HTTP: Microsoft Office File Modification Password Use After Free

This signature detects an attempt to exploit an Use-After-Free Vulnerability in Microsoft Office 2007. Successful exploitation could allow an attacker to execute arbitrary code into the application's context.

Extended Description

Microsoft Office 2007 SP3 allows remote attackers to execute arbitrary code via a crafted document, aka "Microsoft Office Memory Corruption Vulnerability."

Affected Products

Microsoft office

References

CVE: CVE-2015-1683

Short Name
HTTP:STC:DL:CVE-2015-1683-UAF
Severity
Major
Recommended
True
Recommended Action
Drop
Category
HTTP
Keywords
After CVE-2015-1683 File Free Microsoft Modification Office Password Use
Release Date
12/14/2015
Supported Platforms

srx-branch-12.3

srx-19.3

srx-branch-19.3

vsrx3bsd-19.2

srx-branch-19.4

vsrx-19.4

mx-12.3

mx-19.4

vmx-19.4

mx-19.3

vsrx3bsd-19.4

srx-19.4

vsrx-12.3

vmx-19.3

vsrx-19.2

srx-12.3

Sigpack Version
3761
False Positive
Unknown
Vendors

Microsoft

CVSS Score

9.3

Found a potential security threat?