Signature Detail
Short Name |
HTTP:STC:DL:WORD-FONT |
|---|---|
Severity |
Medium |
Recommended |
No |
Recommended Action |
Drop |
Category |
HTTP |
Keywords |
Microsoft Word Font Parsing Buffer Overflow |
Release Date |
2010/10/04 |
Update Number |
1784 |
Supported Platforms |
idp-4.0+, isg-3.0+, j-series-9.5+, mx-9.4+, srx-9.2+, srx-branch-9.4+, vsrx-12.1+ |
HTTP: Microsoft Word Font Parsing Buffer Overflow
This signature detects attempts to exploit a known vulnerability in Microsoft Word. An attacker can create a malicious Web site with Web pages containing dangerous Word files, which if accessed by a victim, allows the attacker gain control of the victim's computer.
Extended Description
Microsoft Word is affected by a remote buffer overflow vulnerability. This vulnerability presents itself when a .doc file contains specific malformed input. Upon attempting to read the malformed .doc file, the affected application fails to properly validate data within the file. This may result in the attacker being able to control the flow of program execution. Attackers may exploit this vulnerability to execute arbitrary code in the context of the victim user attempting to access the malformed Word file.
Affected Products
- Microsoft Office 2000 SP1
- Microsoft Office 2000 SP2
- Microsoft Office 2000 SP3
- Microsoft Office 2000
- Microsoft Office XP SP1
- Microsoft Office XP SP2
- Microsoft Office XP SP3
- Microsoft Office XP
- Microsoft Word 2000 SP2
- Microsoft Word 2000 SP3
- Microsoft Word 2000 SR1
- Microsoft Word 2000 Sr1a
- Microsoft Word 2000
- Microsoft Word 2002 SP1
- Microsoft Word 2002 SP2
- Microsoft Word 2002 SP3
- Microsoft Word 2002
- Microsoft Works 2000
- Microsoft Works Suite 2001
- Microsoft Works Suite 2002
- Microsoft Works Suite 2003
- Microsoft Works Suite 2004
References
- BugTraq: 14216
- CVE: CVE-2005-1191
- CVE: CVE-2005-0564