SMTP: Win32 API Invalid Parameter
This signature detects attempts to exploit a known vulnerability in the Microsoft Win32 API. A successful attack can lead to a buffer overflow and arbitrary remote code execution within the context of the administrator.
Extended Description
The Microsoft Win32 API is prone to remote code execution. An attacker could exploit this issue to execute code in the context of the user visiting a malicious webpage.
Affected Products
Avaya messaging_application_server,Microsoft windows_xp_professional
References
BugTraq: 24370
CVE: CVE-2007-2219
URL: http://www.microsoft.com/technet/security/Bulletin/MS07-035.mspx
Short Name
SMTP:OUTLOOK:W32-PARAM
Severity
Major
Recommended
False
Recommended Action
None
Category
SMTP
Keywords
API CVE-2007-2219 Invalid Parameter Win32 bid:24370
Release Date
06/12/2007
Supported Platforms
srx-branch-12.3
srx-19.3
srx-branch-19.3
vsrx3bsd-19.2
srx-branch-19.4
vsrx-19.4
mx-12.3
mx-19.4
vmx-19.4
mx-19.3
vsrx3bsd-19.4
srx-19.4
vsrx-12.3
vmx-19.3
vsrx-19.2
srx-12.3
Sigpack Version
3375
False Positive
Unknown
Vendors
Nortel_networks
Microsoft
Avaya
CVSS Score
9.3