OLE stream buffer overflow (CompoundFile_Ole_LoadPicture_Overflow)

About this signature or vulnerability

Proventia Server IPS for Linux technology, Proventia Network IPS, Proventia Desktop, Proventia-G 1.1 and earlier, Proventia Network MFS, Proventia Server IPS for Microsoft Windows technology, RealSecure Network, RealSecure Server Sensor, BlackICE Server Protection, BlackICE PC Protection:

This signature detects a specially-crafted file that can result in the execution of arbitrary code.

Default risk level

 High

Sensors that have this signature

Proventia Server IPS for Linux technology: 27.070, Proventia Network IPS: XPU 27.070, Proventia Desktop: 2080, Proventia-G 1.1 and earlier: XPU 27.070, Proventia Network MFS: XPU 27.070, Proventia Server IPS for Microsoft Windows technology: 1.0.914.2080, RealSecure Network: XPU 27.070, RealSecure Server Sensor: XPU 27.070, BlackICE Server Protection: 3.6.cqn, BlackICE PC Protection: 3.6cqn

Systems affected

Microsoft Windows Vista, Microsoft Windows 2003 Server: SP2, Microsoft Windows 2003 Server: SP2 Itanium, Microsoft Windows XP: SP2 Professional x64, Microsoft Windows Vista: x64, Microsoft Windows 2003 Server: SP2 x64, Microsoft Office: 2004, Microsoft Visual Basic: 6.0 SP6, Microsoft Windows 2000: SP4, Microsoft Windows 2003 Server: x64, Microsoft Windows XP: Professional x64, Microsoft Windows 2003 Server: SP1, Microsoft Windows 2003 Server: SP1 Itanium, Microsoft Windows XP: SP2

Type

Unauthorized Access Attempt

Vulnerability description

How to remove this vulnerability

References