SMB: Microsoft Explorer Shared Folder COM Object Execution
This signature detects an attempt by Microsoft Internet Explorer to browse a remote directory containing a maliciously crafted filename. By accessing such a directory, the client can be forced to execute arbitrary COM objects with system privileges.
Extended Description
Microsoft Windows Shell is prone to a remote code-execution vulnerability. This issue is due to a flaw in its handling of remote COM objects. Remote attackers may exploit this issue to execute arbitrary machine code in the context of the targeted user. This may facilitate the remote compromise of affected computers. This issue is described as a variant of the one in BID 10363 (Microsoft Windows XP Self-Executing Folder Vulnerability).
Affected Products
Microsoft windows_xp_media_center_edition
Short Name
SMB:EXPLOIT:FOLDER-COM-EXEC
Severity
Major
Recommended
False
Recommended Action
Drop
Category
SMB
Keywords
COM CVE-2006-0012 Execution Explorer Folder Microsoft Object Shared bid:17464
Release Date
04/11/2006
Supported Platforms
srx-branch-12.3
srx-19.3
srx-branch-19.3
vsrx3bsd-19.2
srx-branch-19.4
vsrx-19.4
mx-12.3
mx-19.4
vmx-19.4
mx-19.3
vsrx3bsd-19.4
srx-19.4
vsrx-12.3
vmx-19.3
vsrx-19.2
srx-12.3
Sigpack Version
3375
False Positive
Unknown
Vendors
Microsoft
CVSS Score
5.1