Juniper Networks
Solutions
Products & Services
Company
Partners
Support
Education

Signature Detail

Security Intelligence Center
Signatures
Print

This site is deprecated. Please CLICK HERE for latest updates

Short Name

 HTTP:STC:DL:MS-WMF-PARSE

Severity

 Major

Recommended

 No

Recommended Action

 Drop

Category

 HTTP

Keywords

 Microsoft Windows Graphics Rendering Engine WMF Parsing Buffer Overflow

Release Date

 2010/10/13

Update Number

 1791

Supported Platforms

 idp-4.0+, isg-3.0+, j-series-9.5+, mx-11.4+, srx-12.1+, srx-branch-12.1+, vmx-17.4+, vsrx-12.1+, vsrx3bsd-18.2+

HTTP: Microsoft Windows Graphics Rendering Engine WMF Parsing Buffer Overflow


This signature detects attempts to exploit a known vulnerability in the Graphics Rendering Engine (GRE) component of Microsoft Windows. A successful attack can lead to a buffer overflow and arbitrary remote code execution within the context of the user.

Extended Description

Microsoft GDI+ is prone to a buffer-overflow vulnerability because the vector graphics linked library improperly allocates memory when parsing WMF image files. Successfully exploiting this issue would allow an attacker to corrupt memory and execute arbitrary code in the context of the currently logged-in user.

