Signature Detail

Short Name	SMTP:EXT:DOT-CPL
Severity	Medium
Recommended	No
Category	SMTP
Keywords	microsoft windows cpl
Release Date	2004/07/21
Update Number	1213
Supported Platforms	di-5.3+, idp-4.0+, isg-3.0+, j-series-9.5+, mx-9.4+, srx-9.2+, srx-branch-9.4+, vsrx-12.1+

SMTP: .CPL

This signature detects e-mail attachments with the extension ".cpl" sent through SMTP. This can indicate an incoming e-mail virus; CPLs (Control Panel eLements) are standard Microsoft Windows files that contain Windows Control Panel settings. Attackers can hide malicious executables within a CPL file, tricking users into executing the file and infecting the system.

Extended Description

The impact on the target system is dependent on the instructions contained in the malicious .cpl file.

References

URL: http://support.microsoft.com/?kbid=313808
URL: http://support.microsoft.com/default.aspx?scid=kb;EN-US;149648
URL: http://www.cknow.com/vtutor/FileExtensions.html

Signature Detail

Short Name

Severity

Recommended

Category

Keywords

Release Date

Update Number

Supported Platforms

SMTP: .CPL

Extended Description

References