Intrusion PreventionMS.Windows.RTF.Object.Package.Download.Attempt
Description
This indicates an attack attempt to exploit the Dialogue Spoofing Vulnerability in Microsoft Windows Object Packager.
The Windows Object Packager in Microsoft Windows XP SP1 and SP2 and Server 2003 SP1 and earlier does not properly handle file extensions that could allow remote attackers to execute arbitrary command by sending crafted file with embedded package object.
Affected Products
Microsoft Windows XP Service Pack 1
Microsoft Windows XP Service Pack 2
Microsoft Windows XP Professional x64 Edition
Microsoft Windows Server 2003
Microsoft Windows Server 2003 Service Pack 1
Microsoft Windows Server 2003 (Itanium)
Microsoft Windows Server 2003 SP1 (Itanium)
Microsoft Windows Server 2003 x64 Edition
Impact
System Compromise: Remote attackers can gain control of vulnerable systems.
Recommended Actions
Apply patch, available from the web site:
http://www.microsoft.com/technet/security/bulletin/MS06-065.mspx
Telemetry
Coverage
| IPS (Regular DB) | |
| IPS (Extended DB) |
Version Updates
| Date | Version | Detail |
|---|---|---|
| 2020-10-14 | 16.943 | Name:MS. RTF. Object. Package. Download. Attempt:MS. Windows. RTF. Object. Package. Download. Attempt |
| 2020-09-23 | 16.931 | Sig Added |
| 2019-01-04 | 13.518 | Sig Added |
| ID | 13241 |
| Created | Oct 10, 2006 |
| Updated | Feb 09, 2022 |
| Risk |
|
| CVE ID | CVE-2006-4692 |
| Exploit Prediction Score | 76.5% |
| Default Action | drop |
| Active | |
| Affected OS | Windows |
| Affected App | Other |