TMS zl Module IPS/IDS Signature Reference Guide RLX.10.2.2.94
ProCurve TMS zl Module IPS/IDS Signature
Reference Guide Version RLX.10.2.2.94
918
characters. Using DataMatrix barcodes, developers can eliminate database information retrieval, and can simply read
all account details from the DataMatrix barcode symbol itself. Black Ice, BITiff.ocx in Barcode SDK 5.01 is vulnerable
to stack based buffer overflow vulnerability. By persuading a victim to visit a specially-crafted Web page, remote
attacker could overflow a buffer and execute arbitrary code on the system with administrator privileges. No remedy
available as of July 6, 2008, user can set killbit to the clsid corresponding to the progid BITIFF.BITiffCtrl.1 to resolve
this issue.
Signature ID: 35292
Black Ice 'BiAnno.ocx' Annotation SDK ActiveX Control Remote Buffer Overflow
Vulnerability
Threat Level: Warning
Industry ID: CVE-2008-2745 Bugtraq: 29635
Signature Description: The Black Ice Barcode Reading SDK/ActiveX toolkit is a robust and efficient library 2D
DataMatrix barcoding function. It is used for reading/decoding, searching barcodes, and detecting barcode orientation.
DataMatrix barcodes can store large amounts of data in a small symbol, up to a maximum 3,116 Digits or 2,335 ASCII
characters. Black Ice Annotation SDK 10.x is vulnerable to stack based buffer overflow. The vulnerability is caused
due to a boundary error in the BiAnno.ocx ActiveX control when handling the "AnnoSaveToTiff()" method. Successful
exploitation allows execution of arbitrary code in the victim system. No remedy available as of July 6, 2008, user can
set killbit to the clsid B27DC3CE-FF81-4DCF-9B80-0E69D61BED2A to resolve this issue.
Signature ID: 35293
Black Ice 'BiAnno.ocx' Annotation SDK ActiveX Control Remote Buffer Overflow
Vulnerability
Threat Level: Severe
Industry ID: CVE-2008-2745 Bugtraq: 29635
Signature Description: The Black Ice Barcode Reading SDK/ActiveX toolkit is a robust and efficient library 2D
DataMatrix barcoding function. It is used for reading/decoding, searching barcodes, and detecting barcode orientation.
Black Ice Annotation SDK 10.x is vulnerable to stack based buffer overflow. The vulnerability is caused due to a
boundary error in the BiAnno.ocx ActiveX control when handling the "AnnoSaveToTiff()" method and hex encoded
shellcode data. Successful exploitation allows execution of arbitrary code in the victim system. No remedy available as
of July 6, 2008, user can set killbit to the clsid B27DC3CE-FF81-4DCF-9B80-0E69D61BED2A to resolve this issue.
Signature ID: 35294
Black Ice 'BiAnno.ocx' Annotation SDK ActiveX Control Remote Buffer Overflow
Vulnerability
Threat Level: Severe
Industry ID: CVE-2008-2745
Bugtraq: 29635
Signature Description: The Black Ice Barcode Reading SDK/ActiveX toolkit is a robust and efficient library 2D
DataMatrix barcoding function. It is used for reading/decoding, searching barcodes, and detecting barcode orientation.
Black Ice Annotation SDK 10.x is vulnerable to stack based buffer overflow. The vulnerability is caused due to a
boundary error in the BiAnno.ocx ActiveX control when handling the "AnnoSaveToTiff()" method via %u encoded
web page. Successful exploitation allows execution of arbitrary code in the victim system. No remedy available as of
July 6, 2008, user can set killbit to the clsid B27DC3CE-FF81-4DCF-9B80-0E69D61BED2A to resolve this issue.