Microsoft Color Control Panel Insecure Library Loading (MS12-012; CVE-2010-5082)
| Check Point Reference: | CPAI-2012-051 | |
| Date Published: | ||
| Severity: | ||
| Source: | Microsoft Security Bulletin MS12-012 | |
| Industry Reference(s): | CVE-2010-5082 | |
| Protection Provided by: |
Security Gateway
|
|
|
Who is Vulnerable? Windows Server 2008 R2 for x64-based Systems Windows Server 2008 R2 for x64-based Systems Service Pack 1 Windows Server 2008 R2 for Itanium-based Systems Windows Server 2008 R2 for Itanium-based Systems Service Pack 1 Windows Server 2008 for 32-bit Systems Service Pack 2 Windows Server 2008 for x64-based Systems Service Pack 2 Windows Server 2008 for Itanium-based Systems Service Pack 2 |
||
| Vulnerability Description A remote code execution vulnerability has been reported in Microsoft Color Control Panel. |
||
|
Update/Patch Available Apply patches from: MS12-012 |
|
|
Vulnerability Details The vulnerability is due to the way the application improperly restricts the path used when loading external libraries. A remote attacker could exploit this issue by convincing a user to open a legitimate file (such as an .icm or .icc file) that is located in the same network directory as a specially crafted dynamic link library (DLL) file. Successful exploitation could allow an attacker to take complete control of an affected system. |
Protection Overview
This protection will detect and block the transferring of malicious DLL files over a network share.
In order for the protection to be activated, update your Security Gateway product to the latest IPS update. For information on how to update IPS, go to SBP-2006-05, Protection tab and select the version of your choice.
To configure the defense, select your product from the list below and follow the related protection steps.