TMS zl Module IPS/IDS Signature Reference Guide RLX.10.2.2.94
ProCurve TMS zl Module IPS/IDS Signature
Reference Guide Version RLX.10.2.2.94
806
user.No remedy available as of January 2008. Alternatively user can set the killbit for for the vulnerable ActiveX
control's CLSID corresponding to the progid WebHPVCInstall.HPVirtualRooms14 to resolve this issue.
Signature ID: 34523
HP Virtual Rooms client Buffer Overflow Vulnerabilities
Threat Level: Severe
Bugtraq: 27384
Signature Description: HP Virtual Rooms is a suite of online collaboration, training and support tools.HP uses an
ActiveX control to install the Virtual Rooms client. The HP Virtual Rooms Install ActiveX control(HPVirtualRooms14
ActiveX control 1.0.0.100) is vulnerable to a buffer overflow that can be exploited via AuthenticationURL() or
PortalAPIURL() or cabroot() methods. A remote attacker can create specially crafted HTML page which contain
malformed UTF-16 encoded data, that when loaded by the target user, will trigger a buffer overflow and execute
arbitrary code on the target system with the privileges of the user.No remedy available as of January 2008.
Alternatively user can set the killbit for for the vulnerable ActiveX control's CLSID corresponding to the progid
WebHPVCInstall.HPVirtualRooms14 to resolve this issue.
Signature ID: 34524
Comodo AntiVirus 'ExecuteStr()' ActiveX Control Arbitrary Command Execution
Vulnerability
Threat Level: Severe
Bugtraq: 27424
Signature Description: Comodo Antivirus is an antivirus solution for Microsoft Windows.Part of its functionality is
provided by an ActiveX control.Comodo Antivirus activeX control(Comodo Antivirus versions 2.0 ) is vulnerable to a
buffer overflow that can be exploited via ExecuteStr method. A malicious web page that containing %u encoded
shellcode data, that instantiates this activex control could call this vulnerable method to execute arbitrary commands
with the privileges of the current user. No remedy available as of January 2008.Alternatively user can set the killbit for
for the vulnerable ActiveX control's CLSID 309F674D-E4D3-46BD-B9E2-ED7DFD7FD176.
Signature ID: 34525
Comodo AntiVirus 'ExecuteStr()' ActiveX Control Arbitrary Command Execution
Vulnerability
Threat Level: Severe
Bugtraq: 27424
Signature Description: Comodo Antivirus is an antivirus solution for Microsoft Windows.Part of its functionality is
provided by an ActiveX control.Comodo Antivirus activeX control(Comodo Antivirus versions 2.0 ) is vulnerable to a
buffer overflow that can be exploited via ExecuteStr method. A malicious web page that containing hex encoded
exploit data, that instantiates this activex control could call this vulnerable method to execute arbitrary commands with
the privileges of the current user. No remedy available as of January 2008.Alternatively user can set the killbit for for
the vulnerable ActiveX control's CLSID 309F674D-E4D3-46BD-B9E2-ED7DFD7FD176.
Signature ID: 34526
Comodo AntiVirus 'ExecuteStr()' ActiveX Control Arbitrary Command Execution
Vulnerability
Threat Level: Warning
Bugtraq: 27424
Signature Description: Comodo Antivirus is an antivirus solution for Microsoft Windows.Part of its functionality is
provided by an ActiveX control.Comodo Antivirus activeX control(Comodo Antivirus versions 2.0 ) is vulnerable to a
buffer overflow that can be exploited via ExecuteStr method. A malicious web page that instantiated this control could
call this vulnerable method to execute arbitrary commands with the privileges of the current user.No remedy available