HTTP: Bitmap Image Heap Overflow
This signature detects the download of a maliciously crafted Bitmap (.BMP) by the Windows Media Player. Viewing this image can cause a buffer overflow condition to be exploited on the client, thereby allowing the execution of arbitrary code.
Extended Description
Heap-based buffer overflow in the bitmap processing routine in Microsoft Windows Media Player 7.1 on Windows 2000 SP4, Media Player 9 on Windows 2000 SP4 and XP SP1, and Media Player 10 on XP SP1 and SP2 allows remote attackers to execute arbitrary code via a crafted bitmap (.BMP) file that specifies a size of 0 but contains additional data.
Affected Products
Microsoft windows_98
References
BugTraq: 16633
CVE: CVE-2006-0006
URL: http://www.kb.cert.org/vuls/id/291396 http://www.us-cert.gov/cas/techalerts/TA06-045A.html
Short Name
HTTP:STC:IMG:WMP-BMP-OF
Severity
Major
Recommended
False
Recommended Action
Drop
Category
HTTP
Keywords
Bitmap CVE-2006-0006 Heap Image Overflow bid:16633
Release Date
02/14/2006
Supported Platforms
srx-branch-12.3
srx-19.3
srx-branch-19.3
vsrx3bsd-19.2
srx-branch-19.4
vsrx-19.4
mx-12.3
mx-19.4
vmx-19.4
mx-19.3
vsrx3bsd-19.4
srx-19.4
vsrx-12.3
vmx-19.3
vsrx-19.2
srx-12.3
Sigpack Version
3761
False Positive
Unknown
Vendors
Microsoft
CVSS Score
9.3