TMS zl Module IPS/IDS Signature Reference Guide RLX.10.2.2.94
ProCurve TMS zl Module IPS/IDS Signature
Reference Guide Version RLX.10.2.2.94
700
Signature ID: 30370
ECentrex VOIP Client UACOMX.OCX ActiveX Control Buffer Overflow Vulnerability
Threat Level: Severe
Industry ID: CVE-2007-4489 Bugtraq: 25383
Signature Description: ECentrex is a popular developer of Voice-over-IP (VoIP) solutions. The eCentrex VOIP Client
ActiveX control (uacomx.ocx) version 2.0.1 is vulnerable to a stack-based buffer overflow. This ActiveX Control is
included in several VoIP products. By persuading a victim to visit a specially-crafted Web page containing Unicode
encoded CLSID, that passes an overly long username argument to the ReInit method, a remote attacker could overflow
a buffer and execute arbitrary code on the system or cause the victim's browser to crash. No remedy is available as of
August 2007.
Signature ID: 30371
Oracle JInitiator beans.ocx ActiveX control Buffer Overflow Vulnerability
Threat Level: Severe
Industry ID: CVE-2007-4467 Bugtraq: 25473
Signature Description: Oracle JInitiator allows users to run Oracle Developer Server applications within a web
browser. The Oracle JInitiator ActiveX control beans.ocx is vulnerable to multiple stack buffer overflows in
initialization parameters. By persuading a victim to visit a specially-crafted Web page containing %u encoded shell
code data, a remote attacker could overflow a buffer and execute arbitrary code on the system with the privileges of the
victim. No remedy is available as of August 2007. Users are advised to set kill bit to the clsid A2001DD0-C7BD-
11D4-A3E1-00C04FA32518 to resolve this issue.
Signature ID: 30372
Oracle JInitiator beans.ocx ActiveX control Buffer Overflow Vulnerability
Threat Level: Severe
Industry ID: CVE-2007-4467 Bugtraq: 25473
Signature Description: Oracle JInitiator allows users to run Oracle Developer Server applications within a web
browser. The Oracle JInitiator ActiveX control beans.ocx is vulnerable to multiple stack buffer overflows in
initialization parameters. By persuading a victim to visit a specially-crafted Web page containing hex encoded data, a
remote attacker could overflow a buffer and execute arbitrary code on the system with the privileges of the victim. No
remedy is available as of August 2007. Users are advised to set kill bit to the clsid A2001DD0-C7BD-11D4-A3E1-
00C04FA32518 to resolve this issue.
Signature ID: 30373
Oracle JInitiator beans.ocx ActiveX control Buffer Overflow Vulnerability
Threat Level: Warning
Industry ID: CVE-2007-4467 Bugtraq: 25473
Signature Description: Oracle JInitiator allows users to run Oracle Developer Server applications within a web
browser. The Oracle JInitiator ActiveX control beans.ocx is vulnerable to multiple stack buffer overflows in
initialization parameters. By persuading a victim to visit a specially-crafted Web page containing UTF-16 encoded
exploit data, a remote attacker could overflow a buffer and execute arbitrary code on the system with the privileges of
the victim. No remedy is available as of August 2007. Users are advised to set kill bit to the clsid A2001DD0-C7BD-
11D4-A3E1-00C04FA32518 to resolve this issue.
Signature ID: 30374
Oracle JInitiator beans.ocx ActiveX control Buffer Overflow Vulnerability
Threat Level: Severe
Industry ID: CVE-2007-4467 Bugtraq: 25473