Affected Products

  • Hitachi jp1/veritas_backup_exec_11d_(windows) 08-00
  • Hitachi jp1/veritas_backup_exec_11d_(windows) 08-01
  • Hitachi jp1/veritas_backup_exec_11d_(windows) 08-02
  • Hitachi jp1/veritas_backup_exec_11d_(windows) 08-03
  • Hitachi jp1/veritas_backup_exec_11d_(windows) 08-04
  • Hitachi jp1/veritas_backup_exec_11d_(windows) 08-05
  • Hitachi jp1/veritas_backup_exec_12_(windows) 08-50
  • Hitachi jp1/veritas_backup_exec_12_(windows) 08-51
  • Hitachi jp1/veritas_backup_exec_12_(windows) 08-52
  • Hp storage_management_appliance 2.1
  • Hp storage_management_appliance I
  • Hp storage_management_appliance II
  • Hp storage_management_appliance III
  • Microsoft digital_image_suite 2006
  • Microsoft excel_viewer
  • Microsoft excel_viewer_2007
  • Microsoft expression_web 2
  • Microsoft expression_web
  • Microsoft forefront_client_security 1.0
  • Microsoft groove_2007 SP1
  • Microsoft groove_2007
  • Microsoft internet_explorer 6.0
  • Microsoft internet_explorer 6.0 SP1
  • Microsoft office_2003 SP1
  • Microsoft office_2003 SP2
  • Microsoft office_2003 SP3
  • Microsoft office_2003
  • Microsoft office_2007 SP1
  • Microsoft office_2007
  • Microsoft office_compatibility_pack_2007 SP1
  • Microsoft office_compatibility_pack_2007
  • Microsoft office_excel_viewer_2003 SP3
  • Microsoft office_excel_viewer_2003
  • Microsoft office_xp SP1
  • Microsoft office_xp SP2
  • Microsoft office_xp SP3
  • Microsoft office_xp
  • Microsoft powerpoint_viewer_2003
  • Microsoft powerpoint_viewer_2007 SP1
  • Microsoft powerpoint_viewer_2007
  • Microsoft project_2002 SP1
  • Microsoft project_2002
  • Microsoft report_viewer_2005 SP1
  • Microsoft report_viewer_2008
  • Microsoft sql_server_2000_reporting_services SP2
  • Microsoft sql_server_2005 SP1
  • Microsoft sql_server_2005 SP2
  • Microsoft sql_server_2005
  • Microsoft sql_server_2005_express_edition SP1
  • Microsoft sql_server_2005_express_edition SP2
  • Microsoft sql_server_2005_express_edition
  • Microsoft sql_server_2005_express_edition_with_advanced_serv SP1
  • Microsoft sql_server_2005_express_edition_with_advanced_serv SP2
  • Microsoft sql_server_2005_itanium_edition SP1
  • Microsoft sql_server_2005_itanium_edition SP2
  • Microsoft sql_server_2005_itanium_edition
  • Microsoft sql_server_2005_x64_edition SP1
  • Microsoft sql_server_2005_x64_edition SP2
  • Microsoft visio_2002 SP1
  • Microsoft visio_2002 SP2
  • Microsoft visio_2002
  • Microsoft visio_2002_professional SP2
  • Microsoft visio_2002_standard SP2
  • Microsoft windows_server_2003 SP1
  • Microsoft windows_server_2003 SP2
  • Microsoft windows_server_2003_datacenter_edition SP1
  • Microsoft windows_server_2003_datacenter_edition
  • Microsoft windows_server_2003_datacenter_edition_itanium SP1
  • Microsoft windows_server_2003_datacenter_edition_itanium
  • Microsoft windows_server_2003_datacenter_x64_edition SP2
  • Microsoft windows_server_2003_datacenter_x64_edition
  • Microsoft windows_server_2003_enterprise_edition SP1
  • Microsoft windows_server_2003_enterprise_edition
  • Microsoft windows_server_2003_enterprise_edition_itanium SP1
  • Microsoft windows_server_2003_enterprise_edition_itanium
  • Microsoft windows_server_2003_enterprise_x64_edition SP2
  • Microsoft windows_server_2003_enterprise_x64_edition
  • Microsoft windows_server_2003_itanium SP1
  • Microsoft windows_server_2003_itanium SP2
  • Microsoft windows_server_2003_itanium
  • Microsoft windows_server_2003_standard_edition SP1
  • Microsoft windows_server_2003_standard_edition SP2
  • Microsoft windows_server_2003_standard_edition
  • Microsoft windows_server_2003_standard_x64_edition
  • Microsoft windows_server_2003_web_edition SP1
  • Microsoft windows_server_2003_web_edition SP2
  • Microsoft windows_server_2003_web_edition
  • Microsoft windows_server_2003_x64 SP1
  • Microsoft windows_server_2003_x64 SP2
  • Microsoft windows_server_2008_datacenter_edition
  • Microsoft windows_server_2008_enterprise_edition
  • Microsoft windows_server_2008_for_32-bit_systems
  • Microsoft windows_server_2008_for_itanium-based_systems
  • Microsoft windows_server_2008_for_x64-based_systems
  • Microsoft windows_server_2008_standard_edition
  • Microsoft windows_vista Business
  • Microsoft windows_vista Business SP1
  • Microsoft windows_vista Enterprise
  • Microsoft windows_vista Enterprise SP1
  • Microsoft windows_vista Home Basic
  • Microsoft windows_vista Home Basic SP1
  • Microsoft windows_vista Home Premium
  • Microsoft windows_vista Home Premium SP1
  • Microsoft windows_vista SP1
  • Microsoft windows_vista Ultimate
  • Microsoft windows_vista Ultimate SP1
  • Microsoft windows_vista
  • Microsoft windows_vista_business_64-bit_edition SP1
  • Microsoft windows_vista_business_64-bit_edition
  • Microsoft windows_vista_enterprise_64-bit_edition SP1
  • Microsoft windows_vista_enterprise_64-bit_edition
  • Microsoft windows_vista_home_basic_64-bit_edition SP1
  • Microsoft windows_vista_home_basic_64-bit_edition
  • Microsoft windows_vista_home_premium_64-bit_edition SP1
  • Microsoft windows_vista_home_premium_64-bit_edition
  • Microsoft windows_vista_ultimate_64-bit_edition SP1
  • Microsoft windows_vista_ultimate_64-bit_edition
  • Microsoft windows_vista_x64_edition SP1
  • Microsoft windows_vista_x64_edition
  • Microsoft windows_xp
  • Microsoft windows_xp_64-bit_edition SP1
  • Microsoft windows_xp_64-bit_edition
  • Microsoft windows_xp_gold
  • Microsoft windows_xp_home SP1
  • Microsoft windows_xp_home SP2
  • Microsoft windows_xp_home SP3
  • Microsoft windows_xp_home
  • Microsoft windows_xp_media_center_edition SP1
  • Microsoft windows_xp_media_center_edition SP2
  • Microsoft windows_xp_media_center_edition SP3
  • Microsoft windows_xp_media_center_edition
  • Microsoft windows_xp_professional SP1
  • Microsoft windows_xp_professional SP2
  • Microsoft windows_xp_professional SP3
  • Microsoft windows_xp_professional
  • Microsoft windows_xp_professional_x64_edition SP2
  • Microsoft windows_xp_professional_x64_edition
  • Microsoft word_viewer_2003 SP3
  • Microsoft word_viewer_2003
  • Microsoft works 8.0
  • Nortel_networks callpilot 1002Rp
  • Nortel_networks callpilot 702T
  • Nortel_networks callpilot 703T
  • Nortel_networks contact_center_administration
  • Nortel_networks contact_center_express
  • Nortel_networks contact_center_manager_server
  • Nortel_networks contact_center_ncc
  • Nortel_networks contact_center-tapi_server
  • Nortel_networks ensm-enterprise_nms 10.4
  • Nortel_networks ensm-enterprise_nms 10.5
  • Nortel_networks enterprise_network_management_system
  • Nortel_networks media_processing_svr_100
  • Nortel_networks media_processing_svr_1000_rel 3.0
  • Nortel_networks media_processing_svr_500_rel 3.0
  • Nortel_networks self-service-ccss7
  • Nortel_networks self-service_ccxml
  • Nortel_networks self-service_mps_100
  • Nortel_networks self-service_mps_1000
  • Nortel_networks self-service_mps_500
  • Nortel_networks self-service_peri_workstation
  • Nortel_networks self-service_speech_server
  • Nortel_networks self_service_voicexml
  • Nortel_networks self-service_wvads
  • Research_in_motion blackberry_enterprise_server 4.0.3
  • Research_in_motion blackberry_enterprise_server 4.1.3
  • Research_in_motion blackberry_enterprise_server 4.1.4
  • Research_in_motion blackberry_enterprise_server 4.1.5
  • Research_in_motion blackberry_enterprise_server 4.1.6
  • Research_in_motion blackberry_professional_software 4.1.4
  • Research_in_motion blackberry_unite! 1.0
  • Research_in_motion blackberry_unite! 1.0.1
  • Research_in_motion blackberry_unite! 1.0.1 Bundle 36
  • Symantec backup_exec_for_windows_servers 11D
  • Symantec backup_exec_for_windows_servers 12.0

References

  • BugTraq: 31021
  • CVE: CVE-2008-3014

Site Map
RSS Feeds
Careers
Accessibility
Feedback
Privacy Policy
Legal Notices
Copyright © 1999-2010 Juniper Networks, Inc. All rights reserved.
Help
|
My Account
|
Log Out