TMS zl Module IPS/IDS Signature Reference Guide RLX.10.2.2.94
ProCurve TMS zl Module IPS/IDS Signature
Reference Guide Version RLX.10.2.2.94
982
information to HP support specialists in HP's worldwide customer support organization. Hewlett-Packard will treat the
collected information as confidential. The HP Instant Support ActiveX control is used by HP to provide support to HP
desktop systems. HP Instant Support 1.0 23 and prior are vulnerable to multiple attacks like buffer overflows and file
overwrite vulnerabilities. By visiting a malicious web page containing vulnerable methods like StartApp or
DownloadFile or GetFileTime or DeleteSingleFile could trigger one of these vulnerabilities. Successfully exploiting
one of these vulnerabilities would allow an attacker to execute arbitrary code with the privileges of the current user.
Vendor has confirmed this issue and provided patches to resolve this issue. Alternately user can set killbit to the clsid
14C1B87C-3342-445F-9B5E-365FF330A3AC to resolve this issue.
Signature ID: 35615
HP Instant Support HPISDataManager.dll ActiveX Control Multiple Vulnerabilities
Threat Level: Warning
Industry ID: CVE-2007-5604 CVE-2007-5606 CVE-2008-0952 CVE-2007-5607 Bugtraq: 29526,39532,29534,29535
Signature Description: Instant Support Professional Edition (ISPE) will collect and send your computer and printer
information to HP support specialists in HP's worldwide customer support organization. Hewlett-Packard will treat the
collected information as confidential. The HP Instant Support ActiveX control is used by HP to provide support to HP
desktop systems. HP Instant Support 1.0 23 and prior are vulnerable to multiple attacks like buffer overflows and file
overwrite vulnerabilities. By visiting a malicious web page that instantiates this control could trigger one of these
vulnerabilities. Successfully exploiting one of these vulnerabilities would allow an attacker to execute arbitrary code
with the privileges of the current user. Vendor has confirmed this issue and provided patches to resolve this issue.
Alternately user can set killbit to the clsid 14C1B87C-3342-445F-9B5E-365FF330A3AC to resolve this issue.
Signature ID: 35616
HP Instant Support HPISDataManager.dll ActiveX Control Multiple Vulnerabilities
Threat Level: Severe
Signature Description: Instant Support Professional Edition (ISPE) will collect and send your computer and printer
information to HP support specialists in HP's worldwide customer support organization. Hewlett-Packard will treat the
collected information as confidential. The HP Instant Support ActiveX control is used by HP to provide support to HP
desktop systems. HP Instant Support 1.0 23 and prior are vulnerable to multiple attacks like buffer overflows and file
overwrite vulnerabilities. By visiting a malicious web page containing hex encoded data, that instantiates this control
could trigger one of these vulnerabilities. Successfully exploiting one of these vulnerabilities would allow an attacker to
execute arbitrary code with the privileges of the current user. Vendor has confirmed this issue and provided patches to
resolve this issue. Alternately user can set killbit to the clsid 14C1B87C-3342-445F-9B5E-365FF330A3AC to resolve
this issue.
Signature ID: 35617
HP Instant Support HPISDataManager.dll ActiveX Control Multiple Vulnerabilities
Threat Level: Severe
Signature Description: Instant Support Professional Edition (ISPE) will collect and send your computer and printer
information to HP support specialists in HP's worldwide customer support organization. Hewlett-Packard will treat the
collected information as confidential. The HP Instant Support ActiveX control is used by HP to provide support to HP
desktop systems. HP Instant Support 1.0 23 and prior are vulnerable to multiple attacks like buffer overflows and file
overwrite vulnerabilities. By visiting a malicious web page containing %u encoded data, that instantiates this control
could trigger one of these vulnerabilities. Successfully exploiting one of these vulnerabilities would allow an attacker to
execute arbitrary code with the privileges of the current user. Vendor has confirmed this issue and provided patches to
resolve this issue. Alternately user can set killbit to the clsid 14C1B87C-3342-445F-9B5E-365FF330A3AC to resolve
this issue.