Memory corruption

2015-04-1420:59:00

PRIOn knowledge base

www.prio-n.com

8 High

AI Score

Confidence

Low

9.3 High

CVSS2

Access Vector

NETWORK

Access Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:M/Au:N/C:C/I:C/A:C

0.959 High

EPSS

Percentile

99.4%

JSON

Microsoft Word 2007 SP3, Office 2010 SP2, Word 2010 SP2, Word 2013 SP1, Word 2013 RT SP1, Word for Mac 2011, Office Compatibility Pack SP3, Word Automation Services on SharePoint Server 2010 SP2 and 2013 SP1, and Office Web Apps Server 2010 SP2 and 2013 SP1 allow remote attackers to execute arbitrary code via a crafted RTF document, aka “Microsoft Office Memory Corruption Vulnerability.”

CPENameOperatorVersion
officeeq2010 sp2-x64
officeeq2010 sp2-x86
office_web_appseq2013 sp1
office_web_appseq2010 sp2
sharepoint_servereq2010 sp2
sharepoint_servereq2013 sp1
wordeq2013 sp1
wordeq2011
wordeq2010 sp2
wordeq2007 sp3

Name	Operator	Version
office	eq	2010 sp2-x64
office	eq	2010 sp2-x86
office_web_apps	eq	2013 sp1
office_web_apps	eq	2010 sp2
sharepoint_server	eq	2010 sp2
sharepoint_server	eq	2013 sp1
word	eq	2013 sp1
word	eq	2011
word	eq	2010 sp2
word	eq	2007 sp3