TMS zl Module IPS/IDS Signature Reference Guide RLX.10.2.2.94
ProCurve TMS zl Module IPS/IDS Signature
Reference Guide Version RLX.10.2.2.94
780
code in currently logged-in user context and overflow the buffer through NeoTraceLoader ActiveX control
method.NeoTrace Express 3.25 and NeoTrace Professional 3.25 are vulnerable.
Signature ID: 34159
NeoTrace ActiveX Control ProgID-TraceTarget Buffer Overflow
Threat Level: Severe
Industry ID: CVE-2006-6707
Bugtraq: 21697
Signature Description: McAfee NeoTrace Pro delivers a powerful tool for checking information on internet locations.It
shows how packets get from your computer to another computer on the Internet by displaying all nodes between your
computer and the trace target. <br>NeoTraceLoader ActiveX control (NeoTraceExplorer.dll) by passing large string to
the TraceTarget() method.The remote attacker can exploit this vulnerability via a malicious web page to execute
arbitrary code in currently logged-in user context and overflow the buffer through NeoTraceLoader ActiveX control
method. By visiting a specially crafted web page containing %u encoded data, a remote attacker can execute the
arbitrary code in target victim. NeoTrace Express 3.25 and NeoTrace Professional 3.25 are vulnerable. No remedy is
available as of Feb 2008.
Signature ID: 34160
NeoTrace ActiveX Control ProgID-TraceTarget Buffer Overflow Vulnerability
Threat Level: Severe
Industry ID: CVE-2006-6707 Bugtraq: 21697
Signature Description: McAfee NeoTrace Pro delivers a powerful tool for checking information on internet locations.
It shows how packets get from your computer to another computer on the Internet by displaying all nodes between your
computer and the trace target. NeoTraceLoader ActiveX control (NeoTraceExplorer.dll) by passing large string to the
TraceTarget() method. The remote attacker can exploit this vulnerability via a malicious web page to execute arbitrary
code in currently logged-in user context and overflow the buffer through NeoTraceLoader ActiveX control method.
NeoTrace Express 3.25 and NeoTrace Professional 3.25 are vulnerable. No remedy is available as of Feb 2008.The
signature detects attacks using attack patterns ProgID and %HH encoding.
Signature ID: 34161
Apple QuickTime QTPlugin.ocx ActiveX Control Multiple Methods Buffer Overflow
Vulnerability
Threat Level: Severe
Industry ID: CVE-2007-3147
Bugtraq: 24354
Signature Description: Apple QuickTIme QTPlugin.ocx Control allows to view a wide variety of multimedia content
in web pages. QTPlugin.ocx version 7.4.1 and prior is vulnerable to a stack-based buffer overflow. By persuading a
victim to visit a specially-crafted web page that passes overly long arguments to the SetBgColor(), SetHREF(),
SetMovieName(), SetTarget(), or SetMatrix() function, a remote attacker could overflow a buffer and execute arbitrary
code on the system with the privileges of the victim or cause the victim's browser to crash. By visiting a specially
crafted web page containing %u encoded data, a remote attacker can execute the arbitrary code in target victim. No
remedy is available as of February 2008. Alternately user can disable this ActiveX by setting a kill bit for CLSID
02BF25D5-8C17-4B23-BC80-D3488ABDDC6B.
Signature ID: 34162
Apple QuickTime QTPlugin.ocx ActiveX Control Multiple Methods Buffer Overflow
Vulnerability
Threat Level: Severe
Industry ID: CVE-2007-3147
Bugtraq: 24354
Signature Description: Apple QuickTIme QTPlugin.ocx Control allows to view a wide variety of multimedia content
in web pages. QTPlugin.ocx version 7.4.1 and prior is vulnerable to a stack-based buffer overflow. By persuading a