Remote code execution vulnerability in Microsoft Word and Office Web Apps - CVE-2014-0260| ID: oval:org.secpod.oval:def:16539 | Date: (C)2014-01-16 (M)2022-10-10 |
| Class: VULNERABILITY | Family: windows |
The host is installed with Microsoft Word 2003, 2007, 2010, 2013, Office WebApps 2010, 2013, SharePoint server 2010, 2013, Microsoft Office Compatibility or Word Viewer and is prone to remote code execution vulnerability. A flaw is present in the applications, which fail to properly handle objects in memory while parsing specially crafted Office files. Successful exploitation allows attackers to run arbitrary code in the context of the current user.
| Platform: |
| Microsoft Windows Server 2019 |
| Microsoft Windows Server 2016 |
| Microsoft Windows 2000 |
| Microsoft Windows 7 |
| Microsoft Windows 8 |
| Microsoft Windows 8.1 |
| Microsoft Windows Server 2003 |
| Microsoft Windows 10 |
| Microsoft Windows Server 2008 |
| Microsoft Windows Server 2008 R2 |
| Microsoft Windows Server 2012 |
| Microsoft Windows Server 2012 R2 |
| Microsoft Windows Vista |
| Microsoft Windows XP |
| Product: |
| Microsoft Office Compatibility Pack |
| Microsoft Word 2003 |
| Microsoft Word 2007 |
| Microsoft Word 2010 |
| Microsoft Word 2013 |
| Microsoft Word Viewer |
| Microsoft Office Web Apps 2010 |
| Microsoft Office Web Apps Server 2013 |
| Microsoft SharePoint Server 2010 |
| Microsoft SharePoint Server 2013 |
