TMS zl Module IPS/IDS Signature Reference Guide RLX.10.2.2.94
ProCurve TMS zl Module IPS/IDS Signature
Reference Guide Version RLX.10.2.2.94
980
Signature ID: 35606
Yahoo Messenger 8.1 ActiveX Remote Denial of Service Attack
Threat Level: Severe
Industry ID: CVE-2007-6228 Bugtraq: 26656
Signature Description: Yahoo! Companion is a personalized browser toolbar that allows you to access bookmarks,
links to Yahoo!, and other features from any personal computer with the software installed and an Internet connection.
Yahoo Messenger 8.1 and prior are vulnerable to stack based buffer overflow vulnerability. This vulnerability is caused
due to improper bounds checking by the c() method. By persuading a victim to visit a malicious Web page containing
%u encoded data, a remote attacker could overflow a buffer and execute arbitrary code on the system or cause the
application to crash.No remedy available as of July 13, 2008, user can set killbit to the clsid corresponding to the
progid yt.ythelper.2 to resolve this issue.
Signature ID: 35607
Yahoo Messenger 8.1 ActiveX Remote Denial of Service Attack
Threat Level: Severe
Industry ID: CVE-2007-6228 Bugtraq: 26656
Signature Description: Yahoo! Companion is a personalized browser toolbar that allows you to access bookmarks,
links to Yahoo!, and other features from any personal computer with the software installed and an Internet connection.
Yahoo Messenger 8.1 and prior are vulnerable to stack based buffer overflow vulnerability. By persuading a victim to
visit a malicious Web page, a remote attacker could overflow a buffer and execute arbitrary code on the system or
cause the application to crash.No remedy available as of July 13, 2008, user can set killbit to the clsid corresponding to
the progid yt.ythelper.2 to resolve this issue.
Signature ID: 35608
Document Imaging SDK Buffer Overflow Vulnerability
Threat Level: Warning
Signature Description: SDK/ActiveX is a software development tool that helps application developers and
programmers to create applications with sophisticated image processing capabilities. The Document Imaging
SDK/ActiveX is built upon Black Ice technology used by customers in products like TIFF SDK/ActiveX, Annotation
SDK/ActiveX and Image SDK/ActiveX. Black Ice Document Imaging SDK 10.95 is vulneable to stack based buffer
overflow. The vulnerability is caused due to a boundary error within "OpenGifFile()" in BiGif.dll. This can be
exploited to cause a heap-based buffer overflow by passing an overly long string to the
"GetNumberOfImagesInGifFile()" method of the BIImgFrm Control ActiveX control (BIImgFrm.ocx). Successful
exploitation may allow execution of arbitrary code. No remedy available as of July 13, 2008, user can set killbit to the
clsid 79956462-F148-497F-B247-DF35A095F80B to resolve this issue.
Signature ID: 35609
Document Imaging SDK Buffer Overflow Vulnerability
Threat Level: Severe
Signature Description: SDK/ActiveX is a software development tool that helps application developers and
programmers to create applications with sophisticated image processing capabilities. The Document Imaging
SDK/ActiveX is built upon Black Ice technology used by customers in products like TIFF SDK/ActiveX, Annotation
SDK/ActiveX and Image SDK/ActiveX. Black Ice Document Imaging SDK 10.95 is vulnerable to stack based buffer
overflow. The vulnerability is caused due to a boundary error within "OpenGifFile()" in BiGif.dll. This can be
exploited to cause a heap-based buffer overflow by passing an overly long string via hex encoded data to the
"GetNumberOfImagesInGifFile()" method of the BIImgFrm ActiveX control (BIImgFrm.ocx). Successful exploitation
may allow execution of arbitrary code. No remedy is available as of July 13, 2008, user can set killbit to the clsid
79956462-F148-497F-B247-DF35A095F80B to resolve this issue.