Microsoft Windows WSDAPI code execution (HTTP_MS_WSDAPI_Code_Exec)

About this signature or vulnerability

IBM Security Server Protection for Windows, Proventia Network IDS, Proventia Network MFS, Proventia-G 1.1 and earlier, RealSecure Network, RealSecure Server Sensor, Proventia Desktop, Proventia Network IPS, Proventia Server IPS for Linux technology, Virtual Server Protection for Vmware:

This signature detects a specially-crafted WSDAPI (Web Services for Devices) message that can lead to remote code execution.

Default risk level

 High

Sensors that have this signature

IBM Security Server Protection for Windows: 2.1.14.2450, IBM Security Server Protection for Windows: 1.0.914.2450, IBM Security Server Protection for Windows: 2.0.300.2450, Proventia Network IDS: XPU 29.110, Proventia Network MFS: XPU 29.110, Proventia-G 1.1 and earlier: XPU 29.110, RealSecure Network: XPU 29.110, RealSecure Server Sensor: XPU 29.110, Proventia Desktop: 2450, Proventia Network IPS: XPU 29.110, Proventia Server IPS for Linux technology: 29.110, Virtual Server Protection for Vmware: 1.0

Systems affected

Microsoft Windows Vista, Microsoft Windows Vista: x64, Microsoft Windows Vista: SP1, Microsoft Windows Vista: SP1 x64, Microsoft Windows Server 2008: Itanium, Microsoft Windows Server 2008: x32, Microsoft Windows Server 2008: x64, Microsoft Windows Vista: SP2 x64, Microsoft Windows Vista: SP2, Microsoft Windows Server 2008: SP2 x32, Microsoft Windows Server 2008: SP2 x64, Microsoft Windows Server 2008: SP2 Itanium

Type

Unauthorized Access Attempt

Vulnerability description

How to remove this vulnerability

References