{"id": "KB2916605", "bulletinFamily": "microsoft", "title": "MS14-001: Vulnerabilities in Microsoft Word and Office web apps could allow remote code execution: January 14, 2014", "description": "<html><body><p>Resolves vulnerabilities in Microsoft Office that could allow remote code execution if a specially crafted file is opened in an affected version of Microsoft Word or other affected Microsoft Office software. An attacker who successfully exploited the vulnerabilities could gain the same user rights as the current user.</p><h2>INTRODUCTION</h2><div class=\"kb-summary-section section\">Microsoft has released security bulletin MS14-001. To view the complete security bulletin, go to one of the following Microsoft websites: <ul class=\"sbody-free_list\"><li>Home users:<div class=\"indent\"><a href=\"http://www.microsoft.com/security/pc-security/updates.aspx\" id=\"kb-link-1\" target=\"_self\">http://www.microsoft.com/security/pc-security/updates.aspx</a></div><span class=\"text-base\">Skip the details</span>: Download the updates for your home computer or laptop from the Microsoft Update website now:<br/><div class=\"indent\"><a href=\"http://update.microsoft.com/microsoftupdate/\" id=\"kb-link-2\" target=\"_self\">http://update.microsoft.com/microsoftupdate/</a></div></li><li>IT professionals:<div class=\"indent\"><a href=\"http://technet.microsoft.com/security/bulletin/ms14-001\" id=\"kb-link-3\" target=\"_self\">http://technet.microsoft.com/security/bulletin/MS14-001</a></div></li></ul><h3 class=\"sbody-h3\">How to obtain help and support for this security update</h3> Help installing updates: <a href=\"https://support.microsoft.com/ph/6527\" id=\"kb-link-4\" target=\"_self\">Support for Microsoft Update</a><br/><br/>Security solutions for IT professionals: <br/><a href=\"http://technet.microsoft.com/security/bb980617.aspx\" id=\"kb-link-5\" target=\"_self\">TechNet Security Troubleshooting and Support</a><br/><br/>Help protect your Windows-based computer from viruses and malware: <a href=\"https://support.microsoft.com/contactus/cu_sc_virsec_master\" id=\"kb-link-6\" target=\"_self\">Virus Solution and Security Center</a><br/><br/>Local support according to your country: <br/><a href=\"https://support.microsoft.com/common/international.aspx\" id=\"kb-link-7\" target=\"_self\">International Support</a><br/><br/></div><h2></h2><div class=\"kb-moreinformation-section section\"><h3 class=\"sbody-h3\">Known issues and additional information about this security update</h3> <br/> <br/><br/> The following articles contain additional information about this security update as it relates to individual product versions. The articles may contain known issue information. If this is the case, the known issue is listed below each article link.<br/><br/><br/><ul class=\"sbody-free_list\"><li><a href=\"https://support.microsoft.com/en-us/help/2827224\" id=\"kb-link-8\">2827224 </a> MS14-001: Description of the security update for Word 2013: January 14, 2014 </li><li><a href=\"https://support.microsoft.com/en-us/help/2837577\" id=\"kb-link-9\">2837577 </a> MS14-001: Description of the security update for Word Automation Services in SharePoint Server 2010: January 14, 2014<br/><br/><span class=\"text-base\">Note </span>After you install this security update on all SharePoint servers and SharePoint services, you have to run the PSconfig tool to complete the installation. <br/></li><li><a href=\"https://support.microsoft.com/en-us/help/2837596\" id=\"kb-link-10\">2837596 </a> MS14-001: Description of the security update for Word Online: January 14, 2014</li><li><a href=\"https://support.microsoft.com/en-us/help/2837615\" id=\"kb-link-11\">2837615 </a> MS14-001: Description of the security update for Office Compatibility Pack: January 14, 2014</li><li><a href=\"https://support.microsoft.com/en-us/help/2837617\" id=\"kb-link-12\">2837617 </a> MS14-001: Description of the security update for Word 2007: January 14, 2014</li><li><a href=\"https://support.microsoft.com/en-us/help/2837625\" id=\"kb-link-13\">2837625 </a> MS14-001: Description of the security update for Word Automation Services in Microsoft SharePoint Server 2013: January 14, 2014<br/><br/><span class=\"text-base\">Note </span>After you install this security update on all SharePoint servers and SharePoint services, you have to run the PSconfig tool to complete the installation. <br/></li><li><a href=\"https://support.microsoft.com/en-us/help/2863834\" id=\"kb-link-14\">2863834 </a>\u00a0MS14-001: Description of the security update for Word 2013 primary interop assembly (PIA): January 14, 2014</li><li><a href=\"https://support.microsoft.com/en-us/help/2863866\" id=\"kb-link-15\">2863866 </a> MS14-001: Description of the security update for Word 2003: January 14, 2014</li><li><a href=\"https://support.microsoft.com/en-us/help/2863867\" id=\"kb-link-16\">2863867 </a> MS14-001: Description of the security update for Microsoft Word Viewer: January 14, 2014</li><li><a href=\"https://support.microsoft.com/en-us/help/2863879\" id=\"kb-link-17\">2863879 </a> MS14-001: Description of the security update for Office Web Apps Server: January 14, 2014</li><li><a href=\"https://support.microsoft.com/en-us/help/2863901\" id=\"kb-link-18\">2863901 </a> MS14-001: Description of the security update for Microsoft Office 2010: January 14, 2014</li><li><a href=\"https://support.microsoft.com/en-us/help/2863902\" id=\"kb-link-19\">2863902 </a> MS14-001: Description of the security update for Word 2010 Service Pack 1 and Service Pack 2: January 14, 2014</li></ul><div class=\"faq-section\" faq-section=\"\"><div class=\"faq-panel\"><div class=\"faq-panel-heading\" faq-panel-heading=\"\"><span