TMS zl Module IPS/IDS Signature Reference Guide RLX.10.2.2.94
ProCurve TMS zl Module IPS/IDS Signature
Reference Guide Version RLX.10.2.2.94
981
Signature ID: 35610
Document Imaging SDK Buffer Overflow Vulnerability
Threat Level: Severe
Signature Description: SDK/ActiveX is a software development tool that helps application developers and
programmers to create applications with sophisticated image processing capabilities. The Document Imaging
SDK/ActiveX is built upon Black Ice technology used by customers in products like TIFF SDK/ActiveX, Annotation
SDK/ActiveX and Image SDK/ActiveX. Black Ice Document Imaging SDK 10.95 is vulnerable to stack based buffer
overflow. The vulnerability is caused due to a boundary error within "OpenGifFile()" in BiGif.dll. This can be
exploited to cause a heap-based buffer overflow by passing an overly long string via %u encoded string to the
"GetNumberOfImagesInGifFile()" method of the BIImgFrm ActiveX control (BIImgFrm.ocx). Successful exploitation
may allow execution of arbitrary code. No remedy is available as of July 13, 2008, user can set killbit to the clsid
79956462-F148-497F-B247-DF35A095F80B to resolve this issue.
Signature ID: 35611
Document Imaging SDK Buffer Overflow Vulnerability
Threat Level: Severe
Signature Description: SDK/ActiveX is a software development tool that helps application developers and
programmers to create applications with sophisticated image processing capabilities. The Document Imaging
SDK/ActiveX is built upon Black Ice technology used by customers in products like TIFF SDK/ActiveX, Annotation
SDK/ActiveX and Image SDK/ActiveX. Black Ice Document Imaging SDK 10.95 is vulneable to stack based buffer
overflow. The vulnerability is caused due to a boundary error within "OpenGifFile()" in BiGif.dll. Successful
exploitation may allow execution of arbitrary code. No remedy available as of July 13, 2008, user can set killbit to the
clsid 79956462-F148-497F-B247-DF35A095F80B to resolve this issue.
Signature ID: 35612
Bea Weblogic Apache Connector Code Exec Denial of Service Exploit
Threat Level: Severe
Signature Description: BEA is one of the first commercial application server providers to implement the new Java EE
5 standard. BEA WebLogic Server 10 offers improvements in the area of developer productivity, enhanced web
services in support of Service-Oriented Architecture (SOA) and refined operations manageability. A vulnerability was
reported in Oracle WebLogic in the Apache Connector. A remote user can send a specially crafted HTTP POST request
to execute arbitrary code on the target system. The code will run with the privileges of the target service and will
execute arbitrary code on the target system. No solution was available as of 18th july 2008.
Signature ID: 35613
Bea Weblogic Apache Connector Code Exec Denial of Service Exploit
Threat Level: Severe
Signature Description: BEA is one of the first commercial application server providers to implement the new Java EE
5 standard. BEA WebLogic Server 10 offers improvements in the area of developer productivity, enhanced web
services in support of Service-Oriented Architecture (SOA) and refined operations manageability. A vulnerability was
reported in Oracle WebLogic in the Apache Connector. A remote user can send syn flood attack on HTTP PORT and
utilizes total Band Width of the system or some times causes system crash. No solution was available as of 18th july
2008.
Signature ID: 35614
HP Instant Support HPISDataManager.dll ActiveX Control Multiple Vulnerabilities
Threat Level: Warning
Industry ID: CVE-2007-5608
CVE-2008-0953 CVE-2007-5605 CVE-2007-5610 Bugtraq: 29530,29531,29533,29536
Signature Description: Instant Support Professional Edition (ISPE) will collect and send your computer and printer