Signature Detail
Short Name |
HTTP:STC:DL:WORD-LINK-OBJ |
|---|---|
Severity |
High |
Recommended |
No |
Recommended Action |
Drop |
Category |
HTTP |
Keywords |
Microsoft Office Word HTML Linked Objects Memory Corruption |
Release Date |
2010/10/25 |
Update Number |
1798 |
Supported Platforms |
idp-4.0+, isg-3.1.134269+, j-series-9.5+, mx-9.4+, srx-9.2+, srx-branch-9.4+, vsrx-12.1+ |
HTTP: Microsoft Office Word HTML Linked Objects Memory Corruption
This signature detects attempts to exploit a known memory corruption vulnerability in Microsoft Office Word. If is due to the application incorrectly handling a malformed plcffldMom record. This can be exploited by remote attackers to execute arbitrary code on the target system by enticing a user to open a maliciously crafted file. In a successful attack the injected code runs within the security context of the currently logged in user. In an unsuccessful attack, the vulnerable application can terminate abnormally.
Extended Description
Microsoft Word is prone to a remote memory-corruption vulnerability because it fails to properly allocate heap-based memory. An attacker can exploit this issue to execute arbitrary code in the context of the currently logged-in user. Failed exploit attempts will likely result in denial-of-service conditions.
Affected Products
- Microsoft Word 2002 SP1
- Microsoft Word 2002 SP2
- Microsoft Word 2002 SP3
- Microsoft Word 2003 SP1
- Microsoft Word 2003 SP2
- Microsoft Word 2003 SP3
- Microsoft Word Viewer
References
- BugTraq: 42130
- CVE: CVE-2010-1903