TMS zl Module IPS/IDS Signature Reference Guide RLX.10.2.2.94
ProCurve TMS zl Module IPS/IDS Signature
Reference Guide Version RLX.10.2.2.94
716
affect the functionality of the application. Upgrade to latest version of the software available from vendor's website.
This signature detects traffic using CLSID '2CC3D8DE-18BF-43ff-8CB8-21B442300FD5'.
Signature ID: 30437
Intuit QuickBooks Online Edition ActiveX Control httpGETToFile/httpPOSTFromFile Method
Access
Threat Level: Severe
Industry ID: CVE-2007-4471 CVE-2007-0322 Bugtraq: 25544
Signature Description: Intuit QuickBooks Online Edition is a version of Intuit's popular QuickBooks bookkeeping
application implemented as an ActiveX control that can be run within Microsoft Internet Explorer. The QuickBooks
Online Edition ActiveX control version 9 and prior could allow a remote attacker to overwrite or download arbitrary
files on the system, caused by a vulnerability in httpGETToFile() and httpPOSTFromFile() functions. By persuading a
victim to visit a specially-crafted Web page, a remote attacker could exploit this vulnerability to overwrite, corrupt, and
download arbitrary files on the system. This issue is addressed in version 10 of the QuickBooks Online Edition
ActiveX control. As a workaround user can use Microsoft 'killbit' mechanism to disable the ActiveX Control but it will
affect the functionality of the application. Upgrade to latest version of the software available from vendor's website.
This signature detects traffic using CLSID 'DBB177CC-6908-4b53-9BEE-F1C697818D65'.
Signature ID: 30438
Intuit QuickBooks Online Edition ActiveX Control httpGETToFile/httpPOSTFromFile Method
Access
Threat Level: Severe
Industry ID: CVE-2007-4471 CVE-2007-0322 Bugtraq: 25544
Signature Description: Intuit QuickBooks Online Edition is a version of Intuit's popular QuickBooks bookkeeping
application implemented as an ActiveX control that can be run within Microsoft Internet Explorer. The QuickBooks
Online Edition ActiveX control version 9 and prior could allow a remote attacker to overwrite or download arbitrary
files on the system, caused by a vulnerability in httpGETToFile() and httpPOSTFromFile() functions. By persuading a
victim to visit a specially-crafted Web page, a remote attacker could exploit this vulnerability to overwrite, corrupt, and
download arbitrary files on the system. This issue is addressed in version 10 of the QuickBooks Online Edition
ActiveX control. As a workaround user can use Microsoft 'killbit' mechanism to disable the ActiveX Control but it will
affect the functionality of the application. Upgrade to latest version of the software available from vendor's website.
This signature detects traffic using CLSID 'A80D199B-CFDD-4da4-8C47-2310D5B8DD97'.
Signature ID: 30439
Intuit QuickBooks Online Edition ActiveX Control httpGETToFile/httpPOSTFromFile Method
Access
Threat Level: Severe
Industry ID: CVE-2007-4471 CVE-2007-0322 Bugtraq: 25544
Signature Description: Intuit QuickBooks Online Edition is a version of Intuit's popular QuickBooks bookkeeping
application implemented as an ActiveX control that can be run within Microsoft Internet Explorer. The QuickBooks
Online Edition ActiveX control version 9 and prior could allow a remote attacker to overwrite or download arbitrary
files on the system, caused by a vulnerability in httpGETToFile() and httpPOSTFromFile() functions. By persuading a
victim to visit a specially-crafted Web page, a remote attacker could exploit this vulnerability to overwrite, corrupt, and
download arbitrary files on the system. This issue is addressed in version 10 of the QuickBooks Online Edition
ActiveX control. As a workaround user can use Microsoft 'killbit' mechanism to disable the ActiveX Control but it will
affect the functionality of the application. Upgrade to latest version of the software available from vendor's website.
This signature detects traffic using CLSID '0D3983A9-4E29-4f33-8313-DA22B29D3F87'.