HTTP: Microsoft HTTP Services Chunked Encoding Integer Overflow
This signature detects attempts to exploit a known flaw in Microsoft HTTP Services. An integer overflow vulnerability has been reported in Microsoft Windows HTTP Services. The flaw is due to improper validation of parameters returned by a remote Web server. An attacker can persuade the target user or a service running on the target system to connect to a malicious Web Sever to exploit this vulnerability. Successful attack could allow for arbitrary code execution and complete control of the targeted system. In an attack scenario, where arbitrary code is injected and executed on the target system, the attacker could install applications; access, modify, and delete data; or create new accounts with privileges of the user or service that connected to the malicious Web server. Unsuccessful attacks could result in the termination of any Windows service or third party application using HTTP services.
Extended Description
Microsoft Windows HTTP Services (WinHTTP) is prone to a remote code-execution vulnerability. Attackers can exploit this issue to execute arbitrary code in the context of the user running the application. Successful exploits will compromise an affected application and possibly the computer. Failed attacks will cause denial-of-service conditions.
Affected Products
Microsoft windows_xp_media_center_edition
References
CVE: CVE-2011-5052
URL: https://git.busybox.net/busybox/commit/?id=8e2174e9bd836e53c8b9c6e00d1bc6e2a718686e https://www.viestintavirasto.fi/en/cybersecurity/vulnerabilities/2017/haavoittuvuus-2017-037.html http://git.savannah.gnu.org/cgit/wget.git/commit/?id=d892291fb8ace4c3b734ea5125770989c215df3f http://git.savannah.gnu.org/cgit/wget.git/commit/?h=v1.19.2&id=ba6b44f6745b14dce414761a8e4b35d31b176bba
Short Name
HTTP:OVERFLOW:MS-HTTP-SERVICES
Severity
Major
Recommended
False
Recommended Action
None
Category
HTTP
Keywords
CVE-2009-0086 CVE-2011-5052 CVE-2013-4322 CVE-2017-13089 CVE-2017-13090 CVE-2018-1000517 Chunked Encoding HTTP Integer Microsoft Overflow Services bid:34435 bid:47113 bid:51190
Release Date
11/28/2012
Supported Platforms
srx-branch-12.3
srx-19.3
srx-branch-19.3
vsrx3bsd-19.2
srx-branch-19.4
vsrx-19.4
mx-12.3
mx-19.4
vmx-19.4
mx-19.3
vsrx3bsd-19.4
srx-19.4
vsrx-12.3
vmx-19.3
vsrx-19.2
srx-12.3
Sigpack Version
3674
False Positive
Unknown
Vendors
Microsoft
CVSS Score
10.0
4.3