HTTP: Microsoft Word Document Parsing Buffer Overflow
This signature detects attempts to exploit a known vulnerability in Microsoft Word Document. A successful attack can lead to a buffer overflow and arbitrary remote code execution within the context of the affected application.
Extended Description
Buffer overflow in Microsoft Word 2002 (10.6612.6714) SP3, and possibly other versions, allows remote attackers to cause a denial of service (application exception) and possibly execute arbitrary code in winword.exe via certain unexpected values in a .doc file, including (1) an offset that triggers an out-of-bounds memory access, (2) a certain value that causes a large memory copy as triggered by an integer conversion error, and other values.
Affected Products
Microsoft word
References
CVE: CVE-2004-0963
Short Name
HTTP:STC:DL:WORD-DOC-BOF
Severity
Major
Recommended
False
Recommended Action
Drop
Category
HTTP
Keywords
Buffer CVE-2004-0963 Document Microsoft Overflow Parsing Word
Release Date
12/19/2012
Supported Platforms
srx-branch-12.3
srx-19.3
srx-branch-19.3
vsrx3bsd-19.2
srx-branch-19.4
vsrx-19.4
mx-12.3
mx-19.4
vmx-19.4
mx-19.3
vsrx3bsd-19.4
srx-19.4
vsrx-12.3
vmx-19.3
vsrx-19.2
srx-12.3
Sigpack Version
3375
False Positive
Unknown
Vendors
Microsoft
CVSS Score
10.0