TMS zl Module IPS/IDS Signature Reference Guide RLX.10.2.2.94
ProCurve TMS zl Module IPS/IDS Signature
Reference Guide Version RLX.10.2.2.94
991
Internet Explorer). Failed exploit attempts will likely result in denial-of-service conditions. No remedy available as of
August 12, 2008, user can set killbit to the clsid value corresponding to the progid AniGIFCtrl.AniGIF to resolve this
issue.
Signature ID: 35646
Download Accelerator Plus - DAP 8.6 (AniGIF.ocx) Buffer Overflow Vulnerability
Threat Level: Severe
Bugtraq: 30621
Signature Description: Download Accelerator Plus is a closed source software download manager for Microsoft
Windows. It has a number of features like scheduled download and auto Internet disconnection and/or shutting down of
computer upon download completion. DAP also provides auto antivirus scanning of downloaded contents by
integrating with the antivirus software present in the OS. DAP integrates with Internet Explorer, Mozilla Firefox,
Netscape, and Opera. It pops up a small message box by the system tray with "Open/Play" commands upon completion
of download. Animation GIF ActiveX versions 2.47, 1.12a and 1.12b present in DAP are vulnerable to stack based
buffer overflow vulnerabilities. This vulnerability is caused due to improper bounds checking by the ReadGIF and
READGIF2 methods, present in AniGIF.ocx ActiveX control. By persuading a victim to visit a malicious Web page
containing hex encoded data, a remote attacker could execute arbitrary code in the context of the application using the
ActiveX control (typically Internet Explorer). Failed exploit attempts will likely result in denial-of-service conditions.
No remedy available as of August 12, 2008, user can set killbit to the clsid value corresponding to the progid
AniGIFCtrl.AniGIF to resolve this issue.
Signature ID: 35647
Download Accelerator Plus - DAP 8.6 (AniGIF.ocx) Buffer Overflow Vulnerability
Threat Level: Severe
Bugtraq: 30621
Signature Description: Download Accelerator Plus is a closed source software download manager for Microsoft
Windows. It has a number of features like scheduled download and auto Internet disconnection and/or shutting down of
computer upon download completion. DAP also provides auto antivirus scanning of downloaded contents by
integrating with the antivirus software present in the OS. DAP integrates with Internet Explorer, Mozilla Firefox,
Netscape, and Opera. It pops up a small message box by the system tray with "Open/Play" commands upon completion
of download. Animation GIF ActiveX versions 2.47, 1.12a and 1.12b present in DAP are vulnerable to stack based
buffer overflow vulnerabilities. This vulnerability is caused due to improper bounds checking by the ReadGIF and
READGIF2 methods, present in AniGIF.ocx ActiveX control. By persuading a victim to visit a malicious Web page
containing %u encoded shellcode data, a remote attacker could execute arbitrary code in the context of the application
using the ActiveX control (typically Internet Explorer). Failed exploit attempts will likely result in denial-of-service
conditions. No remedy available as of August 12, 2008, user can set killbit to the clsid value corresponding to the
progid AniGIFCtrl.AniGIF to resolve this issue.
Signature ID: 35648
Download Accelerator Plus - DAP 8.6 (AniGIF.ocx) Buffer Overflow Vulnerability
Threat Level: Severe
Bugtraq: 30621
Signature Description: Download Accelerator Plus is a closed source software download manager for Microsoft
Windows. It has a number of features like scheduled download and auto Internet disconnection and/or shutting down of
computer upon download completion. DAP also provides auto antivirus scanning of downloaded contents by
integrating with the antivirus software present in the OS. DAP integrates with Internet Explorer, Mozilla Firefox,
Netscape, and Opera. It pops up a small message box by the system tray with "Open/Play" commands upon completion
of download. Animation GIF ActiveX versions 2.47, 1.12a and 1.12b present in DAP are vulnerable to stack based
buffer overflow vulnerabilities. This vulnerability is caused due to improper bounds checking by the ReadGIF and
READGIF2 methods, present in AniGIF.ocx ActiveX control. By persuading a victim to visit a malicious Web page