TMS zl Module IPS/IDS Signature Reference Guide RLX.10.2.2.94
ProCurve TMS zl Module IPS/IDS Signature
Reference Guide Version RLX.10.2.2.94
838
Windows versions is affected only if COM objects have been enabled by the ActiveX opt-in feature.Microsoft Internet
Explorer 5.01, 6, and 7 uses certain COM objects from (1) Msb1fren.dll, (2) Htmlmm.ocx, and (3) Blnmgrps.dll as
ActiveX controls, which allows remote attackers to execute arbitrary code via unspecified vectors. This signature
detects if an attacker try to exploit Blnmgrps.dll.
Signature ID: 34780
MS IE COM ActiveX Object Memory Corruption vulnerability
Threat Level: Warning
Industry ID: CVE-2007-0219 Bugtraq: 22504
Signature Description: Microsoft Internet Explorer is prone to a memory-corruption vulnerability when instantiating
certain COM objects Internet Explorer 7 on Microsoft Vista is not affected by this issue, Internet Explorer 7 on other
Windows versions is affected only if COM objects have been enabled by the ActiveX opt-in feature.Microsoft Internet
Explorer 5.01, 6, and 7 uses certain COM objects from (1) Msb1fren.dll, (2) Htmlmm.ocx, and (3) Blnmgrps.dll as
ActiveX controls, which allows remote attackers to execute arbitrary code via unspecified vectors. This signature
detects if an attacker try to exploit Blnmgrps.dll by using CLSID E56CCB42-598C-462D-9AD8-4FD5B4498C5D.
Signature ID: 34781
Adobe Acrobat Reader Plugin-Possible Remote Code Execution vulnerability
Threat Level: Warning
Industry ID: CVE-2007-0046 Bugtraq: 21858
Signature Description: A remote user could exploit this vulnerability using the FDF parameter in a specially-crafted
URL for a PDF file that, when loaded by a target user, will cause arbitrary scripting code to be executed by the target
user's Firefox browser.The code will originate from the target site hosting the PDF file and will run in the security
context of that site.As a result, the code will be able to access the target user's cookies (including authentication
cookies), if any, associated with the site, access data recently submitted by the target user via web form to the site, or
take actions on the site acting as the target user.The Adobe Reader plugins for Microsoft Internet Explorer, Mozilla
Firefox, and Opera browsers are affected.Adobe Acrobat Standard, Acrobat Professional, Acrobat Elements, and
Adobe Acrobat 3D are also affected when used with certain browsers.The vendor has issued fixed versions of Adobe
Reader (7.0.9, 8.0.0).
Signature ID: 34783
Microsoft XML Core Service XMLHTTP ActiveX Control Remote Code Execution
Vulnerability
Threat Level: Severe
Industry ID: CVE-2006-5745 Bugtraq: 20915
Signature Description: Microsoft XML Core Services (MSXML) allow developers who use applications such as
JScript, Visual Basic Scripting Edition (VBScript), and Microsoft Visual Studio to create XML-based applications.
MSXML includes the XMLHTTP ActiveX control, which allows web pages to transmit or receive XML data via
HTTP operations. The XMLHTTP 4.0 ActiveX control contains an unspecified memory corruption vulnerability. A
remote attacker could exploit this vulnerability to execute arbitrary code on a victim's system, if the attacker could
persuade the victim to visit a Web page containing a malicious XMLHTTP ActiveX control. Microsoft has released
updates in Microsoft Security Bulletin MS06-071 to address this issue.
Signature ID: 34784
Cisco IOS Crafted IP Option Vulnerability
Threat Level: Warning
Industry ID: CVE-2007-0480
Bugtraq: 22211
Signature Description: The Internet Protocol (IP) is a protocol used for communicating data across a packet-switched
internetwork using the TCP/IP suite of protocols. Internet Protocol version 4 (IPv4) is the fourth iteration of the