Short Name |
HTTP:STC:DL:DOC-FIB |
---|---|
Severity |
Major |
Recommended |
No |
Recommended Action |
Drop |
Category |
HTTP |
Keywords |
Microsoft Office Word File FIB Processing Memory Corruption |
Release Date |
2010/10/14 |
Update Number |
1792 |
Supported Platforms |
idp-4.0+, isg-3.1.134269+, j-series-9.5+, mx-11.4+, srx-12.1+, srx-branch-12.1+, vmx-17.4+, vsrx-12.1+, vsrx3bsd-18.2+ |
A code execution vulnerability has been reported in Microsoft Office Word. The flaw is due to the way the affected product processes specially crafted Word files. A remote attacker can exploit this vulnerability by enticing a target user to open a Word file with a malicious record. Successful exploitation could result in execution of arbitrary code within the security context of the currently logged on user. The behaviour of the target host is entirely dependent on the intended function of the injected code. An unsuccessful exploit attempt may terminate the affected application abnormally.
Microsoft Word is prone to a remote stack-buffer overflow vulnerability. Attackers can exploit this issue by enticing victims into opening a specially crafted Word ('.doc') file. Successful exploits can allow attackers to execute arbitrary code with the privileges of the user running the application.