Intrusion Prevention

MS.Word.RTF.Drawing.Parsing.Code.Execution

Description

This indicates an attempt to exploit an integer overflow vulnerability in Microsoft Word.
The vulnerability is caused by an error that occurs when the vulnerable software handles a malicious RTF file. It allows a remote attacker to execute arbitrary code via sending a crafted RTF file.

Affected Products

Microsoft Office Word 2000 Service Pack 3
Microsoft Office Word 2002 Service Pack 3
Microsoft Office Word 2003 Service Pack 3
Microsoft Office Word 2007
Outlook 2007
Microsoft Office Word 2007 Service Pack 1
Outlook 2007 Service Pack 1
Microsoft Office Word Viewer 2003
Microsoft Office Word Viewer 2003 Service Pack 3
Microsoft Office Compatibility Pack for Word, Excel, and PowerPoint 2007 File Formats
Microsoft Office Compatibility Pack for Word, Excel, and PowerPoint 2007 File Formats Service Pack 1
Microsoft Office 2004 for Mac
Microsoft Office 2008 for Mac
Open XML File Format Converter for Mac

Impact

System Compromise: Remote attackers can gain control of vulnerable systems.

CVE References

CVE-2008-4028