class=\"link-expand-image\"><span class=\"faq-chevron win-icon win-icon-ChevronUpSmall\"></span></span><span class=\"bold btn-link link-expand-text\"><span class=\"bold btn-link\">File hash information</span></span></div><div class=\"faq-panel-body\" faq-panel-body=\"\"><span><div class=\"kb-collapsible kb-collapsible-collapsed\"><div class=\"table-responsive\"><table class=\"sbody-table table\"><tr class=\"sbody-tr\"><th class=\"sbody-th\">File name</th><th class=\"sbody-th\">SHA1 hash</th><th class=\"sbody-th\">SHA256 hash</th></tr><tr class=\"sbody-tr\"><td class=\"sbody-td\">kb24286772010-kb2837590-fullfile-x64-glb.exe</td><td class=\"sbody-td\">D5CA1D2B8F6AB2E437F06E27BA1B0B38C5F1C71F</td><td class=\"sbody-td\">36A9E0CE259ADE52FD75C1D2F7556C1F7DD467EB55F0F81ED08ABAF67835FA7E</td></tr><tr class=\"sbody-tr\"><td class=\"sbody-td\">kb24286772010-kb2837590-fullfile-x86-glb.exe</td><td class=\"sbody-td\">7FC8DF9010236E3AF1E1C925645E4A02590C515C</td><td class=\"sbody-td\">FAC3FFC6121F843098A44907EAA61FF2EFF029B565DECEA25338F4641A8F3C16</td></tr><tr class=\"sbody-tr\"><td class=\"sbody-td\">wac2010-kb2837596-fullfile-x64-glb.exe</td><td class=\"sbody-td\">ECC72413FFC05E41F42B4C7EEF22A21CF8F4553E</td><td class=\"sbody-td\">489B6A90ECB5F13F8BFFAA65E0E1E8B67BE6B1C41488E62A55AF35E4FADE60A7</td></tr><tr class=\"sbody-tr\"><td class=\"sbody-td\">wdsrv2010-kb2837577-fullfile-x64-glb.exe</td><td class=\"sbody-td\">D4813C37FDB80466E676D2D7EFF1394C5A4394D1</td><td class=\"sbody-td\">63C2ED82AF61570C0A0E7E27EA2ABDCB8B4C0C7672C9E5DB264AC29DB756F86D</td></tr><tr class=\"sbody-tr\"><td class=\"sbody-td\">word2010-kb2837593-fullfile-x64-glb.exe</td><td class=\"sbody-td\">84E5A00726E41D41C2984175E04C12D8F9DBBBE7</td><td class=\"sbody-td\">56816BFB9567FB45D6C5E1465F333451ADEAF324968C654EDC664A5B3CADCEAC</td></tr><tr class=\"sbody-tr\"><td class=\"sbody-td\">word2010-kb2837593-fullfile-x86-glb.exe</td><td class=\"sbody-td\">7E695C573B011D3DD91D5ED494A54CB98D3398F3</td><td class=\"sbody-td\">E50FE06D55FBA422ED3F0D1EB5B1285C388432AF64A55C1D819E203BB48AEC39</td></tr></table></div></div><br/></span></div></div></div></div></body></html>", "published": "2014-01-14T00:00:00", "modified": "2014-04-17T03:21:07", "cvss": {"score": 9.3, "vector": "AV:N/AC:M/Au:N/C:C/I:C/A:C"}, "href": "https://support.microsoft.com/en-us/help/2916605/", "reporter": "Microsoft", "references": [], "cvelist": ["CVE-2014-0258", "CVE-2014-0259", "CVE-2014-0260"], "type": "mskb", "lastseen": "2021-01-01T22:50:24", "edition": 2, "viewCount": 6, "enchantments": {"dependencies": {"references": [{"type": "cve", "idList": ["CVE-2014-0258", "CVE-2014-0259", "CVE-2014-0260"]}, {"type": "openvas", "idList": ["OPENVAS:1361412562310903427", "OPENVAS:903426", "OPENVAS:1361412562310903428", "OPENVAS:1361412562310903426"]}, {"type": "securityvulns", "idList": ["SECURITYVULNS:VULN:13527"]}, {"type": "nessus", "idList": ["SMB_NT_MS14-001.NASL"]}, {"type": "symantec", "idList": ["SMNTC-64727", "SMNTC-64728", "SMNTC-64726"]}, {"type": "seebug", "idList": ["SSV:61325", "SSV:61324", "SSV:61326"]}, {"type": "kaspersky", "idList": ["KLA10616"]}], "modified": "2021-01-01T22:50:24", "rev": 2}, "score": {"value": 7.4, "vector": "NONE", "modified": "2021-01-01T22:50:24", "rev": 2}, "vulnersScore": 7.4}, "kb": "KB2916605", "msrc": "MS14-001", "mscve": "", "msfamily": "", "msplatform": "", "msproducts": ["12717", "11426", "17889", "16899", "14872", "16927", "11395", "16147", "14868", "17392"], "supportAreaPaths": ["4662fc2f-a2ef-25fb-ff44-18cdf79dec91", "223fe92b-e339-6e89-9d0a-0efe113cd027", "8d9b289f-c322-4fa7-fddd-f20045014206", "1b334f9a-28b3-2a16-22e2-72e540bdc08d", "fdfadff7-4af0-0d4c-cb43-624201544e9f", "c2d8cfdd-5f22-4d5f-a2e6-2059536e08ba", "7f791732-2ad3-95bb-fc6d-b1f8ec21f952", "be271be6-9322-6b42-e51b-f2ab04188d62", "790658a9-9281-d950-5a84-03310ac92ad8"], "supportAreaPathNodes": [{"id": "8d9b289f-c322-4fa7-fddd-f20045014206", "name": "Word 2013", "parent": "e9323f40-7ca8-4ecd-621d-fcf6c96a2eb0", "tree": [], "type": "productversion"}, {"id": "4662fc2f-a2ef-25fb-ff44-18cdf79dec91", "name": "Microsoft Word 2010", "parent": "e9323f40-7ca8-4ecd-621d-fcf6c96a2eb0", "tree": [], "type": "productversion"}, {"id": "790658a9-9281-d950-5a84-03310ac92ad8", "name": "Office Web Apps Server 2013", "parent": "90bedbeb-782d-7b46-9f4f-721cc5d647d6", "tree": [], "type": "productname"}, {"id": "7f791732-2ad3-95bb-fc6d-b1f8ec21f952", "name": "Word for the web", "parent": "e9323f40-7ca8-4ecd-621d-fcf6c96a2eb0", "tree": [], "type": "productversion"}, {"id": "223fe92b-e339-6e89-9d0a-0efe113cd027", "name": "Microsoft Office 2010 Service Pack 2", "parent": "50b6b6c7-a5b6-773d-e862-a9eb4686fc84", "tree": [], "type": "productversion"}, {"id": "1b334f9a-28b3-2a16-22e2-72e540bdc08d", "name": "Word Home and Student 2010", "parent": "e9323f40-7ca8-4ecd-621d-fcf6c96a2eb0", "tree": [], "type": "productversion"}], "primarySupportAreaPath": [{"id": "8d9b289f-c322-4fa7-fddd-f20045014206", "name": "Word 2013", "parent": "e9323f40-7ca8-4ecd-621d-fcf6c96a2eb0", "tree": [], "type": "productversion"}, {"id": "31c34dbe-8e29-086f-65e5-b10d979bd299", "name": "Office Products", "tree": [], "type": "productfamily"}, {"id": "e9323f40-7ca8-4ecd-621d-fcf6c96a2eb0", "name": "Word", "parent": "31c34dbe-8e29-086f-65e5-b10d979bd299", "tree": [], "type": "productname"}], "superseeds": ["KB934181", "KB956366", "KB2251437", "KB2827330", "KB950625", "KB2826030", "KB2826020", "KB969603", "KB2344911", "KB973443", "KB2826036", "KB2598332", "KB2345009", "KB923094", "KB950241", "KB2760497", "KB2251399", "KB2767913", "KB2827329", "KB2817682", "KB2760498", "KB923276", "KB973866", "KB924883", "KB2810046", "KB954464", "KB2687485", "KB2817361", "KB2687483", "KB2760769", "KB956357", "KB969614", "KB2817683", "KB982134", "KB929057", "KB2910228", "KB934041", "KB2826022"], "parentseeds": [], "msimpact": "Remote Code Execution", "msseverity": "Important", "scheme": null}

