HTTP: Microsoft Office EPS CVE-2017-0262 Type Confusion

This signature detects attempts to exploit a known vulnerability in Microsoft Office. Successful exploitation would allow the attacker to execute arbitrary code under the security context of the user. This vulnerability is currently being exploited in the wild.

Extended Description

Microsoft Office 2010 SP2, Office 2013 SP1, and Office 2016 allow a remote code execution vulnerability when the software fails to properly handle objects in memory, aka "Office Remote Code Execution Vulnerability". This CVE ID is unique from CVE-2017-0261 and CVE-2017-0281.

Affected Products

Microsoft office

References

CVE: CVE-2017-0262

Short Name
HTTP:STC:DL:MS-CVE-2017-0262-TC
Severity
Major
Recommended
True
Recommended Action
Drop
Category
HTTP
Keywords
CVE-2017-0262 Confusion EPS Microsoft Office Type
Release Date
05/23/2017
Supported Platforms

srx-branch-12.3

srx-19.3

srx-branch-19.3

vsrx3bsd-19.2

srx-branch-19.4

vsrx-19.4

mx-12.3

mx-19.4

vmx-19.4

mx-19.3

vsrx3bsd-19.4

srx-19.4

vsrx-12.3

vmx-19.3

vsrx-19.2

srx-12.3

Sigpack Version
3717
False Positive
Unknown
Vendors

Microsoft

CVSS Score

9.3

Found a potential security threat?