulnerable
system with the privileges of the victim or cause a denial of service. Symantec has addressed this issue in SYM07-021
and patch is available through LiveUpdate or user can set killbit to the clsid FAF02D9B-963D-43D8-91A6-
E71383503FDA to resolve this issue. .
Signature ID: 30340
Symantec Norton Products NAVCOMUI.DLL ActiveX Control Remote Code Execution
Vulnerability
Threat Level: Severe
Industry ID: CVE-2007-2955 Bugtraq: 24983
Signature Description: The NACOMUI.DLL library, installed by several Symantec Norton products, exports two
ActiveX controls that are vulnerable to code execution. The issue is due to the ActiveX Controls AxSysListView32 and
AxSysListView32OAA in NavComUI.dll, do not properly handle the VARIANT* argument provided for
'AnomalyList' and 'Anomaly' properties respectively. By convincing a victim to visit a malicious web page containing
%u encoded exploit data, a remote attacker could exploit this vulnerability to execute arbitrary code on the vulnerable
system with the privileges of the victim or cause a denial of service. Symantec has addressed this issue in SYM07-021
and patch is available through LiveUpdate or user can set killbit to the clsid corresponding to the progid
NAVComUI.AxSysListView32OAA to resolve this issue..
Signature ID: 30341
Symantec Norton Products NAVCOMUI.DLL ActiveX Control Remote Code Execution
Vulnerability
Threat Level: Severe
Industry ID: CVE-2007-2955
Bugtraq: 24983
Signature Description: The NACOMUI.DLL library, installed by several Symantec Norton products, exports two
ActiveX controls that are vulnerable to code execution. The issue is due to the ActiveX Controls AxSysListView32 and
AxSysListView32OAA in NavComUI.dll, do not properly handle the VARIANT* argument provided for
'AnomalyList' and 'Anomaly' properties respectively. By convincing a victim to visit a malicious web page, a remote
attacker could exploit this vulnerability to execute arbitrary code on the vulnerable system with the privileges of the
victim or cause a denial of service. Symantec has addressed this issue in SYM07-021 and patch is available through
LiveUpdateor or user can set killbit to the clsid corresponding to the progid NAVComUI.AxSysListView32OAA to
resolve this issue.
Signature ID: 30342
Microsoft DirectX Media SDK DXTLIPI.DLL ActiveX Control Buffer Overflow Vulnerability
Threat Level: Severe
Industry ID: CVE-2007-4336
Bugtraq: 25279
Signature Description: Microsoft DirectX is a collection of application programming interfaces for handling tasks
related to multimedia, especially game programming and video, on Microsoft platforms.. The DirectX System
Development Kit (SDK) is used to develop software using DirectX. The Microsoft DirectX Media 6.0 SDK includes an