Global free remote code execution vulnerability in Microsoft Excel - CVE-2014-6360ID: oval:org.secpod.oval:def:21853 | Date: (C)2014-12-10 (M)2021-06-02 |
Class: VULNERABILITY | Family: windows |
The host is installed with Microsoft Excel 2007 SP3, Excel 2010 SP2 or Office Compatibility Pack SP3 and is prone to a global free remote code execution vulnerability. The flaw is present in the applications, which improperly handles objects in memory while parsing specially crafted Office files. Successful exploitation could allow attackers to run arbitrary code in the context of the current user.
Platform: |
Microsoft Windows 7 |
Microsoft Windows 8 |
Microsoft Windows 8.1 |
Microsoft Windows Server 2003 |
Microsoft Windows 10 |
Microsoft Windows Server 2008 |
Microsoft Windows Server 2008 R2 |
Microsoft Windows Server 2012 |
Microsoft Windows Server 2012 R2 |
Microsoft Windows Vista |
Microsoft Windows XP |
Product: |
Microsoft Excel 2007 |
Microsoft Excel 2010 |
Microsoft Office Compatibility Pack |