TMS zl Module IPS/IDS Signature Reference Guide RLX.10.2.2.94
ProCurve TMS zl Module IPS/IDS Signature
Reference Guide Version RLX.10.2.2.94
809
C36112BF-2FA3-4694-8603-3B510EA3B465. This signature detects attack traffic using the vulnerable PROGID in
UTF encoding.
Signature ID: 34535
Macrovision FLEXnet Connect ActiveX Control Multiple Arbitrary File Download
Threat Level: Severe
Bugtraq: 27279
Signature Description: Macrovision FLEXNet Connect allows software distributors and vendors the ability to
automatically deliver software and notify users of updates. Part of its functionality is provided by an ActiveX control.
Macrovision FLEXNet Connect ActiveX control(FLEXnet Connect 6.1.100.61372) is vulnerable to a buffer overflow
via AddFile and RunScheduledJobs methods. A specially crafted web page having hex encoded data, that instantiates
this control could trigger this buffer overflow, allowing an attacker to execute arbitrary code with the privileges of the
current user.Alternatively user can set the killbit for the vulnerable ActiveX control's CLSID FCED4482-7CCB-4E6F-
86C9-DCB22B52843C.
Signature ID: 34536
Macrovision FLEXnet Connect ActiveX Control Multiple Arbitrary File Download
Threat Level: Severe
Bugtraq: 27279
Signature Description: Macrovision FLEXNet Connect allows software distributors and vendors the ability to
automatically deliver software and notify users of updates. Part of its functionality is provided by an ActiveX
control.Macrovision FLEXNet Connect ActiveX control(FLEXnet Connect 6.1.100.61372) is vulnerable to a buffer
overflow via AddFile and RunScheduledJobs methods. A specially crafted web page having %u encoded exploit data,
that instantiates this control could trigger this buffer overflow, allowing an attacker to execute arbitrary code with the
privileges of the current user.Alternatively user can set the killbit for the vulnerable ActiveX control's CLSID
FCED4482-7CCB-4E6F-86C9-DCB22B52843C.
Signature ID: 34537
Macrovision FLEXnet Connect ActiveX Control Multiple Arbitrary File Download
Threat Level: Severe
Bugtraq: 27279
Signature Description: Macrovision FLEXNet Connect allows software distributors and vendors the ability to
automatically deliver software and notify users of updates. Part of its functionality is provided by an ActiveX
control.Macrovision FLEXNet Connect ActiveX control(FLEXnet Connect 6.1.100.61372) is vulnerable to a buffer
overflow via AddFile and RunScheduledJobs methods. A specially crafted web page that instantiates this activex
control could trigger this buffer overflow, allowing an attacker to execute arbitrary code with the privileges of the
current user.Alternatively user can set the killbit for the vulnerable ActiveX control's CLSID FCED4482-7CCB-4E6F-
86C9-DCB22B52843C.
Signature ID: 34538
Macrovision FLEXnet Connect ActiveX Control Multiple Arbitrary File Download
Threat Level: Severe
Bugtraq: 27279
Signature Description: Macrovision FLEXNet Connect allows software distributors and vendors the ability to
automatically deliver software and notify users of updates. Part of its functionality is provided by an ActiveX
control.Macrovision FLEXNet Connect ActiveX control(FLEXnet Connect 6.1.100.61372) is vulnerable to a buffer
overflow via AddFile and RunScheduledJobs methods. A specially crafted web page containing UTF-16 encoded
malformed data, that instantiates this control could trigger this buffer overflow, allowing an attacker to execute
arbitrary code with the privileges of the current user.Alternatively user can set the killbit for the vulnerable ActiveX
control's CLSID FCED4482-7CCB-4E6F-86C9-DCB22B52843C.