CVSS2
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:N/AC:M/Au:N/C:C/I:C/A:C
AI Score
Confidence
Low
EPSS
Percentile
97.8%
Integer underflow in Microsoft Office 2007 SP3, Office 2010 SP2, Office 2013 SP1, Office 2013 RT SP1, Office for Mac 2011, and Word Viewer allows remote attackers to execute arbitrary code via a crafted document, aka “Microsoft Office Integer Underflow Vulnerability.”
Vendor | Product | Version | CPE |
---|---|---|---|
microsoft | office | 2010 | cpe:2.3:a:microsoft:office:2010:sp2:*:*:*:*:x64:* |
microsoft | office | 2010 | cpe:2.3:a:microsoft:office:2010:sp2:*:*:*:*:x86:* |
microsoft | office | 2011 | cpe:2.3:a:microsoft:office:2011:*:*:*:mac:*:*:* |
microsoft | office | 2013 | cpe:2.3:a:microsoft:office:2013:sp1:*:*:*:*:*:* |
microsoft | word | 2007 | cpe:2.3:a:microsoft:word:2007:sp3:*:*:*:*:*:* |
microsoft | word_viewer | * | cpe:2.3:a:microsoft:word_viewer:*:*:*:*:*:*:*:* |