TMS zl Module IPS/IDS Signature Reference Guide RLX.10.2.2.94
ProCurve TMS zl Module IPS/IDS Signature
Reference Guide Version RLX.10.2.2.94
965
versions may also be affected. This vulnerability is caused due to improper bounds checking by the LogFile,
ClearLogFile and SaveToFile methods, present in VImpX.ocx ActiveX control. By persuading a victim to visit a
malicious Web page which contain hex encoded data, a remote attacker could execute arbitrary code in the context of
the application using the ActiveX control (typically Internet Explorer). Failed exploit attempts will likely result in
denial-of-service conditions. No remedy available as of Nov 22, 2008, user can set killbit to the clsid 7600707B-9F47-
416D-8AB5-6FD96EA37968 corresponding to the ProgID VImpX.VImpAX to resolve this issue.
Signature ID: 35543
DB Software Laboratory VImpX.ocx ActiveX Control Multiple Insecure Methods
Threat Level: Severe
Industry ID: CVE-2008-4749
Bugtraq: 31907
Signature Description: VImpX is an ActiveX control that imports data into various databases. DB Software Laboratory
'VImpX.ocx' ActiveX control is prone to multiple vulnerabilities that let attackers delete or overwrite arbitrary files on
the affected computer in the context of the application using the ActiveX control. VImpX 4.8.8.0 is vulnerable, other
versions may also be affected. This vulnerability is caused due to improper bounds checking by the LogFile,
ClearLogFile and SaveToFile methods, present in VImpX.ocx ActiveX control. By persuading a victim to visit a
malicious Web page which contain %u encoded data, a remote attacker could execute arbitrary code in the context of
the application using the ActiveX control (typically Internet Explorer). Failed exploit attempts will likely result in
denial-of-service conditions. No remedy available as of Nov 22, 2008, user can set killbit to the clsid 7600707B-9F47-
416D-8AB5-6FD96EA37968 corresponding to the ProgID VImpX.VImpAX to resolve this issue.
Signature ID: 35544
DB Software Laboratory VImpX.ocx ActiveX Control Multiple Insecure Methods
Threat Level: Severe
Industry ID: CVE-2008-4749 Bugtraq: 31907
Signature Description: VImpX is an ActiveX control that imports data into various databases. DB Software Laboratory
'VImpX.ocx' ActiveX control is prone to multiple vulnerabilities that let attackers delete or overwrite arbitrary files on
the affected computer in the context of the application using the ActiveX control. VImpX 4.8.8.0 is vulnerable, other
versions may also be affected. This vulnerability is caused due to improper bounds checking by the LogFile,
ClearLogFile and SaveToFile methods, present in VImpX.ocx ActiveX control. By persuading a victim to visit a
malicious Web page, a remote attacker could execute arbitrary code in the context of the application using the ActiveX
control (typically Internet Explorer). Failed exploit attempts will likely result in denial-of-service conditions. No
remedy available as of Nov 22, 2008, user can set killbit to the clsid 7600707B-9F47-416D-8AB5-6FD96EA37968
corresponding to the ProgID VImpX.VImpAX to resolve this issue.
Signature ID: 35546
DjVu DjVu_ActiveX_MSOffice.dll ActiveX Component Heap Buffer Overflow vulnerability
Threat Level: Warning
Industry ID: CVE-2008-4922
Bugtraq: 31987
Signature Description: The DjVu ActiveX handles files in the DjVu digital document format. It is a new image
compression technology. DjVu allows the distribution on the Internet of very high resolution images of scanned
documents, digital documents, and photographs. DjVu allows content developers to scan high-resolution color pages of
books, magazines, catalogs, manuals, newspapers,historical or ancient documents, and make them available on the
Web. The DjVu ActiveX Control for MS Office (DjVu_ActiveX_MSOffice.dll) is vulnerable to a buffer overflow. By
persuading a victim to visit a specially-crafted Web page that passes an overly long argument to the ImageURL
property, a remote attacker could overflow a buffer and execute arbitrary code on the system with the privileges of the
user or cause the victim's browser to crash. The DjVu ActiveX control version 3.0 is vulnerable, other versions may
also be affected. Failed exploit attempts will likely result in denial-of-service conditions. No remedy available as of
Nov 22, 2008, user can set killbit to the clsid 4A46B8CD-F7BD-11D4-B1D8-000102290E7C.