HTTP: Microsoft Windows MFC Document Title Updating Buffer Overflow
This signature detects attempts to exploit a known stack buffer overflow vulnerability in Microsoft Windows MFC library mfc42.dll. It is due to a boundary error while handling crafted archive files. It can be exploited through a 3rd party application, such as PowerZip, that utilizes the affected library. Remote attackers can exploit this by enticing target users to open a malicious archive file in an application that uses the affected MFC library. Successful exploitation can result in arbitrary code execution with the privileges of the logged on user.
Extended Description
The Microsoft Windows MFC library is prone to a buffer-overflow vulnerability because it fails to perform adequate boundary checks of user-supplied input. Successfully exploiting this issue may allow attackers to execute arbitrary code in the context of applications that use the vulnerable method. Failed exploit attempts will likely result in a denial-of-service condition. The issue affects the 'mfc42.dll' MFC library version 6.2.4131.0 included with Microsoft Windows XP SP2 and XP SP3; other versions may also be affected.
Affected Products
Avaya messaging_application_server,Avaya aura_conferencing
Short Name
HTTP:STC:DL:MFC-DOC-TITLE
Severity
Major
Recommended
False
Recommended Action
Drop
Category
HTTP
Keywords
Buffer CVE-2010-3227 Document MFC Microsoft Overflow Title Updating Windows bid:41333
Release Date
09/29/2010
Supported Platforms
srx-branch-12.3
srx-19.3
srx-branch-19.3
vsrx3bsd-19.2
srx-branch-19.4
vsrx-19.4
mx-12.3
mx-19.4
vmx-19.4
mx-19.3
vsrx3bsd-19.4
srx-19.4
vsrx-12.3
vmx-19.3
vsrx-19.2
srx-12.3
Sigpack Version
3375
False Positive
Unknown
Vendors
Microsoft
Avaya
CVSS Score
9.3