Juniper Networks
Solutions
Products & Services
Company
Partners
Support
Education

Signature Detail

Security Intelligence Center
Signatures
Print

This site is deprecated. Please CLICK HERE for latest updates

Short Name

 HTTP:EXT:DOT-JOB

Severity

 Minor

Recommended

 No

Category

 HTTP

Keywords

 Microsoft Task Scheduler (.job) File Download

Release Date

 2004/07/13

Update Number

 1213

Supported Platforms

 di-5.3+, idp-4.0+, isg-3.0+, j-series-9.5+, mx-11.4+, srx-12.1+, srx-branch-12.1+, vmx-17.4+, vsrx-12.1+, vsrx3bsd-18.2+

HTTP: Microsoft Task Scheduler (.job) File Download


This signature detects an attempt to download a Microsoft Task Scheduler (.job) file. Opening a malicious .job file in Task Scheduler can allow for arbitrary code execution, leading to system compromise. This vulnerability is present in Microsoft Windows 2000 Service Pack 2 and later. It is also present in Microsoft Windows XP Service Pack 1.

Extended Description

Microsoft Task Scheduler is reported prone to a remote stack-based buffer overflow vulnerability. The source of the vulnerability is that data in '.job' files is copied into an internal buffer without sufficient bounds checking. It is reported that a remote attacker may exploit this vulnerability through Internet Explorer or Windows Explorer when the '.job' file is opened or a directory containing the file is rendered. The file could also be hosted on a share. Other attack vectors may also exist. It should be noted that while this issue does not affect Windows NT 4.0 SP6a, it may affect this platform if Internet Explorer 6 SP1 is installed.

Affected Products

  • Avaya definityone_media_servers
  • Avaya ip600_media_servers
  • Avaya s3400_message_application_server
  • Avaya s8100_media_servers
  • Microsoft internet_explorer 6.0
  • Microsoft internet_explorer 6.0 SP1
  • Microsoft windows_2000_advanced_server SP1
  • Microsoft windows_2000_advanced_server SP2
  • Microsoft windows_2000_advanced_server SP3
  • Microsoft windows_2000_advanced_server SP4
  • Microsoft windows_2000_advanced_server
  • Microsoft windows_2000_datacenter_server SP1
  • Microsoft windows_2000_datacenter_server SP2
  • Microsoft windows_2000_datacenter_server SP3
  • Microsoft windows_2000_datacenter_server SP4
  • Microsoft windows_2000_datacenter_server
  • Microsoft windows_2000_professional SP1
  • Microsoft windows_2000_professional SP2
  • Microsoft windows_2000_professional SP3
  • Microsoft windows_2000_professional SP4
  • Microsoft windows_2000_professional
  • Microsoft windows_2000_server SP1
  • Microsoft windows_2000_server SP2
  • Microsoft windows_2000_server SP3
  • Microsoft windows_2000_server SP4
  • Microsoft windows_2000_server
  • Microsoft windows_nt_enterprise_server 4.0 SP6a
  • Microsoft windows_nt_server 4.0 SP6a
  • Microsoft windows_nt_workstation 4.0 SP6a
  • Microsoft windows_xp_64-bit_edition SP1
  • Microsoft windows_xp_64-bit_edition
  • Microsoft windows_xp_64-bit_edition_version_2003 SP1
  • Microsoft windows_xp_64-bit_edition_version_2003
  • Microsoft windows_xp_home SP1
  • Microsoft windows_xp_home
  • Microsoft windows_xp_professional SP1
  • Microsoft windows_xp_professional

References

  • CVE: CVE-2004-0212
  • URL: http://www.microsoft.com/technet/security/bulletin/MS04-022.mspx

Site Map
RSS Feeds
Careers
Accessibility
Feedback
Privacy Policy
Legal Notices
Copyright © 1999-2010 Juniper Networks, Inc. All rights reserved.
Help
|
My Account
|
Log Out