TMS zl Module IPS/IDS Signature Reference Guide RLX.10.2.2.94

ManualsBrandsHP ManualsComputer AccessoriesHP ProCurve Switch xl Access Controller Module

841

842

843

844

845

846

847

848

849

850

ProCurve TMS zl Module IPS/IDS Signature

Reference Guide Version RLX.10.2.2.94

843

SetMovieName(), SetTarget(), or SetMatrix() function, a remote attacker could overflow a buffer and execute arbitrary

code on the system with the privileges of the victim or cause the victim's browser to crash. No remedy is available as of

February 2008. Alternately user can disable this ActiveX by setting a kill bit. This signature detects attacks using

PROGID and %HH encoding.

Signature ID: 34807

Apple QuickTime QTPlugin.ocx ActiveX Control Multiple Methods Buffer Overflow

Vulnerability

Threat Level: Severe

Industry ID: CVE-2008-0778 Bugtraq: 27769

Signature Description: Apple QuickTIme QTPlugin.ocx Control allows to view a wide variety of multimedia content

in web pages. QTPlugin.ocx version 7.4.1 and prior is vulnerable to a stack-based buffer overflow. By persuading a

victim to visit a specially-crafted web page that passes overly long arguments to the SetBgColor(), SetHREF(),

SetMovieName(), SetTarget(), or SetMatrix() function. By persuading a victim to visit a malicious Web page,

containing UTF-16 encoded data attacker can overflow a buffer and execute arbitrary code on the system with the

privileges of the victim or cause the victim's browser to crash. No remedy is available as of February 2008. Alternately

user can disable this ActiveX by setting a kill bit for CLSID 02BF25D5-8C17-4B23-BC80-D3488ABDDC6B.

Signature ID: 34808

Apple QuickTime QTPlugin.ocx ActiveX Control Multiple Methods Buffer Overflow

Vulnerability

Threat Level: Warning

Industry ID: CVE-2008-0778 Bugtraq: 27769

Signature Description: Apple QuickTIme QTPlugin.ocx Control allows to view a wide variety of multimedia content

in web pages. QTPlugin.ocx version 7.4.1 and prior is vulnerable to a stack-based buffer overflow. By persuading a

victim to visit a specially-crafted web page that passes overly long arguments to the SetBgColor(), SetHREF(),

SetMovieName(), SetTarget(), or SetMatrix() function, a remote attacker could overflow a buffer and execute arbitrary

code on the system with the privileges of the victim or cause the victim's browser to crash. No remedy is available as of

February 2008. Alternately user can disable this ActiveX by setting a kill bit for CLSID 02BF25D5-8C17-4B23-BC80-

D3488ABDDC6B.

Signature ID: 34809

Apple QuickTime QTPlugin.ocx ActiveX Control Multiple Methods Buffer Overflow

Vulnerability

Threat Level: Severe

Industry ID: CVE-2008-0778

Bugtraq: 27769

Signature Description: Apple QuickTIme QTPlugin.ocx Control allows to view a wide variety of multimedia content

in web pages. QTPlugin.ocx version 7.4.1 and prior is vulnerable to a stack-based buffer overflow. By persuading a

victim to visit a specially-crafted web page that passes overly long arguments to the SetBgColor(), SetHREF(),

SetMovieName(), SetTarget(), or SetMatrix() function, a remote attacker could overflow a buffer and execute arbitrary

code on the system with the privileges of the victim or cause the victim's browser to crash. No remedy is available as of

February 2008. Alternately user can disable this ActiveX by setting a kill bit .

Signature ID: 34810

Apple QuickTime QTPlugin.ocx ActiveX Control Multiple Methods Buffer Overflow

Vulnerability

Threat Level: Warning

Industry ID: CVE-2008-0778

Bugtraq: 27769

Signature Description: Apple QuickTIme QTPlugin.ocx Control allows to view a wide variety of multimedia content