TMS zl Module IPS/IDS Signature Reference Guide RLX.10.2.2.94
ProCurve TMS zl Module IPS/IDS Signature
Reference Guide Version RLX.10.2.2.94
789
persuading a victim to visit a specially-crafted Web page containing %u encoded exploit data. Set killbit to the ActiveX
control clsid value as mentioned in Microsoft security bulletin.
Signature ID: 34347
Microsoft Speech API 4 COM Object ActiveX Control Buffer Overflow
Threat Level: Severe
Industry ID: CVE-CVE-2007-2222 Bugtraq: 24426
Signature Description: Microsoft Speech API is a software package that provides text-to-speech and speech
recognition capabilities. The Microsoft Speech API includes ActiveX controls called ActiveListen and ActiveVoice,
which are provided by Xlisten.dll and XVoice.dll, respectively. An attacker could exploit this vulnerability by
persuading a victim to visit a specially-crafted Web page containing hex encoded malformed data. Set killbit to the
ActiveX control clsid value as mentioned in Microsoft security bulletin.
Signature ID: 34348
Microsoft Speech API 4 COM Object ActiveX Control Buffer Overflow
Threat Level: Warning
Industry ID: CVE-CVE-2007-2222 Bugtraq: 24426
Signature Description: Microsoft Speech API is a software package that provides text-to-speech and speech
recognition capabilities. The Microsoft Speech API includes ActiveX controls called ActiveListen and ActiveVoice,
which are provided by Xlisten.dll and XVoice.dll, respectively. An attacker could exploit this vulnerability by
persuading a victim to visit a specially-crafted webpage. Set killbit to ActiveX control CLSID EEE78591-FE22-11D0-
8BEF-0060081841DE to resolve this issue
Signature ID: 34349
Microsoft Speech API 4 COM Object ActiveX Control Buffer Overflow
Threat Level: Warning
Industry ID: CVE-CVE-2007-2222 Bugtraq: 24426
Signature Description: Microsoft Speech API is a software package that provides text-to-speech and speech
recognition capabilities. The Microsoft Speech API includes ActiveX controls called ActiveListen and ActiveVoice,
which are provided by Xlisten.dll and XVoice.dll, respectively. An attacker could exploit this vulnerability by
persuading a victim to visit a specially-crafted web page containing malformed FindEngine method value.
Signature ID: 34350
Microsoft Speech API 4 COM Object ActiveX Control Buffer Overflow
Threat Level: Severe
Industry ID: CVE-CVE-2007-2222 Bugtraq: 24426
Signature Description: Microsoft Speech API is a software package that provides text-to-speech and speech
recognition capabilities. The Microsoft Speech API includes ActiveX controls called ActiveListen and ActiveVoice,
which are provided by Xlisten.dll and XVoice.dll, respectively. An attacker could exploit this vulnerability by
persuading a victim to visit a specially-crafted web page having UTF-16 encoded data. Set killbit to the clsid
EEE78591-FE22-11D0-8BEF-0060081841DE to resolve this issue.
Signature ID: 34351
Microsoft Speech API 4 COM Object ActiveX Control Buffer Overflow
Threat Level: Severe
Industry ID: CVE-CVE-2007-2222 Bugtraq: 24426
Signature Description: Microsoft Speech API is a software package that provides text-to-speech and speech
recognition capabilities. The Microsoft Speech API includes ActiveX controls called ActiveListen and ActiveVoice,
which are provided by Xlisten.dll and XVoice.dll, respectively. An attacker could exploit this vulnerability by