TMS zl Module IPS/IDS Signature Reference Guide RLX.10.2.2.94
ProCurve TMS zl Module IPS/IDS Signature
Reference Guide Version RLX.10.2.2.94
813
Signature ID: 34551
Crystal Reports 'EnterpriseControls.dll' ActiveX Control Buffer Overflow Vulnerability
Threat Level: Severe
Industry ID: CVE-CVE-2008-0379
Bugtraq: 27333
Signature Description: Crystal Reports' is a popular third party package that is included with Visual Basic, which
allows to create reports for your application.Part of functionality is provided by an ActiveX control.The Crystal Reports
ActiveX control (EnterpriseControls.dll 11.5.0.313) is vulnerable to a buffer overflow, caused by improper bounds
checking by the SelectedSession() method. By persuading a victim to visit a malicious Web page containing hex
encoded shellcode, that passes an overly long string to the SelectedSession() method, a remote attacker could overflow
a buffer and execute arbitrary code on the system with the privileges of the victim or cause the victim's browser to
crash.No remedy available as of January 2008.Alternatively user can set the killbit for for the vulnerable ActiveX
control's 3D58C9F3-7CA5-4C44-9D62-C5B63E059050.
Signature ID: 34552
Crystal Reports 'EnterpriseControls.dll' ActiveX Control Buffer Overflow Vulnerability
Threat Level: Warning
Industry ID: CVE-CVE-2008-0379 Bugtraq: 27333
Signature Description: Crystal Reports' is a popular third party package that is included with Visual Basic, which
allows to create reports for your application.Part of functionality is provided by an ActiveX control.The Crystal Reports
ActiveX control (EnterpriseControls.dll 11.5.0.313) is vulnerable to a buffer overflow, caused by improper bounds
checking by the SelectedSession() method. By persuading a victim to visit a malicious Web page that passes an overly
long string to the SelectedSession() method, a remote attacker could overflow a buffer and execute arbitrary code on
the system with the privileges of the victim or cause the victim's browser to crash.No remedy available as of January
2008.Alternatively user can set the killbit for for the vulnerable ActiveX control's 3D58C9F3-7CA5-4C44-9D62-
C5B63E059050.
Signature ID: 34553
Crystal Reports 'EnterpriseControls.dll' ActiveX Control Buffer Overflow Vulnerability
Threat Level: Severe
Industry ID: CVE-CVE-2008-0379 Bugtraq: 27333
Signature Description: Crystal Reports' is a popular third party package that is included with Visual Basic, which
allows to create reports for your application.Part of functionality is provided by an ActiveX control.The Crystal Reports
ActiveX control (EnterpriseControls.dll 11.5.0.313) is vulnerable to a buffer overflow, caused by improper bounds
checking by the SelectedSession() method. By persuading a victim to visit a malicious Web page containing UTF-16
encoded exploit data, that passes an overly long string to the SelectedSession() method, a remote attacker could
overflow a buffer and execute arbitrary code on the system with the privileges of the victim or cause the victim's
browser to crash. No remedy available as of January 2008.Alternatively user can set the killbit for for the vulnerable
ActiveX control's 3D58C9F3-7CA5-4C44-9D62-C5B63E059050.
Signature ID: 34556
AOL Radio AmpX ActiveX Control Buffer Overflow
Threat Level: Severe
Industry ID: CVE-CVE-2007-5755
Bugtraq: 26396
Signature Description: AOL Radio is a streaming media service from AOL. Part of its functionality is implemented as
an ActiveX control.AOL Radio activeX control (AmpX ActiveX Control 2.6.1.11) is vulnerable to a buffer overflow
via AppendFileToPlaylist. A specially crafted web page containing %u encoded exploit data that instantiates this
control could trigger this buffer overflow, allowing an attacker to execute arbitrary code with the privileges of the
current user.Alternatively user can set the killbit for the vulnerable ActiveX control's CLSID FA3662C3-B8E8-11D6-
A667-0010B556D978.Apply the patch for this vulnerability (unagi_patch.exe), available from the AOL Web site.