{"cve": [{"lastseen": "2021-02-02T06:14:24", "description": "Microsoft Word 2003 SP3 and 2007 SP3, Office Compatibility Pack SP3, and Word Viewer allow remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted Office document, aka \"Word Memory Corruption Vulnerability.\"", "edition": 4, "cvss3": {}, "published": "2014-01-15T16:13:00", "title": "CVE-2014-0258", "type": "cve", "cwe": ["CWE-119"], "bulletinFamily": "NVD", "cvss2": {"severity": "HIGH", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 9.3, "vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 10.0, "obtainUserPrivilege": false}, "cvelist": ["CVE-2014-0258"], "modified": "2018-10-12T22:05:00", "cpe": ["cpe:/a:microsoft:word:2007", "cpe:/a:microsoft:word_viewer:*", "cpe:/a:microsoft:office_compatibility_pack:*", "cpe:/a:microsoft:word:2003"], "id": "CVE-2014-0258", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2014-0258", "cvss": {"score": 9.3, "vector": "AV:N/AC:M/Au:N/C:C/I:C/A:C"}, "cpe23": ["cpe:2.3:a:microsoft:office_compatibility_pack:*:sp3:*:*:*:*:*:*", "cpe:2.3:a:microsoft:word:2007:sp3:*:*:*:*:*:*", "cpe:2.3:a:microsoft:word_viewer:*:*:*:*:*:*:*:*", "cpe:2.3:a:microsoft:word:2003:sp3:*:*:*:*:*:*"]}, {"lastseen": "2021-02-02T06:14:24", "description": "Microsoft Word 2007 SP3 and Office Compatibility Pack SP3 allow remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted Office document, aka \"Word Memory Corruption Vulnerability.\"", "edition": 4, "cvss3": {}, "published": "2014-01-15T16:13:00", "title": "CVE-2014-0259", "type": "cve", "cwe": ["CWE-119"], "bulletinFamily": "NVD", "cvss2": {"severity": "HIGH", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 9.3, "vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 10.0, "obtainUserPrivilege": false}, "cvelist": ["CVE-2014-0259"], "modified": "2018-10-12T22:05:00", "cpe": ["cpe:/a:microsoft:word:2007", "cpe:/a:microsoft:office_compatibility_pack:*"], "id": "CVE-2014-0259", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2014-0259", "cvss": {"score": 9.3, "vector": "AV:N/AC:M/Au:N/C:C/I:C/A:C"}, "cpe23": ["cpe:2.3:a:microsoft:office_compatibility_pack:*:sp3:*:*:*:*:*:*", "cpe:2.3:a:microsoft:word:2007:sp3:*:*:*:*:*:*"]}, {"lastseen": "2021-02-02T06:14:24", "description": "Microsoft Word 2003 SP3, 2007 SP3, 2010 SP1 and SP2, 2013, and 2013 RT; Office Compatibility Pack SP3; Word Viewer; SharePoint Server 2010 SP1 and SP2 and 2013; Office Web Apps 2010 SP1 and SP2; and Office Web Apps Server 2013 allow remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted Office document, aka \"Word Memory Corruption Vulnerability.\"", "edition": 4, "cvss3": {}, "published": "2014-01-15T16:13:00", "title": "CVE-2014-0260", "type": "cve", "cwe": ["CWE-119"], "bulletinFamily": "NVD", "cvss2": {"severity": "HIGH", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 9.3, "vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 10.0, "obtainUserPrivilege": false}, "cvelist": ["CVE-2014-0260"], "modified": "2018-10-30T16:27:00", "cpe": ["cpe:/a:microsoft:sharepoint_server:2013", "cpe:/a:microsoft:word:2007", "cpe:/a:microsoft:word_viewer:*", "cpe:/a:microsoft:word:2013", "cpe:/a:microsoft:office_web_apps_server:2013", "cpe:/a:microsoft:sharepoint_server:2010", "cpe:/a:microsoft:office_web_apps:2010", "cpe:/a:microsoft:word:2010", "cpe:/a:microsoft:office_compatibility_pack:*", "cpe:/a:microsoft:word:2003"], "id": "CVE-2014-0260", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2014-0260", "cvss": {"score": 9.3, "vector": "AV:N/AC:M/Au:N/C:C/I:C/A:C"}, "cpe23": ["cpe:2.3:a:microsoft:sharepoint_server:2013:*:*:*:*:*:*:*", "cpe:2.3:a:microsoft:office_web_apps:2010:sp1:*:*:*:*:*:*", "cpe:2.3:a:microsoft:office_compatibility_pack:*:sp3:*:*:*:*:*:*", "cpe:2.3:a:microsoft:office_web_apps_server:2013:*:*:*:*:*:*:*", "cpe:2.3:a:microsoft:word:2013:*:*:*:*:*:*:*", "cpe:2.3:a:microsoft:sharepoint_server:2010:sp1:*:*:*:*:*:*", "cpe:2.3:a:microsoft:word:2010:sp2:*:*:*:*:*:*", "cpe:2.3:a:microsoft:sharepoint_server:2010:sp2:*:*:*:*:*:*", "cpe:2.3:a:microsoft:word:2007:sp3:*:*:*:*:*:*", "cpe:2.3:a:microsoft:word_viewer:*:*:*:*:*:*:*:*", "cpe:2.3:a:microsoft:word:2003:sp3:*:*:*:*:*:*", "cpe:2.3:a:microsoft:word:2010:sp1:*:*:*:*:*:*", "cpe:2.3:a:microsoft:office_web_apps:2010:sp2:*:*:*:*:*:*"]}], "openvas": [{"lastseen": "2020-01-08T14:01:52", "bulletinFamily": "scanner", "cvelist": ["CVE-2014-0258", "CVE-2014-0259", "CVE-2014-0260"], "description": "This host is missing an important security update according to\n Microsoft Bulletin MS14-001.", "modified": "2019-12-20T00:00:00", "published": "2014-01-15T00:00:00", "id": "OPENVAS:1361412562310903428", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310903428", "type": "openvas", "title": "Microsoft Office Web Apps Remote Code Execution vulnerability (2916605)", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Microsoft Office Web Apps Remote Code Execution vulnerability (2916605)\n#\n# Authors:\n# Antu Sanadi <santu@secpod.com>\n#\n# Copyright:\n# Copyright (C) 2014 SecPod, http://www.secpod.com\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nCPE = \"cpe:/a:microsoft:office_web_apps\";\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.903428\");\n script_version(\"2019-12-20T12:48:41+0000\");\n script_cve_id(\"CVE-2014-0258\", \"CVE-2014-0259\", \"CVE-2014-0260\");\n script_bugtraq_id(64726, 64727, 64728);\n script_tag(name:\"cvss_base\", value:\"9.3\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:C/I:C/A:C\");\n script_tag(name:\"last_modification\", value:\"2019-12-20 12:48:41 +0000 (Fri, 20 Dec 2019)\");\n script_tag(name:\"creation_date\", value:\"2014-01-15 12:12:54 +0530 (Wed, 15 Jan 2014)\");\n script_name(\"Microsoft Office Web Apps Remote Code Execution vulnerability (2916605)\");\n\n script_tag(name:\"summary\", value:\"This host is missing an important security update according to\n Microsoft Bulletin MS14-001.