Signature Detail
This site is deprecated. Please CLICK HERE for latest updates
Short Name |
HTTP:STC:DL:MS-WORD-BULLET |
|---|---|
Severity |
Major |
Recommended |
No |
Recommended Action |
Drop |
Category |
HTTP |
Keywords |
Microsoft Word Bulleted List Handling Memory Corruption |
Release Date |
2012/12/03 |
Update Number |
2207 |
Supported Platforms |
idp-4.0+, isg-3.1.134269+, j-series-9.5+, mx-11.4+, srx-12.1+, srx-branch-12.1+, vmx-17.4+, vsrx-12.1+, vsrx3bsd-18.2+ |
HTTP: Microsoft Word Bulleted List Handling Memory Corruption
This signature detects attempts to exploit a known vulnerability against Microsoft Word. A successful attack can lead to arbitrary code execution.
Extended Description
Unspecified vulnerability in the Word 6 text converter in WordPad in Microsoft Windows 2000 SP4, XP SP2 and SP3, and Server 2003 SP1 and SP2; and the Word 6 text converter in Microsoft Office Word 2000 SP3 and 2002 SP3; allows remote attackers to execute arbitrary code via a crafted Word 6 file that contains malformed data, aka "WordPad and Office Text Converter Memory Corruption Vulnerability."
Affected Products
- Microsoft office_word 2000
- Microsoft office_word 2002
- Microsoft windows_2000 -
- Microsoft windows_2003_server *
- Microsoft windows_xp *
References
- BugTraq: 29769
- CVE: CVE-2009-0087