TMS zl Module IPS/IDS Signature Reference Guide RLX.10.2.2.94
ProCurve TMS zl Module IPS/IDS Signature
Reference Guide Version RLX.10.2.2.94
990
No remedy available as of August 12, 2008, user can set killbit to the clsid 82351441-9094-11D1-A24B-
00A0C932C7DF to resolve this issue.
Signature ID: 35643
Download Accelerator Plus - DAP 8.6 (AniGIF.ocx) Buffer Overflow Vulnerability
Threat Level: Severe
Bugtraq: 30621
Signature Description: Download Accelerator Plus is a closed source software download manager for Microsoft
Windows. It has a number of features like scheduled download and auto Internet disconnection and/or shutting down of
computer upon download completion. DAP also provides auto antivirus scanning of downloaded contents by
integrating with the antivirus software present in the OS. DAP integrates with Internet Explorer, Mozilla Firefox,
Netscape, and Opera. It pops up a small message box by the system tray with "Open/Play" commands upon completion
of download. Animation GIF ActiveX versions 2.47, 1.12a and 1.12b present in DAP are vulnerable to stack based
buffer overflow vulnerabilities. This vulnerability is caused due to improper bounds checking by the ReadGIF and
READGIF2 methods, present in AniGIF.ocx ActiveX control. By persuading a victim to visit a malicious Web page
containing %u encoded data, a remote attacker could execute arbitrary code in the context of the application using the
ActiveX control (typically Internet Explorer). Failed exploit attempts will likely result in denial-of-service conditions.
No remedy available as of August 12, 2008, user can set killbit to the clsid 82351441-9094-11D1-A24B-
00A0C932C7DF to resolve this issue.
Signature ID: 35644
Download Accelerator Plus - DAP 8.6 (AniGIF.ocx) Buffer Overflow Vulnerability
Threat Level: Severe
Bugtraq: 30621
Signature Description: Download Accelerator Plus is a closed source software download manager for Microsoft
Windows. It has a number of features like scheduled download and auto Internet disconnection and/or shutting down of
computer upon download completion. DAP also provides auto antivirus scanning of downloaded contents by
integrating with the antivirus software present in the OS. DAP integrates with Internet Explorer, Mozilla Firefox,
Netscape, and Opera. It pops up a small message box by the system tray with "Open/Play" commands upon completion
of download. Animation GIF ActiveX versions 2.47, 1.12a and 1.12b present in DAP are vulnerable to stack based
buffer overflow vulnerabilities. This vulnerability is caused due to improper bounds checking by the ReadGIF and
READGIF2 methods, present in AniGIF.ocx ActiveX control. By persuading a victim to visit a malicious Web page
containing specially formatted encoded data, a remote attacker could execute arbitrary code in the context of the
application using the ActiveX control (typically Internet Explorer). Failed exploit attempts will likely result in denial-
of-service conditions. No remedy available as of August 12, 2008, user can set killbit to the clsid 82351441-9094-
11D1-A24B-00A0C932C7DF to resolve this issue.
Signature ID: 35645
Download Accelerator Plus - DAP 8.6 (AniGIF.ocx) Buffer Overflow Vulnerability
Threat Level: Warning
Bugtraq: 30621
Signature Description: Download Accelerator Plus is a closed source software download manager for Microsoft
Windows. It has a number of features like scheduled download and auto Internet disconnection and/or shutting down of
computer upon download completion. DAP also provides auto antivirus scanning of downloaded contents by
integrating with the antivirus software present in the OS. DAP integrates with Internet Explorer, Mozilla Firefox,
Netscape, and Opera. It pops up a small message box by the system tray with "Open/Play" commands upon completion
of download. Animation GIF ActiveX versions 2.47, 1.12a and 1.12b present in DAP are vulnerable to stack based
buffer overflow vulnerabilities. This vulnerability is caused due to improper bounds checking by the ReadGIF and
READGIF2 methods, present in AniGIF.ocx ActiveX control. By persuading a victim to visit a malicious Web page, a
remote attacker could execute arbitrary code in the context of the application using the ActiveX control (typically