TMS zl Module IPS/IDS Signature Reference Guide RLX.10.2.2.94

ManualsBrandsHP ManualsComputer AccessoriesHP ProCurve Switch xl Access Controller Module

751

752

753

754

755

756

757

758

759

760

ProCurve TMS zl Module IPS/IDS Signature

Reference Guide Version RLX.10.2.2.94

760

Signature ID: 32991

Exploit 4XEM VatDecoder VatCtrl Class ActiveX Control Url Property Buffer Overflow

Vulnerability

Threat Level: Warning

Bugtraq: 28010

Signature Description: 4XEM Corporation markets a full line of IP (Internet Protocol) Network Video products.

4XEM's products include a wide range of IP Camera and Network Cameras, Video Server and Accessory products.

4XEM VatDecoder VATDecoder.VatCtrl.1 ActiveX control (VATDecoder.dll version 1.0.0.27 and 1.0.0.51) is

vulnerable to a stack based buffer overflow via long string url argument to .Url property. Successful exploitation allows

remote attacker to execute arbitrary code with the privileges of victim. No Remedy is Available as of Feb 2008.

Alternately, user can set the kill bit for CLSID 210D0CBC-8B17-48D1-B294-1A338DD2EB3A. This signature detects

traffic containing PROGID.

Signature ID: 32992

Exploit 4XEM VatDecoder VatCtrl Class ActiveX Control Url Property Buffer Overflow

Vulnerability

Threat Level: Severe

Bugtraq: 28010

Signature Description: 4XEM Corporation markets a full line of IP (Internet Protocol) Network Video products.

4XEM's products include a wide range of IP Camera and Network Cameras, Video Server and Accessory products.

4XEM VatDecoder VATDecoder.VatCtrl.1 ActiveX control (VATDecoder.dll version 1.0.0.27 and 1.0.0.51) is

vulnerable to a stack based buffer overflow via long string url argument to .Url property. Successful exploitation allows

remote attacker to execute arbitrary code with the privilages of victim. No Remedy is Available as of Feb 2008.

Alternatly user can set the kill bit for CLSID 210D0CBC-8B17-48D1-B294-1A338DD2EB3A. This signature detects

traffic containing PROGID with %HH encoding,

Signature ID: 32993

Exploit 4XEM VatDecoder VatCtrl Class ActiveX Control Url Property Buffer Overflow

Vulnerability

Threat Level: Severe

Bugtraq: 28010

Signature Description: 4XEM Corporation markets a full line of IP (Internet Protocol) Network Video products.

4XEM's products include a wide range of IP Camera and Network Cameras, Video Server and Accessory products.

4XEM VatDecoder VATDecoder.VatCtrl.1 ActiveX control (VATDecoder.dll version 1.0.0.27 and 1.0.0.51) is

vulnerable to a stack based buffer overflow via long string url argument to .Url property. Successful exploitation allows

remote attacker to execute arbitrary code with the privilages of victim. No Remedy is Available as of Feb 2008.

Alternatly user can set the kill bit for CLSID 210D0CBC-8B17-48D1-B294-1A338DD2EB3A. This signature detects

traffic containing PROGID with %uHHHH encoding.

Signature ID: 32994

Exploit 4XEM VatDecoder VatCtrl Class ActiveX Control Url Property Buffer Overflow

Vulnerability

Threat Level: Severe

Bugtraq: 28010

Signature Description: 4XEM Corporation markets a full line of IP (Internet Protocol) Network Video products.

4XEM's products include a wide range of IP Camera and Network Cameras, Video Server and Accessory products.

4XEM VatDecoder VATDecoder.VatCtrl.1 ActiveX control (VATDecoder.dll version 1.0.0.27 and 1.0.0.51) is

vulnerable to a stack based buffer overflow via long string url argument to .Url property. Successful exploitation allows