This site is deprecated. Please
CLICK HERE for latest updates
Short Name |
HTTP:STC:DL:MS-RICHEDIT-RCE
|
Severity |
Major
|
Recommended |
No
|
Recommended Action |
Drop
|
Category |
HTTP
|
Keywords |
Microsoft RichEdit Allows Remote Code Execution
|
Release Date |
2007/02/13
|
Update Number |
1213
|
Supported Platforms |
di-5.3+, idp-4.0+, isg-3.0+, j-series-9.5+, mx-11.4+, srx-12.1+, srx-branch-12.1+, vmx-17.4+, vsrx-12.1+, vsrx3bsd-18.2+
|
HTTP: Microsoft RichEdit Allows Remote Code Execution
This signature detects attempts to exploit a known vulnerability in the Rich text format parser in Windows. A successful attack can lead to a buffer overflow and arbitrary remote code execution within the context of the user application.
Extended Description
Microsoft Windows is prone to a remote code-execution vulnerability that occurs when the application attempts to parse malformed Rich Text Files (RTF).
An attacker could exploit this issue by enticing a victim to load a malicious RTF file. If the vulnerability is successfully exploited, this could result in the execution of arbitrary code in the context of the currently logged-in user.
Affected Products
- Avaya agent_access
- Avaya basic_call_management_system_reporting_desktop server
- Avaya basic_call_management_system_reporting_desktop
- Avaya cms_supervisor
- Avaya computer_telephony
- Avaya contact_center_express
- Avaya cvlan
- Avaya enterprise_management
- Avaya integrated_management
- Avaya interaction_center
- Avaya interaction_center-voice_quick_start
- Avaya ip_agent
- Avaya ip_softphone
- Avaya modular_messaging S3400
- Avaya modular_messaging_(mas) 3.0.0
- Avaya modular_messaging_(mas)
- Avaya modular_messaging_(mss) 1.1.0
- Avaya modular_messaging_(mss) 2.0.0
- Avaya modular_messaging_(mss) 2.0.0 SP4
- Avaya network_reporting
- Avaya octelaccess(r)_server
- Avaya operational_analyst
- Avaya outbound_contact_management
- Avaya s8100_media_servers R10
- Avaya s8100_media_servers R11
- Avaya s8100_media_servers R12
- Avaya s8100_media_servers R6
- Avaya s8100_media_servers R7
- Avaya s8100_media_servers R8
- Avaya s8100_media_servers R9
- Avaya s8100_media_servers
- Avaya speech_access
- Avaya unified_communication_center
- Avaya unified_communications_center_s3400
- Avaya unified_messenger_(r)
- Avaya visual_messenger_tm
- Avaya visual_vector_client
- Avaya vpnmanagertm_console
- Avaya web_messenger
- Hp storage_management_appliance 2.1
- Microsoft windows_2000_advanced_server SP1
- Microsoft windows_2000_advanced_server SP2
- Microsoft windows_2000_advanced_server SP3
- Microsoft windows_2000_advanced_server SP4
- Microsoft windows_2000_advanced_server
- Microsoft windows_2000_datacenter_server SP1
- Microsoft windows_2000_datacenter_server SP2
- Microsoft windows_2000_datacenter_server SP3
- Microsoft windows_2000_datacenter_server SP4
- Microsoft windows_2000_datacenter_server
- Microsoft windows_2000_professional SP1
- Microsoft windows_2000_professional SP2
- Microsoft windows_2000_professional SP3
- Microsoft windows_2000_professional SP4
- Microsoft windows_2000_professional
- Microsoft windows_2000_server SP1
- Microsoft windows_2000_server SP2
- Microsoft windows_2000_server SP3
- Microsoft windows_2000_server SP4
- Microsoft windows_server_2003_datacenter_edition SP1
- Microsoft windows_server_2003_datacenter_edition SP1 Beta 1
- Microsoft windows_server_2003_datacenter_edition
- Microsoft windows_server_2003_datacenter_edition_itanium SP1
- Microsoft windows_server_2003_datacenter_edition_itanium SP1 Beta 1
- Microsoft windows_server_2003_datacenter_edition_itanium
- Microsoft windows_server_2003_datacenter_x64_edition
- Microsoft windows_server_2003_enterprise_edition SP1
- Microsoft windows_server_2003_enterprise_edition SP1 Beta 1
- Microsoft windows_server_2003_enterprise_edition
- Microsoft windows_server_2003_enterprise_edition_itanium SP1
- Microsoft windows_server_2003_enterprise_edition_itanium SP1 Beta 1
- Microsoft windows_server_2003_enterprise_edition_itanium
- Microsoft windows_server_2003_enterprise_x64_edition
- Microsoft windows_server_2003_standard_edition SP1
- Microsoft windows_server_2003_standard_edition SP1 Beta 1
- Microsoft windows_server_2003_standard_edition
- Microsoft windows_server_2003_standard_x64_edition
- Microsoft windows_server_2003_web_edition SP1
- Microsoft windows_server_2003_web_edition SP1 Beta 1
- Microsoft windows_server_2003_web_edition
- Microsoft windows_xp
- Microsoft windows_xp_64-bit_edition SP1
- Microsoft windows_xp_64-bit_edition
- Microsoft windows_xp_home SP1
- Microsoft windows_xp_home SP2
- Microsoft windows_xp_home
- Microsoft windows_xp_media_center_edition SP1
- Microsoft windows_xp_media_center_edition SP2
- Microsoft windows_xp_media_center_edition
- Microsoft windows_xp_professional SP1
- Microsoft windows_xp_professional SP2
- Microsoft windows_xp_professional
- Microsoft windows_xp_professional_x64_edition
- Microsoft windows_xp_tablet_pc_edition SP1
- Microsoft windows_xp_tablet_pc_edition SP2
- Microsoft windows_xp_tablet_pc_edition
- Nortel_networks centrex_ip_client_manager 7.0.0
- Nortel_networks centrex_ip_client_manager 8.0.0
- Nortel_networks centrex_ip_client_manager 9.0
References