Short Name |
HTTP:CGI:MS-OFFICE-URL-BOF |
---|---|
Severity |
Minor |
Recommended |
Yes |
Recommended Action |
Drop |
Category |
HTTP |
Keywords |
Microsoft Office XP URL Handling Buffer Overflow |
Release Date |
2015/09/08 |
Update Number |
2533 |
Supported Platforms |
idp-4.0+, isg-3.0+, j-series-9.5+, mx-11.4+, srx-12.1+, srx-branch-12.1+, vmx-17.4+, vsrx-12.1+, vsrx3bsd-18.2+ |
This signature detects attempts to exploit a known vulnerability in Microsoft Office XP URL. A successful attack can lead to a buffer overflow and arbitrary remote code execution within the context of the targeted application.
Buffer overflow in Microsoft Office XP allows remote attackers to execute arbitrary code via a link with a URL file location containing long inputs after (1) "%00 (null byte) in .doc filenames or (2) "%0a" (carriage return) in .rtf filenames.