1. Symantec/
  2. Security Response/
  3. Attack Signatures/
  4. Web Attack: Word Record Parsing BO

Web Attack: Word Record Parsing BO

Severity: High

This attack could pose a serious security threat. You should take immediate action to stop any damage or prevent further damage from happening.


This signature detects attempt to exploit a buffer overflow in Microsoft Word by sending a specially crafted file.

Additional Information

Microsoft Word is a word processor available for multiple platforms.

Word is prone to a buffer-overflow vulnerability that occurs when the application processes a Word file with a malformed record value.

An attacker can exploit this issue to execute arbitrary code in the context of the currently logged-in user. Failed exploit attempts will likely result in denial-of-service conditions.


  • Microsoft Word


The vendor has released an advisory and updates. Please see the referenced advisory for details.
  • Twitter
  • Facebook
  • LinkedIn
  • Google+
  • YouTube