HTTP: Microsoft Office CVE-2017-11882 Remote Code Execution

This signature detects attempts to exploit a known vulnerability against Microsoft Office. A successful attack can result in Remote Code Execution.

Extended Description

Microsoft Office 2007 Service Pack 3, Microsoft Office 2010 Service Pack 2, Microsoft Office 2013 Service Pack 1, and Microsoft Office 2016 allow an attacker to run arbitrary code in the context of the current user by failing to properly handle objects in memory, aka "Microsoft Office Memory Corruption Vulnerability". This CVE ID is unique from CVE-2017-11884.

Affected Products

Microsoft office

Short Name
HTTP:STC:DL:MS-WORD-RCE
Severity
Major
Recommended
True
Recommended Action
Drop
Category
HTTP
Keywords
CVE-2017-11882 CVE-2018-0798 CVE-2018-0802 Code Execution Microsoft Office Remote bid:101757 bid:102347
Release Date
12/12/2017
Supported Platforms

srx-branch-12.3

srx-19.3

srx-branch-19.3

vsrx3bsd-19.2

srx-branch-19.4

vsrx-19.4

mx-12.3

mx-19.4

vmx-19.4

mx-19.3

vsrx3bsd-19.4

srx-19.4

vsrx-12.3

vmx-19.3

vsrx-19.2

srx-12.3

Sigpack Version
3415
False Positive
Unknown
Vendors

Microsoft

CVSS Score

9.3

Found a potential security threat?