HTTP: Microsoft Office CVE-2017-0006 Code Execution

This signature detects attempts to exploit a known vulnerability in Microsoft Office. Successful exploitation can allow an attacker to execute arbitrary code.

Extended Description

Microsoft Excel 2007 SP3, Office Compatibility Pack SP3, Excel Viewer, and Excel Services on SharePoint Server 2007 SP3 allow remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted document, aka "Microsoft Office Memory Corruption Vulnerability." This vulnerability is different from those described in CVE-2017-0019, CVE-2017-0020, CVE-2017-0030, CVE-2017-0031, CVE-2017-0052, and CVE-2017-0053.

Affected Products

Microsoft office_compatibility_pack

References

CVE: CVE-2017-0006

Short Name
HTTP:STC:DL:CVE-2017-0006-CE
Severity
Major
Recommended
True
Recommended Action
Drop
Category
HTTP
Keywords
CVE-2017-0006 Code Execution Microsoft Office
Release Date
03/14/2017
Supported Platforms

srx-branch-12.3

srx-19.3

srx-branch-19.3

vsrx3bsd-19.2

srx-branch-19.4

vsrx-19.4

mx-12.3

mx-19.4

vmx-19.4

mx-19.3

vsrx3bsd-19.4

srx-19.4

vsrx-12.3

vmx-19.3

vsrx-19.2

srx-12.3

Sigpack Version
3717
False Positive
Unknown
Vendors

Microsoft

CVSS Score

9.3

Found a potential security threat?