TMS zl Module IPS/IDS Signature Reference Guide RLX.10.2.2.94
ProCurve TMS zl Module IPS/IDS Signature
Reference Guide Version RLX.10.2.2.94
992
containing specially formatted encoded data, a remote attacker could execute arbitrary code in the context of the
application using the ActiveX control (typically Internet Explorer). Failed exploit attempts will likely result in denial-
of-service conditions. No remedy available as of August 12, 2008, user can set killbit to the clsid value corresponding
to the progid AniGIFCtrl.AniGIF to resolve this issue.
Signature ID: 35649
Microsoft Visual Studio Msmask32.ocx ActiveX control Buffer Overflow Vulnerability
Threat Level: Severe
Industry ID: CVE-2008-3704 Bugtraq: 30674
Signature Description: Microsoft Visual Studio is the Integrated Development Environment (IDE) from Microsoft. It
can be used to develop console and Graphical user interface applications along with Windows Forms applications, web
sites, web applications, and web services for all platforms supported by Microsoft Windows, Windows Mobile, .NET
Framework etc. Microsoft Msmask32.ocx 6.0.81 and prior in Microsoft Visual Studio 6.0 is vulnerable to stack based
buffer overflow vulnerability. This issue is caused when handling an overly long argument passed to the Mask
parameter in the Msmask32.ocx ActiveX control. By persuading a victim to visit specially crafted html page containing
hex encoded data, remote user can cause arbitrary code to be executed on the target user's system or may cause denial
of service. Patch is available, Upgrade Msmask32.ocx version 6.0.84.18 to resolve this issue.
Signature ID: 35650
Ultra Office ActiveX Control Remote Buffer Overflow Vulnerability
Threat Level: Severe
Signature Description: Ultra Office Control is a standard ActiveX control that can be used as an ActiveX document
container. It can be easily integrated into applications written in languages that support ActiveX control such as Visual
C++, Visual Basic, Delphi, C++ Builder, .Net languages, eDeveloper, and web pages with Internet explorer. Ultra
Office ActiveX Control versions prior to 2.0.2008.801 are vulnerable to remote buffer overflow vulnerability. By
persuading a victim to visit a malicious Web site containing %u encoded shellcode data, remote attacker could
overflow the buffer by sending long string value to Save() method. No remedy is available as of August 2, 2008. User
can set killbit to the clsid 00989888-BB72-4e31-A7C6-5F819C24D2F7 to resolve this issue.
Signature ID: 35651
Ultra Office ActiveX Control Remote Arbitrary File Corruption Vulnerability
Threat Level: Severe
Signature Description: Ultra Office Control is a standard ActiveX control that can be used as an ActiveX document
container. It can be easily integrated into applications written in languages that support ActiveX control such as Visual
C++, Visual Basic, Delphi, C++ Builder, .Net languages, eDeveloper, and web pages with Internet explorer. Ultra
Office ActiveX Control versions prior to 2.0.2008.801 are vulnerable to remote arbitrary File Corruption vulnerability.
Ultra Office ActiveX Control could allow a remote attacker to overwrite arbitrary files on the system. By persuading a
victim to visit a malicious Web site, a remote attacker could exploit this vulnerability using the Save() method to
overwrite and corrupt arbitrary files on the system. No remedy is available as of August 28, 2008. User can set killbit to
the clsid 00989888-BB72-4e31-A7C6-5F819C24D2F7 to resolve this issue.
Signature ID: 35652
Microsoft Visual Studio Msmask32.ocx Remote Buffer Overflow Vulnerability
Threat Level: Severe
Industry ID: CVE-2008-3704
Bugtraq: 30674
Signature Description: Microsoft Visual Studio is the Integrated Development Environment (IDE) from Microsoft. It
can be used to develop console and Graphical user interface applications along with Windows Forms applications, web
sites, web applications, and web services for all platforms supported by Microsoft Windows, Windows Mobile, .NET
Framework, .NET Compact Framework and Microsoft Silverlight. Microsoft Msmask32.ocx 6.0.81 and prior in