4.3 Medium
CVSS2
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
NONE
Availability Impact
NONE
AV:N/AC:M/Au:N/C:P/I:N/A:N
6.4 Medium
AI Score
Confidence
Low
0.063 Low
EPSS
Percentile
93.7%
An use-after-free vulnerability was found in Microsoft Office. By exploiting this vulnerability malicious users can bypass ASLR protection. This vulnerability can be exploited remotely via a specially designed document.
CVE-2014-6362 warning
Install necessary updates from the KB section, that are listed in your Windows Update (Windows Update usually can be accessed from the Control Panel)
Security bypass. Exploitation of vulnerabilities with this impact can lead to performing actions restricted by current security settings.
support.microsoft.com/kb/2910941
support.microsoft.com/kb/2920748
support.microsoft.com/kb/2920795
support.microsoft.com/kb/3033857
portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2014-6362
statistics.securelist.com/
technet.microsoft.com/en-us/library/security/ms15-013.aspx
threats.kaspersky.com/en/product/Microsoft-Office/