\");\n\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable version is present on the target host.\");\n\n script_tag(name:\"solution\", value:\"The vendor has released updates. Please see the references for more information.\");\n\n script_tag(name:\"insight\", value:\"Multiple flaws are due to error exists when processing specially crafted\n office file.\");\n\n script_tag(name:\"affected\", value:\"- Microsoft Web Applications 2013\n\n - Microsoft Web Applications 2010 Service Pack 2 and prior\");\n\n script_tag(name:\"impact\", value:\"Successful exploitation will allow remote attackers to execute the arbitrary\n code, cause memory corruption and compromise the system.\");\n\n script_tag(name:\"qod_type\", value:\"registry\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n\n script_xref(name:\"URL\", value:\"https://support.microsoft.com/kb/2837596\");\n script_xref(name:\"URL\", value:\"https://support.microsoft.com/kb/2863879\");\n script_xref(name:\"URL\", value:\"https://technet.microsoft.com/en-us/security/bulletin/ms14-001\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2014 SecPod\");\n script_family(\"Windows : Microsoft Bulletins\");\n script_dependencies(\"gb_ms_office_web_apps_detect.nasl\");\n script_require_ports(139, 445);\n script_mandatory_keys(\"MS/Office/Web/Apps/Ver\");\n\n exit(0);\n}\n\ninclude(\"smb_nt.inc\");\ninclude(\"host_details.inc\");\ninclude(\"version_func.inc\");\ninclude(\"secpod_smb_func.inc\");\n\nif( ! infos = get_app_version_and_location( cpe:CPE, exit_no_version:TRUE ) ) exit( 0 );\nwebappVer = infos['version'];\npath = infos['location'];\nif(!path || \"Could not find the install location\" >< path){\n exit(0);\n}\n\nif(webappVer =~ \"^14\\..*\")\n{\n ## Microsoft Office Web Apps 2010\n dllVer = fetch_file_version(sysPath:path,\n file_name:\"\\14.0\\WebServices\\ConversionService\\Bin\\Converter\\msoserver.dll\");\n if(dllVer)\n {\n if(version_in_range(version:dllVer, test_version:\"14.0\", test_version2:\"14.0.7108.4999\"))\n {\n security_message( port: 0, data: \"The target host was found to be vulnerable\" );\n exit(0);\n }\n }\n}\n\n## Microsoft Office Web Apps 2013\nif(webappVer =~ \"^15\\..*\")\n{\n path = path + \"\\PPTConversionService\\bin\\Converter\\\";\n\n dllVer = fetch_file_version(sysPath:path, file_name:\"msoserver.dll\");\n if(dllVer)\n {\n if(version_in_range(version:dllVer, test_version:\"15.0\", test_version2:\"15.0.4551.1506\"))\n {\n security_message( port: 0, data: \"The target host was found to be vulnerable\" );\n exit(0);\n }\n }\n}\n\nexit(99);", "cvss": {"score": 9.3, "vector": "AV:N/AC:M/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2020-01-08T14:01:53", "bulletinFamily": "scanner", "cvelist": ["CVE-2014-0258", "CVE-2014-0259", "CVE-2014-0260"], "description": "This host is missing an important security update according to\nMicrosoft Bulletin MS14-001.", "modified": "2019-12-20T00:00:00", "published": "2014-01-15T00:00:00", "id": "OPENVAS:1361412562310903427", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310903427", "type": "openvas", "title": "Microsoft SharePoint Server Remote Code Execution Vulnerability (2916605)", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Microsoft SharePoint Server Remote Code Execution Vulnerability (2916605)\n#\n# Authors:\n# Antu Sanadi <santu@secpod.com>\n#\n# Copyright:\n# Copyright (C) 2014 SecPod, http://www.secpod.com\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nCPE = \"cpe:/a:microsoft:sharepoint_server\";\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.903427\");\n script_version(\"2019-12-20T12:48:41+0000\");\n script_cve_id(\"CVE-2014-0258\", \"CVE-2014-0259\", \"CVE-2014-0260\");\n script_bugtraq_id(64726, 64727, 64728);\n script_tag(name:\"cvss_base\", value:\"9.3\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:C/I:C/A:C\");\n script_tag(name:\"last_modification\", value:\"2019-12-20 12:48:41 +0000 (Fri, 20 Dec 2019)\");\n script_tag(name:\"creation_date\", value:\"2014-01-15 11:05:47 +0530 (Wed, 15 Jan 2014)\");\n script_name(\"Microsoft SharePoint Server Remote Code Execution Vulnerability (2916605)\");\n\n script_tag(name:\"summary\", value:\"This host is missing an important security update according to\nMicrosoft Bulletin MS14-001.\");\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable version is present on the target host.\");\n script_tag(name:\"solution\", value:\"The vendor has released updates. Please see the references for more information.\");\n script_tag(name:\"insight\", value:\"Multiple flaws are due to error exists when processing specially crafted\noffice file.\");\n script_tag(name:\"affected\", value:\"- Microsoft SharePoint Server 2010 (coreserverloc)\n\n - Microsoft SharePoint Server 2013 (coreserverloc)\");\n script_tag(name:\"impact\", value:\"Successful exploitation will allow remote attackers to execute the arbitrary\ncode, cause memory corruption and compromise the system.