Intrusion Prevention

MS.RTF.Object.Package.Download.Attempt

Description

This indicates an attack attempt to exploit the Dialogue Spoofing Vulnerability in Microsoft Windows Object Packager.
The Windows Object Packager in Microsoft Windows XP SP1 and SP2 and Server 2003 SP1 and earlier does not properly handle file extensions that could allow remote attackers to execute arbitrary command by sending crafted file with embedded package object.

Affected Products

Microsoft Windows XP Service Pack 1
Microsoft Windows XP Service Pack 2
Microsoft Windows XP Professional x64 Edition
Microsoft Windows Server 2003
Microsoft Windows Server 2003 Service Pack 1
Microsoft Windows Server 2003 (Itanium)
Microsoft Windows Server 2003 SP1 (Itanium)
Microsoft Windows Server 2003 x64 Edition

Impact

System Compromise: Remote attackers can gain control of vulnerable systems.

Recommended Actions

Apply patch, available from the web site:
http://www.microsoft.com/technet/security/bulletin/MS06-065.mspx

CVE References

CVE-2006-4692