Malformed.GIF.Header.Code.Execution

description-logoDescription

This indicates an attack attempt against a buffer-overflow vulnerability in Microsoft Office.
The vulnerability is caused by an error when "GIFIMP32.FLT" handles a malicious GIF file. It allows a remote attacker to execute arbitrary code via sending a crafted GIF file.

affected-products-logoAffected Products

Microsoft Office 2003 SP1 and SP2, Office XP SP3, Office 2000 SP3, and other products.

Impact logoImpact

System compromise

recomended-action-logoRecommended Actions

Apply the vendor update:
http://www.microsoft.com/technet/security/Bulletin/MS06-039.mspx

Telemetry logoTelemetry

Coverage

IPS (Regular DB)
IPS (Extended DB)