TMS zl Module IPS/IDS Signature Reference Guide RLX.10.2.2.94
ProCurve TMS zl Module IPS/IDS Signature
Reference Guide Version RLX.10.2.2.94
707
Signature Description: Oracle JInitiator allows users to run Oracle Developer Server applications within a web
browser. The Oracle JInitiator ActiveX control beans.ocx is vulnerable to multiple stack buffer overflows in
initialization parameters. By persuading a victim to visit a specially-crafted Web page containing hex encoded data, a
remote attacker could overflow a buffer and execute arbitrary code on the system with the privileges of the victim. No
remedy is available as of August 2007. Users are advised to set kill bit to the clsid 7C2C94F0-7991-42B4-8D5F-
4CB15B490657 to resolve this issue.
Signature ID: 30402
Oracle JInitiator beans.ocx ActiveX control Buffer Overflow Vulnerability
Threat Level: Severe
Industry ID: CVE-2007-4467
Bugtraq: 25473
Signature Description: Oracle JInitiator allows users to run Oracle Developer Server applications within a web
browser. The Oracle JInitiator ActiveX control beans.ocx is vulnerable to multiple stack buffer overflows in
initialization parameters. By persuading a victim to visit a specially-crafted Web page which contains UTF-16 encoded
exploit data, a remote attacker could overflow a buffer and execute arbitrary code on the system with the privileges of
the victim. No remedy is available as of August 2007. Users are advised to set kill bit to the clsid FF348B6E-FD21-
11D4-A3F0-00C04FA32518 to resolve this issue.
Signature ID: 30403
Oracle JInitiator beans.ocx ActiveX control Buffer Overflow Vulnerability
Threat Level: Severe
Industry ID: CVE-2007-4467 Bugtraq: 25473
Signature Description: Oracle JInitiator allows users to run Oracle Developer Server applications within a web
browser. The Oracle JInitiator ActiveX control beans.ocx is vulnerable to multiple stack buffer overflows in
initialization parameters. By persuading a victim to visit a specially-crafted Web page which contains UTF-16 encoded
exploit data, a remote attacker could overflow a buffer and execute arbitrary code on the system with the privileges of
the victim. No remedy is available as of August 2007. Users are advised to set kill bit to the clsid 689FF870-2AC0-
11D5-B634-00C04FAEDB18 to resolve this issue.
Signature ID: 30404
Oracle JInitiator beans.ocx ActiveX control Buffer Overflow Vulnerability
Threat Level: Severe
Industry ID: CVE-2007-4467 Bugtraq: 25473
Signature Description: Oracle JInitiator allows users to run Oracle Developer Server applications within a web
browser. The Oracle JInitiator ActiveX control beans.ocx is vulnerable to multiple stack buffer overflows in
initialization parameters. By persuading a victim to visit a specially-crafted Web page which contains UTF-16 encoded
exploit data, a remote attacker could overflow a buffer and execute arbitrary code on the system with the privileges of
the victim. No remedy is available as of August 2007. Users are advised to set kill bit to the clsid 86ECB6A0-400A-
11D5-B638-00C04FAEDB18 to resolve this issue.
Signature ID: 30405
Oracle JInitiator beans.ocx ActiveX control Buffer Overflow Vulnerability
Threat Level: Severe
Industry ID: CVE-2007-4467
Bugtraq: 25473
Signature Description: Oracle JInitiator allows users to run Oracle Developer Server applications within a web
browser. The Oracle JInitiator ActiveX control beans.ocx is vulnerable to multiple stack buffer overflows in
initialization parameters. By persuading a victim to visit a specially-crafted Web page which contains UTF-16 encoded
exploit data, a remote attacker could overflow a buffer and execute arbitrary code on the system with the privileges of
the victim. No remedy is available as of August 2007. Users are advised to set kill bit to the clsid ED54A7B0-6C1C-
11D5-B63D-00C04FAEDB18 to resolve this issue.