Signature Detail
This site is deprecated. Please CLICK HERE for latest updates
Short Name |
HTTP:CGI:MS-OFFICE-URL-BOF |
|---|---|
Severity |
Minor |
Recommended |
Yes |
Recommended Action |
Drop |
Category |
HTTP |
Keywords |
Microsoft Office XP URL Handling Buffer Overflow |
Release Date |
2015/09/08 |
Update Number |
2533 |
Supported Platforms |
idp-4.0+, isg-3.0+, j-series-9.5+, mx-11.4+, srx-12.1+, srx-branch-12.1+, vmx-17.4+, vsrx-12.1+, vsrx3bsd-18.2+ |
HTTP: Microsoft Office XP URL Handling Buffer Overflow
This signature detects attempts to exploit a known vulnerability in Microsoft Office XP URL. A successful attack can lead to a buffer overflow and arbitrary remote code execution within the context of the targeted application.
Extended Description
Buffer overflow in Microsoft Office XP allows remote attackers to execute arbitrary code via a link with a URL file location containing long inputs after (1) "%00 (null byte) in .doc filenames or (2) "%0a" (carriage return) in .rtf filenames.
Affected Products
- Microsoft office xp (sp1)
- Microsoft office xp (sp2)
- Microsoft office xp (sp3)
- Microsoft powerpoint 2002 (sp1)
- Microsoft powerpoint 2002 (sp2)
- Microsoft powerpoint 2002 (sp3)
- Microsoft project 2002 (sp1)
- Microsoft visio 2002 (sp1)
- Microsoft visio 2002 (sp2)
- Microsoft visio 2002 (sp2:professional)
- Microsoft visio 2002 (sp2:standard)
- Microsoft word 2002 (sp1)
- Microsoft word 2002 (sp2)
- Microsoft word 2002 (sp3)
- Microsoft works 2002
- Microsoft works 2003
- Microsoft works 2004
References
- CVE: CVE-2004-0848