TMS zl Module IPS/IDS Signature Reference Guide RLX.10.2.2.94
ProCurve TMS zl Module IPS/IDS Signature
Reference Guide Version RLX.10.2.2.94
711
Signature ID: 30419
Yahoo Messenger YVerInfo.dll ActiveX Control Buffer Overflow Vulnerability
Threat Level: Severe
Industry ID: CVE-2007-4515
Bugtraq: 25494
Signature Description: Yahoo! Messenger is a instant messaging application that allows users to chat online, share
files. The Yahoo! Messenger ActiveX control (YVerInfo.dll version 2006.8.24.1) is vulnerable to a stack-based buffer
overflow that can be exploited via fvcom() or info() methods. A remote attacker can create specially crafted HTML
that, when loaded by the target user, will trigger a buffer overflow and execute arbitrary code on the target system with
the privileges of the user. Yahoo Inc. has addressed this vulnerability in Yahoo messenger version 8.1.0.419.
Alternatively user can set the killbit for for the vulnerable ActiveX control's CLSID D5184A39-CBDF-4A4F-AC1A-
7A45A852C883. This signature detects attacks using PROGID and %HH encoding.
Signature ID: 30420
ACTi Network Video Recorder nvUnifiedControl ActiveX Control SetText Method Buffer
Overflow Vulnerability
Threat Level: Severe
Industry ID: CVE-2007-4582 CVE-2007-4583 Bugtraq: 25465
Signature Description: ACTi NVR system records video and audio and data information. The NVR
nvUnifiedControl.AUnifiedControl.1 ActiveX control (nvUnifiedControl.dll 1.1.45.0) in ACTi Network Video
Recorder (NVR) SP2 2.0 is vulnerable to a heap-based buffer overflow. By persuading a victim to visit a specially-
crafted Web page that passes an overly long argument to the SetText() function, a remote attacker could overflow a
buffer and execute arbitrary code on the system with the privileges of the user or cause the victim's browser to crash.
No remedy is available as of September 2007. Users are advised to set the killbit for for the vulnerable ActiveX
control's CLSID A6F36F3F-3AE0-458B-AFC4-AA82565E0BF8. This signature detects attacks using CLSID and
%uHHHH encoding.
Signature ID: 30421
ACTi Network Video Recorder nvUnifiedControl ActiveX Control SetText Method Buffer
Overflow Vulnerability
Threat Level: Severe
Industry ID: CVE-2007-4582
CVE-2007-4583 Bugtraq: 25465
Signature Description: ACTi NVR system records video and audio and data information. The NVR
nvUnifiedControl.AUnifiedControl.1 ActiveX control (nvUnifiedControl.dll 1.1.45.0) in ACTi Network Video
Recorder (NVR) SP2 2.0 is vulnerable to a heap-based buffer overflow. By persuading a victim to visit a specially-
crafted Web page that passes an overly long argument to the SetText() function, a remote attacker could overflow a
buffer and execute arbitrary code on the system with the privileges of the user or cause the victim's browser to crash.
No remedy is available as of September 2007. Users are advised to set the killbit for for the vulnerable ActiveX
control's CLSID A6F36F3F-3AE0-458B-AFC4-AA82565E0BF8. This signature detects attacks using CLSID and
%HH encoding.
Signature ID: 30422
ACTi Network Video Recorder nvUnifiedControl ActiveX Control SetText Method Buffer
Overflow Vulnerability
Threat Level: Severe
Industry ID: CVE-2007-4582
CVE-2007-4583 Bugtraq: 25465
Signature Description: ACTi NVR system records video and audio and data information. The NVR
nvUnifiedControl.AUnifiedControl.1 ActiveX control (nvUnifiedControl.dll 1.1.45.0) in ACTi Network Video
Recorder (NVR) SP2 2.0 is vulnerable to a heap-based buffer overflow. By persuading a victim to visit a specially-
crafted Web page that passes an overly long argument to the SetText() function, a remote attacker could overflow a