\");\n script_tag(name:\"qod_type\", value:\"executable_version\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n\n script_xref(name:\"URL\", value:\"https://support.microsoft.com/kb/2837577\");\n script_xref(name:\"URL\", value:\"https://support.microsoft.com/kb/2837625\");\n script_xref(name:\"URL\", value:\"https://technet.microsoft.com/en-us/security/bulletin/ms14-001\");\n script_category(ACT_GATHER_INFO);\n script_family(\"Windows : Microsoft Bulletins\");\n script_copyright(\"Copyright (C) 2014 SecPod\");\n script_dependencies(\"gb_ms_sharepoint_sever_n_foundation_detect.nasl\");\n script_require_ports(139, 445);\n script_mandatory_keys(\"MS/SharePoint/Server/Ver\");\n\n exit(0);\n}\n\ninclude(\"smb_nt.inc\");\ninclude(\"host_details.inc\");\ninclude(\"version_func.inc\");\ninclude(\"secpod_smb_func.inc\");\n\nif( ! infos = get_app_version_and_location( cpe:CPE, exit_no_version:TRUE ) ) exit( 0 );\nshareVer = infos['version'];\npath = infos['location'];\nif(!path || \"Could not find the install location\" >< path){\n exit(0);\n}\n\n## SharePoint Server 2010\nif(shareVer =~ \"^14\\..*\")\n{\n dllVer2 = fetch_file_version(sysPath:path,\n file_name:\"\\14.0\\WebServices\\WordServer\\Core\\WdsrvWorker.dll\");\n if(dllVer2)\n {\n if(version_in_range(version:dllVer2, test_version:\"14.0\", test_version2:\"14.0.6112.4999\"))\n {\n security_message( port: 0, data: \"The target host was found to be vulnerable\" );\n exit(0);\n }\n }\n}\n\n## SharePoint Server 2013\nif(shareVer =~ \"^15\\..*\")\n{\n dllVer2 = fetch_file_version(sysPath:path,\n file_name:\"\\15.0\\WebServices\\ConversionServices\\WdsrvWorker.dll\");\n if(dllVer2)\n {\n if(version_in_range(version:dllVer2, test_version:\"15.0\", test_version2:\"15.0.4545.999\"))\n {\n security_message( port: 0, data: \"The target host was found to be vulnerable\" );\n exit(0);\n }\n }\n}\n\nexit(99);", "cvss": {"score": 9.3, "vector": "AV:N/AC:M/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2020-01-08T14:01:48", "bulletinFamily": "scanner", "cvelist": ["CVE-2014-0258", "CVE-2014-0259", "CVE-2014-0260"], "description": "This host is missing an important security update according to\n Microsoft Bulletin MS14-001.", "modified": "2019-12-20T00:00:00", "published": "2014-01-15T00:00:00", "id": "OPENVAS:1361412562310903426", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310903426", "type": "openvas", "title": "Microsoft Office Word Remote Code Execution Vulnerabilities (2916605)", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Microsoft Office Word Remote Code Execution Vulnerabilities (2916605)\n#\n# Authors:\n# Antu Sanadi <santu@secpod.com>\n#\n# Copyright:\n# Copyright (c) 2014 SecPod, http://www.secpod.com\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.903426\");\n script_version(\"2019-12-20T10:24:46+0000\");\n script_cve_id(\"CVE-2014-0258\", \"CVE-2014-0259\", \"CVE-2014-0260\");\n script_bugtraq_id(64726, 64727, 64728);\n script_tag(name:\"cvss_base\", value:\"9.3\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:C/I:C/A:C\");\n script_tag(name:\"last_modification\", value:\"2019-12-20 10:24:46 +0000 (Fri, 20 Dec 2019)\");\n script_tag(name:\"creation_date\", value:\"2014-01-15 09:12:21 +0530 (Wed, 15 Jan 2014)\");\n script_name(\"Microsoft Office Word Remote Code Execution Vulnerabilities (2916605)\");\n\n script_tag(name:\"summary\", value:\"This host is missing an important security update according to\n Microsoft Bulletin MS14-001.\");\n\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable version is present on the target host.\");\n\n script_tag(name:\"solution\", value:\"The vendor has released updates. Please see the references for more information.\");\n\n script_tag(name:\"insight\", value:\"Multiple flaws are due to error exists when processing specially crafted\n office file.\");\n\n script_tag(name:\"affected\", value:\"- Microsoft Word 2013\n\n - Microsoft Word 2003 Service Pack 3 and prior\n\n - Microsoft Word 2007 Service Pack 3 and prior\n\n - Microsoft Word 2010 Service Pack 2 and prior\");\n\n script_tag(name:\"impact\", value:\"Successful exploitation will allow remote attackers to execute the arbitrary\n code, cause memory corruption and compromise the system.\");\n\n script_tag(name:\"qod_type\", value:\"registry\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n\n script_xref(name:\"URL\", value:\"https://support.microsoft.com/kb/2863866\");\n script_xref(name:\"URL\", value:\"https://support.microsoft.com/kb/2837617\");\n script_xref(name:\"URL\", value:\"https://support.microsoft.com/kb/2863902\");\n script_xref(name:\"URL\", value:\"https://support.microsoft.com/kb/2863901\");\n script_xref(name:\"URL\", value:\"https://support.microsoft.com/kb/2827224\");\n script_xref(name:\"URL\", value:\"https://support.microsoft.com/kb/2863834\");\n script_xref(name:\"URL\", value:\"https://technet.microsoft.com/en-us/security/bulletin/ms14-001\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2014 SecPod\");\n script_family(\"Windows : Microsoft Bulletins\");\n script_dependencies(\"secpod_office_products_version_900032.nasl\");\n script_mandatory_keys(\"SMB/Office/Word/Version\");\n\n exit(0);\n}\n\ninclude(\"secpod_reg.inc\");\ninclude(\"version_func.inc\");\n\nwinwordVer = get_kb_item(\"SMB/Office/Word/Version\");\n\n## Microsoft Office Word 2003/2007/2010\nif(winwordVer && winwordVer =~ \"^1[1245]\\.