HTTP: Microsoft Object Linking and Embedding (OLE) Automation Remote Code Execution

This signature detects attempts to exploit a known flaw in Microsoft Object Linking and Embedding (OLE) Automation, used in Microsoft Office and RTF files. A successful exploit could result in arbitrary code execution.

Extended Description

Object Linking and Embedding (OLE) Automation in Microsoft Windows XP SP3 does not properly allocate memory, which allows remote attackers to execute arbitrary code via a crafted RTF document, aka "OLE Automation Remote Code Execution Vulnerability."

Affected Products

Microsoft windows_xp

References

CVE: CVE-2013-1313

Short Name
HTTP:STC:OLE-AUTO-RCE
Severity
Major
Recommended
False
Recommended Action
Drop
Category
HTTP
Keywords
(OLE) Automation CVE-2013-1313 Code Embedding Execution Linking Microsoft Object Remote and
Release Date
02/12/2013
Supported Platforms

srx-branch-12.3

srx-19.3

srx-branch-19.3

vsrx3bsd-19.2

srx-branch-19.4

vsrx-19.4

mx-12.3

mx-19.4

vmx-19.4

mx-19.3

vsrx3bsd-19.4

srx-19.4

vsrx-12.3

vmx-19.3

vsrx-19.2

srx-12.3

Sigpack Version
3761
False Positive
Unknown
Vendors

Microsoft

CVSS Score

9.3

Found a potential security threat?