Remote code execution vulnerability in Microsoft Office while handling rich text format filesID: oval:org.secpod.oval:def:23798 | Date: (C)2015-03-13 (M)2021-06-02 |
Class: VULNERABILITY | Family: windows |
The host is installed with Microsoft Word 2007 SP3, Office 2010 SP2, Word 2010 SP2, Word 2013 Gold or SP1, Word 2013 RT Gold or SP1, Word Viewer, Office Compatibility Pack SP3, Word Automation Services on SharePoint Server 2010 SP2, Word Automation Services on SharePoint Server 2013 Gold or SP1, Web Applications 2010 SP2 or Web Apps Server 2013 Gold or SP1 and is prone to a remote code execution vulnerability. A flaw is present in the applications, which fail to properly handle rich text format files. Successful exploitation could allow attackers to execute arbitrary code.
Platform: |
Microsoft Windows Server 2019 |
Microsoft Windows Server 2016 |
Microsoft Windows Server 2003 |
Microsoft Windows 10 |
Microsoft Windows XP |
Microsoft Windows Vista |
Microsoft Windows Server 2008 |
Microsoft Windows 7 |
Microsoft Windows Server 2008 R2 |
Microsoft Windows 8 |
Microsoft Windows 8.1 |
Microsoft Windows Server 2012 |
Microsoft Windows Server 2012 R2 |
Product: |
Microsoft Office Compatibility Pack |
Microsoft Office Web Apps 2010 |
Microsoft Office Web Apps Server 2013 |
Microsoft SharePoint Server 2010 |
Microsoft SharePoint Server 2013 |
Microsoft Word 2007 |
Microsoft Word 2010 |
Microsoft Word 2013 |
Microsoft Word Viewer |
Microsoft Office 2010 |