Signature Detail

HTTP: Microsoft Office Drawing Record msofbtOPT Code Execution

This signature detects attempts to exploit a known vulnerability against Microsoft Office. A successful attack can lead to arbitrary code execution.

Extended Description

Microsoft Office is prone to a remote code-execution vulnerability. This issue occurs when the application processes maliciously crafted files. This issue is currently being exploited via Excel files (.xls), but other Office applications may also be vulnerable. An attacker could exploit this issue by enticing a victim into opening a malicious Office file. If the vulnerability is successfully exploited, this could result in the execution of arbitrary code in the context of the currently logged-in user.

Affected Products

• Microsoft Excel
• Microsoft Excel 2000 SP2
• Microsoft Excel 2000 SP3
• Microsoft Excel 2000 SR1
• Microsoft Excel 2000
• Microsoft Excel 2000
• Microsoft Excel 2002 SP1
• Microsoft Excel 2002 SP2
• Microsoft Excel 2002 SP3
• Microsoft Excel 2002
• Microsoft Excel 2003 SP1
• Microsoft Excel 2003 SP2
• Microsoft Excel 2003 SP3
• Microsoft Excel 2003
• Microsoft Excel 2004 for Mac
• Microsoft Office 2000 SP1
• Microsoft Office 2000 SP2
• Microsoft Office 2000 SP3
• Microsoft Office 2000
• Microsoft Office 2003 SP1
• Microsoft Office 2003 SP2
• Microsoft Office 2003
• Microsoft Office 2004 for Mac
• Microsoft Office XP SP1
• Microsoft Office XP SP2
• Microsoft Office XP SP3
• Microsoft Office XP
• Microsoft Project 2000 SR1
• Microsoft Project 2002 SP1
• Microsoft Visio 2002 SP2
• Microsoft Visio 2002 Professional SP2
• Microsoft Visio 2002 Standard SP2
• Nortel Networks Contact Center - CCT

References

• BugTraq: 22383
• CVE: CVE-2007-0671