Intrusion Prevention

ZIP.File.Document.Title.Buffer.Overflow

Description

This indicates an attack attempt against a buffer-overflow vulnerability in the Microsoft Windows MFC library mfc42.dll.
The vulnerability is caused by an error when the vulnerable software handles a specially crafted archive file. It allows a remote attacker to execute arbitrary code.

Affected Products

Microsoft Windows XP Tablet PC Edition SP3
Microsoft Windows XP Tablet PC Edition SP2
Microsoft Windows XP Professional x64 Edition SP3
Microsoft Windows XP Professional x64 Edition SP2
Microsoft Windows XP Professional SP3
Microsoft Windows XP Professional SP2
Microsoft Windows XP Media Center Edition SP3
Microsoft Windows XP Media Center Edition SP2
Microsoft Windows XP Home SP3
Microsoft Windows XP Home SP2
Microsoft Windows XP Embedded SP3
Microsoft Windows XP Embedded SP2

Impact

System Compromise: Remote attackers can gain control of vulnerable systems.

Recommended Actions

Currently we are not aware of any patches supplied by the vendor for this issue.

CVE References

CVE-2011-4535