HTTP: Windows MetaFile Record Overflow
This signature detects attempts to exploit a known vulnerability against Windows GDI. Attackers can cause a victim to view a malformed WMF file and take control of the victim's computer in the context of the logged in user.
Extended Description
Microsoft Windows is prone to a remote code-execution vulnerability because it fails to properly bounds-check user-supplied metafile data. Successfully exploiting this issue allows remote attackers to execute arbitrary machine code in the context of users viewing malicious files. This facilitates the remote compromise of affected computers.
Affected Products
Avaya messaging_application_server,Microsoft windows_xp_professional
Short Name
HTTP:STC:IMG:MAL-WMF-REC-OF
Severity
Major
Recommended
False
Recommended Action
Drop
Category
HTTP
Keywords
CVE-2007-3034 MetaFile Overflow Record Windows bid:25302
Release Date
08/14/2007
Supported Platforms
srx-branch-12.3
srx-19.3
srx-branch-19.3
vsrx3bsd-19.2
srx-branch-19.4
vsrx-19.4
mx-12.3
mx-19.4
vmx-19.4
mx-19.3
vsrx3bsd-19.4
srx-19.4
vsrx-12.3
vmx-19.3
vsrx-19.2
srx-12.3
Sigpack Version
3375
False Positive
Unknown
Vendors
Hp
Microsoft
Avaya
CVSS Score
9.3