HTTP: Microsoft Windows Remote Desktop Client Unsafe ActiveX
This signature detects attempts to exploit a known vulnerability against Microsoft Windows Remote Desktop Client. A successful attack can lead to arbitrary code execution.
Extended Description
Microsoft Communicator 2007 R2, Lync 2010, Lync 2010 Attendee, and Lync Server 2013 do not properly handle objects in memory, which allows remote attackers to execute arbitrary code via an invitation that triggers access to a deleted object, aka "Lync RCE Vulnerability."
Affected Products
Microsoft lync
References
CVE: CVE-2013-1302
Short Name
HTTP:STC:ACTIVEX:MICROSOFT-RDP
Severity
Major
Recommended
False
Recommended Action
Drop
Category
HTTP
Keywords
ActiveX CVE-2013-1296 CVE-2013-1302 Client Desktop Microsoft Remote Unsafe Windows
Release Date
04/08/2013
Supported Platforms
srx-branch-12.3
srx-19.3
srx-branch-19.3
vsrx3bsd-19.2
srx-branch-19.4
vsrx-19.4
mx-12.3
mx-19.4
vmx-19.4
mx-19.3
vsrx3bsd-19.4
srx-19.4
vsrx-12.3
vmx-19.3
vsrx-19.2
srx-12.3
Sigpack Version
3761
False Positive
Unknown
Vendors
Microsoft
CVSS Score
9.3