This site is deprecated. Please
CLICK HERE for latest updates
Short Name |
HTTP:EXT:DOT-LNK
|
Severity |
Warning
|
Recommended |
No
|
Category |
HTTP
|
Keywords |
.LNK File Download
|
Release Date |
2005/10/11
|
Update Number |
1213
|
Supported Platforms |
idp-4.0+, isg-3.0+, j-series-9.5+, mx-11.4+, srx-12.1+, srx-branch-12.1+, vmx-17.4+, vsrx-12.1+, vsrx3bsd-18.2+
|
HTTP: .LNK File Download
This signature detects a HTTP request for the download of a file with the .lnk extension. Such a file could be maliciously crafted to execute arbitrary code or trick the user into executing another program unintentionally.
Extended Description
Microsoft Windows is prone to a vulnerability that may allow a file to automatically run because the software fails to properly handle 'LNK' files or 'PIF' files.
An attacker may exploit this issue to execute arbitrary code. The attacker must entice a victim to view a specially crafted shortcut.
NOTE: This issue is being exploited in the wild with W32.Stuxnet (previously known as W32.Temphid).
This issue affects Microsoft Windows XP, Windows Vista, Windows 7, Windows Server 2003, and Windows Server 2008.
Affected Products
- Avaya aura_conferencing 6.0 Standard
- Avaya meeting_exchange-client_registration_server
- Avaya meeting_exchange-recording_server
- Avaya meeting_exchange-streaming_server
- Avaya meeting_exchange-web_conferencing_server
- Avaya meeting_exchange-webportal
- Avaya messaging_application_server 4
- Avaya messaging_application_server 5
- Avaya messaging_application_server MM 1.1
- Avaya messaging_application_server MM 2.0
- Avaya messaging_application_server MM 3.0
- Avaya messaging_application_server MM 3.1
- Avaya messaging_application_server
- Microsoft windows_7_for_32-bit_systems
- Microsoft windows_7_for_x64-based_systems
- Microsoft windows_7_home_premium
- Microsoft windows_7_professional
- Microsoft windows_7_starter
- Microsoft windows_7_ultimate
- Microsoft windows_server_2003 SP2
- Microsoft windows_server_2003_datacenter_x64_edition SP2
- Microsoft windows_server_2003_enterprise_x64_edition SP2
- Microsoft windows_server_2003_itanium SP2
- Microsoft windows_server_2003_standard_edition SP2
- Microsoft windows_server_2003_web_edition SP2
- Microsoft windows_server_2003_x64 SP2
- Microsoft windows_server_2008_datacenter_edition SP2
- Microsoft windows_server_2008_enterprise_edition SP2
- Microsoft windows_server_2008_for_32-bit_systems SP2
- Microsoft windows_server_2008_for_32-bit_systems
- Microsoft windows_server_2008_for_itanium-based_systems R2
- Microsoft windows_server_2008_for_itanium-based_systems SP2
- Microsoft windows_server_2008_for_itanium-based_systems
- Microsoft windows_server_2008_for_x64-based_systems R2
- Microsoft windows_server_2008_for_x64-based_systems SP2
- Microsoft windows_server_2008_for_x64-based_systems
- Microsoft windows_server_2008_standard_edition - Gold Itanium
- Microsoft windows_server_2008_standard_edition Itanium
- Microsoft windows_server_2008_standard_edition SP2
- Microsoft windows_server_2008_standard_edition X64
- Microsoft windows_vista Business SP1
- Microsoft windows_vista Business SP2
- Microsoft windows_vista Enterprise SP1
- Microsoft windows_vista Enterprise SP2
- Microsoft windows_vista Home Basic SP1
- Microsoft windows_vista Home Basic SP2
- Microsoft windows_vista Home Premium SP1
- Microsoft windows_vista Home Premium SP2
- Microsoft windows_vista SP1
- Microsoft windows_vista SP2
- Microsoft windows_vista Ultimate SP1
- Microsoft windows_vista Ultimate SP2
- Microsoft windows_vista_business_64-bit_edition SP1
- Microsoft windows_vista_business_64-bit_edition SP2
- Microsoft windows_vista_december_ctp SP1
- Microsoft windows_vista_december_ctp SP2
- Microsoft windows_vista_enterprise_64-bit_edition SP1
- Microsoft windows_vista_enterprise_64-bit_edition SP2
- Microsoft windows_vista_home_basic_64-bit_edition SP1
- Microsoft windows_vista_home_basic_64-bit_edition SP2
- Microsoft windows_vista_home_premium_64-bit_edition SP1
- Microsoft windows_vista_home_premium_64-bit_edition SP2
- Microsoft windows_vista_ultimate_64-bit_edition SP1
- Microsoft windows_vista_ultimate_64-bit_edition SP2
- Microsoft windows_vista_x64_edition SP1
- Microsoft windows_vista_x64_edition SP2
- Microsoft windows_xp
- Microsoft windows_xp_64-bit_edition SP1
- Microsoft windows_xp_64-bit_edition
- Microsoft windows_xp_64-bit_edition_version_2003 SP1
- Microsoft windows_xp_64-bit_edition_version_2003
- Microsoft windows_xp_embedded SP1
- Microsoft windows_xp_embedded SP2
- Microsoft windows_xp_embedded SP3
- Microsoft windows_xp_embedded
- Microsoft windows_xp_embedded_sp2_feature_pack_2007
- Microsoft windows_xp_embedded_update_rollup 1.0
- Microsoft windows_xp_gold
- Microsoft windows_xp_home SP1
- Microsoft windows_xp_home SP2
- Microsoft windows_xp_home SP3
- Microsoft windows_xp_home
- Microsoft windows_xp_media_center_edition SP1
- Microsoft windows_xp_media_center_edition SP2
- Microsoft windows_xp_media_center_edition SP3
- Microsoft windows_xp_media_center_edition
- Microsoft windows_xp_professional SP1
- Microsoft windows_xp_professional SP2
- Microsoft windows_xp_professional SP3
- Microsoft windows_xp_professional
- Microsoft windows_xp_professional_x64_edition SP2
- Microsoft windows_xp_professional_x64_edition SP3
- Microsoft windows_xp_professional_x64_edition
- Microsoft windows_xp_tablet_pc_edition SP1
- Microsoft windows_xp_tablet_pc_edition SP2
- Microsoft windows_xp_tablet_pc_edition SP3
- Microsoft windows_xp_tablet_pc_edition
References