HTTP: Microsoft Word PAPX Section Corruption Remote Code Execution

This signature detects attempts to exploit a known vulnerability against Microsoft Word. A successful attack can lead to arbitrary code execution.

Extended Description

Microsoft Word 2007 SP2 and SP3 does not properly handle memory during the parsing of Word documents, which allows remote attackers to execute arbitrary code via a crafted document, aka "Word PAPX Section Corruption Vulnerability."

Affected Products

Microsoft word

References

CVE: CVE-2012-0182

Short Name
HTTP:STC:DL:WORD-PPAX
Severity
Major
Recommended
False
Recommended Action
Drop
Category
HTTP
Keywords
CVE-2012-0182 Code Corruption Execution Microsoft PAPX Remote Section Word
Release Date
10/08/2012
Supported Platforms

srx-branch-12.3

srx-19.3

srx-branch-19.3

vsrx3bsd-19.2

srx-branch-19.4

vsrx-19.4

mx-12.3

mx-19.4

vmx-19.4

mx-19.3

vsrx3bsd-19.4

srx-19.4

vsrx-12.3

vmx-19.3

vsrx-19.2

srx-12.3

Sigpack Version
3761
False Positive
Unknown
Vendors

Microsoft

CVSS Score

9.3

Found a potential security threat?