TMS zl Module IPS/IDS Signature Reference Guide RLX.10.2.2.94
ProCurve TMS zl Module IPS/IDS Signature
Reference Guide Version RLX.10.2.2.94
998
currently logged-on user. Successful exploitation allows execution of arbitrary code in the victim system. No patch
details are available to resolve this issue, user can Set the kill bit to the clsid corresponding to the progid to resolve this
issue.
Signature ID: 35672
NuMedia NMSDVDX.DLL Denial of Service Vulnerability
Threat Level: Warning
Industry ID: CVE-2007-3668 Bugtraq: 24821
Signature Description: NMS DVD Burning SDK which adds reliable, high-performance CD/DVD burning capabilities
to any type of application. This CD/DVD recording SDK supports all CD/DVD devices and provides a flexible, solid
framework for applications regardless of the development environment. NuMedia Soft NMS DVD Burning SDK 1.008
is vulnerable to Denial of service attack. The vulnerability is caused due to 'LoadSegmentWord', 'PartitionType',
'SectorCount' and 'BootFilePath' variables present in NMSDVDX.dll activeX control. Due to the improper values sent
to the mentioned variables, attacker can cause denial of service to legitimate users of the application. Users are advised
to upgrade to the latest versions of NMS DVD Burning SDK or alternately set kill bit to the clsid C2FBBB5F-6FF7-
4F6B-93A3-7EDB509AA938 to resolve this issue.
Signature ID: 35673
Chilkat XML ActiveX Remote Arbitrary File Execution Vulnerability
Threat Level: Severe
Signature Description: Chilkat XML provides a simplified DOM and API that is powerful, flexible and easy to
understand. It can reduce your development costs by shortening XML implementation times and reducing the learning
curve for programmers unfamiliar with XML.The Chilkat XML parser is available in several different packages for
different programming environments in that an ActiveX XML Parser is used for Visual Basic, FoxPro, Delphi, and any
programming language supporting ActiveX. Chilkat Software, Chilkat XML ActiveX control 3.0.3.0 is vulnerable to
remote arbitrary file execution vulnerability. The vulnerability is caused due to the ChilkatUtil.CkData.1 present in
ChilkatUtil.dll ActiveX control including the insecure SaveToFile(), SaveToTempFile() and AppendBinary() methods
containing malformed %u encoded data. These can be exploited to create arbitrary files or append data to arbitrary files
on the system in the context of the currently logged-on user. Successful exploitation allows execution of arbitrary code
in the victim system. No patch details are available to resolve this issue, user can Set the kill bit to the clsid
corresponding to the progid to resolve this issue.
Signature ID: 35674
Fhttpd Basic Authorization Remote Denial Of Service Vulnerability
Threat Level: Warning
Bugtraq: 31265
Signature Description: Fhttpd ( file / hypertext transfer protocols daemon ) is an HTTP daemon - a program, which
allows users from other machines on the Internet to access some information, stored on server machine in the form of
text, pictures, sounds, hypertext documents, binary files and to run some programs on the server. It also supports FTP
protocol. fhttpd version 0.4.2 is vulnerable to denial of service attack. When attacker sends a specially crafted data in
Authorization header field with HTTP HEAD request fhttpd server running in victim machine will get crash. No patch
details are available as of 26 September, 2008.
Signature ID: 35675
Iconics Dialog Wrapper Module ActiveX DoModal() Remote Buffer Overflow Vulnerability
Threat Level: Warning
Industry ID: CVE-2006-6488
Bugtraq: 21849
Signature Description: The ICONICS Gauge/switch/vessel ActiveX control is designed to work inside any ActiveX
container such as Microsoft Office (Word, and Excel), Visual Basic Forms and more. The Gauge ActiveX control