CVE-2014-1761CVE-2014-1761

Affected configuration(s):

cpe:/a:microsoft:office:2011::mac
cpe:/a:microsoft:office_compatibility_pack::sp3
cpe:/a:microsoft:office_web_apps:2010:sp1
cpe:/a:microsoft:office_web_apps:2010:sp2
cpe:/a:microsoft:office_web_apps_server:2013
cpe:/a:microsoft:sharepoint_server:2010:sp1
cpe:/a:microsoft:sharepoint_server:2010:sp2
cpe:/a:microsoft:sharepoint_server:2013
cpe:/a:microsoft:word:2003:sp3
cpe:/a:microsoft:word:2007:sp3
cpe:/a:microsoft:word:2010:sp1:~~~~x64~
cpe:/a:microsoft:word:2010:sp1:~~~x86~~
cpe:/a:microsoft:word:2010:sp2:~~~~x64~
cpe:/a:microsoft:word:2013
cpe:/a:microsoft:word:2013:-:~-~-~rt~~
cpe:/a:microsoft:word_viewer

Date published: 2014-03-25T09:24:01.067-04:00

Date last modified: 2014-12-08T13:48:22.533-05:00

CVSS Score: 9.3

Principal attack vector: NETWORK

Complexity:  MEDIUM

Reference URL: http://technet.microsoft.com/security/advisory/2953095

Summary: Microsoft Word 2003 SP3, 2007 SP3, 2010 SP1 and SP2, 2013, and 2013 RT; Word Viewer; Office Compatibility Pack SP3; Office for Mac 2011; Word Automation Services on SharePoint Server 2010 SP1 and SP2 and 2013; Office Web Apps 2010 SP1 and SP2; and Office Web Apps Server 2013 allow remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via crafted RTF data, as exploited in the wild in March 2014.

CategoriesUncategorised

Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.