Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
cveMicrosoftCVE-2014-2778
HistoryJun 11, 2014 - 4:56 a.m.

CVE-2014-2778

2014-06-1104:56:20
CWE-119
microsoft
web.nvd.nist.gov
38
microsoft word
office compatibility pack
cve-2014-2778
embedded font vulnerability
memory corruption
remote code execution
denial of service

CVSS2

9.3

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:M/Au:N/C:C/I:C/A:C

AI Score

8.7

Confidence

High

EPSS

0.523

Percentile

97.6%

JSON

Microsoft Word 2007 SP3 and Office Compatibility Pack SP3 allow remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted embedded font in a (1) .doc or (2) .docx document, aka “Embedded Font Vulnerability.”

Affected configurations

Nvd
Node
microsoftoffice_compatibility_packsp3
OR
microsoftwordMatch2007sp3
VendorProductVersionCPE
microsoftoffice_compatibility_pack*cpe:2.3:a:microsoft:office_compatibility_pack:*:sp3:*:*:*:*:*:*
microsoftword2007cpe:2.3:a:microsoft:word:2007:sp3:*:*:*:*:*:*

Related

symantec 1
kaspersky 2
nessus 1
openvas 2
prion 1
securityvulns 1
cvelist 1
nvd 1
symantec
symantec
Microsoft Office Word File Processing CVE-2014-2778 Remote Code Execution Vulnerability
2014-06-10 00:00:00
kaspersky
kaspersky
KLA10012 Vulnerability in Microsoft Word 2007 & Office Compatibility Pack
2014-06-10 00:00:00
KLA10616 Multiple vulnerabilities in Microsoft Office
2014-12-09 00:00:00
nessus
nessus
MS14-034: Vulnerability in Microsoft Word Could Allow Remote Code Execution (2969261)
2014-06-11 00:00:00
openvas
openvas
Microsoft Office Compatibility Pack Remote Code Execution Vulnerability (2969261)
2014-06-11 00:00:00
Microsoft Office Word Remote Code Execution Vulnerability (2969261)
2014-06-11 00:00:00
prion
prion
Memory corruption
2014-06-11 04:56:00
securityvulns
securityvulns
Microsoft Word memory corruption
2014-07-14 00:00:00
cvelist
cvelist
CVE-2014-2778
2014-06-11 01:00:00
nvd
nvd
CVE-2014-2778
2014-06-11 04:56:20

CVSS2

9.3

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:M/Au:N/C:C/I:C/A:C

AI Score

8.7

Confidence

High

EPSS

0.523

Percentile

97.6%

JSON
Related for CVE-2014-2778
symantec1kaspersky2nessus1openvas2prion1securityvulns1cvelist1nvd1