HTTP: Microsoft Office Word HTML Linked Objects Memory Corruption
This signature detects attempts to exploit a known memory corruption vulnerability in Microsoft Office Word. If is due to the application incorrectly handling a malformed plcffldMom record. This can be exploited by remote attackers to execute arbitrary code on the target system by enticing a user to open a maliciously crafted file. In a successful attack the injected code runs within the security context of the currently logged in user. In an unsuccessful attack, the vulnerable application can terminate abnormally.
Extended Description
Microsoft Word is prone to a remote memory-corruption vulnerability because it fails to properly allocate heap-based memory. An attacker can exploit this issue to execute arbitrary code in the context of the currently logged-in user. Failed exploit attempts will likely result in denial-of-service conditions.
Affected Products
Microsoft word_2002
Short Name
HTTP:STC:DL:WORD-LINK-OBJ
Severity
Major
Recommended
False
Recommended Action
Drop
Category
HTTP
Keywords
CVE-2010-1903 Corruption HTML Linked Memory Microsoft Objects Office Word bid:42130
Release Date
10/26/2010
Supported Platforms
srx-branch-12.3
srx-19.3
srx-branch-19.3
vsrx3bsd-19.2
srx-branch-19.4
vsrx-19.4
mx-12.3
mx-19.4
vmx-19.4
mx-19.3
vsrx3bsd-19.4
srx-19.4
vsrx-12.3
vmx-19.3
vsrx-19.2
srx-12.3
Sigpack Version
3543
False Positive
Unknown
Vendors
Microsoft
CVSS Score
9.3