HTTP: Microsoft Office WordPerfect Document Converter Heap-based Buffer Overflow
This signature detects attempts to exploit a known vulnerability in the WordPerfect Document Converter component of Microsoft Office. Successful exploitation could allow the attacker to execute arbitrary code under the security context of the user.
Extended Description
A remote code execution vulnerability exists in Excel Services, Microsoft Excel 2007 Service Pack 3, Microsoft Excel 2010 Service Pack 2, Microsoft Excel 2013 Service Pack 1, Microsoft Excel 2013 RT Service Pack 1, and Microsoft Excel 2016 when they fail to properly handle objects in memory, aka "Microsoft Office Memory Corruption Vulnerability". This CVE ID is unique from CVE-2017-8630, CVE-2017-8632, and CVE-2017-8731.
Affected Products
Microsoft office
Short Name
HTTP:STC:DL:MS-WORDPERFECT-BO
Severity
Major
Recommended
True
Recommended Action
Drop
Category
HTTP
Keywords
Buffer CVE-2017-8744 Converter Document Heap-based Microsoft Office Overflow WordPerfect bid:100748
Release Date
09/25/2017
Supported Platforms
srx-branch-12.3
srx-19.3
srx-branch-19.3
vsrx3bsd-19.2
srx-branch-19.4
vsrx-19.4
mx-12.3
mx-19.4
vmx-19.4
mx-19.3
vsrx3bsd-19.4
srx-19.4
vsrx-12.3
vmx-19.3
vsrx-19.2
srx-12.3
Sigpack Version
3415
False Positive
Unknown
Vendors
Microsoft
CVSS Score
9.3