Juniper Networks
Solutions
Products & Services
Company
Partners
Support
Education

Signature Detail

Security Intelligence Center
Signatures
Print

Short Name

 HTTP:STC:DL:WORD-SECTION-OF

Severity

 High

Recommended

 No

Recommended Action

 Drop

Category

 HTTP

Keywords

 Microsoft Word Section Table Array Buffer Overflow

Release Date

 2010/10/01

Update Number

 1784

Supported Platforms

 idp-4.0+, isg-3.1.134269+, j-series-9.5+, mx-9.4+, srx-9.2+, srx-branch-9.4+, vsrx-12.1+

HTTP: Microsoft Word Section Table Array Buffer Overflow


This signature detects attempts to exploit a known vulnerability against Microsoft Office Word. A successful attack can lead to arbitrary code execution.

Extended Description

Microsoft Word 2000 is prone to a remote code-execution vulnerability. Microsoft Word 2000 is confirmed vulnerable to a remote code-execution issue. Exploit attempts against Word 2003/XP will consume all CPU resources and will cause a denial of service for legitimate users. Note that this issue is distinct from issues described in BID 21589 (Microsoft Word Code Execution Vulnerability), BID 21451 (Microsoft Word Malformed String Remote Code Execution Vulnerability), and BID 21518 (Microsoft Word Malformed Data Structures Code Execution Vulnerability).

Affected Products

  • Microsoft Office 2000 SP1
  • Microsoft Office 2000 SP2
  • Microsoft Office 2000 SP3
  • Microsoft Office 2003 SP1
  • Microsoft Office 2003 SP2
  • Microsoft Word 2000 SP2
  • Microsoft Word 2000 SP3
  • Microsoft Word 2000 SR1
  • Microsoft Word 2000 Sr1a
  • Microsoft Word 2000

References

  • BugTraq: 22225
  • CVE: CVE-2007-0515

Site Map
RSS Feeds
Careers
Accessibility
Feedback
Privacy Policy
Legal Notices
Copyright © 1999-2010 Juniper Networks, Inc. All rights reserved.
Help
|
My Account
|
Log Out