FILE-OFFICE -- Snort detected traffic targeting vulnerabilities in files belonging to the Microsoft Office suite of software (Excel, PowerPoint, Word, Visio, Access, Outlook, etc.).
FILE-OFFICE Microsoft Office RTF listoverride memory corruption attempt
This event is generated when an attacker attempts to exploit a memory corruption vulnerability in Microsoft Office Impact: Attempted User Privilege Gain Details: Rule checks for an attempt to exploit a memory corruption vulnerability in Microsoft office versions prior to 2016 that is triggered with a maliciously-crafted RTF file. Ease of Attack: Hard
No information provided
No public information
No known false positives
Cisco Talos Intelligence Group
No rule groups
CVE-2018-0922 |
Loading description
|