Intrusion PreventionMS.Office.Document.Handling.Memory.Corruption
Description
This indicates an attempt to exploit a remote Code Execution vulnerability in Microsoft Office.
The vulnerability results from insecure code in "MSO.DLL", a shared library used by Microsoft Office. It can be exploited via a crafted Microsoft Office document. A successful exploit may allow remote attackers to execute arbitrary code.
Affected Products
Microsoft Visio 2002 Standard SP2
Microsoft Visio 2002 Professional SP2
Microsoft Visio 2002 SP1-SP2
Microsoft Visio 2002
Microsoft Project 2002
Microsoft Project 2002 SP1 - SP2
Microsoft Project 2002
Microsoft Project 2000 SR1
Microsoft Project 2000
Microsoft Office XP SP1 -SP3
Microsoft Office XP
Microsoft Office X for Mac
Microsoft Office 2004 for Mac
Microsoft Office 2003 SP1-SP2
Microsoft Office 2003
Microsoft Office 2000 Korean Version
Microsoft Office 2000 Japanese Version
Microsoft Office 2000 Chinese Version
Microsoft Office 2000 SP1-SP3
Microsoft Office 2000
Impact
System Compromise: Arbitrary code execution.
Recommended Actions
Refer to the vendor's web site for a suggested workaround.
http://www.microsoft.com/technet/security/Bulletin/MS06-038.mspx
Telemetry
Coverage
| IPS (Regular DB) | |
| IPS (Extended DB) |
| ID | 29710 |
| Created | Oct 22, 2011 |
| Updated | Feb 24, 2022 |
| Risk |
|
| CVE ID | CVE-2006-2389 |
| Exploit Prediction Score | 68.67% |
| Default Action | drop |
| Active | |
| Affected OS | Windows |
| Affected App | MS_Office |