MS.Word.RTF.Memory.Corruption
Description
This indicates an attack attempt to exploit a Heap Overflow vulnerability in Microsoft Word.
The vulnerability is caused by an error that occurs when the vulnerable software handles a malicious "RTF" file. A remote attacker may exploit this to execute arbitrary code via a crafted "RTF" file.
Affected Products
Microsoft Office XP Service Pack 3
Microsoft Office 2003 Service Pack 3
Microsoft Office 2007 Service Pack 2
Microsoft Office 2004 for Mac
Microsoft Office 2008 for Mac
Open XML File Format Converter for Mac
Microsoft Office Word Viewer
Microsoft Office Compatibility Pack for Word, Excel, and PowerPoint 2007 File Formats Service Pack 2
Microsoft Works 9
Impact
System Compromise: Remote attackers can gain control of vulnerable systems.
Recommended Actions
Microsoft Office XP Service Pack 3
http://www.microsoft.com/downloads/details.aspx?familyid=978eb887-25b6-4dde-a2ec-d2d1e7f1a434
Microsoft Office 2003 Service Pack 3
http://www.microsoft.com/downloads/details.aspx?familyid=4360bcec-0731-4d4a-89eb-7d28a4607f06
Microsoft Office 2007 Service Pack 2
http://www.microsoft.com/downloads/details.aspx?familyid=0d7210a3-662e-41e7-affc-ae94f9d89388
Microsoft Office 2004 for Mac
http://www.microsoft.com/downloads/details.aspx?FamilyID=d2f44d4a-7cd8-4514-b3ff-1770bc47d595
Microsoft Office 2008 for Mac
http://www.microsoft.com/downloads/details.aspx?FamilyID=6ece112f-0ca7-4b1f-ad20-603950edee66
Open XML File Format Converter for Mac
http://www.microsoft.com/downloads/details.aspx?FamilyID=a7b834a3-5a44-42d4-afe9-6ef207333834
Microsoft Office Word Viewer
http://www.microsoft.com/downloads/details.aspx?familyid=39fe2229-9201-4270-bdc1-20bc8e30a766
Microsoft Office Compatibility Pack for Word, Excel, and PowerPoint 2007 File Formats Service Pack 2
http://www.microsoft.com/downloads/details.aspx?familyid=ed5b9671-651d-41f3-aed3-93ee8a28657f
Microsoft Works 9
http://www.microsoft.com/downloads/details.aspx?familyid=feb121ad-e5f6-40e2-bf12-045ae5c2a754
Telemetry
Coverage
IPS (Regular DB) | |
IPS (Extended DB) |
Version Updates
Date | Version | Detail |
---|---|---|
2019-01-04 | 13.518 | Sig Added |