Signature Detail

Short Name	HTTP:STC:DL:WORD-REC-LEN-OF
Severity	High
Recommended	No
Recommended Action	Drop
Category	HTTP
Keywords	Microsoft Word Record Parsing Length Field Overflow
Release Date	2010/12/01
Update Number	1825
Supported Platforms	idp-4.0+, isg-3.0+, j-series-9.5+, mx-9.4+, srx-9.2+, srx-branch-9.4+, vsrx-12.1+

HTTP: Microsoft Word Record Parsing Length Field Overflow

This signature detects attempts to exploit a known vulnerability against Microsoft Office Word documents. Attackers can execute arbitrary code within the context of the user.

Extended Description

Microsoft Word is prone to a stack-based buffer-overflow vulnerability. An attacker can exploit this issue to execute arbitrary code in the context of the currently logged-in user. Failed exploit attempts will likely result in denial-of-service conditions.

Affected Products

Microsoft Office 2004 for Mac
Microsoft Office 2008 for Mac
Microsoft Office Compatibility Pack 2007 SP1
Microsoft Office Compatibility Pack 2007 SP2
Microsoft Open XML File Format Converter for Mac
Microsoft Word 2002 SP3
Microsoft Word 2003 SP3
Microsoft Word 2007 SP1
Microsoft Word 2007 SP2
Microsoft Word Viewer
Microsoft Word Viewer 2003 SP3

References

BugTraq: 35188
CVE: CVE-2009-0563
URL: http://www.zerodayinitiative.com/advisories/ZDI-09-035

Signature Detail

Short Name

Severity

Recommended

Recommended Action

Category

Keywords

Release Date

Update Number

Supported Platforms

HTTP: Microsoft Word Record Parsing Length Field Overflow

Extended Description

Affected Products

References