HTTP: Microsoft Windows Theme File Remote Code Execution

This signature detects attempts to exploit a known vulnerability against Microsoft Windows Theme. A successful attack can lead to memory corruption and arbitrary code execution.

Extended Description

Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP2, and Windows Server 2008 SP2 allow remote attackers to execute arbitrary code via a crafted screensaver in a theme file, aka "Windows Theme File Remote Code Execution Vulnerability."

Affected Products

Microsoft windows_vista

Short Name
HTTP:STC:DL:MS-THEME-RCE
Severity
Major
Recommended
False
Recommended Action
Drop
Category
HTTP
Keywords
CVE-2013-0810 Code Execution File Microsoft Remote Theme Windows
Release Date
09/10/2013
Supported Platforms

srx-branch-12.3

srx-19.3

srx-branch-19.3

vsrx3bsd-19.2

srx-branch-19.4

vsrx-19.4

mx-12.3

mx-19.4

vmx-19.4

mx-19.3

vsrx3bsd-19.4

srx-19.4

vsrx-12.3

vmx-19.3

vsrx-19.2

srx-12.3

Sigpack Version
3689
False Positive
Unknown
Vendors

Microsoft

CVSS Score

9.3

Found a potential security threat?