1. Symantec-Broadcom-Horizontal/
  2. Security Response/
  3. Attack Signatures/
  4. Web Attack: Microsoft Office RCE CVE-2013-3906

Web Attack: Microsoft Office RCE CVE-2013-3906

Severity: High

This attack could pose a serious security threat. You should take immediate action to stop any damage or prevent further damage from happening.

Description

This signature detects attempts to exploit a remote code execution vulnerability in Microsoft Office Products.

Additional Information

Multiple Microsoft products including Microsoft Windows, Microsoft Office, and Microsoft Lync are prone to a remote code-execution vulnerability. Specifically, this issue affects Microsoft Graphics component when handling specially crafted TIFF images. An attacker can exploit this issue gain the user rights.

An attacker can exploit this issue to execute arbitrary code in the context of the currently logged-in user, which may lead to a complete compromise of an affected computer.

Affected

  • Various Microsoft Office Products
  • Twitter
  • Facebook
  • LinkedIn
  • Google+
  • YouTube