TMS zl Module IPS/IDS Signature Reference Guide RLX.10.2.2.94
ProCurve TMS zl Module IPS/IDS Signature
Reference Guide Version RLX.10.2.2.94
855
Signature ID: 34875
Microsoft Windows HTML Help Control Cross-Zone Scripting Vulnerability
Threat Level: Warning
Industry ID: CVE-2004-1043
Bugtraq: 11467
Signature Description: The HTML Help ActiveX control (Hhctrl.ocx) provides a rich feature set for help systems. Key
features includes an expanding table of contents, keyword search, shortcuts, and pop-up help topics. The control is one
of the authoring components that ships with Microsoft HTML Help. It is also included with many third-party HTML
Help authoring tools. The Microsoft Windows HTML Help ActiveX control (hhctrl.ocx) does not properly determine
the source of windows opened by the Related Topics command. Internet Explorer 6.0 on Windows XP SP2 is
vulnerable, an attacker could exploit this vulnerability against Internet Explorer using a specially crafted web site.
Users are advised to set kill bit to the clsid corresponding to the progid Internet.HHCtrl.1 to resolve this issue.
Signature ID: 34876
Symantec Products SupportSoft SmartIssue ActiveX Control Remote Buffer Overflow
Vulnerability
Threat Level: Warning
Industry ID: CVE-2006-6490 Bugtraq: 22564
Signature Description: SupportSoft Inc. develops a product called Self-Service Suite which aims to help end users
solve technical problems on their own. SupportSoft products 6.x and prior versions are vulnerable, which are included
with multiple Symantec products, are vulnerable to multiple buffer overflows. By persuading a victim to visit a
specially-crafted Web page or open a specially-crafted HTML email, a remote attacker could overflow a buffer and
cause the victim's browser to crash or possible execute arbitrary code on the system with privileges of the victim. Users
are advised to set a killbit to the clsid 01010e00-5e80-11d8-9e86-0007e96c65ae as mentioned in Microsoft knowledge
base article to resolve this issue.
Signature ID: 34877
Symantec Products SupportSoft SmartIssue ActiveX Control Remote Buffer Overflow
Vulnerability
Threat Level: Warning
Industry ID: CVE-2006-6490 Bugtraq: 22564
Signature Description: SupportSoft Inc. develops a product called Self-Service Suite which aims to help end users
solve technical problems on their own. SupportSoft products 6.x and prior versions are vulnerable, which are included
with multiple Symantec products, are vulnerable to multiple buffer overflows. By persuading a victim to visit a
specially-crafted Web page or open a specially-crafted HTML email, a remote attacker could overflow a buffer and
cause the victim's browser to crash or possible execute arbitrary code on the system with privileges of the victim. Users
are advised to set kill bit to the clsid corresponding to the progid SPRT.SmartIssue to resolve this issue.
Signature ID: 34878
Symantec Products SupportSoft SmartIssue ActiveX Control Remote Buffer Overflow
Vulnerability
Threat Level: Severe
Industry ID: CVE-2006-6490
Bugtraq: 22564
Signature Description: SupportSoft Inc. develops a product called Self-Service Suite which aims to help end users
solve technical problems on their own. SupportSoft products 6.x and prior versions are vulnerable, which are included
with multiple Symantec products, are vulnerable to multiple buffer overflows. By persuading a victim to visit a
specially-crafted Web page or open a specially-crafted HTML email containing UTF-16 encoded exploit data, a remote
attacker could overflow a buffer and cause the victim's browser to crash or possible execute arbitrary code on the
system with privileges of the victim. Users are advised to set kill bit to the clsid 01010e00-5e80-11d8-9e86-
0007e96c65ae to resolve this issue.