HTTP: Malformed EMF File (2)
This signature detects attempts to exploit a known vulnerability against Microsoft Windows. A vulnerability exists in the rendering of Enhanced Metafile (EMF) image format that could allow remote code execution. If a user opened a malicious EMF file, they could be compromised. Windows 2000, Windows 2003, Windows 2003 SP1, Windows NT4, Windows NT4 Terminal Server Edition, Windows Vista, Windows XP, and Windows XP SP2 are affected.
Extended Description
Microsoft Windows Graphics Rendering Engine is prone to a local privilege-escalation vulnerability when rendering malformed EMF image files. An attacker may exploit this issue to execute arbitrary code with SYSTEM-level privileges, facilitating the complete compromise of affected computers.
Affected Products
Avaya messaging_application_server,Microsoft windows_server_2003_datacenter_x64_edition
Short Name
HTTP:STC:IMG:MAL-EMF-2
Severity
Major
Recommended
False
Recommended Action
Drop
Category
HTTP
Keywords
(2) CVE-2007-1212 EMF File Malformed bid:23278
Release Date
04/03/2007
Supported Platforms
srx-branch-12.3
srx-19.3
srx-branch-19.3
vsrx3bsd-19.2
srx-branch-19.4
vsrx-19.4
mx-12.3
mx-19.4
vmx-19.4
mx-19.3
vsrx3bsd-19.4
srx-19.4
vsrx-12.3
vmx-19.3
vsrx-19.2
srx-12.3
Sigpack Version
3375
False Positive
Unknown
Vendors
Nortel_networks
Microsoft
Avaya
CVSS Score
6.6