HTTP: Microsoft Windows CVE-2019-0633 Remote Code Execution
This signature detects an attempt to exploit an Use-After-Free Vulnerability in Microsoft Windows. Successful exploitation could allow an attacker to execute arbitrary code into the application's context.
Extended Description
A remote code execution vulnerability exists in the way that the Microsoft Server Message Block 2.0 (SMBv2) server handles certain requests, aka 'Windows SMB Remote Code Execution Vulnerability'. This CVE ID is unique from CVE-2019-0630.
Affected Products
Microsoft windows_server_2016
References
CVE: CVE-2019-0633
Short Name
HTTP:STC:DL:CVE-2019-0633-RCE
Severity
Major
Recommended
True
Recommended Action
Drop
Category
HTTP
Keywords
CVE-2019-0633 Code Execution Microsoft Remote Windows
Release Date
02/12/2019
Supported Platforms
srx-branch-12.3
srx-19.3
srx-branch-19.3
vsrx3bsd-19.2
srx-branch-19.4
vsrx-19.4
mx-12.3
mx-19.4
vmx-19.4
mx-19.3
vsrx3bsd-19.4
srx-19.4
vsrx-12.3
vmx-19.3
vsrx-19.2
srx-12.3
Sigpack Version
3590
False Positive
Unknown
Vendors
Microsoft
CVSS Score
9.0