TMS zl Module IPS/IDS Signature Reference Guide RLX.10.2.2.94

ManualsBrandsHP ManualsComputer AccessoriesHP ProCurve Switch xl Access Controller Module

781

782

783

784

785

786

787

788

789

790

ProCurve TMS zl Module IPS/IDS Signature

Reference Guide Version RLX.10.2.2.94

785

WebViewFolderIcon ActiveX object, which leads to an invalid memory copy. By persuading a victim to visit a

malicious Web page, containing hex encoded data attacker can execute the code or cause denial of service. Users are

advised to set a killbit to the clsid corresponding to the progid WebViewFolderIcon.WebViewFolderIcon.1 to resolve

this issue.

Signature ID: 34275

Internet Explorer WebViewFolderIcon setSlice() Overflow vulnerability

Threat Level: Warning

Industry ID: CVE-2006-3730 Bugtraq: 19030

Signature Description: Integer overflow in Microsoft Internet Explorer 6 on Windows XP SP2 allows remote attackers

to cause a denial of service (crash) and execute arbitrary code via a 0x7fffffff argument to the setSlice method on a

WebViewFolderIcon ActiveX object, which leads to an invalid memory copy. By persuading a victim to visit a

malicious Web page, an attacker can execute the code or cause denial of service. Users are advised to set a killbit to the

clsid E5DF9D10-3B52-11D1-83E8-00A0C90DC849 to resolve this issue.

Signature ID: 34277

Internet Explorer WebViewFolderIcon setSlice() Overflow vulnerability

Threat Level: Warning

Industry ID: CVE-2006-3730 Bugtraq: 19030

Signature Description: Integer overflow in Microsoft Internet Explorer 6 on Windows XP SP2 allows remote attackers

to cause a denial of service (crash) and execute arbitrary code via a 0x7fffffff argument to the setSlice method on a

WebViewFolderIcon ActiveX object, which leads to an invalid memory copy. By persuading a victim to visit a

malicious Web page, an attacker can execute the code or cause denial of service. Users are advised to set a killbit to the

clsid corresponding to the progid WebViewFolderIcon.WebViewFolderIcon.1 to resolve this issue.

Signature ID: 34278

Internet Explorer WebViewFolderIcon setSlice() Overflow vulnerability

Threat Level: Severe

Industry ID: CVE-2006-3730 Bugtraq: 19030

Signature Description: Integer overflow in Microsoft Internet Explorer 6 on Windows XP SP2 allows remote attackers

to cause a denial of service (crash) and execute arbitrary code via a 0x7fffffff argument to the setSlice method on a

WebViewFolderIcon ActiveX object, which leads to an invalid memory copy. By persuading a victim to visit a

malicious Web page, containing UTF-16 encoded exploit data an attacker can execute the code or cause denial of

service. Users are advised to set a killbit to the clsid E5DF9D10-3B52-11D1-83E8-00A0C90DC849 to resolve this

issue.

Signature ID: 34279

Internet Explorer WebViewFolderIcon setSlice() Overflow vulnerability

Threat Level: Severe

Industry ID: CVE-2006-3730

Bugtraq: 19030

Signature Description: Integer overflow in Microsoft Internet Explorer 6 on Windows XP SP2 allows remote attackers

to cause a denial of service (crash) and execute arbitrary code via a 0x7fffffff argument to the setSlice method on a

WebViewFolderIcon ActiveX object, which leads to an invalid memory copy. By persuading a victim to visit a

malicious Web page, containing UTF-16 encoded exploit data an attacker can execute the code or cause denial of

service. Users are advised to set a killbit to the clsid corresponding to the progid

WebViewFolderIcon.WebViewFolderIcon.1 to resolve this issue.