TMS zl Module IPS/IDS Signature Reference Guide RLX.10.2.2.94
ProCurve TMS zl Module IPS/IDS Signature
Reference Guide Version RLX.10.2.2.94
708
Signature ID: 30406
Oracle JInitiator beans.ocx ActiveX control Buffer Overflow Vulnerability
Threat Level: Severe
Industry ID: CVE-2007-4467 Bugtraq: 25473
Signature Description: Oracle JInitiator allows users to run Oracle Developer Server applications within a web
browser. The Oracle JInitiator ActiveX control beans.ocx is vulnerable to multiple stack buffer overflows in
initialization parameters. By persuading a victim to visit a specially-crafted Web page which contains UTF-16 encoded
exploit data, a remote attacker could overflow a buffer and execute arbitrary code on the system with the privileges of
the victim. No remedy is available as of August 2007. Users are advised to set kill bit to the clsid 0A454840-7232-
11D5-B63D-00C04FAEDB18 to resolve this issue.
Signature ID: 30407
Oracle JInitiator beans.ocx ActiveX control Buffer Overflow Vulnerability
Threat Level: Severe
Industry ID: CVE-2007-4467 Bugtraq: 25473
Signature Description: Oracle JInitiator allows users to run Oracle Developer Server applications within a web
browser. The Oracle JInitiator ActiveX control beans.ocx is vulnerable to multiple stack buffer overflows in
initialization parameters. By persuading a victim to visit a specially-crafted Web page which contains UTF-16 encoded
exploit data, a remote attacker could overflow a buffer and execute arbitrary code on the system with the privileges of
the victim. No remedy is available as of August 2007. Users are advised to set kill bit to the clsid 9B935470-AD4A-
11D5-B63E-00C04FAEDB18 to resolve this issue.
Signature ID: 30408
Oracle JInitiator beans.ocx ActiveX control Buffer Overflow Vulnerability
Threat Level: Severe
Industry ID: CVE-2007-4467 Bugtraq: 25473
Signature Description: Oracle JInitiator allows users to run Oracle Developer Server applications within a web
browser. The Oracle JInitiator ActiveX control beans.ocx is vulnerable to multiple stack buffer overflows in
initialization parameters. By persuading a victim to visit a specially-crafted Web page which contains UTF-16 encoded
exploit data, a remote attacker could overflow a buffer and execute arbitrary code on the system with the privileges of
the victim. No remedy is available as of August 2007. Users are advised to set kill bit to the clsid 1D2A8890-3083-
11D6-B649-00C04FAEDB18 to resolve this issue.
Signature ID: 30409
Oracle JInitiator beans.ocx ActiveX control Buffer Overflow Vulnerability
Threat Level: Severe
Industry ID: CVE-2007-4467 Bugtraq: 25473
Signature Description: Oracle JInitiator allows users to run Oracle Developer Server applications within a web
browser. The Oracle JInitiator ActiveX control beans.ocx is vulnerable to multiple stack buffer overflows in
initialization parameters. By persuading a victim to visit a specially-crafted Web page which contains UTF-16 encoded
exploit data, a remote attacker could overflow a buffer and execute arbitrary code on the system with the privileges of
the victim. No remedy is available as of August 2007. Users are advised to set kill bit to the clsid 5E2A3510-4371-
11D6-B64C-00C04FAEDB18 to resolve this issue.
Signature ID: 30410
Oracle JInitiator beans.ocx ActiveX control Buffer Overflow Vulnerability
Threat Level: Severe
Industry ID: CVE-2007-4467 Bugtraq: 25473