TMS zl Module IPS/IDS Signature Reference Guide RLX.10.2.2.94
ProCurve TMS zl Module IPS/IDS Signature
Reference Guide Version RLX.10.2.2.94
779
execute arbitrary code on the target system.The code will run with the privileges of the target user. A specially crafted
'ProgColor' parameter value can trigger the overflow. The vulnerability reportedly affects version 8.2 SP1 and
9.0.Patches available in HP Security Bulletin.
Signature ID: 34155
HPMQC SPIDERLib ActiveX Control Buffer Overflow Vulnerability.
Threat Level: Severe
Industry ID: CVE-2007-1819 Bugtraq: 23239
Signature Description: Hewlett-Packard Mercury Quality Center is a web-based interface that allows managers to
automate software quality testing. HP Mercury Interactive Quality Center includes an ActiveX control called Spider
Module.It is provided by the file Spider.ocx or Spider90.ocx. This ActiveX control contains a stack buffer overflow in
the ProgColor property. The target ActiveX Control is part of the Mercury Quality Center web application which runs
on port 8080 by default.An attacker remotely log into the web application will have to install the vulnerable control, or
can create specially crafted HTML that, when loaded by the target user, will trigger a stack overflow in the
'Spider90.ocx' ActiveX control used by HP Mercury Quality Center and execute arbitrary code on the target
system.The code will run with the privileges of the target user. A specially crafted 'ProgColor' parameter value can
trigger the overflow. The vulnerability reportedly affects version 8.2 SP1 and 9.0.Patches available in HP Security
Bulletin.
Signature ID: 34156
MIRC IRC URL Buffer Overflow Vulnerability
Threat Level: Severe
Industry ID: CVE-2003-1336 Bugtraq: 8819
Signature Description: MIRC is a full featured Internet Relay Chat client for Windows that can be used to
communicate, share, play or work with others on IRC networks around the world, either in multi-user group
conferences or in one-to-one private discussions. mIRC version 6.1 and prior versions have a stack based buffer
overflow vulnerability when handling malicious 'IRC URLs', installation of mIRC causes mIRC to register its own
software routine for "irc" type URLs. By creating a specially-crafted URL with a long string in the "irc" protocol, a
remote attacker can overflow a buffer and execute arbitrary code on the system with privileges of the user, once the
link is clicked. Update version 6.11 or later version, available in mirc website.
Signature ID: 34157
NeoTrace ActiveX Control CLSID-TraceTarget Buffer Overflow vulnerability
Threat Level: Severe
Industry ID: CVE-2006-6707
Bugtraq: 21697
Signature Description: McAfee NeoTrace Pro delivers a powerful tool for checking information on internet locations.It
shows how packets get from your computer to another computer on the Internet by displaying all nodes between your
computer and the trace target. NeoTraceLoader ActiveX control (NeoTraceExplorer.dll) by passing large string to the
TraceTarget() method. The remote attacker can exploit this vulnerability via a malicious web page containing %u
encoded exploit data to execute arbitrary code in currently logged-in user context and overflow the buffer through
NeoTraceLoader ActiveX control method. NeoTrace Express 3.25 and NeoTrace Professional 3.25 are vulnerable.
Signature ID: 34158
NeoTrace ActiveX Control CLSID-TraceTarget Buffer Overflow vulnerability.
Threat Level: Severe
Industry ID: CVE-2006-6707
Bugtraq: 21697
Signature Description: McAfee NeoTrace Pro delivers a powerful tool for checking information on internet locations.
It shows how packets get from your computer to another computer on the Internet by displaying all nodes between your
computer and the trace target. NeoTraceLoader ActiveX control (NeoTraceExplorer.dll) by passing large string to the
TraceTarget() method.The remote attacker can exploit this vulnerability via a malicious web page to execute arbitrary