TMS zl Module IPS/IDS Signature Reference Guide RLX.10.2.2.94
ProCurve TMS zl Module IPS/IDS Signature
Reference Guide Version RLX.10.2.2.94
979
Signature ID: 35602
Yahoo Messenger 8.1 ActiveX Remote Denial of Service Attack
Threat Level: Severe
Industry ID: CVE-2007-6228
Bugtraq: 26656
Signature Description: Yahoo! Companion is a personalized browser toolbar that allows you to access bookmarks,
links to Yahoo!, and other features from any personal computer with the software installed and an Internet connection.
Yahoo Messenger 8.1 and prior are vulnerable to stack based buffer overflow vulnerability. This vulnerability is caused
due to improper bounds checking by the c() method. By persuading a victim to visit a malicious Web page containing
%u encoded data, a remote attacker could overflow a buffer and execute arbitrary code on the system or cause the
application to crash.No remedy available as of July 13, 2008, user can set killbit to the clsid 02478D38-C3F9-4EFB-
9B51-7695ECA05670 to resolve this issue.
Signature ID: 35603
Yahoo Messenger 8.1 ActiveX Remote Denial of Service Attack
Threat Level: Severe
Industry ID: CVE-2007-6228 Bugtraq: 26656
Signature Description: Yahoo! Companion is a personalized browser toolbar that allows you to access bookmarks,
links to Yahoo!, and other features from any personal computer with the software installed and an Internet connection.
Yahoo Messenger 8.1 and prior are vulnerable to stack based buffer overflow vulnerability. By persuading a victim to
visit a malicious Web page, a remote attacker could overflow a buffer and execute arbitrary code on the system or
cause the application to crash.No remedy available as of July 13, 2008, user can set killbit to the clsid 02478D38-C3F9-
4EFB-9B51-7695ECA05670 to resolve this issue.
Signature ID: 35604
Yahoo Messenger 8.1 ActiveX Remote Denial of Service Attack
Threat Level: Warning
Industry ID: CVE-2007-6228 Bugtraq: 26656
Signature Description: Yahoo! Companion is a personalized browser toolbar that allows you to access bookmarks,
links to Yahoo!, and other features from any personal computer with the software installed and an Internet connection.
Yahoo Messenger 8.1 and prior are vulnerable to stack based buffer overflow vulnerability. This vulnerability is caused
due to improper bounds checking by the c() method. By persuading a victim to visit a malicious Web page, a remote
attacker could overflow a buffer and execute arbitrary code on the system or cause the application to crash.No remedy
available as of July 13, 2008, user can set killbit to the clsid corresponding to the progid yt.ythelper.2 to resolve this
issue.
Signature ID: 35605
Yahoo Messenger 8.1 ActiveX Remote Denial of Service Attack
Threat Level: Severe
Industry ID: CVE-2007-6228
Bugtraq: 26656
Signature Description: Yahoo! Companion is a personalized browser toolbar that allows you to access bookmarks,
links to Yahoo!, and other features from any personal computer with the software installed and an Internet connection.
Yahoo Messenger 8.1 and prior are vulnerable to stack based buffer overflow vulnerability. This vulnerability is caused
due to improper bounds checking by the c() method. By persuading a victim to visit a malicious Web page containing
hex encoded data, a remote attacker could overflow a buffer and execute arbitrary code on the system or cause the
application to crash.No remedy available as of July 13, 2008, user can set killbit to the clsid corresponding to the
progid yt.ythelper.2 to resolve this issue.