Signature Detail

Short Name	HTTP:STC:DL:WORD-STSH-RCE
Severity	High
Recommended	No
Recommended Action	Drop
Category	HTTP
Keywords	Microsoft Office Word STSH Record Remote Code Execution
Release Date	2011/06/17
Update Number	1942
Supported Platforms	idp-4.0+, isg-3.1.134269+, j-series-9.5+, mx-9.4+, srx-9.2+, srx-branch-9.4+, vsrx-12.1+

HTTP: Microsoft Office Word STSH Record Remote Code Execution

This signature detects attempts to exploit a known vulnerability against Microsoft Office. A successful attack can lead to arbitrary remote code execution.

Extended Description

Microsoft Word is prone to a remote code-execution vulnerability. Attackers can exploit this issue by enticing an unsuspecting user to open a specially crafted Word file. Successful exploits can allow attackers to execute arbitrary code with the privileges of the user running the application. Failed exploit attempts will result in a denial-of-service condition.

Affected Products

Microsoft Word 2002 SP1
Microsoft Word 2002 SP2
Microsoft Word 2002 SP3
Microsoft Word 2002
Microsoft Word 2003 SP1
Microsoft Word 2003 SP2
Microsoft Word 2003 SP3
Microsoft Word 2003
Microsoft Word 2007 SP1
Microsoft Word 2007 SP2
Microsoft Word 2007
Microsoft Word 2010

References

BugTraq: 48261

Signature Detail

Short Name

Severity

Recommended

Recommended Action

Category

Keywords

Release Date

Update Number

Supported Platforms

HTTP: Microsoft Office Word STSH Record Remote Code Execution

Extended Description

Affected Products

References