TMS zl Module IPS/IDS Signature Reference Guide RLX.10.2.2.94
ProCurve TMS zl Module IPS/IDS Signature
Reference Guide Version RLX.10.2.2.94
914
vulnerable system when a user visits malicious website, and also causes memory corruption via overly long arguments.
No remedy available as of July 6, 2008, user can set killbit to the clsid D2797899-BE27-4CDB-892F-4FDC26EA9BA9
to resolve this issue.
Signature ID: 35278
Black Ice Barcode SDK BIDIB.ocx ActiveX control code execution Vulnerability
Threat Level: Severe
Industry ID: CVE-2008-2683 CVE-2008-2684
Signature Description: The Black Ice Barcode Reading SDK/ActiveX toolkit is a robust and efficient library 2D
DataMatrix barcoding function. It is used for reading/decoding, searching bar codes, and detecting bar code orientation.
DataMatrix barcodes can store large amounts of data in a small symbol, up to a maximum 3,116 Digits or 2,335 ASCII
characters. Using DataMatrix barcodes, developers can eliminate database information retrieval, and can simply read
all account details from the datamatrix barcode symbol itself. Black Ice, BIDIB.ocx 10.9.3.0 in Barcode SDK 5.01 is
vulnerable to arbitrary code execution vulnerability. BIDIB.ocx includes the insecure "DownloadImageFileURL()"
method along with %u encoded data, which can be exploited to download an arbitrary file to an arbitrary location on a
vulnerable system when a user visits malicious website, and also causes memory corruption via overly long arguments.
No remedy available as of July 6, 2008, user can set killbit to the clsid D2797899-BE27-4CDB-892F-4FDC26EA9BA9
to resolve this issue.
Signature ID: 35279
Black Ice Barcode SDK BIDIB.ocx ActiveX control code execution Vulnerability
Threat Level: Severe
Industry ID: CVE-2008-2683 CVE-2008-2684
Signature Description: The Black Ice Barcode Reading SDK/ActiveX toolkit is a robust and efficient library 2D
DataMatrix barcoding function. It is used for reading/decoding, searching barcodes, and detecting barcode orientation.
DataMatrix barcodes can store large amounts of data in a small symbol, up to a maximum 3,116 Digits or 2,335 ASCII
characters. Using DataMatrix barcodes, developers can eliminate database information retrieval, and can simply read
all account details from the DataMatrix barcode symbol itself. Black Ice, BIDIB.ocx 10.9.3.0 in Barcode SDK 5.01 is
vulnerable to arbitrary code execution vulnerability. BIDIB.ocx includes the insecure "DownloadImageFileURL()"
method. When a user visits malicious website, it causes memory corruption via overly long arguments sent to that
method. No remedy available as of July 6, 2008, user can set killbit to the clsid D2797899-BE27-4CDB-892F-
4FDC26EA9BA9 to resolve this issue.
Signature ID: 35280
Black Ice Barcode SDK BIDIB.ocx ActiveX control code execution Vulnerability
Threat Level: Warning
Industry ID: CVE-2008-2683 CVE-2008-2684
Signature Description: The Black Ice Barcode Reading SDK/ActiveX toolkit is a robust and efficient library 2D
DataMatrix barcoding function. It is used for reading/decoding, searching barcodes, and detecting barcode orientation.
DataMatrix barcodes can store large amounts of data in a small symbol, up to a maximum 3,116 Digits or 2,335 ASCII
characters. Using DataMatrix barcodes, developers can eliminate database information retrieval, and can simply read
all account details from the DataMatrix barcode symbol itself. Black Ice, BIDIB.ocx 10.9.3.0 in Barcode SDK 5.01 is
vulnerable to arbitrary code execution vulnerability. BIDIB.ocx includes the insecure "DownloadImageFileURL()"
method, which can be exploited to download an arbitrary file to an arbitrary location on a vulnerable system when a
user visits malicious website, and also causes memory corruption via overly long arguments. No remedy available as of
July 6, 2008, user can set killbit to the clsid corresponding to the progid BIDIB.BIDIBCtrl.1 to resolve this issue.