HTTP: Microsoft Color Management System Crafted Path Name Buffer Overflow
This signature detects attempts to exploit a known vulnerability in Microsoft Color Management System. An attack targeting this can result in the injection and execution of code. In a successful attack, the behavior of the target depends on the intention of the attacker. Any code injected is executed within the security context of the currently logged in user. In an unsuccessful attack, the application that opens the malicious file terminates abnormally, resulting in the loss of any unsaved data from the current session.
Extended Description
Microsoft Windows is prone to a remote code-execution vulnerability because of a flaw in the Microsoft Color Management System (MSCMS) module of the Image Color Management System (ICM). An attacker could exploit this issue by enticing a victim to open a malicious image file. Successfully exploiting this issue would allow the attacker to execute arbitrary code in the context of the currently logged-in user.
Affected Products
Avaya messaging_application_server,Microsoft windows_xp_professional
Short Name
HTTP:STC:DL:COLORMGMT-PATHNAME
Severity
Major
Recommended
False
Recommended Action
Drop
Category
HTTP
Keywords
Buffer CVE-2008-2245 Color Crafted Management Microsoft Name Overflow Path System bid:30594
Release Date
10/11/2010
Supported Platforms
srx-branch-12.3
srx-19.3
srx-branch-19.3
vsrx3bsd-19.2
srx-branch-19.4
vsrx-19.4
mx-12.3
mx-19.4
vmx-19.4
mx-19.3
vsrx3bsd-19.4
srx-19.4
vsrx-12.3
vmx-19.3
vsrx-19.2
srx-12.3
Sigpack Version
3336
False Positive
Unknown
Vendors
Hp
Microsoft
Avaya
CVSS Score
9.3