TMS zl Module IPS/IDS Signature Reference Guide RLX.10.2.2.94
ProCurve TMS zl Module IPS/IDS Signature
Reference Guide Version RLX.10.2.2.94
811
privileges of the current user. Alternatively user can set the killbit for the vulnerable ActiveX control's CLSID
corresponding to the progid MSVNClientDownloadManager61Lib.DownloadManager.1 to resolve this issue.
Signature ID: 34543
Macrovision FLEXnet Connect ActiveX Control Multiple Arbitrary File Download1
Threat Level: Severe
Bugtraq: 27279
Signature Description: Macrovision FLEXNet Connect allows software distributors and vendors the ability to
automatically deliver software and notify users of updates. Part of its functionality is provided by an ActiveX
control.Macrovision FLEXNet Connect ActiveX control(FLEXnet Connect 6.1.100.61372) is vulnerable to a buffer
overflow via DownloadAndExecute method.A specially crafted web page containing hex encoded shell code data, that
instantiates this control could trigger this buffer overflow, allowing an attacker to execute arbitrary code with the
privileges of the current user.Alternatively Users are advised to set kill bit to the clsid corresponding to the progid
MSVNClientDownloadManager61Lib.DownloadManager.1 to resolve this issue.
Signature ID: 34544
Macrovision FLEXnet Connect ActiveX Control Multiple Arbitrary File Download1
Threat Level: Warning
Bugtraq: 27279
Signature Description: Macrovision FLEXNet Connect allows software distributors and vendors the ability to
automatically deliver software and notify users of updates. Part of its functionality is provided by an ActiveX control.
Macrovision FLEXNet Connect ActiveX control(FLEXnet Connect 6.1.100.61372) is vulnerable to a buffer overflow
via DownloadAndExecute method.A specially crafted web page, that instantiates this control could trigger this buffer
overflow, allowing an attacker to execute arbitrary code with the privileges of the current user.Alternatively Users are
advised to set kill bit to the clsid corresponding to the progid
MSVNClientDownloadManager61Lib.DownloadManager.1 to resolve this issue.
Signature ID: 34545
Macrovision FLEXnet Connect ActiveX Control Multiple Arbitrary File Download1
Threat Level: Severe
Bugtraq: 27279
Signature Description: Macrovision FLEXNet Connect allows software distributors and vendors the ability to
automatically deliver software and notify users of updates. Part of its functionality is provided by an ActiveX control.
Macrovision FLEXNet Connect ActiveX control(FLEXnet Connect 6.1.100.61372) is vulnerable to a buffer overflow
via DownloadAndExecute method.A specially crafted web page containing UTF-16 encoded exploit data, that
instantiates this control could trigger this buffer overflow, allowing an attacker to execute arbitrary code with the
privileges of the current user.Alternatively Users are advised to set kill bit to the clsid corresponding to the progid
MSVNClientDownloadManager61Lib.DownloadManager.1 to resolve this issue.
Signature ID: 34546
Macrovision FLEXnet Connect ActiveX Control Multiple Arbitrary File Download1
Threat Level: Severe
Bugtraq: 27279
Signature Description: Macrovision FLEXNet Connect allows software distributors and vendors the ability to
automatically deliver software and notify users of updates. Part of its functionality is provided by an ActiveX
control.Macrovision FLEXNet Connect ActiveX control(FLEXnet Connect 6.1.100.61372) is vulnerable to a buffer
overflow via DownloadAndExecute method. A specially crafted web page containing %u encoded data, that
instantiates this control could trigger this buffer overflow, allowing an attacker to execute arbitrary code with the
privileges of the current user.Alternatively user can set the killbit for the vulnerable ActiveX control's CLSID
1DF951B1-8D40-4894-A04C-66AD824A0EEF.