Check Point Advisories

Microsoft Office File Malformed String Parsing Buffer Overflow (MS06-038; CVE-2006-1540) - ver 2

Check Point Reference: CPAI-2013-3726
Date Published: 29 Dec 2013
Severity: High
Last Updated: Thursday 28 March, 2024
Source: CVE-2006-1540
Protection Provided by:

Security Gateway
R75

Who is Vulnerable? Microsoft Access 2000
Microsoft Access 2002
Microsoft Access 2003
Microsoft Excel 2000
Microsoft Excel 2002
Microsoft Excel 2003
Microsoft Excel Viewer 2003
Microsoft FrontPage 2000
Microsoft FrontPage 2002
Microsoft FrontPage 2003
Microsoft InfoPath 2003
Microsoft OneNote 2003
Microsoft PowerPoint 2000
Microsoft PowerPoint 2002
Microsoft PowerPoint 2003
Microsoft Project 2000
Microsoft Project 2002
Microsoft Project 2003
Microsoft Publisher 2000
Microsoft Publisher 2002
Microsoft Publisher 2003
Microsoft Visio 2002
Microsoft Visio 2003
Microsoft Word 2000
Microsoft Word 2002
Microsoft Word 2003
Microsoft Word Viewer 2003
Vulnerability Description A memory corruption vulnerability has been reported in several Microsoft Office applications.
Vulnerability DetailsThe vulnerability can be exploited via a malformed string included in an Office file. Such a string might be included in an email attachment processed by one of the affected applications or hosted on a malicious web site. An attacker could exploit the vulnerability by constructing a specially crafted Office file that could allow remote code execution.

Protection Overview

This protection will detect and block the transferring of malformed Office files over HTTP.

In order for the protection to be activated, update your product to the latest update. For information on how to update , go to SBP-2006-05, Protection tab and select the version of your choice.

Security Gateway R75 / R71 / R70

  1. In the IPS tab, click Protections and find the Microsoft Office File Malformed String Parsing Buffer Overflow (MS06-038) - ver 2 protection using the Search tool and Edit the protection's settings.
  2. Install policy on all modules.

SmartView Tracker will log the following entries:
Attack Name: Content Protection Violation
Attack Information: Microsoft Office File Malformed String Parsing Buffer Overflow (MS06-038) - ver 2

×
  Feedback
This website uses cookies for its functionality and for analytics and marketing purposes. By continuing to use this website, you agree to the use of cookies. For more information, please read our Cookies Notice.
OK