TMS zl Module IPS/IDS Signature Reference Guide RLX.10.2.2.94
ProCurve TMS zl Module IPS/IDS Signature
Reference Guide Version RLX.10.2.2.94
826
Signature ID: 34704
Macromedia Flash Flash8b.OCX ActiveX Control Denial of Service Vulnerability
Threat Level: Warning
Industry ID: CVE-CVE-2006-6827 Bugtraq: 21818
Signature Description: Macromedia Flash player is a player for the Flash media format and enables frame-based
animations with sound to be viewed within a web browser. The Macromedia Flash activex control (Macromedia Flash
8.0) is vulnerable to a denail of service via long string argument to AllowAcriptAccess method. By persuading a victim
to visit a specially-crafted Web page, a remote attacker can execute arbitrary code on the system with the privileges of
the victim. Update the Adobe Flash Player 9.0.16.0 or later version is available from vendors web site or set killbit to
the clsid D27CDB6E-AE6D-11CF-96B8-444553540000 to resolve this issue.
Signature ID: 34705
Macromedia Flash Flash8b.OCX ActiveX Control Denial of Service Vulnerability
Threat Level: Warning
Industry ID: CVE-CVE-2006-6827 Bugtraq: 21818
Signature Description: Macromedia Flash player is a player for the Flash media format and enables frame-based
animations with sound to be viewed within a web browser. The Macromedia Flash activex control (Macromedia Flash
8.0) is vulnerable to a denail of service via long string argument to AllowAcriptAccess method. By persuading a victim
to visit a specially-crafted Web page, a remote attacker can execute arbitrary code on the system with the privileges of
the victim. Update the Adobe Flash Player 9.0.16.0 or later version is available from vendors web site or set killbit to
the clsid corresponding to the progid value MacromediaFlashPaper.MacromediaFlashPaper to resolve this issue.
Signature ID: 34706
EnjoySAP rfcguisink.rfcguisink.1 ActiveX Control Heap-based Buffer Overflow Vulnerability
Threat Level: Severe
Industry ID: CVE-2007-3606 Bugtraq: 24777
Signature Description: EnjoySAP, is the SAP GUI client in SAP R/3's 3-tier architecture of database, application
server and client. It is software that runs on a Microsoft Windows, Apple Macintosh or Unix desktop, and allows user
to access SAP functionality in SAP applications such as mySAP ERP and SAP Business Information Warehouse. The
EnjoySAP rfcguisink.rfcguisink.1 ActiveX control is vulnerable to a heap-based buffer overflow. The issue occurs
when processing overly long arguments (>180bytes) passed to the LaunchGui() method. By persuading the victim to
visit a specially-crafted Web page containing %u encoded exploit data, a remote attacker could overflow a buffer and
execute arbitrary code on the system or cause the browser to crash. Upgrade to the latest version of EnjoySAP
(7/19/2007 or later), available from the EnjoySAP FTP Web site. Alternately user can set the kill bit to disable ActiveX
for CLSID 7D6B5B29-FC7E-11D1-9288-00104B885781.
Signature ID: 34707
EnjoySAP rfcguisink.rfcguisink.1 ActiveX Control Heap-based Buffer Overflow Vulnerability
Threat Level: Severe
Industry ID: CVE-2007-3606
Bugtraq: 24777
Signature Description: EnjoySAP, is the SAP GUI client in SAP R/3's 3-tier architecture of database, application
server and client. It is software that runs on a Microsoft Windows, Apple Macintosh or Unix desktop, and allows user
to access SAP functionality in SAP applications such as mySAP ERP and SAP Business Information Warehouse. The
EnjoySAP rfcguisink.rfcguisink.1 ActiveX control is vulnerable to a heap-based buffer overflow. The issue occurs
when processing overly long arguments (>180bytes) passed to the LaunchGui() method. By persuading the victim to
visit a specially-crafted Web page containing hex encoded data, a remote attacker could overflow a buffer and execute
arbitrary code on the system or cause the browser to crash. Upgrade to the latest version of EnjoySAP (7/19/2007 or
later), available from the EnjoySAP FTP Web site. Alternately user can set the kill bit to disable ActiveX for CLSID
7D6B5B29-FC7E-11D1-9288-00104B885781.