HTTP: Microsoft Windows DirectShow Memory Corruption

This signature detects attempts to exploit a known vulnerability in the Microsoft Windows OS. A successful attack can lead to a buffer overflow and arbitrary remote code execution within the context of the user.

Extended Description

DirectShow in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, and Windows Server 2012 allows remote attackers to execute arbitrary code via a crafted GIF file, aka "DirectShow Arbitrary Memory Overwrite Vulnerability."

Affected Products

Microsoft windows_vista

References

CVE: CVE-2013-3174

Short Name
HTTP:STC:MS-DIRECTSHOW-GIF-RCE
Severity
Major
Recommended
False
Recommended Action
Drop
Category
HTTP
Keywords
CVE-2013-3174 Corruption DirectShow Memory Microsoft Windows
Release Date
07/31/2013
Supported Platforms

srx-branch-12.3

srx-19.3

srx-branch-19.3

vsrx3bsd-19.2

srx-branch-19.4

vsrx-19.4

mx-12.3

mx-19.4

vmx-19.4

mx-19.3

vsrx3bsd-19.4

srx-19.4

vsrx-12.3

vmx-19.3

vsrx-19.2

srx-12.3

Sigpack Version
3724
False Positive
Unknown
Vendors

Microsoft

CVSS Score

9.3

Found a potential security threat?