Signature Detail
This site is deprecated. Please CLICK HERE for latest updates
Short Name |
HTTP:STC:DESKTOP-INI-CODE-EXE |
|---|---|
Severity |
Major |
Recommended |
No |
Recommended Action |
Drop |
Category |
HTTP |
Keywords |
Desktop.ini Code Execution |
Release Date |
2006/04/11 |
Update Number |
1213 |
Supported Platforms |
di-5.3+, idp-4.0+, isg-3.0+, j-series-9.5+, mx-11.4+, srx-12.1+, srx-branch-12.1+, vmx-17.4+, vsrx-12.1+, vsrx3bsd-18.2+ |
HTTP: Desktop.ini Code Execution
This signature detects a Desktop.ini file transfer containing content that can be malicious. An attacker can plant a malicious WedDAV folder containing a Desktop.ini file, with a CLSID value that is associated with an executable file. If a user opens this folder, it can allow the attacker to execute remote code on the user's system.
Extended Description
Microsoft Windows Shell is prone to a remote code-execution vulnerability. This issue is due to a flaw in its handling of remote COM objects. Remote attackers may exploit this issue to execute arbitrary machine code in the context of the targeted user. This may facilitate the remote compromise of affected computers. This issue is described as a variant of the one in BID 10363 (Microsoft Windows XP Self-Executing Folder Vulnerability).
Affected Products
- Microsoft windows_2000_advanced_server SP1
- Microsoft windows_2000_advanced_server SP2
- Microsoft windows_2000_advanced_server SP3
- Microsoft windows_2000_advanced_server SP4
- Microsoft windows_2000_advanced_server
- Microsoft windows_2000_datacenter_server SP1
- Microsoft windows_2000_datacenter_server SP2
- Microsoft windows_2000_datacenter_server SP3
- Microsoft windows_2000_datacenter_server SP4
- Microsoft windows_2000_datacenter_server
- Microsoft windows_2000_professional SP1
- Microsoft windows_2000_professional SP2
- Microsoft windows_2000_professional SP3
- Microsoft windows_2000_professional SP4
- Microsoft windows_2000_professional
- Microsoft windows_2000_server SP1
- Microsoft windows_2000_server SP2
- Microsoft windows_2000_server SP3
- Microsoft windows_2000_server SP4
- Microsoft windows_2000_server
- Microsoft windows_98
- Microsoft windows_98se
- Microsoft windows_me
- Microsoft windows_server_2003_datacenter_edition SP1
- Microsoft windows_server_2003_datacenter_edition
- Microsoft windows_server_2003_datacenter_edition_itanium SP1
- Microsoft windows_server_2003_datacenter_edition_itanium
- Microsoft windows_server_2003_datacenter_x64_edition
- Microsoft windows_server_2003_enterprise_edition SP1
- Microsoft windows_server_2003_enterprise_edition
- Microsoft windows_server_2003_enterprise_edition_itanium SP1
- Microsoft windows_server_2003_enterprise_edition_itanium
- Microsoft windows_server_2003_enterprise_x64_edition
- Microsoft windows_server_2003_standard_edition SP1
- Microsoft windows_server_2003_standard_edition
- Microsoft windows_server_2003_standard_x64_edition
- Microsoft windows_server_2003_web_edition SP1
- Microsoft windows_server_2003_web_edition
- Microsoft windows_xp
- Microsoft windows_xp_home SP1
- Microsoft windows_xp_home SP2
- Microsoft windows_xp_home
- Microsoft windows_xp_media_center_edition SP1
- Microsoft windows_xp_media_center_edition SP2
- Microsoft windows_xp_media_center_edition
- Microsoft windows_xp_professional SP1
- Microsoft windows_xp_professional SP2
- Microsoft windows_xp_professional
- Microsoft windows_xp_professional_x64_edition
- Microsoft windows_xp_tablet_pc_edition SP1
- Microsoft windows_xp_tablet_pc_edition SP2
- Microsoft windows_xp_tablet_pc_edition
References
- BugTraq: 17464
- CVE: CVE-2006-0012
- URL: http://www.microsoft.com/technet/security/bulletin/MS06-015.mspx