Signature Detail

Short Name	HTTP:STC:DL:WORD-CMAJ
Severity	High
Recommended	No
Recommended Action	Drop
Category	HTTP
Keywords	Microsoft Office Word sprmCMajority Record Buffer Overflow
Release Date	2010/10/25
Update Number	1798
Supported Platforms	idp-4.0+, isg-3.1.134269+, j-series-9.5+, mx-9.4+, srx-9.2+, srx-branch-9.4+, vsrx-12.1+

HTTP: Microsoft Office Word sprmCMajority Record Buffer Overflow

This signature detects attempts to exploit a known vulnerability against Microsoft Office Word document parser. A successful attack can lead to arbitrary code execution.

Extended Description

Microsoft Word is prone to a remote code-execution vulnerability. An attacker can exploit this issue to execute arbitrary code in the context of the currently logged-in user. Failed exploit attempts will likely result in denial-of-service conditions.

Affected Products

Microsoft Office 2004 for Mac
Microsoft Office 2008 for Mac
Microsoft Office Compatibility Pack 2007 SP1
Microsoft Office Compatibility Pack 2007 SP2
Microsoft Office Compatibility Pack 2007
Microsoft Open XML File Format Converter for Mac
Microsoft Word 2002 SP1
Microsoft Word 2002 SP2
Microsoft Word 2002 SP3
Microsoft Word 2003 SP1
Microsoft Word 2003 SP2
Microsoft Word 2003 SP3
Microsoft Word 2007 SP1
Microsoft Word 2007 SP2
Microsoft Word 2007
Microsoft Word Viewer
Microsoft Works 9.0

References

BugTraq: 42136
CVE: CVE-2010-1900

Signature Detail

Short Name

Severity

Recommended

Recommended Action

Category

Keywords

Release Date

Update Number

Supported Platforms

HTTP: Microsoft Office Word sprmCMajority Record Buffer Overflow

Extended Description

Affected Products

References