TMS zl Module IPS/IDS Signature Reference Guide RLX.10.2.2.94
ProCurve TMS zl Module IPS/IDS Signature
Reference Guide Version RLX.10.2.2.94
822
Signature ID: 34592
Aurigma Image Uploader 'ImageUploader4.ocx' ActiveX Control Buffer Overflow
Vulnerability
Threat Level: Severe
Industry ID: CVE-CVE-2008-0660 Bugtraq: 27539
Signature Description: Aurigma Image Uploader ActiveX Control lets users manage and upload images to a
server.Aurigma image uploader activex control(Image Uploader version 4.5.70.0) is vulnerable to a buffer overflow via
action property. A malicious web page containing UTF-16 encoded exploit data, that instantiated by activex control
could trigger vulnerabilities, allowing an attacker to execute arbitrary code with the privileges of the current user.
Alternately user can the kill bit for ActiveX control CLSID corresponding to the progid Aurigma.ImageUploader.4 to
resolve this issue.
Signature ID: 34593
Yahoo! Music Jukebox 'mediagrid.dll' ActiveX Control Remote Buffer Overflow Vulnerability
Threat Level: Severe
Industry ID: CVE-CVE-2008-0625 Bugtraq: 27578
Signature Description: Yahoo! Jukebox is Yahoo's popular music for microsoft windows.Part of its functionality is
provided by ActiveX controls,mediagrid.dll.Yahoo Jukebox Activex Control(Yahoo! Music Jukebox 2.2) is vulnerable
to a buffer overflow via addbitmap method.A malicious web page that instantiated by control could trigger
vulnerabilities, allowing an attacker to execute arbitrary code with the privileges of the current user. Alternately user
can the kill bit for ActiveX control CLSID 22FD7C0A-850C-4A53-9821-0B0915C96139.
Signature ID: 34594
Yahoo! Music Jukebox 'mediagrid.dll' ActiveX Control Remote Buffer Overflow Vulnerability
Threat Level: Severe
Industry ID: CVE-CVE-2008-0625 Bugtraq: 27578
Signature Description: Yahoo! Jukebox is Yahoo's popular music for microsoft windows.Part of its functionality is
provided by ActiveX controls, mediagrid.dll. Yahoo Jukebox Activex Control(Yahoo! Music Jukebox 2.2) is
vulnerable to a buffer overflow via addbitmap method. A malicious web page containing %u encoded shellcode data,
that instantiated by control could trigger vulnerability, allowing an attacker to execute arbitrary code with the privileges
of the current user. Alternately user can the kill bit for ActiveX control CLSID 22FD7C0A-850C-4A53-9821-
0B0915C96139.
Signature ID: 34595
Yahoo! Music Jukebox 'mediagrid.dll' ActiveX Control Remote Buffer Overflow Vulnerability
Threat Level: Warning
Industry ID: CVE-CVE-2008-0625 Bugtraq: 27578
Signature Description: Yahoo! Jukebox is Yahoo's popular music for microsoft windows.Part of its functionality is
provided by ActiveX controls,mediagrid.dll. Yahoo Jukebox Activex Control(Yahoo! Music Jukebox 2.2) is vulnerable
to a buffer overflow via addbitmap method.A malicious web page that instantiated by control could trigger venerability,
allowing an attacker to execute arbitrary code with the privileges of the current user. Alternately user can the kill bit for
ActiveX control CLSID 22FD7C0A-850C-4A53-9821-0B0915C96139.
Signature ID: 34596
Yahoo! Music Jukebox 'mediagrid.dll' ActiveX Control Remote Buffer Overflow Vulnerability
Threat Level: Severe
Industry ID: CVE-CVE-2008-0625
Bugtraq: 27578
Signature Description: Yahoo! Jukebox is Yahoo's popular music for microsoft windows.Part of its functionality is