Memory corruption vulnerability in Microsoft Office| ID: oval:org.secpod.oval:def:17400 | Date: (C)2014-04-09 (M)2021-12-10 |
| Class: VULNERABILITY | Family: windows |
The host is installed with Microsoft Word 2003 SP3, 2007 SP3, 2010 SP1, SP2, 2013, Word Viewer, Office Compatibility Pack SP3, Word Automation Services on SharePoint Server 2010 SP1, SP2, 2013, Office Web Apps 2010 SP1, SP2 or Office Web Apps Server 2013 and is prone to memory corruption vulnerability. A flaw is present in the applications, which fail to properly handle objects in memory while parsing specially crafted Office files. Successful exploitation allows attackers to execute arbitrary code or cause a denial of service via crafted RTF data.
| Platform: |
| Microsoft Windows Server 2019 |
| Microsoft Windows Server 2016 |
| Microsoft Windows 2000 |
| Microsoft Windows 7 |
| Microsoft Windows 8 |
| Microsoft Windows 8.1 |
| Microsoft Windows Server 2003 |
| Microsoft Windows 10 |
| Microsoft Windows Server 2008 |
| Microsoft Windows Server 2008 R2 |
| Microsoft Windows Server 2012 |
| Microsoft Windows Server 2012 R2 |
| Microsoft Windows Vista |
| Microsoft Windows XP |
| Product: |
| Microsoft Office Compatibility Pack |
| Microsoft Word 2003 |
| Microsoft Word 2007 |
| Microsoft Word 2010 |
| Microsoft Word 2013 |
| Microsoft Word Viewer |
| Microsoft Office Web Apps 2010 |
| Microsoft Office Web Apps Server 2013 |
| Microsoft SharePoint Server 2010 |
| Microsoft SharePoint Server 2013 |
