HTTP: Microsoft Word Crafted Sprm Structure Stack Memory Corruption
This signature detects attempts to exploit a known memory corruption vulnerability in Microsoft Word products. It is due to improper handling of crafted record size in Word documents. An attacker can exploit this by persuading the target user to open a malicious Word document. A successful attack can allow for arbitrary code injection and execution with privileges of the currently logged on user. If successful, the behavior of the target depends on the intention of the attacker and the injected code is executed within the security context of the currently logged in user. In an unsuccessful code execution attack, the affected product terminates resulting in the loss of any unsaved data from the current session.
Extended Description
Microsoft Word is prone to a remote code-execution vulnerability. An attacker can exploit this issue to execute arbitrary code in the context of the currently logged-in user. Failed exploit attempts will likely result in denial-of-service conditions.
Affected Products
Microsoft outlook_2007
Short Name
HTTP:STC:DL:WORD-SPRM-MEM
Severity
Major
Recommended
False
Recommended Action
Drop
Category
HTTP
Keywords
CVE-2008-4837 Corruption Crafted Memory Microsoft Sprm Stack Structure Word bid:32584
Release Date
10/20/2010
Supported Platforms
srx-branch-12.3
srx-19.3
srx-branch-19.3
vsrx3bsd-19.2
srx-branch-19.4
vsrx-19.4
mx-12.3
mx-19.4
vmx-19.4
mx-19.3
vsrx3bsd-19.4
srx-19.4
vsrx-12.3
vmx-19.3
vsrx-19.2
srx-12.3
Sigpack Version
3339
False Positive
Unknown
Vendors
Microsoft
CVSS Score
9.3