\")\n{\n ## 14 < 14.0.7113.5001, 15 < 15.0.4551.1509\n ## Wwlibcxm.dll file not found on office 2010, as of now its not considered\n ## Wordpia.dll file not found on office 2013, as of now its not considered\n if(version_in_range(version:winwordVer, test_version:\"11.0\", test_version2:\"11.0.8408\") ||\n version_in_range(version:winwordVer, test_version:\"12.0\", test_version2:\"12.0.6690.4999\") ||\n version_in_range(version:winwordVer, test_version:\"14.0\", test_version2:\"14.0.7113.5000\") ||\n version_in_range(version:winwordVer, test_version:\"15.0\", test_version2:\"15.0.4551.1508\"))\n {\n security_message( port: 0, data: \"The target host was found to be vulnerable\" );\n exit(0);\n }\n}\n", "cvss": {"score": 9.3, "vector": "AV:N/AC:M/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2017-07-28T10:48:52", "bulletinFamily": "scanner", "cvelist": ["CVE-2014-0258", "CVE-2014-0259", "CVE-2014-0260"], "description": "This host is missing an important security update according to\nMicrosoft Bulletin MS14-001.", "modified": "2017-07-13T00:00:00", "published": "2014-01-15T00:00:00", "id": "OPENVAS:903426", "href": "http://plugins.openvas.org/nasl.php?oid=903426", "type": "openvas", "title": "Microsoft Office Word Remote Code Execution Vulnerabilities (2916605)", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n# $Id: secpod_ms_winword_ms14-001.nasl 6715 2017-07-13 09:57:40Z teissa $\n#\n# Microsoft Office Word Remote Code Execution Vulnerabilities (2916605)\n#\n# Authors:\n# Antu Sanadi <santu@secpod.com>\n#\n# Copyright:\n# Copyright (c) 2014 SecPod, http://www.secpod.com\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_id(903426);\n script_version(\"$Revision: 6715 $\");\n script_cve_id(\"CVE-2014-0258\", \"CVE-2014-0259\", \"CVE-2014-0260\");\n script_bugtraq_id(64726, 64727, 64728);\n script_tag(name:\"cvss_base\", value:\"9.3\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:C/I:C/A:C\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-07-13 11:57:40 +0200 (Thu, 13 Jul 2017) $\");\n script_tag(name:\"creation_date\", value:\"2014-01-15 09:12:21 +0530 (Wed, 15 Jan 2014)\");\n script_name(\"Microsoft Office Word Remote Code Execution Vulnerabilities (2916605)\");\n\n tag_summary =\n\"This host is missing an important security update according to\nMicrosoft Bulletin MS14-001.\";\n\n tag_vuldetect =\n\"Get the vulnerable file version and check appropriate patch is applied\nor not.\";\n\n tag_insight =\n\"Multiple flaws are due to error exists when processing specially crafted\noffice file.\";\n\n tag_impact =\n\"Successful exploitation will allow remote attackers to execute the arbitrary\ncode, cause memory corruption and compromise the system.\n\nImpact Level: System/Application \";\n\n tag_affected =\n\"Microsoft Word 2013\nMicrosoft Word 2003 Service Pack 3 and prior\nMicrosoft Word 2007 Service Pack 3 and prior\nMicrosoft Word 2010 Service Pack 2 and prior.\";\n\n tag_solution =\n\"Run Windows Update and update the listed hotfixes or download and update\nmentioned hotfixes in the advisory from the below link,\nhttps://technet.microsoft.com/en-us/security/bulletin/ms14-001\";\n\n\n script_tag(name : \"summary\" , value : tag_summary);\n script_tag(name : \"vuldetect\" , value : tag_vuldetect);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"impact\" , value : tag_impact);\n script_tag(name:\"qod_type\", value:\"registry\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n\n script_xref(name : \"URL\" , value : \"https://support.microsoft.com/kb/2863866\");\n script_xref(name : \"URL\" , value : \"https://support.microsoft.com/kb/2837617\");\n script_xref(name : \"URL\" , value : \"https://support.microsoft.com/kb/2863902\");\n script_xref(name : \"URL\" , value : \"https://support.microsoft.com/kb/2863901\");\n script_xref(name : \"URL\" , value : \"https://support.microsoft.com/kb/2827224\");\n script_xref(name : \"URL\" , value : \"https://support.microsoft.com/kb/2863834\");\n script_xref(name : \"URL\" , value : \"http://technet.microsoft.com/en-us/security/bulletin/ms14-001\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2014 SecPod\");\n script_family(\"Windows : Microsoft Bulletins\");\n script_dependencies(\"secpod_office_products_version_900032.nasl\");\n script_mandatory_keys(\"SMB/Office/Word/Version\");\n exit(0);\n}\n\n\ninclude(\"secpod_reg.inc\");\ninclude(\"version_func.inc\");\n\n## variable Initialization\nwinwordVer = \"\";\n\nwinwordVer = get_kb_item(\"SMB/Office/Word/Version\");\n\n## Microsoft Office Word 2003/2007/2010\nif(winwordVer && winwordVer =~ \"^(11|12|14|15).*\")\n{\n ## Grep for version Winword.exe 11 < 11.0.8409 < 12.0.6690.5000,\n ## 14 < 14.0.7113.5001, 15 < 15.0.4551.1509\n ## Wwlibcxm.dll file not found on office 2010, as of now its not considered\n ## Wordpia.dll file not found on office 2013, as of now its not considered\n if(version_in_range(version:winwordVer, test_version:\"11.0\", test_version2:\"11.0.8408\") ||\n version_in_range(version:winwordVer, test_version:\"12.0\", test_version2:\"12.0.6690.4999\") ||\n version_in_range(version:winwordVer, test_version:\"14.0\", test_version2:\"14.0.7113.5000\") ||\n version_in_range(version:winwordVer, test_version:\"15.0\", test_version2:\"15.0.4551.1508\"))\n {\n security_message(0);\n exit(0);\n }\n}\n", "cvss": {"score": 9.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}], "securityvulns": [{"lastseen": "2018-08-31T11:09:54", "bulletinFamily": "software", "cvelist": ["CVE-2014-0258", "CVE-2014-0259", "CVE-2014-0260"], "description": "Multiple memory corruptions on Microsoft Word documents parsing.", "edition": 1, "modified": "2014-01-15T00:00:00", "published": "2014-01-15T00:00:00", "id": "SECURITYVULNS:VULN:13527", "href": "https://vulners.com/securityvulns/SECURITYVULNS:VULN:13527", "title": "Microsoft Office multiple security vulnerabilities", "type": "securityvulns", "cvss": {"score": 9.