TMS zl Module IPS/IDS Signature Reference Guide RLX.10.2.2.94
ProCurve TMS zl Module IPS/IDS Signature
Reference Guide Version RLX.10.2.2.94
968
Signature ID: 35553
DjVu DjVu_ActiveX_MSOffice.dll ActiveX Component Heap Buffer Overflow vulnerability
Threat Level: Severe
Industry ID: CVE-2008-4922 Bugtraq: 31987
Signature Description: The DjVu ActiveX handles files in the DjVu digital document format. It is a new image
compression technology. DjVu allows the distribution on the Internet of very high resolution images of scanned
documents, digital documents, and photographs. DjVu allows content developers to scan high-resolution color pages of
books, magazines, catalogs, manuals, newspapers,historical or ancient documents, and make them available on the
Web. The DjVu ActiveX Control for MS Office (DjVu_ActiveX_MSOffice.dll) is vulnerable to a buffer overflow. By
persuading a victim to visit a malicious Web page containing Unicode encoded value of progid, a remote attacker could
overflow a buffer and execute arbitrary code on the system with the privileges of the user or cause the victim's browser
to crash. The DjVu ActiveX control version 3.0 is vulnerable, other versions may also be affected. Failed exploit
attempts will likely result in denial-of-service conditions. No remedy available as of Nov 22, 2008, user can set killbit
to the clsid 4A46B8CD-F7BD-11D4-B1D8-000102290E7C corresponding to the ProgID
Djvu_Activex.Djvu_ActiveX_Control.1 to resolve this issue.
Signature ID: 35554
Visagesoft eXPert PDF Viewer ActiveX Control Arbitrary File Overwrite Vulnerability
Threat Level: Warning
Bugtraq: 31984
Signature Description: Visagesoft eXPert PDF Viewer ActiveX control is an application for viewing PDF documents.
It provides a standalone embeddable PDF Viewer for windows application developers. Using Visual Basic, VC, Delphi
or any other programming language been able to handle activex controls, developers can build a customer interface for
viewing and printing pdf documents. PDF documents can be loaded from Streams or files. Visagesoft eXPert PDF
Viewer ActiveX control 3.0.990.0 is vulnerable, other versions may also be affected. The application is prone to a
vulnerability that allows attackers to overwrite files with arbitrary, attacker-supplied content to the
'savePageAsBitmap()' method, doesn't check user supplied arguments, so attacker can save/overwrite a specified file
passed as argument of the 'VSPDFViewerX.ocx' ActiveX control will overwrite files in an insecure manner. By
persuading a victim to visit a malicious Web page, a remote attacker could execute arbitrary code in the context of the
application using the ActiveX control (typically Internet Explorer). Failed exploit attempts will likely result in denial-
of-service conditions. No remedy available as of Nov 22, 2008, user can set killbit to the clsid {BDF3E9D2-5F7A-
4F4A-A914-7498C862EA6A}.
Signature ID: 35555
Visagesoft eXPert PDF Viewer ActiveX Control Arbitrary File Overwrite Vulnerability
Threat Level: Severe
Bugtraq: 31984
Signature Description: Visagesoft eXPert PDF Viewer ActiveX control is an application for viewing PDF documents.
It provides a standalone embeddable PDF Viewer for windows application developers. Using Visual Basic, VC, Delphi
or any other programming language been able to handle activex controls, developers can build a customer interface for
viewing and printing pdf documents. PDF documents can be loaded from Streams or files. Visagesoft eXPert PDF
Viewer ActiveX control 3.0.990.0 is vulnerable, other versions may also be affected. The application is prone to a
vulnerability that allows attackers to overwrite files with arbitrary, attacker-supplied content to the
'savePageAsBitmap()' method, doesn't check user supplied arguments, so attacker can save or overwrite a specified file
passed as argument of the 'VSPDFViewerX.ocx' ActiveX control will overwrite files in an insecure manner. By
persuading a victim to visit a malicious Web page contains Hex encoded data, a remote attacker could execute arbitrary
code in the context of the application using the ActiveX control (typically Internet Explorer). Failed exploit attempts
will likely result in denial-of-service conditions. No remedy available as of Nov 22, 2008, user can set killbit to the
clsid {BDF3E9D2-5F7A-4F4A-A914-7498C862EA6A}.