Intrusion Prevention

MS.Office.FlashPix.Image.Converter.Dictionary.Buffer.Overflow

Description

This indicates an attack attempt against a buffer-overflow vulnerability in Microsoft Office.
The vulnerability is caused by an error when the vulnerable software handles a malformed FlashPix image file. It allows remote attackers to execute arbitrary code on vulnerable systems via sending a FlashPix image file.

Affected Products

Microsoft Office XP Service Pack 3
Microsoft Office Converter Pack

Impact

System Compromise: Remote attackers can gain control of vulnerable systems.

Recommended Actions

Refer to the vendor's website for the suggested workaround:
http://www.microsoft.com/technet/security/Bulletin/ms10-105.mspx

CVE References

CVE-2008-0493 CVE-2010-3951