TMS zl Module IPS/IDS Signature Reference Guide RLX.10.2.2.94
ProCurve TMS zl Module IPS/IDS Signature
Reference Guide Version RLX.10.2.2.94
718
Signature Description: Intuit QuickBooks Online Edition is a version of Intuit's popular QuickBooks bookkeeping
application implemented as an ActiveX control that can be run within Microsoft Internet Explorer. The QuickBooks
Online Edition ActiveX control version 9 and prior contain multiple vulnerabilities that allow execution of arbitrary
code or modification of files. By persuading a victim to visit a specially-crafted Web page containing UTF-16 encoded
exploit data, a remote attacker could exploit these vulnerabilities to overwrite, corrupt, and download arbitrary files on
the system or execute arbitrary code. This rule gets hit when one of the affected CLSIDs is accessed using Unicode.
These issues are addressed in version 10 of the QuickBooks Online Edition ActiveX control. As a workaround user can
use Microsoft 'killbit' mechanism to diable the ActiveX Control but it will affect the functionality of the application.
Upgrade to latest version of the software available from vendor's website.
Signature ID: 30444
Intuit QuickBooks Online Edition ActiveX Control CLSID Access Using Unicode
Threat Level: Severe
Industry ID: CVE-2007-4471 CVE-2007-0322 Bugtraq: 25544
Signature Description: Intuit QuickBooks Online Edition is a version of Intuit's popular QuickBooks bookkeeping
application implemented as an ActiveX control that can be run within Microsoft Internet Explorer. The QuickBooks
Online Edition ActiveX control version 9 and prior contain multiple vulnerabilities that allow execution of arbitrary
code or modification of files. By persuading a victim to visit a specially-crafted Web page, a remote attacker could
exploit these vulnerabilities to overwrite, corrupt, and download arbitrary files on the system or execute arbitrary code.
This rule gets hit when one of the affected CLSIDs is accessed using Unicode. These issues are addressed in version 10
of the QuickBooks Online Edition ActiveX control. As a workaround user can use Microsoft 'killbit' mechanism to
disable the ActiveX Control clsid 4F720B9C-24B1-4948-A035-8853DC01F19E but it will affect the functionality of
the application. Upgrade to latest version of the software available from vendor's website.
Signature ID: 30445
Intuit QuickBooks Online Edition ActiveX Control CLSID Access Using Unicode
Threat Level: Severe
Industry ID: CVE-2007-4471 CVE-2007-0322 Bugtraq: 25544
Signature Description: Intuit QuickBooks Online Edition is a version of Intuit's popular QuickBooks bookkeeping
application implemented as an ActiveX control that can be run within Microsoft Internet Explorer. The QuickBooks
Online Edition ActiveX control version 9 and prior contain multiple vulnerabilities that allow execution of arbitrary
code or modification of files. By persuading a victim to visit a specially-crafted Web page, a remote attacker could
exploit these vulnerabilities to overwrite, corrupt, and download arbitrary files on the system or execute arbitrary code.
This rule gets hit when one of the affected CLSIDs is accessed using Unicode. These issues are addressed in version 10
of the QuickBooks Online Edition ActiveX control. As a workaround user can use Microsoft 'killbit' mechanism to
disable the ActiveX Control clsid 2EFF8C97-F2A8-4395-9F47-9A06F998BF88 but it will affect the functionality of
the application. Upgrade to latest version of the software available from vendor's website.
Signature ID: 30446
Intuit QuickBooks Online Edition ActiveX Control CLSID Access Using Unicode
Threat Level: Severe
Industry ID: CVE-2007-4471
CVE-2007-0322 Bugtraq: 25544
Signature Description: Intuit QuickBooks Online Edition is a version of Intuit's popular QuickBooks bookkeeping
application implemented as an ActiveX control that can be run within Microsoft Internet Explorer. The QuickBooks
Online Edition ActiveX control version 9 and prior contain multiple vulnerabilities that allow execution of arbitrary
code or modification of files. By persuading a victim to visit a specially-crafted Web page, a remote attacker could
exploit these vulnerabilities to overwrite, corrupt, and download arbitrary files on the system or execute arbitrary code.
This rule gets hit when one of the affected CLSIDs is accessed using Unicode. These issues are addressed in version 10
of the QuickBooks Online Edition ActiveX control. As a workaround user can use Microsoft 'killbit' mechanism to