Short Name |
HTTP:OVERFLOW:COREL-WP-BOF |
---|---|
Severity |
High |
Recommended |
No |
Recommended Action |
Drop |
Category |
HTTP |
Keywords |
Corel WordPerfect Office PRS Buffer Overflow |
Release Date |
2012/11/27 |
Update Number |
2205 |
Supported Platforms |
idp-4.0+, isg-3.1.134269+, j-series-9.5+, mx-9.4+, srx-9.2+, srx-branch-9.4+, vsrx-12.1+ |
This signature detects attempts to exploit a known vulnerability in Corel WordPerfect. A successful attack can lead to a buffer overflow and arbitrary remote code execution within the context of the affected user.
Corel WordPerfect Office is prone to a stack-based buffer-overflow vulnerability because the software fails to adequately bounds-check user-supplied data before copying it to an insufficiently sized buffer. An attacker can exploit this issue to execute arbitrary code with the privileges of the user running the application. A successful attack can result in the compromise of the application. Failed attempts will likely result in denial-of-service conditions. WordPerfect X3 version 13.0.0.565 is vulnerable to this issue; other versions may also be affected.