TMS zl Module IPS/IDS Signature Reference Guide RLX.10.2.2.94
ProCurve TMS zl Module IPS/IDS Signature
Reference Guide Version RLX.10.2.2.94
817
Signature ID: 34571
Gateway Web Launch ActiveX Control buffer overflow Vulnerabilities
Threat Level: Warning
Bugtraq: 27193
Signature Description: The Gateway Web Launch ActiveX control is used to provide troubleshooting and launch
services to users of Gateway computers. It is installed by default on many Gateway systems.Gateway web launch
activeX (Gateway Web Launch 1.0.0.1) is vulnerable to a buffer overflow via DoWebLaunch method.Successfully
exploiting would allow an attacker to execute arbitrary code with the privileges of the current user.Alternatively user
can set kill bit for Activex control CLSID 93CEA8A4-6059-4E0B-ADDD-73848153DD5E0.
Signature ID: 34572
Gateway Web Launch ActiveX Control buffer overflow Vulnerabilities
Threat Level: Severe
Bugtraq: 27193
Signature Description: The Gateway Web Launch ActiveX control is used to provide troubleshooting and launch
services to users of Gateway computers. It is installed by default on many Gateway systems.Gateway web launch
activeX (Gateway Web Launch 1.0.0.1) is vulnerable to a buffer overflow via DoWebLaunch method. By persuading a
victim to visit a malicious Web page, containing UTF-16 encoded data attacker can execute the code. Successfully
exploiting would allow an attacker to execute arbitrary code with the privileges of the current user.Alternatively user
can set kill bit for Activex control CLSID 93CEA8A4-6059-4E0B-ADDD-73848153DD5E0.
Signature ID: 34573
Gateway Web Launch ActiveX Control buffer overflow Vulnerabilities
Threat Level: Severe
Bugtraq: 27193
Signature Description: The Gateway Web Launch ActiveX control is used to provide troubleshooting and launch
services to users of Gateway computers. It is installed by default on many Gateway systems.Gateway web launch
activeX (Gateway Web Launch 1.0.0.1) is vulnerable to a buffer overflow via DoWebLaunch method. By persuading a
victim to visit a malicious Web page, containing hex encoded data attacker can execute the code. Successfully
exploiting would allow an attacker to execute arbitrary code with the privileges of the current user.Alternatively user
can set kill bit for Activex control CLSID corresponding to the progid WebLaunch.WeblaunchCtl.1
Signature ID: 34574
Gateway Web Launch ActiveX Control buffer overflow Vulnerabilities
Threat Level: Severe
Bugtraq: 27193
Signature Description: The Gateway Web Launch ActiveX control is used to provide troubleshooting and launch
services to users of Gateway computers. It is installed by default on many Gateway systems. Gateway web launch
activeX (Gateway Web Launch 1.0.0.1) is vulnerable to a buffer overflow via DoWebLaunch method. By persuading a
victim to visit a malicious Web page, containing %u encoded shell code data attacker can execute the code.
Successfully exploiting would allow an attacker to execute arbitrary code with the privileges of the current
user.Alternatively user can set kill bit for Activex control CLSID corresponding to the progid
WebLaunch.WeblaunchCtl.1
Signature ID: 34575
Gateway Web Launch ActiveX Control buffer overflow Vulnerabilities
Threat Level: Warning
Bugtraq: 27193
Signature Description: The Gateway Web Launch ActiveX control is used to provide troubleshooting and launch