Intrusion Prevention

MS.Word.RTF.File.Parsing.Command.Execution

Description

This indicates an attempt to exploit one of several remote command execution vulnerabilities in Microsoft Office.
The vulnerabilities are caused by an error that occurs when the vulnerable software handles a malicious RTF file. It allows a remote attacker to execute arbitrary code via a crafted RTF file.

Affected Products

Microsoft Office 2000 Service Pack 3
Microsoft Office XP Service Pack 3
Microsoft Office 2003 Service Pack 2
Microsoft Office 2004 for Mac
Microsoft Word Viewer 2003
Microsoft Works Suite 2004
Microsoft Works Suite 2005
Microsoft Works Suite 2006
Microsoft Word 2007

Impact

System compromise: remote code execution.

Recommended Actions

Apply the patch available from the web site:
http://www.microsoft.com/technet/security/bulletin/ms07-024.mspx

CVE References

CVE-2007-1202