TMS zl Module IPS/IDS Signature Reference Guide RLX.10.2.2.94
ProCurve TMS zl Module IPS/IDS Signature
Reference Guide Version RLX.10.2.2.94
810
Signature ID: 34539
Macrovision FLEXnet Connect ActiveX Control Multiple Arbitrary File Download
Threat Level: Severe
Bugtraq: 27279
Signature Description: Macrovision FLEXNet Connect allows software distributors and vendors the ability to
automatically deliver software and notify users of updates. Part of its functionality is provided by an ActiveX
control.Macrovision FLEXNet Connect ActiveX control(FLEXnet Connect 6.1.100.61372) is vulnerable to a buffer
overflow via AddFile and RunScheduledJobs methods. A specially crafted web page containing %u encoded
malformed exploit data, that instantiates this control could trigger this buffer overflow, allowing an attacker to execute
arbitrary code with the privileges of the current user.Alternatively user can set the killbit for the vulnerable ActiveX
control's CLSID (FCED4482-7CCB-4E6F-86C9-DCB22B52843C) corresponding to the progid
MSVNClientDownloadManager61Lib.DownloadManager.1 to resolve this issue.
Signature ID: 34540
Macrovision FLEXnet Connect ActiveX Control Multiple Arbitrary File Download
Threat Level: Severe
Bugtraq: 27279
Signature Description: Macrovision FLEXNet Connect allows software distributors and vendors the ability to
automatically deliver software and notify users of updates. Part of its functionality is provided by an ActiveX
control.Macrovision FLEXNet Connect ActiveX control(FLEXnet Connect 6.1.100.61372) is vulnerable to a buffer
overflow via AddFile and RunScheduledJobs methods. A specially crafted web page containing hex encoded data, that
instantiates this control could trigger this buffer overflow, allowing an attacker to execute arbitrary code with the
privileges of the current user.Alternatively user can set the killbit for the vulnerable ActiveX control's CLSID
(FCED4482-7CCB-4E6F-86C9-DCB22B52843C) corresponding to the progid
MSVNClientDownloadManager61Lib.DownloadManager.1 to resolve this issue.
Signature ID: 34541
Macrovision FLEXnet Connect ActiveX Control Multiple Arbitrary File Download
Threat Level: Warning
Bugtraq: 27279
Signature Description: Macrovision FLEXNet Connect allows software distributors and vendors the ability to
automatically deliver software and notify users of updates. Part of its functionality is provided by an ActiveX
control.Macrovision FLEXNet Connect ActiveX control(FLEXnet Connect 6.1.100.61372) is vulnerable to a buffer
overflow via AddFile and RunScheduledJobs methods. A specially crafted web page that instantiates this control could
trigger this buffer overflow, allowing an attacker to execute arbitrary code with the privileges of the current
user.Alternatively user can set the killbit for the vulnerable ActiveX control's CLSID (FCED4482-7CCB-4E6F-86C9-
DCB22B52843C) corresponding to the progid MSVNClientDownloadManager61Lib.DownloadManager.1 to resolve
this issue.
Signature ID: 34542
Macrovision FLEXnet Connect ActiveX Control Multiple Arbitrary File Download1
Threat Level: Severe
Bugtraq: 27279
Signature Description: Macrovision FLEXNet Connect allows software distributors and vendors the ability to
automatically deliver software and notify users of updates. Part of its functionality is provided by an ActiveX
control.Macrovision FLEXNet Connect ActiveX control(FLEXnet Connect 6.1.100.61372) is vulnerable to a buffer
overflow via DownloadAndExecute method. A specially crafted web page containing %u encoded data, that
instantiates this control could trigger this buffer overflow, allowing an attacker to execute arbitrary code with the