HTTP: DLL File Download via WebDAV
This signature detects Microsoft Windows Dynamically Link Libraries (DLL's) transferred via WebDAV. Vulnerabilities in Microsoft Windows allow an attacker to reference a malicious remote DLL file through a Web page, which when the page is accessed, overwrites a local DLL, resulting in arbitrary code execution.
Extended Description
Microsoft Windows is prone to an arbitrary-code-execution vulnerability that affects the Media Center. Attackers can exploit this vulnerability to execute arbitrary code in the context of the user running the vulnerable application.
Affected Products
Microsoft windows_vista
Short Name
HTTP:DLL-REQ-VIA-WEBDAV
Severity
Major
Recommended
False
Recommended Action
None
Category
HTTP
Keywords
CVE-2010-1795 CVE-2010-3143 CVE-2010-3144 CVE-2010-3965 CVE-2010-3966 CVE-2011-0107 CVE-2011-2019 CVE-2012-0008 CVE-2012-0756 CVE-2012-1241 CVE-2012-1849 CVE-2012-2519 CVE-2015-1758 DLL Download File WebDAV bid:42541 bid:42634 bid:42654 bid:42681 bid:49943 bid:52036 bid:53011 via
Release Date
09/08/2010
Supported Platforms
srx-branch-12.3
srx-19.3
srx-branch-19.3
vsrx3bsd-19.2
srx-branch-19.4
vsrx-19.4
mx-12.3
mx-19.4
vmx-19.4
mx-19.3
vsrx3bsd-19.4
srx-19.4
vsrx-12.3
vmx-19.3
vsrx-19.2
srx-12.3
Sigpack Version
3559
False Positive
Occasionally
Vendors
Microsoft
CVSS Score
9.3
7.5
10.0
7.9
6.9