TMS zl Module IPS/IDS Signature Reference Guide RLX.10.2.2.94
ProCurve TMS zl Module IPS/IDS Signature
Reference Guide Version RLX.10.2.2.94
767
property.A remote attacker could exploit this vulnerability to execute arbitrary code on the victim's system, By
persuading a victim to visit a malicious Web page, containing %u encoded exploit data and if the victim is using an
affected version of WinZip. User can set the kill bit for CLSID corresponding to the progid
WZFILEVIEW.FileViewCtrl.61 or Upgrade to the latest version of WinZip (10.0 Build 7245 or later), available from
the WinZip Web site to resolve this issue.
Signature ID: 34087
WinZip FileView ActiveX Control Unsafe filepattern() Method Exposure Vulnerability
Threat Level: Severe
Industry ID: CVE-2006-5198
Bugtraq: 21060
Signature Description: The Sky Software FileView object is an ActiveX control that is provided with several
applications, such as WinZip.Sky software (WinZip prior to 10.0.7245) is vulnerable to buffer overflow via filepattern
property.A remote attacker could exploit this vulnerability to execute arbitrary code on the victim's system, if the
attacker could persuade the victim to visit a malicious Web site containing hex encoded data and if the victim is using
an affected version of WinZip.User can set the kill bit for CLSID corresponding to the progid
WZFILEVIEW.FileViewCtrl.61 or Upgrade to the latest version of WinZip (10.0 Build 7245 or later), available from
the WinZip Web site to resolve this issue.
Signature ID: 34088
WinZip FileView ActiveX Control Unsafe filepattern() Method Exposure Vulnerability
Threat Level: Warning
Industry ID: CVE-2006-5198 Bugtraq: 21060
Signature Description: The Sky Software FileView object is an ActiveX control that is provided with several
applications, such as WinZip.Sky software (WinZip prior to 10.0.7245) is vulnerable to buffer overflow via filepattern
property.A remote attacker could exploit this vulnerability to execute arbitrary code on the victim's system, if the
attacker could persuade the victim to visit a malicious Web site and the victim is using an affected version of
WinZip.User can set the kill bit for CLSID corresponding to the progid WZFILEVIEW.FileViewCtrl.61 or Upgrade to
the latest version of WinZip (10.0 Build 7245 or later), available from the WinZip Web site to resolve this issue.
Signature ID: 34089
WinZip FileView ActiveX Control Unsafe filepattern() Method Exposure Vulnerability
Threat Level: Severe
Industry ID: CVE-2006-5198 Bugtraq: 21060
Signature Description: The Sky Software FileView object is an ActiveX control that is provided with several
applications, such as WinZip.Sky software (WinZip prior to 10.0.7245) is vulnerable to buffer overflow via filepattern
property.A remote attacker could exploit this vulnerability to execute arbitrary code on the victim's system, if the
attacker could persuade the victim to visit a malicious Web site containing UTF-16 encoded data and if the victim is
using an affected version of WinZip.User can set the kill bit for CLSID A09AE68F-B14D-43ED-B713-
BA413F034904.Upgrade to the latest version of WinZip (10.0 Build 7245 or later), available from the WinZip Web
site.
Signature ID: 34090
WinZip FileView ActiveX Control Unsafe filepattern() Method Exposure Vulnerability
Threat Level: Severe
Industry ID: CVE-2006-5198
Bugtraq: 21060
Signature Description: The Sky Software FileView object is an ActiveX control that is provided with several
applications, such as WinZip.Sky software (WinZip prior to 10.0.7245) is vulnerable to buffer overflow via filepattern
property.A remote attacker could exploit this vulnerability to execute arbitrary code on the victim's system, if the
attacker could persuade the victim to visit a malicious Web site containing an UTF16 encoded PROGID and the victim
is using an affected version of WinZip.User can set the kill bit for CLSID A09AE68F-B14D-43ED-B713-