TMS zl Module IPS/IDS Signature Reference Guide RLX.10.2.2.94
ProCurve TMS zl Module IPS/IDS Signature
Reference Guide Version RLX.10.2.2.94
703
Signature Description: Oracle JInitiator allows users to run Oracle Developer Server applications within a web
browser. The Oracle JInitiator ActiveX control beans.ocx is vulnerable to multiple stack buffer overflows in
initialization parameters. By persuading a victim to visit a specially-crafted Web page containing %u encoded shell
code data, a remote attacker could overflow a buffer and execute arbitrary code on the system with the privileges of the
victim. No remedy is available as of August 2007. Users are advised to set kill bit to the clsid B5859259-C40B-4B2A-
AF9D-3BF0F634B1D5 to resolve this issue.
Signature ID: 30384
Oracle JInitiator beans.ocx ActiveX control Buffer Overflow Vulnerability
Threat Level: Severe
Industry ID: CVE-2007-4467
Bugtraq: 25473
Signature Description: Oracle JInitiator allows users to run Oracle Developer Server applications within a web
browser. The Oracle JInitiator ActiveX control beans.ocx is vulnerable to multiple stack buffer overflows in
initialization parameters. By persuading a victim to visit a specially-crafted Web page containing %u encoded shell
code data, a remote attacker could overflow a buffer and execute arbitrary code on the system with the privileges of the
victim. No remedy is available as of August 2007. Users are advised to set kill bit to the clsid 332BD5A0-8000-11D7-
B657-00C04FAEDB18 to resolve this issue.
Signature ID: 30385
Oracle JInitiator beans.ocx ActiveX control Buffer Overflow Vulnerability
Threat Level: Severe
Industry ID: CVE-2007-4467 Bugtraq: 25473
Signature Description: Oracle JInitiator allows users to run Oracle Developer Server applications within a web
browser. The Oracle JInitiator ActiveX control beans.ocx is vulnerable to multiple stack buffer overflows in
initialization parameters. By persuading a victim to visit a specially-crafted Web page containing %u encoded shell
code data, a remote attacker could overflow a buffer and execute arbitrary code on the system with the privileges of the
victim. No remedy is available as of August 2007. Users are advised to set kill bit to the clsid B13D8B3E-04A8-406F-
BD35-07530D4A62DC to resolve this issue.
Signature ID: 30386
Oracle JInitiator beans.ocx ActiveX control Buffer Overflow Vulnerability
Threat Level: Severe
Industry ID: CVE-2007-4467 Bugtraq: 25473
Signature Description: Oracle JInitiator allows users to run Oracle Developer Server applications within a web
browser. The Oracle JInitiator ActiveX control beans.ocx is vulnerable to multiple stack buffer overflows in
initialization parameters. By persuading a victim to visit a specially-crafted Web page containing %u encoded shell
code data, a remote attacker could overflow a buffer and execute arbitrary code on the system with the privileges of the
victim. No remedy is available as of August 2007. Users are advised to set kill bit to the clsid E79BC654-8FC6-4BB9-
BFB8-8860779AE213 to resolve this issue.
Signature ID: 30387
Oracle JInitiator beans.ocx ActiveX control Buffer Overflow Vulnerability
Threat Level: Severe
Industry ID: CVE-2007-4467
Bugtraq: 25473
Signature Description: Oracle JInitiator allows users to run Oracle Developer Server applications within a web
browser. The Oracle JInitiator ActiveX control beans.ocx is vulnerable to multiple stack buffer overflows in
initialization parameters. By persuading a victim to visit a specially-crafted Web page containing %u encoded shell
code data, a remote attacker could overflow a buffer and execute arbitrary code on the system with the privileges of the
victim. No remedy is available as of August 2007. Users are advised to set kill bit to the clsid 7C2C94F0-7991-42B4-
8D5F-4CB15B490657 to resolve this issue.