HTTP: Microsoft Windows GDI WMF File HeaderSize Buffer Overflow
This signature detects attempts to exploit a known vulnerability against Microsoft Windows Graphic Component. A successful exploit can lead to buffer overflow and remote code execution.
Extended Description
The GDI component of Microsoft Windows is prone to an integer-overflow vulnerability that may be triggered by a malicious WMF (Windows Metafile) image. A successful exploit will let the attacker execute arbitrary code in the context of the currently logged-in user.
Affected Products
Nortel_networks self-service_mps_1000,Microsoft windows_server_2003_enterprise_edition_itanium
Short Name
HTTP:STC:STREAM:GDI-WMF-HEADER
Severity
Major
Recommended
False
Recommended Action
Drop
Category
HTTP
Keywords
Buffer CVE-2008-2249 File GDI HeaderSize Microsoft Overflow WMF Windows bid:32634
Release Date
04/20/2012
Supported Platforms
srx-branch-19.3
vsrx3bsd-19.2
srx-19.4
vsrx3bsd-19.4
srx-branch-19.4
vsrx-19.4
vsrx-19.2
srx-19.3
srx-branch-12.3
mx-12.3
mx-19.4
vmx-19.4
mx-19.3
vsrx-12.3
vmx-19.3
srx-12.3
Sigpack Version
3375
False Positive
Unknown
Vendors
Nortel_networks
Microsoft
CVSS Score
9.3