1. Symantec/
  2. Security Response/
  3. Attack Signatures/
  4. HTTP MS Office BMP Filter Code Exec

HTTP MS Office BMP Filter Code Exec

Severity: High

This attack could pose a serious security threat. You should take immediate action to stop any damage or prevent further damage from happening.


This signature detects attempt to exploit a vulnerability a BMP file which may result in remote code execution.

Additional Information

A remote code execution vulnerability exists in the way that Microsoft Office handles a BMP format image file. The vulnerability could be exploited when a Microsoft Office application opens a specially crafted BMP-format image file. Such a specially crafted file might be included as an e-mail attachment, or hosted on a malicious or compromised Web site. An attacker who successfully exploited this vulnerability could take complete control of an affected system. However, significant user interaction is required to exploit this vulnerability.

To view this vulnerability as a standard entry in the Common Vulnerabilities and Exposures list, see CVE-2006-4841.


  • Microsoft Office


Download and install all vendor patches related to this vulnerability.
  • Twitter
  • Facebook
  • LinkedIn
  • Google+
  • YouTube