TMS zl Module IPS/IDS Signature Reference Guide RLX.10.2.2.94
ProCurve TMS zl Module IPS/IDS Signature
Reference Guide Version RLX.10.2.2.94
821
Signature ID: 34588
Aurigma Image Uploader 'ImageUploader4.ocx' ActiveX Control Buffer Overflow
Vulnerability
Threat Level: Severe
Industry ID: CVE-CVE-2008-0660 Bugtraq: 27539
Signature Description: Aurigma Image Uploader ActiveX Control lets users manage and upload images to a
server.Aurigma image uploader activex control(Image Uploader version 4.5.70.0) is vulnerable to a buffer overflow via
action property. A malicious web page containing UTF-16 encoded exploit data, that instantiated by activex control
could trigger vulnerabilities, allowing an attacker to execute arbitrary code with the privileges of the current user.
Alternately user can the kill bit for ActiveX control CLSID 6E5E167B-1566-4316-B27F-0DDAB3484CF7.
Signature ID: 34589
Aurigma Image Uploader 'ImageUploader4.ocx' ActiveX Control Buffer Overflow
Vulnerability
Threat Level: Severe
Industry ID: CVE-CVE-2008-0660 Bugtraq: 27539
Signature Description: Aurigma Image Uploader ActiveX Control lets users manage and upload images to a
server.Aurigma image uploader activex control(Image Uploader version 4.5.70.0) is vulnerable to a buffer overflow via
action property. A malicious web page containing hex encoded data, that instantiated by activex control could trigger
vulnerabilities, allowing an attacker to execute arbitrary code with the privileges of the current user. Alternately user
can the kill bit for ActiveX control CLSID corresponding to the progid Aurigma.ImageUploader.4 to resolve this issue.
Signature ID: 34590
Aurigma Image Uploader 'ImageUploader4.ocx' ActiveX Control Buffer Overflow
Vulnerability
Threat Level: Severe
Industry ID: CVE-CVE-2008-0660 Bugtraq: 27539
Signature Description: Aurigma Image Uploader ActiveX Control lets users manage and upload images to a
server.Aurigma image uploader activex control(Image Uploader version 4.5.70.0) is vulnerable to a buffer overflow via
action property. A malicious web page containing %u encoded exploit data that instantiated by the activex control
control could trigger vulnerability, allowing an attacker to execute arbitrary code with the privileges of the current user.
Alternately user can the kill bit for ActiveX control CLSID 6E5E167B-1566-4316-B27F-0DDAB3484CF7
Signature ID: 34591
Aurigma Image Uploader 'ImageUploader4.ocx' ActiveX Control Buffer Overflow
Vulnerability
Threat Level: Warning
Industry ID: CVE-CVE-2008-0660 Bugtraq: 27539
Signature Description: Aurigma Image Uploader ActiveX Control lets users manage and upload images to a server.
Aurigma image uploader activex control(Image Uploader version 4.5.70.0) is vulnerable to a buffer overflow vi ation
proparty. A malicious web page that instantiated by control could trigger vulnerability, allowing an attacker to execute
arbitrary code with the privileges of the current user. Alternately user can the kill bit for ActiveX control CLSID
6E5E167B-1566-4316-B27F-0DDAB3484CF7