Juniper Networks
Solutions
Products & Services
Company
Partners
Support
Education

Signature Detail

Security Intelligence Center
Signatures
Print

Short Name

 FTP:OVERFLOW:MS-IE-FTP-RES-MC

Severity

 High

Recommended

 No

Recommended Action

 Drop

Category

 FTP

Keywords

 Microsoft Internet Explorer FTP Response Parsing Memory Corruption

Release Date

 2010/10/04

Update Number

 1784

Supported Platforms

 idp-4.0+, isg-3.0+, j-series-9.5+, mx-9.4+, srx-9.2+, srx-branch-9.4+, vsrx-12.1+

FTP: Microsoft Internet Explorer FTP Response Parsing Memory Corruption


This signature detects attempts to exploit a known vulnerability against Microsoft Internet Explorer. A successful attack could allow the attacker to execute arbitrary code on the targeted system. Failed exploit attempts could result in a denial of service condition.

Extended Description

Microsoft Internet Explorer is prone to a memory-corruption vulnerability when parsing certain FTP server responses. Successfully exploiting this issue allows remote attackers to execute arbitrary machine code in the context of the affected application. This facilitates the remote compromise of affected computers.

Affected Products

  • Avaya Agent Access
  • Avaya Basic Call Management System Reporting Desktop server
  • Avaya Basic Call Management System Reporting Desktop
  • Avaya CMS Supervisor
  • Avaya Computer Telephony
  • Avaya Contact Center Express
  • Avaya CVLAN
  • Avaya Enterprise Management
  • Avaya Integrated Management
  • Avaya Interaction Center
  • Avaya IP Agent
  • Avaya IP Softphone
  • Avaya Messaging Application Server
  • Avaya Modular Messaging (MAS)
  • Avaya Network Reporting
  • Avaya OctelAccess(r) Server
  • Avaya OctelDesignerTM
  • Avaya Operational Analyst
  • Avaya Outbound Contact Management
  • Avaya S8100 Media Servers R10
  • Avaya S8100 Media Servers R11
  • Avaya S8100 Media Servers R12
  • Avaya S8100 Media Servers R6
  • Avaya S8100 Media Servers R7
  • Avaya S8100 Media Servers R8
  • Avaya S8100 Media Servers R9
  • Avaya S8100 Media Servers
  • Avaya Speech Access
  • Avaya Unified Communication Center
  • Avaya Unified Messenger (r)
  • Avaya Visual Messenger TM
  • Avaya Visual Vector Client
  • Avaya VPNmanagerTM Console
  • Avaya Web Messenger
  • HP Storage Management Appliance 2.1
  • Microsoft Internet Explorer 5.0.1
  • Microsoft Internet Explorer 5.0.1 SP1
  • Microsoft Internet Explorer 5.0.1 SP2
  • Microsoft Internet Explorer 5.0.1 SP3
  • Microsoft Internet Explorer 5.0.1 SP4
  • Microsoft Internet Explorer 6.0
  • Microsoft Internet Explorer 6.0 SP1
  • Microsoft Internet Explorer 7.0
  • Nortel Networks CallPilot 1002Rp
  • Nortel Networks CallPilot 200I
  • Nortel Networks CallPilot 201I
  • Nortel Networks CallPilot 702T
  • Nortel Networks CallPilot 703T
  • Nortel Networks Centrex IP Client Manager 7.0.0
  • Nortel Networks Centrex IP Client Manager 8.0.0
  • Nortel Networks Centrex IP Client Manager 9.0
  • Nortel Networks Contact Center
  • Nortel Networks Contact Center Express
  • Nortel Networks Contact Center Manager
  • Nortel Networks Contact Center Manager Server
  • Nortel Networks Symposium Network Control Center (NCC)

References

  • BugTraq: 22489
  • CVE: CVE-2007-0217

Site Map
RSS Feeds
Careers
Accessibility
Feedback
Privacy Policy
Legal Notices
Copyright © 1999-2010 Juniper Networks, Inc. All rights reserved.
Help
|
My Account
|
Log Out