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}], "nessus": [{"lastseen": "2021-03-01T06:18:38", "description": "The remote Windows host has a version of Microsoft Office, Microsoft\nWord, Office Compatibility Pack, Microsoft Word Viewer, SharePoint\nServer, or Microsoft Office Web Apps that is affected by one or more\nunspecified memory corruption vulnerabilities. By tricking a user into\nopening a specially crafted file, it may be possible for a remote\nattacker to take complete control of the system or execute arbitrary\ncode.", "edition": 27, "published": "2014-01-14T00:00:00", "title": "MS14-001: Vulnerabilities in Microsoft Word and Office Web Apps Could Allow Remote Code Execution (2916605)", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2014-0258", "CVE-2014-0259", "CVE-2014-0260"], "modified": "2021-03-02T00:00:00", "cpe": ["cpe:/a:microsoft:sharepoint_server", "cpe:/a:microsoft:word", "cpe:/a:microsoft:word_viewer", "cpe:/a:microsoft:office", "cpe:/a:microsoft:office_web_apps", "cpe:/a:microsoft:office_compatibility_pack"], "id": "SMB_NT_MS14-001.NASL", "href": "https://www.tenable.com/plugins/nessus/71941", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(71941);\n script_version(\"1.12\");\n script_cvs_date(\"Date: 2018/11/15 20:50:31\");\n\n script_cve_id(\"CVE-2014-0258\", \"CVE-2014-0259\", \"CVE-2014-0260\");\n script_bugtraq_id(64726, 64727, 64728);\n script_xref(name:\"MSFT\", value:\"MS14-001\");\n script_xref(name:\"MSKB\", value:\"2827224\");\n script_xref(name:\"MSKB\", value:\"2837577\");\n script_xref(name:\"MSKB\", value:\"2837596\");\n script_xref(name:\"MSKB\", value:\"2837615\");\n script_xref(name:\"MSKB\", value:\"2837617\");\n script_xref(name:\"MSKB\", value:\"2837625\");\n script_xref(name:\"MSKB\", value:\"2863834\");\n script_xref(name:\"MSKB\", value:\"2863866\");\n script_xref(name:\"MSKB\", value:\"2863867\");\n script_xref(name:\"MSKB\", value:\"2863879\");\n script_xref(name:\"MSKB\", value:\"2863901\");\n script_xref(name:\"MSKB\", value:\"2863902\");\n script_xref(name:\"IAVA\", value:\"2014-A-0006\");\n\n script_name(english:\"MS14-001: Vulnerabilities in Microsoft Word and Office Web Apps Could Allow Remote Code Execution (2916605)\");\n script_summary(english:\"Checks Word / Office Web Apps version\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote host is affected by multiple memory corruption\nvulnerabilities.\");\n script_set_attribute(attribute:\"description\", value:\n\"The remote Windows host has a version of Microsoft Office, Microsoft\nWord, Office Compatibility Pack, Microsoft Word Viewer, SharePoint\nServer, or Microsoft Office Web Apps that is affected by one or more\nunspecified memory corruption vulnerabilities. By tricking a user into\nopening a specially crafted file, it may be possible for a remote\nattacker to take complete control of the system or execute arbitrary\ncode.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://docs.microsoft.com/en-us/security-updates/SecurityBulletins/2014/ms14-001\");\n script_set_attribute(attribute:\"solution\", value:\n\"Microsoft has released a set of patches for Office 2003, 2007, 2010,\nOffice Compatibility Pack, Microsoft Word Viewer, SharePoint Server,\nand Office Web Apps.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2014/01/14\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2014/01/14\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2014/01/14\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:microsoft:office\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:microsoft:office_web_apps\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:microsoft:word\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:microsoft:word_viewer\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:microsoft:office_compatibility_pack\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:microsoft:sharepoint_server\");\n script_set_attribute(attribute:\"stig_severity\", value:\"II\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Windows : Microsoft Bulletins\");\n\n script_copyright(english:\"This script is Copyright (C) 2014-2018 Tenable Network Security, Inc.\");\n\n script_dependencies(\"office_installed.nasl\", \"smb_hotfixes.nasl\", \"ms_bulletin_checks_possible.nasl\");\n script_require_keys(\"SMB/MS_Bulletin_Checks/Possible\");\n script_require_ports(139, 445, \"Host/patch_management_checks\");\n\n exit(0);\n}\n\ninclude(\"audit.inc\");\ninclude(\"smb_func.inc\");\ninclude(\"smb_hotfixes.inc\");\ninclude(\"smb_hotfixes_fcheck.inc\");\ninclude(\"smb_reg_query.inc\");\ninclude(\"misc_func.inc\");\n\nglobal_var bulletin, vuln;\n\nfunction get_ver()\n{\n local_var fh, path, rc, share, ver;\n\n path = _FCT_ANON_ARGS[0];\n\n share = ereg_replace(pattern:\"^([A-Za-z]):.*\", replace:\"\\1$\", string:path);\n\n rc = NetUseAdd(share:share);\n if (rc != 1)\n {\n NetUseDel();\n audit(AUDIT_SHARE_FAIL, share);\n }\n\n ver = NULL;\n path = ereg_replace(string:path, pattern:\"^[A-Za-z]:(.*)\", replace:'\\\\1\\\\');\n\n fh = CreateFile(\n file : path,\n desired_access : GENERIC_READ,\n file_attributes : FILE_ATTRIBUTE_NORMAL,\n share_mode : FILE_SHARE_READ,\n create_disposition : OPEN_EXISTING\n );\n if (!isnull(fh))\n {\n ver = GetFileVersion(handle:fh);\n ver = join(ver, sep:\".\");\n CloseFile(handle:fh);\n }\n\n NetUseDel(close:FALSE);\n\n return ver;\n}\n\nfunction check_vuln(fix, kb, name, path, ver)\n{\n local_var info;\n\n if (isnull(ver))\n ver = get_ver(path);\n\n if (isnull(ver) || ver_compare(ver:ver, fix:fix, strict:FALSE) >= 0)\n return 0;\n\n info =\n '\\n Product : ' + name +\n '\\n Path : ' + path +\n '\\n Installed version : ' + ver +\n '\\n Fixed version : ' + fix +\n '\\n';\n hotfix_add_report(info, bulletin:bulletin, kb:kb);\n\n vuln = TRUE;\n}\n\nget_kb_item_or_exit(\"SMB/MS_Bulletin_Checks/Possible\");\n\n# Get path information for Windows.