Signature Detail
This site is deprecated. Please CLICK HERE for latest updates
Short Name |
APP:REMOTE:RDP-HEAP-OF |
|---|---|
Severity |
Major |
Recommended |
No |
Recommended Action |
Drop |
Category |
APP |
Keywords |
Microsoft Remote Desktop Client Heap Overflow |
Release Date |
2009/08/11 |
Update Number |
1479 |
Supported Platforms |
idp-4.0+, isg-3.4+, j-series-9.5+, mx-11.4+, srx-12.1+, srx-branch-12.1+, vmx-17.4+, vsrx-12.1+, vsrx3bsd-18.2+ |
APP: Microsoft Remote Desktop Client Heap Overflow
This signature detects attempts to exploit a known vulnerability in the Microsoft Remote Desktop Client. A successful attack can lead to a heap overflow and arbitrary remote code execution within the context of the user.
Extended Description
Microsoft Remote Desktop Connection client is prone to a heap-based buffer-overflow vulnerability when processing certain parameters returned by a malicious RDP (Remote Desktop Protocol) server. Successfully exploiting this issue would allow an attacker to corrupt heap memory and execute arbitrary code in the context of the currently logged-in user. Failed exploit attempts will likely cause denial-of-service conditions.
Affected Products
- Microsoft rdp 5.1
- Microsoft rdp 5.2
- Microsoft rdp 6.0
- Microsoft rdp 6.1
- Microsoft remote_desktop_connection_client_for_mac 2
- Microsoft windows_2000_advanced_server SP4
- Microsoft windows_2000_datacenter_server SP4
- Microsoft windows_2000_professional SP4
- Microsoft windows_2000_server SP4
- Microsoft windows_server_2003 SP2
- Microsoft windows_server_2003_datacenter_edition SP1 Beta 1
- Microsoft windows_server_2003_itanium SP2
- Microsoft windows_server_2003_standard_edition SP2
- Microsoft windows_server_2008_datacenter_edition SP2
- Microsoft windows_server_2008_datacenter_edition
- Microsoft windows_server_2008_enterprise_edition SP2
- Microsoft windows_server_2008_enterprise_edition
- Microsoft windows_server_2008_for_32-bit_systems SP2
- Microsoft windows_server_2008_for_32-bit_systems
- Microsoft windows_server_2008_for_itanium-based_systems
- Microsoft windows_server_2008_for_x64-based_systems SP2
- Microsoft windows_server_2008_for_x64-based_systems
- Microsoft windows_server_2008_standard_edition SP2
- Microsoft windows_server_2008_standard_edition
- Microsoft windows_vista Business
- Microsoft windows_vista Business SP1
- Microsoft windows_vista Enterprise
- Microsoft windows_vista Enterprise SP1
- Microsoft windows_vista Home Basic
- Microsoft windows_vista Home Basic SP1
- Microsoft windows_vista Home Premium
- Microsoft windows_vista Home Premium SP1
- Microsoft windows_vista SP1
- Microsoft windows_vista Ultimate
- Microsoft windows_vista Ultimate SP1
- Microsoft windows_vista
- Microsoft windows_vista_business_64-bit_edition SP1
- Microsoft windows_vista_business_64-bit_edition
- Microsoft windows_vista_enterprise_64-bit_edition SP1
- Microsoft windows_vista_enterprise_64-bit_edition
- Microsoft windows_vista_home_basic_64-bit_edition SP1
- Microsoft windows_vista_home_basic_64-bit_edition
- Microsoft windows_vista_home_premium_64-bit_edition SP1
- Microsoft windows_vista_home_premium_64-bit_edition
- Microsoft windows_vista_ultimate_64-bit_edition SP1
- Microsoft windows_vista_ultimate_64-bit_edition
- Microsoft windows_vista_x64_edition SP1
- Microsoft windows_vista_x64_edition
- Microsoft windows_xp_home SP2
- Microsoft windows_xp_home SP3
- Microsoft windows_xp_media_center_edition SP2
- Microsoft windows_xp_professional SP2
- Microsoft windows_xp_professional SP3
- Microsoft windows_xp_professional_x64_edition SP2
- Microsoft windows_xp_tablet_pc_edition SP2
References
- BugTraq: 35971
- CVE: CVE-2009-1133