Signature Detail

HTTP: Microsoft .NET Framework Heap Corruption

This signature detects attempts to exploit a known vulnerability in Microsoft's .NET Framework. It is due to an error in calculating a buffer length for percent-encoded URI components of a UTF-8 encoded URI. Remote attackers could exploit this vulnerability by enticing a target user to either download and execute a malicious XAML browser application, or download and execute a malicious .NET application. A successful exploitation attempt could result in the execution of arbitrary code in the security context in which the .NET application runs.

Extended Description

Microsoft Silverlight and Microsoft .NET Framework are prone to a remote code-execution vulnerability. Successful exploits will allow an attacker to execute arbitrary code within the context of the affected application. Failed exploit attempts will likely result in a denial-of-service condition.

Affected Products

• Avaya Aura Conferencing 6.0 Standard
• Avaya CallPilot 4.0
• Avaya CallPilot 5.0
• Avaya Communication Server 1000 Telephony Manager 3.0
• Avaya Communication Server 1000 Telephony Manager 4.0
• Avaya Meeting Exchange 5.0
• Avaya Meeting Exchange 5.0.0.0.52
• Avaya Meeting Exchange 5.0 SP1
• Avaya Meeting Exchange 5.0 SP2
• Avaya Meeting Exchange 5.1
• Avaya Meeting Exchange 5.1 SP1
• Avaya Meeting Exchange 5.2
• Avaya Meeting Exchange 5.2 SP1
• Avaya Meeting Exchange 5.2 SP2
• Avaya Meeting Exchange - Client Registration Server
• Avaya Meeting Exchange - Recording Server
• Avaya Meeting Exchange - Streaming Server
• Avaya Meeting Exchange - Web Conferencing Server
• Avaya Meeting Exchange - Webportal
• Avaya Messaging Application Server 4
• Avaya Messaging Application Server 5
• Avaya Messaging Application Server 5.2
• Microsoft .NET Framework 2.0
• Microsoft .NET Framework 2.0 SP1
• Microsoft .NET Framework 2.0 SP2
• Microsoft .NET Framework 3.5.1

References

• BugTraq: 51940
• CVE: CVE-2012-0015