CVE-2014-1757CVE-2014-1757

Affected configuration(s):

cpe:/a:microsoft:office_compatibility_pack::sp3
cpe:/a:microsoft:word:2007:sp3
cpe:/a:microsoft:word:2010:sp1
cpe:/a:microsoft:word:2010:sp2

Date published: 2014-04-08T19:55:06.540-04:00

Date last modified: 2014-04-09T20:49:25.723-04:00

CVSS Score: 9.3

Principal attack vector: NETWORK

Complexity:  MEDIUM

Reference URL: http://technet.microsoft.com/security/bulletin/MS14-017

Summary: Microsoft Word 2007 SP3 and 2010 SP1 and SP2, and Office Compatibility Pack SP3, allocates memory incorrectly for file conversions from a binary (aka .doc) format to a newer format, which allows remote attackers to execute arbitrary code via a crafted document, aka “Microsoft Office File Format Converter Vulnerability.”

CategoriesUncategorised

Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.