SMB: Microsoft Windows 'OLEAUT32.DLL' OLE Automation WMF Remote Code Execution
This signature detects attempts to exploit a known vulnerability against Microsoft Windows OLE Automation. A successful attack can lead to arbitrary code execution.
Extended Description
Microsoft Object Linking and Embedding (OLE) Automation is prone to a remote code-execution vulnerability because of an underflow error. An attacker can exploit this issue by enticing an unsuspecting user to view a malicious webpage or a specially crafted file. Successful exploits will allow the attacker to execute arbitrary code in the context of the user running the application, which can compromise the application and possibly the computer.
Affected Products
Avaya messaging_application_server,Microsoft windows_xp
Short Name
SMB:OLEAUT32-WMF
Severity
Major
Recommended
False
Recommended Action
Drop
Category
SMB
Keywords
'OLEAUT32.DLL' Automation CVE-2011-0658 Code Execution Microsoft OLE Remote WMF Windows bid:48174
Release Date
06/13/2011
Supported Platforms
srx-branch-12.3
srx-19.3
srx-branch-19.3
vsrx3bsd-19.2
srx-branch-19.4
vsrx-19.4
mx-12.3
mx-19.4
vmx-19.4
mx-19.3
vsrx3bsd-19.4
srx-19.4
vsrx-12.3
vmx-19.3
vsrx-19.2
srx-12.3
Sigpack Version
3336
False Positive
Unknown
Vendors
Microsoft
Avaya
CVSS Score
9.3