Signature Detail

Short Name	HTTP:STC:DL:VISIO-DXF-RCE
Severity	High
Recommended	No
Recommended Action	Drop
Category	HTTP
Keywords	Microsoft Visio DXF File Handling Code Execution
Release Date	2010/10/01
Update Number	1784
Supported Platforms	idp-4.0+, isg-3.0+, j-series-9.5+, mx-9.4+, srx-9.2+, srx-branch-9.4+, vsrx-12.1+

HTTP: Microsoft Visio DXF File Handling Code Execution

This signature detects attempts to exploit a known vulnerability against Microsoft Visio. A successful attack can lead to arbitrary code execution.

Extended Description

Microsoft Visio is prone to a remote code-execution vulnerability because it fails to adequately handle user-supplied data. Attackers can exploit this issue to execute arbitrary code in the context of the user running the application. Failed exploit attempts will result in a denial-of-service condition.

Affected Products

Microsoft Visio 2002 SP2
Microsoft Visio 2003 SP2
Microsoft Visio 2003 SP3
Microsoft Visio 2007 SP1
Microsoft Visio 2007

References

BugTraq: 28556
CVE: CVE-2008-1090

Signature Detail

Short Name

Severity

Recommended

Recommended Action

Category

Keywords

Release Date

Update Number

Supported Platforms

HTTP: Microsoft Visio DXF File Handling Code Execution

Extended Description

Affected Products

References