HTTP: Microsoft Word Section Table Array Buffer Overflow
This signature detects attempts to exploit a known vulnerability against Microsoft Office Word. A successful attack can lead to arbitrary code execution.
Extended Description
Microsoft Word 2000 is prone to a remote code-execution vulnerability. Microsoft Word 2000 is confirmed vulnerable to a remote code-execution issue. Exploit attempts against Word 2003/XP will consume all CPU resources and will cause a denial of service for legitimate users. Note that this issue is distinct from issues described in BID 21589 (Microsoft Word Code Execution Vulnerability), BID 21451 (Microsoft Word Malformed String Remote Code Execution Vulnerability), and BID 21518 (Microsoft Word Malformed Data Structures Code Execution Vulnerability).
Affected Products
Microsoft office_2000
Short Name
HTTP:STC:DL:WORD-SECTION-OF
Severity
Major
Recommended
False
Recommended Action
Drop
Category
HTTP
Keywords
Array Buffer CVE-2007-0515 Microsoft Overflow Section Table Word bid:22225
Release Date
10/01/2010
Supported Platforms
srx-branch-12.3
srx-19.3
srx-branch-19.3
vsrx3bsd-19.2
srx-branch-19.4
vsrx-19.4
mx-12.3
mx-19.4
vmx-19.4
mx-19.3
vsrx3bsd-19.4
srx-19.4
vsrx-12.3
vmx-19.3
vsrx-19.2
srx-12.3
Sigpack Version
3731
False Positive
Unknown
Vendors
Microsoft
CVSS Score
9.3