TMS zl Module IPS/IDS Signature Reference Guide RLX.10.2.2.94
ProCurve TMS zl Module IPS/IDS Signature
Reference Guide Version RLX.10.2.2.94
736
Signature ID: 32616
HTTP Yahoo Messenger AudioConf ActiveX Overflow
Threat Level: Severe
Industry ID: CVE-2007-1680 Bugtraq: 23291
Signature Description: Yahoo Messenger is vulnerable to a stack-based buffer overflow, caused by improper bounds
checking by the Yahoo.AudioConf ActiveX control(yacscom.dll) in Yahoo Messenger.By creating a specially-crafted
Web page specifying large socksHostname and hostname properties to overflow a buffer once the
createAndJoinConference() method is called, a remote attacker could execute arbitrary code on the system, if the
attacker could persuade the victim to click a link to a malicious Web page.Yahoo Messenger versions released prior to
March 13, 2007 are vulnerable to this issue.
Signature ID: 32617
HTTP Yahoo Webcam ActiveX Control (ywcvwr.dll) Buffer Overflow
Threat Level: Severe
Industry ID: CVE-2007-3148 Bugtraq: 24355,24341
Signature Description: The Yahoo Messenger Webcam Upload ActiveX control (ywcvwr.dll) is vulnerable to a stack-
based buffer overflow in the Yahoo Webcam Viewer ActiveX control in ywcvwr.dll 2.0.1.4 for Yahoo Messenger
8.1.0.249. By persuading a victim to visit a specially-crafted Web page that passes an overly long "Server" property to
the Receive() method, a remote attacker could overflow a buffer and execute arbitrary code on the system with the
privileges of the user or cause the victim's browser to crash.
Signature ID: 32618
HTTP Zenturi ProgramChecker ActiveX DownloadFile File Download
Threat Level: Severe
Industry ID: CVE-2007-3076 Bugtraq: 24377
Signature Description: The Zenturi ProgramChecker ActiveX control (sasatl.dll) could allow a remote attacker to
download arbitrary files on the system that could also permit an attacker to delete or overwrite arbitrary files.By
persuading a victim to visit a specially-crafted Web page, a remote attacker could exploit this vulnerability using the
DownloadFile function to download arbitrary files from a remote system, which could allow the attacker to overwrite
arbitrary files and possibly execute arbitrary code on the vulnerable system.
Signature ID: 32619
HTTP Yahoo Messenger YMailAttach ActiveX Control Buffer Overflow
Threat Level: Severe
Industry ID: CVE-2006-6603 Bugtraq: 21607
Signature Description: Yahoo Messenger is vulnerable to a buffer overflow, caused by improper bounds checking by
the YMMAPI.YMailAttach ActiveX control in ymmapi.dll.By persuading a victim to visit a malicious Web page that
passes malformed arguments to certain YMMAPI methods, a remote attacker could overflow a buffer and execute
arbitrary code on the system with the privileges of the victim.Yahoo Messenger versions released prior to November 2,
2006 are vulnerable to this issue.
Signature ID: 32620
HTTP MS IE COM ActiveX Object Memory Corruption Htmlmm poc_2
Threat Level: Severe
Industry ID: CVE-2007-0219
Bugtraq: 22504
Signature Description: Microsoft Internet Explorer is prone to a memory-corruption vulnerability when instantiating
certain COM objects Internet Explorer 7 on Microsoft Vista is not affected by this issue, Internet Explorer 7 on other
Windows versions is affected only if COM objects have been enabled by the ActiveX opt-in feature.Microsoft Internet