TMS zl Module IPS/IDS Signature Reference Guide RLX.10.2.2.94

ManualsBrandsHP ManualsComputer AccessoriesHP ProCurve Switch xl Access Controller Module

741

742

743

744

745

746

747

748

749

750

ProCurve TMS zl Module IPS/IDS Signature

Reference Guide Version RLX.10.2.2.94

750

remote attackers to crash the server and denying further communication. Currently we are not aware of any solutions

for this issue.

Signature ID: 32693

HTTP IE NDFXArtEffects Stack Overflow Vulnerability

Threat Level: Severe

Industry ID: CVE-2006-3943

Bugtraq: 19184

Signature Description: A remote overflow exists in Internet Explorer, caused by a stack-based buffer overflow in the

DXImageTransform.Microsoft.NDFXArtEffects ActiveX object.By persuading a victim to visit a specially-crafted

Web page containing an overly large RGBExtraColor, RGBForeColor or RGBBackColor property, a remote attacker

could overflow a buffer and cause the victim's Web browser to crash.

Signature ID: 32694

HTTP IE NMSA.ASFSourceMediaDescription dispValue Overflow

Threat Level: Severe

Industry ID: CVE-2006-3897 Bugtraq: 19114

Signature Description: Microsoft Internet Explorer is vulnerable to a denial of service, caused by a stack-based buffer

overflow in the DXImageTransform.Microsoft.NDFXArtEffects ActiveX object.By persuading a victim to visit a

specially-crafted Web page containing an overly large RGBExtraColor, RGBForeColor or RGBBackColor property, a

remote attacker could overflow a buffer and cause the victim's Web browser to crash.Stack-based buffer overflow in

NDFXArtEffects in Microsoft Internet Explorer 6 on Windows XP SP2 allows remote attackers to cause a denial of

service via long (1) RGBExtraColor, (2) RGBForeColor, and (3) RGBBackColor properties

Signature ID: 32695

HTTP IE OVCtl NewDefaultItem Method NULL Dereference

Threat Level: Severe

Industry ID: CVE-2006-3910 Bugtraq: 19079

Signature Description: Microsoft Internet Explorer is vulnerable to a denial of service.This flaw is due to a NULL

pointer dereference error in the Outlook View Control "Outlctl.dll" when processing a "NewDefaultItem()" method,

which could be exploited by attackers to crash a vulnerable browser by tricking a user into visiting a malicious web

page

Signature ID: 32696

HTTP Apache mod_mylo Module Buffer Overflow vulnerability

Threat Level: Severe

Industry ID: CVE-2003-0651

CVE-2007-0774 Bugtraq: 8287

Signature Description: Mod_mylo has been reported prone to remotely exploitable buffer overflow vulnerability.The

issue presents itself due to insufficient bounds checking performed on HTTP requests before the HTTP request string is

copied into a buffer in memory.A remote attacker may exploit this condition to execute arbitrary instructions in the

context of the Apache HTTP server.This issue has been reported to affect mod_mylo version 0.2.1 and all versions

prior

Signature ID: 32697

HTTP QuickTime RTSP URI Buffer Overflow Vulnerability

Threat Level: Severe

Industry ID: CVE-2007-0015

Bugtraq: 21829

Signature Description: A vulnerability exists in the way Apple QuickTime handles specially crafted Real Time

Streaming Protocol (RTSP) URL strings.An attacker may be able to craft a QTL file to take advantage of this

vulnerability.However, there are other attack vectors that do not involve QTL files. According to MOAB-01-01-2007,