FILE-OFFICE -- Snort detected traffic targeting vulnerabilities in files belonging to the Microsoft Office suite of software (Excel, PowerPoint, Word, Visio, Access, Outlook, etc.).
FILE-OFFICE Microsoft Office Excel remote code execution attempt
This event is generated when remote code execution is attempted in MS Excel by using UAF vulnerability Impact: Attempted User Privilege Gain Details: A use-after-free vulnerability exists when MS excel moves the content from Protected Mode to Compatibility Mode. If attacker can control the freed objects during transition; it could lead to remote code execution Ease of Attack:
No information provided
No public information
No known false positives
Cisco Talos Intelligence Group
No rule groups
CVE-2018-1026 |
Loading description
|