Signature Detail
Short Name |
HTTP:STC:DL:MS-OPEN-FONT-FILE |
|---|---|
Severity |
High |
Recommended |
No |
Recommended Action |
Drop |
Category |
HTTP |
Keywords |
Microsoft Windows OpenType Font File Remote Code Execution |
Release Date |
2013/10/24 |
Update Number |
2313 |
Supported Platforms |
idp-4.0+, isg-3.1.134269+, j-series-9.5+, mx-9.4+, srx-9.2+, srx-branch-9.4+, vsrx-12.1+ |
HTTP: Microsoft Windows OpenType Font File Remote Code Execution
This signature detects attempts to exploit a known vulnerability against Microsoft Windows handling of OpenType Font File. A successful attack can lead to arbitrary code execution.
Extended Description
The kernel-mode drivers in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows Server 2012, and Windows RT, and .NET Framework 3.0 SP2, 3.5, 3.5.1, 4, and 4.5, allow remote attackers to execute arbitrary code via a crafted OpenType font (OTF) file, aka "OpenType Font Parsing Vulnerability."
Affected Products
- microsoft .net_framework 3.0 (sp2)
- microsoft .net_framework 3.5.1
- microsoft .net_framework 3.5 (sp1)
- microsoft .net_framework 4.0
- microsoft .net_framework 4.5
- microsoft windows_7 (sp1:x64)
- microsoft windows_7 (sp1:x86)
- microsoft windows_8 - (-:x64)
- microsoft windows_8 - (-:x86)
- microsoft windows_rt -
- microsoft windows_server_2003 (sp2:itanium)
- microsoft windows_server_2003 (sp2:x64)
- microsoft windows_server_2008 r2 (sp1:itanium)
- microsoft windows_server_2008 r2 (sp1:x64)
- microsoft windows_server_2008 (sp2:itanium)
- microsoft windows_server_2008 (sp2:x64)
- microsoft windows_server_2008 (sp2:x86)
- microsoft windows_server_2012 -
- microsoft windows_vista (sp2:x64)
- microsoft windows_xp (sp2:professional)
- microsoft windows_xp (sp3)
References
- BugTraq: 62819
- CVE: CVE-2013-3128