TMS zl Module IPS/IDS Signature Reference Guide RLX.10.2.2.94
ProCurve TMS zl Module IPS/IDS Signature
Reference Guide Version RLX.10.2.2.94
825
send specially crafted username value to trigger a buffer overflow in the CRAM-MD5 authentication mechanism and
cause the target IMAP service to crash or execute arbitrary code.
Signature ID: 34700
SwiftView ActiveX Control and Browser Plugin Stack Buffer Overflow Vulnerability
Threat Level: Warning
Industry ID: CVE-CVE-2007-5602 Bugtraq: 27527
Signature Description: SwiftView is an application used to print or view PCL,HPGL, and TIFF files. Part of its
functionality is provided via a web browser plugin and an ActiveX control.SwiftView Activex control(SwiftView
8.3.4) is vulnerable to stack based buffer overflow via unspecified vectors to the svocx.ocx or npsview.dll. By
persuading victim to visit specially-crafted Web page, a remote attacker could overflow a buffer and execute arbitrary
code on the system with the privileges of the victim or cause the victim's browser to crash. Update the latest SwiftView
version available from vendors web site.Alternatively user can set the kill bit for CLSID 7DD62E58-5FA8-11D2-
AFB7-00104B64F126.
Signature ID: 34701
SwiftView ActiveX Control and Browser Plugin Stack Buffer Overflow Vulnerability
Threat Level: Severe
Industry ID: CVE-CVE-2007-5602 Bugtraq: 27527
Signature Description: SwiftView is software used to view or print PCL, HPGL, and TIFF files. SwiftSend is a product
used for secure electronic document communications.SwiftView activex control(SwiftView ActiveX control and plug-
in 8.3.4) is vulnerable to buffer overflow via unspecified vectors to the svocx.ocx ActiveX control or npsview.dll
plugin. By persuading victim to visit a malicious web page containing UTF-16 encoded data, remote attacker could
overflow a buffer and execute arbitrary code on the system with the privileges of the victim or cause the victim's
browser to crash. User can set the kill bit for CLSID 7DD62E58-5FA8-11D2-AFB7-00104B64F126.
Signature ID: 34702
SwiftView ActiveX Control and Browser Plugin Stack Buffer Overflow Vulnerability
Threat Level: Warning
Industry ID: CVE-CVE-2007-5602 Bugtraq: 27527
Signature Description: SwiftView is software used to view or print PCL, HPGL, and TIFF files. SwiftSend is a product
used for secure electronic document communications.SwiftView activex control(SwiftView ActiveX control and plug-
in 8.3.4) is vulnerable to buffer overflow via unspecified vectors to the svocx.ocx ActiveX control or npsview.dll
plugin. A remote attacker could overflow a buffer and execute arbitrary code on the system with the privileges of the
victim or cause the victim's browser to crash. User can set the kill bit for CLSID corresponding to the prog id
Sview.SviewCtrl.1 to disable this ActiveX Control. This issue is addressed in version 8.3.5 of the SwiftView and
SwiftSend software which is available at eLynx bulletin SBSV-07-10-02.
Signature ID: 34703
SwiftView ActiveX Control and Browser Plugin Stack Buffer Overflow Vulnerability
Threat Level: Severe
Industry ID: CVE-CVE-2007-5602 Bugtraq: 27527
Signature Description: SwiftView is software used to view or print PCL, HPGL, and TIFF files. SwiftSend is a product
used for secure electronic document communications.SwiftView activex control(SwiftView ActiveX control and plug-
in 8.3.4) is vulnerable to buffer overflow via unspecified vectors to the svocx.ocx ActiveX control or npsview.dll
plugin. By persuading victim to visit a malicious web page containing UTF-16 encoded data, a remote attacker could
overflow a buffer and execute arbitrary code on the system with the privileges of the victim or cause the victim's
browser to crash. User can set the kill bit for CLSID corresponding to the progid Sview.SviewCtrl.1 to disable this
ActiveX Control. This issue is addressed in version 8.3.5 of the SwiftView and SwiftSend software which is available
at eLynx bulletin SBSV-07-10-02.