HTTP: BMP Header biClrUsed Integer Overflow
This signature detects attempts to exploit a known vulnerability in the Microsoft Office Suite. A successful attack can lead to a buffer overflow and arbitrary remote code execution within the context of the user.
Extended Description
Microsoft GDI+ is prone to a remote code-execution vulnerability because the vector graphics link library improperly processes BMP files in Microsoft Office documents. An attacker could exploit this issue to execute arbitrary code with the privileges of the currently logged-in user. Failed exploit attempts may crash applications that use the library.
Affected Products
Nortel_networks self-service_media_processing_server,Microsoft office_xp
Short Name
HTTP:STC:IMG:BMP-HDR-IO
Severity
Major
Recommended
False
Recommended Action
Drop
Category
HTTP
Keywords
BMP CVE-2009-2518 Header Integer Overflow biClrUsed bid:36651
Release Date
10/11/2010
Supported Platforms
srx-branch-12.3
srx-19.3
srx-branch-19.3
vsrx3bsd-19.2
srx-branch-19.4
vsrx-19.4
mx-12.3
mx-19.4
vmx-19.4
mx-19.3
vsrx3bsd-19.4
srx-19.4
vsrx-12.3
vmx-19.3
vsrx-19.2
srx-12.3
Sigpack Version
3336
False Positive
Unknown
Vendors
Nortel_networks
Microsoft
CVSS Score
9.3