| CVE Number | Vulnerability | Product | Severity | Date |
|---|---|---|---|---|
| MS14-061 | Vulnerability in Microsoft Word and Office Web Apps Could Allow Remote Code Execution (3000434) | Microsoft Office | Important | 15-10-2014 |
Technical Information
Brief overview of the risk:
The vulnerability could allow remote code execution if an attacker convinces a user to open a specially crafted Microsoft Word file. An attacker who successfully exploited the vulnerability could gain the same user rights as the current user.
Detailed Information on the risk:
A remote code execution vulnerability exists in way that Microsoft Office software parses certain properties of Microsoft Word files. If an attacker is successful in exploiting this vulnerability, and if the current user is logged on with administrative user rights, the attacker could take complete control of the affected system.
Further information on this exploit is available at : MS14-061
Microsoft Office 2007Microsoft Office 2010
Microsoft Office for Mac
Microsoft SharePoint Server 2010
Microsoft Office Web Apps 2010
Affected Software
Microsoft Office 2007Microsoft Office 2010
Microsoft Office for Mac
Microsoft SharePoint Server 2010
Microsoft Office Web Apps 2010