Signature Detail
This site is deprecated. Please CLICK HERE for latest updates
Short Name |
HTTP:STC:DL:MAL-WIN-BRIEFCASE-1 |
|---|---|
Severity |
Critical |
Recommended |
No |
Recommended Action |
Drop |
Category |
HTTP |
Keywords |
Windows Briefcase Integer Underflow Vulnerability (1) |
Release Date |
2012/11/12 |
Update Number |
2202 |
Supported Platforms |
idp-4.0+, isg-3.1.134269+, j-series-9.5+, mx-11.4+, srx-12.1+, srx-branch-12.1+, vmx-17.4+, vsrx-12.1+, vsrx3bsd-18.2+ |
HTTP: Windows Briefcase Integer Underflow Vulnerability (1)
This signature detects attempts to exploit a know problem in Windows Briefcase. Windows Briefcase is a feature that will synchronize the contents of two folders. A successful exploit can lead to arbitrary code execution in the security context of the affected user.
Extended Description
Per: http://technet.microsoft.com/en-us/security/bulletin/ms12-072 "A remote code execution vulnerability exists in the Briefcase feature in Windows. An attacker could exploit the vulnerability by convincing a user to open a specially crafted briefcase.....The vulnerability cannot be exploited automatically through email. For an attack to be successful a user must open an attachment that is sent in an email message."
Affected Products
- Microsoft windows_7 *
- Microsoft windows_8 -
- Microsoft windows_server_2003 *
- Microsoft windows_server_2008 *
- Microsoft windows_server_2008 r2
- Microsoft windows_server_2012 -
- Microsoft windows_vista *
- Microsoft windows_xp -
- Microsoft windows_xp *
References
- CVE: CVE-2012-1527