TMS zl Module IPS/IDS Signature Reference Guide RLX.10.2.2.94
ProCurve TMS zl Module IPS/IDS Signature
Reference Guide Version RLX.10.2.2.94
709
Signature Description: Oracle JInitiator allows users to run Oracle Developer Server applications within a web
browser. The Oracle JInitiator ActiveX control beans.ocx is vulnerable to multiple stack buffer overflows in
initialization parameters. By persuading a victim to visit a specially-crafted Web page which contains UTF-16 encoded
exploit data, a remote attacker could overflow a buffer and execute arbitrary code on the system with the privileges of
the victim. No remedy is available as of August 2007. Users are advised to set kill bit to the clsid E2258010-B53C-
11D6-B64D-00C04FAEDB18 to resolve this issue.
Signature ID: 30411
Oracle JInitiator beans.ocx ActiveX control Buffer Overflow Vulnerability
Threat Level: Severe
Industry ID: CVE-2007-4467
Bugtraq: 25473
Signature Description: Oracle JInitiator allows users to run Oracle Developer Server applications within a web
browser. The Oracle JInitiator ActiveX control beans.ocx is vulnerable to multiple stack buffer overflows in
initialization parameters. By persuading a victim to visit a specially-crafted Web page which contains UTF-16 encoded
exploit data, a remote attacker could overflow a buffer and execute arbitrary code on the system with the privileges of
the victim. No remedy is available as of August 2007. Users are advised to set kill bit to the clsid B5859259-C40B-
4B2A-AF9D-3BF0F634B1D5 to resolve this issue.
Signature ID: 30412
Oracle JInitiator beans.ocx ActiveX control Buffer Overflow Vulnerability
Threat Level: Severe
Industry ID: CVE-2007-4467 Bugtraq: 25473
Signature Description: Oracle JInitiator allows users to run Oracle Developer Server applications within a web
browser. The Oracle JInitiator ActiveX control beans.ocx is vulnerable to multiple stack buffer overflows in
initialization parameters. By persuading a victim to visit a specially-crafted Web page which contains UTF-16 encoded
exploit data, a remote attacker could overflow a buffer and execute arbitrary code on the system with the privileges of
the victim. No remedy is available as of August 2007. Users are advised to set kill bit to the clsid 332BD5A0-8000-
11D7-B657-00C04FAEDB18 to resolve this issue.
Signature ID: 30413
Oracle JInitiator beans.ocx ActiveX control Buffer Overflow Vulnerability
Threat Level: Severe
Industry ID: CVE-2007-4467 Bugtraq: 25473
Signature Description: Oracle JInitiator allows users to run Oracle Developer Server applications within a web
browser. The Oracle JInitiator ActiveX control beans.ocx is vulnerable to multiple stack buffer overflows in
initialization parameters. By persuading a victim to visit a specially-crafted Web page which contains UTF-16 encoded
exploit data, a remote attacker could overflow a buffer and execute arbitrary code on the system with the privileges of
the victim. No remedy is available as of August 2007. Users are advised to set kill bit to the clsid B13D8B3E-04A8-
406F-BD35-07530D4A62DC to resolve this issue.
Signature ID: 30414
Oracle JInitiator beans.ocx ActiveX control Buffer Overflow Vulnerability
Threat Level: Severe
Industry ID: CVE-2007-4467
Bugtraq: 25473
Signature Description: Oracle JInitiator allows users to run Oracle Developer Server applications within a web
browser. The Oracle JInitiator ActiveX control beans.ocx is vulnerable to multiple stack buffer overflows in
initialization parameters. By persuading a victim to visit a specially-crafted Web page which contains UTF-16 encoded
exploit data, a remote attacker could overflow a buffer and execute arbitrary code on the system with the privileges of
the victim. No remedy is available as of August 2007. Users are advised to set kill bit to the clsid E79BC654-8FC6-
4BB9-BFB8-8860779AE213 to resolve this issue.