Lucene search
HistoryDec 11, 2014 - 12:59 a.m.
CVE-2014-6364
cve-2014-6364
use-after-free vulnerability
microsoft office
remote code execution
security vulnerability
8.7 High
AI Score
Confidence
High
9.3 High
CVSS2
Access Vector
NETWORK
Access Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:N/AC:M/Au:N/C:C/I:C/A:C
0.193 Low
EPSS
Percentile
96.3%
Use-after-free vulnerability in Microsoft Office 2007 SP3; 2010 SP2; 2013 Gold, SP1, and SP2; and 2013 RT Gold and SP1 allows remote attackers to execute arbitrary code via a crafted Office document, aka “Microsoft Office Component Use After Free Vulnerability.”
| CPE | Name | Operator | Version |
|---|---|---|---|
| microsoft:office | microsoft office | eq | 2013 |
| microsoft:office | microsoft office | eq | 2007 |
| microsoft:office | microsoft office | eq | 2010 |
Related
checkpoint_advisories
checkpoint_advisories
symantec
symantec
nessus
nessus
cvelist
cvelist
CVE-2014-6364
2014-12-11 00:00:00
prion
prion
Design/Logic Flaw
2014-12-11 00:59:00
mskb
mskb
openvas
openvas
Microsoft Office Remote Code Execution Vulnerability (3017349)
2014-12-10 00:00:00
securityvulns
securityvulns
Microsoft Office multiple security vulnerabilities
2015-01-14 00:00:00
kaspersky
kaspersky
KLA10616 Multiple vulnerabilities in Microsoft Office
2014-12-09 00:00:00
8.7 High
AI Score
Confidence
High
9.3 High
CVSS2
Access Vector
NETWORK
Access Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:N/AC:M/Au:N/C:C/I:C/A:C
0.193 Low
EPSS
Percentile
96.3%
Related for CVE-2014-6364