TMS zl Module IPS/IDS Signature Reference Guide RLX.10.2.2.94
ProCurve TMS zl Module IPS/IDS Signature
Reference Guide Version RLX.10.2.2.94
901
Signature ID: 35223
Microsoft Rich Text Box ActiveX Control Arbitrary File Overwrite Vulnerability
Threat Level: Severe
Industry ID: CVE-2008-0237
Bugtraq: 27201
Signature Description: The Microsoft Rich Text Box ActiveX control provides a user interface widget for editing Rich
Text Format (RTF) documents. Microsoft rich text box activex control(Microsoft Rich Textbox Control 6.0) is
vulnerable to arbitary files overwrite via insecure savefile method. A specially crafted web page that instantiated this
control can be able to exploit this vulnerability to create or overwrite arbitrary files with the privileges of the current
user. User can set the kill bit for CLSID B617B991-A767-4F05-99BA-AC6FCABB102E to stop working of this
axtivex control. Exploit attempts of this vulnerability detected using a combination of two signatures, this is second
signature and generate log message.
Signature ID: 35224
Microsoft Rich Text Box ActiveX Control Arbitrary File Overwrite Vulnerability
Threat Level: Severe
Industry ID: CVE-2008-0237 Bugtraq: 27201
Signature Description: The Microsoft Rich Text Box ActiveX control provides a user interface widget for editing Rich
Text Format (RTF) documents. Microsoft rich text box activex control(Microsoft Rich Textbox Control 6.0) is
vulnerable to arbitrary files overwrite via insecure savefile method. A specially crafted web page containing %u
encoded data, that instantiated this control can be able to exploit this vulnerability to create or overwrite arbitrary files
with the privileges of the current user. User can set the kill bit for CLSID B617B991-A767-4F05-99BA-
AC6FCABB102E to stop working of this activex control.
Signature ID: 35226
Microsoft Rich Text Box ActiveX Control Arbitrary File Overwrite Vulnerability
Threat Level: Severe
Industry ID: CVE-2008-0237 Bugtraq: 27201
Signature Description: The Microsoft Rich Text Box ActiveX control provides a user interface widget for editing Rich
Text Format (RTF) documents. Microsoft rich text box activex control(Microsoft Rich Textbox Control 6.0) is
vulnerable to arbitrary files overwrite via insecure savefile method. A specially crafted web page containing UTF-16
encoded exploit data, that instantiated this activex control can be able to exploit this vulnerability to create or overwrite
arbitrary files with the privileges of the current user. User can set the kill bit for CLSID B617B991-A767-4F05-99BA-
AC6FCABB102E to stop working of this activex control.
Signature ID: 35227
Microsoft Rich Text Box ActiveX Control Arbitrary File Overwrite Vulnerability
Threat Level: Severe
Industry ID: CVE-2008-0237 Bugtraq: 27201
Signature Description: The Microsoft Rich Text Box ActiveX control provides a user interface widget for editing Rich
Text Format (RTF) documents. Microsoft rich text box activex control(Microsoft Rich Textbox Control 6.0) is
vulnerable to arbitrary files overwrite via insecure savefile method. A specially crafted web page that instantiated this
control can be able to exploit this vulnerability to create or overwrite arbitrary files with the privileges of the current
user. User can set the kill bit for CLSID B617B991-A767-4F05-99BA-AC6FCABB102E to stop working of this
activex control.
Signature ID: 35228
Microsoft Rich Text Box ActiveX Control Arbitrary File Overwrite Vulnerability
Threat Level: Severe
Industry ID: CVE-2008-0237
Bugtraq: 27201