7022.txt

This is the snapshot of Snot Latest Rules

Rule: 

--
Sid: 
7022

-- 
Summary: 
This event is generated when an attempt is made to exploit a known vulnerability in Microsoft Windows Explorer.

-- 
Impact: 
Serious. Denial of Service.

--
Detailed Information:
A stack exhaustion vulnerability exists in Microsoft Windows Explorer.  This flaw is caused by the improper parsing of a URL contained within a .url file.  An attacker can exploit this vulnerability by enticing a user to open a crafted URL file, resulting in abnormal termination of the affected program.

--
Affected Systems:
Microsoft Windows Explorer

--
Attack Scenarios: 
An attacker would need to craft a malicious URL embedded in a .url file, the attacker would then need to entice a user to read the file.
-- 
Ease of Attack: 
Simple.

-- 
False Positives:
None known.

--
False Negatives:
None known.

-- 
Corrective Action: 
Upgrade to the latest non-affected version of the software.

Apply the appropriate vendor supplied patches.

--
Contributors:
Sourcefire Vulnerability Research Team
Kevin Shivers <kevin.shivers@sourcefire.com>
Nigel Houghton <nigel.houghton@sourcefire.com>

-- 
Additional References:


--