TMS zl Module IPS/IDS Signature Reference Guide RLX.10.2.2.94
ProCurve TMS zl Module IPS/IDS Signature
Reference Guide Version RLX.10.2.2.94
706
Signature ID: 30397
Oracle JInitiator beans.ocx ActiveX control Buffer Overflow Vulnerability
Threat Level: Severe
Industry ID: CVE-2007-4467 Bugtraq: 25473
Signature Description: Oracle JInitiator allows users to run Oracle Developer Server applications within a web
browser. The Oracle JInitiator ActiveX control beans.ocx is vulnerable to multiple stack buffer overflows in
initialization parameters. By persuading a victim to visit a specially-crafted Web page containing hex encoded data, a
remote attacker could overflow a buffer and execute arbitrary code on the system with the privileges of the victim. No
remedy is available as of August 2007. Users are advised to set kill bit to the clsid B5859259-C40B-4B2A-AF9D-
3BF0F634B1D5 to resolve this issue.
Signature ID: 30398
Oracle JInitiator beans.ocx ActiveX control Buffer Overflow Vulnerability
Threat Level: Severe
Industry ID: CVE-2007-4467 Bugtraq: 25473
Signature Description: Oracle JInitiator allows users to run Oracle Developer Server applications within a web
browser. The Oracle JInitiator ActiveX control beans.ocx is vulnerable to multiple stack buffer overflows in
initialization parameters. By persuading a victim to visit a specially-crafted Web page containing hex encoded data, a
remote attacker could overflow a buffer and execute arbitrary code on the system with the privileges of the victim. No
remedy is available as of August 2007. Users are advised to set kill bit to the clsid 332BD5A0-8000-11D7-B657-
00C04FAEDB18 to resolve this issue.
Signature ID: 30399
Oracle JInitiator beans.ocx ActiveX control Buffer Overflow Vulnerability
Threat Level: Severe
Industry ID: CVE-2007-4467 Bugtraq: 25473
Signature Description: Oracle JInitiator allows users to run Oracle Developer Server applications within a web
browser. The Oracle JInitiator ActiveX control beans.ocx is vulnerable to multiple stack buffer overflows in
initialization parameters. By persuading a victim to visit a specially-crafted Web page containing hex encoded data, a
remote attacker could overflow a buffer and execute arbitrary code on the system with the privileges of the victim. No
remedy is available as of August 2007. Users are advised to set kill bit to the clsid B13D8B3E-04A8-406F-BD35-
07530D4A62DC to resolve this issue.
Signature ID: 30400
Oracle JInitiator beans.ocx ActiveX control Buffer Overflow Vulnerability
Threat Level: Severe
Industry ID: CVE-2007-4467 Bugtraq: 25473
Signature Description: Oracle JInitiator allows users to run Oracle Developer Server applications within a web
browser. The Oracle JInitiator ActiveX control beans.ocx is vulnerable to multiple stack buffer overflows in
initialization parameters. By persuading a victim to visit a specially-crafted Web page containing hex encoded data, a
remote attacker could overflow a buffer and execute arbitrary code on the system with the privileges of the victim. No
remedy is available as of August 2007. Users are advised to set kill bit to the clsid E79BC654-8FC6-4BB9-BFB8-
8860779AE213 to resolve this issue.
Signature ID: 30401
Oracle JInitiator beans.ocx ActiveX control Buffer Overflow Vulnerability
Threat Level: Severe
Industry ID: CVE-2007-4467 Bugtraq: 25473