HTTP: Microsoft Windows PDF Library JPEG2000 Parsing Out of Bounds Write
This signature detects attempts to exploit a known vulnerability in the PDF library in Microsoft Windows. Successful exploitation would allow the attacker to corrupt memory and potentially execute arbitrary code under the context of the current user.
Extended Description
Windows PDF in Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, Windows 10 Gold, 1511, 1607, 1703, and Windows Server 2016 allows remote code execution if a user opens a specially crafted PDF file, aka "Windows PDF Remote Code Execution Vulnerability". This CVE ID is unique from CVE-2017-0292.
Affected Products
Microsoft windows_8.1
Short Name
HTTP:STC:DL:WINPDF-LIB-JPEG2000
Severity
Major
Recommended
True
Recommended Action
Drop
Category
HTTP
Keywords
Bounds CVE-2017-0291 JPEG2000 Library Microsoft Out PDF Parsing Windows Write bid:98835 of
Release Date
08/29/2017
Supported Platforms
srx-branch-12.3
srx-19.3
srx-branch-19.3
vsrx3bsd-19.2
srx-branch-19.4
vsrx-19.4
mx-12.3
mx-19.4
vmx-19.4
mx-19.3
vsrx3bsd-19.4
srx-19.4
vsrx-12.3
vmx-19.3
vsrx-19.2
srx-12.3
Sigpack Version
3590
False Positive
Unknown
Vendors
Microsoft
CVSS Score
9.3