\nwindir = hotfix_get_systemroot();\nif (isnull(windir)) exit(1, \"Failed to determine the location of %windir%.\");\n\nbulletin = 'MS14-001';\nkbs = make_list(\n 2827224, # Word 2013\n 2837577, # Word Automation Services in SharePoint Server 2010\n 2837596, # Word Web App\n 2837615, # Office Compatibility Pack\n 2837617, # Word 2007\n 2837625, # Word Automation Services in SharePoint Server 2013\n 2863834, # Word 2013 PIA\n 2863866, # Word 2003\n 2863867, # Microsoft Word Viewer\n 2863879, # Office Web Apps Server 2013\n 2863901, # Microsoft Office 2010\n 2863902 # Word 2010 SP1 and SP2\n);\n\nif (get_kb_item(\"Host/patch_management_checks\")) hotfix_check_3rd_party(bulletin:bulletin, kbs:kbs, severity:SECURITY_HOLE);\n\nget_kb_item_or_exit(\"SMB/Registry/Enumerated\", exit_code:1);\n\n# Connect to the registry.\nregistry_init();\nhklm = registry_hive_connect(hive:HKEY_LOCAL_MACHINE, exit_on_fail:TRUE);\n\n# Get path information for SharePoint Server 2010.\nsps_2010_path = get_registry_value(\n handle : hklm,\n item : \"SOFTWARE\\Microsoft\\Office Server\\14.0\\InstallPath\"\n);\n\n# Get the path information for SharePoint Server 2013\nsps_2013_path = get_registry_value(\n handle : hklm,\n item : \"SOFTWARE\\Microsoft\\Office Server\\15.0\\InstallPath\"\n);\n\nowa_2013_path = get_registry_value(\n handle : hklm,\n item : \"SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Uninstall\\Office15.WacServer\\InstallLocation\"\n);\n\n# Close connection to registry.\nRegCloseKey(handle:hklm);\nclose_registry(close:FALSE);\n# Get path information for Office Web Apps.\nowa_2010_path = sps_2010_path;\n######################################################################\n# Office Web Apps 2010 SP1 / SP2\n######################################################################\nif (owa_2010_path)\n{\n check_vuln(\n name : \"Office Web Apps 2010\",\n kb : \"2837596\",\n path : owa_2010_path + \"WebServices\\ConversionService\\Bin\\Converter\\sword.dll\",\n fix : \"14.0.7113.5001\"\n );\n}\n\n######################################################################\n# Office Web Apps 2013\n######################################################################\nif (owa_2013_path)\n{\n check_vuln(\n name : \"Office Web Apps 2013\",\n kb : \"2863879\",\n path : windir + \"\\Microsoft.NET\\assembly\\GAC_MSIL\\Microsoft.Office.Web.Apps.Environment.WacServer\\v4.0_15.0.0.0__71e9bce111e9429c\\Microsoft.Office.Web.Apps.Environment.WacServer.dll\",\n fix : \"15.0.4511.1006\"\n );\n}\n\n######################################################################\n# SharePoint Server 2010 SP1 / SP2\n######################################################################\nif (sps_2010_path)\n{\n check_vuln(\n name : \"Office SharePoint Server 2010\",\n kb : \"2837577\",\n path : sps_2010_path + \"WebServices\\WordServer\\Core\\sword.dll\",\n fix : \"14.0.7113.5001\"\n );\n}\n\n######################################################################\n# SharePoint Server 2013\n######################################################################\nif (sps_2013_path)\n{\n check_vuln(\n name : \"Office SharePoint Server 2013\",\n kb : \"2837625\",\n path : sps_2013_path + \"WebServices\\ConversionServices\\sword.dll\",\n fix : \"15.0.4551.1509\"\n );\n}\n\n# Word\nkb = \"\";\ninstalls = get_kb_list(\"SMB/Office/Word/*/ProductPath\");\nif (!isnull(installs))\n{\n foreach install (keys(installs))\n {\n version = install - 'SMB/Office/Word/' - '/ProductPath';\n path = installs[install];\n info = \"\";\n\n ver = split(version, sep:'.', keep:FALSE);\n for (i=0; i<max_index(ver); i++)\n ver[i] = int(ver[i]);\n\n if(ver[0] == 15 && ver[1] == 0)\n {\n ######################################################################\n # Office 2013 PIA Check\n ######################################################################\n check_vuln(\n name : \"Office 2013 Primary Interop Assembly\",\n kb : \"2863834\",\n path : windir + \"\\Microsoft.NET\\assembly\\GAC_MSIL\\Microsoft.Office.Interop.Word\\15.0.0.0__71e9bce111e9429c\\Microsoft.Office.Interop.Word.dll\",\n fix : \"15.0.4551.1512\"\n );\n\n # Word 2013\n if (\n ver[2] < 4551 ||\n (ver[2] == 4551 && ver[3] < 1509)\n )\n {\n office_sp = get_kb_item(\"SMB/Office/2013/SP\");\n if (!isnull(office_sp) && office_sp == 0)\n {\n info =\n '\\n Product : Word 2013' +\n '\\n File : ' + path +\n '\\n Installed version : ' + version +\n '\\n Fixed version : 15.0.4551.1509' + '\\n';\n kb = \"2827224\";\n }\n }\n }\n\n # Word 2010 SP1 and SP2\n if (\n ver[0] == 14 && ver[1] == 0 &&\n (\n ver[2] < 7113 ||\n (ver[2] == 7113 && ver[3] < 5001)\n )\n )\n {\n office_sp = get_kb_item(\"SMB/Office/2010/SP\");\n if (!isnull(office_sp) && (office_sp == 1 || office_sp == 2))\n {\n info =\n '\\n Product : Word 2010' +\n '\\n File : ' + path +\n '\\n Installed version : ' + version +\n '\\n Fixed version : 14.0.7113.5001' + '\\n';\n kb = \"2863902\";\n }\n }\n\n # Word 2007 SP3\n if (\n ver[0] == 12 && ver[1] == 0 &&\n (\n ver[2] < 6690 ||\n (ver[2] == 6690 && ver[3] < 5000)\n )\n )\n {\n office_sp = get_kb_item(\"SMB/Office/2007/SP\");\n if (!isnull(office_sp) && office_sp == 3)\n {\n info =\n '\\n Product : Word 2007 SP3' +\n '\\n File : ' + path +\n '\\n Installed version : ' + version +\n '\\n Fixed version : 12.0.6690.5000' + '\\n';\n kb = \"2837617\";\n }\n }\n\n # Word 2003 SP3\n if (ver[0] == 11 && ver[1] == 0 && ver[2] < 8409)\n {\n office_sp = get_kb_item(\"SMB/Office/2003/SP\");\n if (!isnull(office_sp) && office_sp == 3)\n {\n info =\n '\\n Product : Word 2003' +\n '\\n File : ' + path +\n '\\n Installed version : ' + version +\n '\\n Fixed version : 11.0.8409.0' + '\\n';\n kb = \"2863866\";\n }\n }\n\n if (info)\n {\n hotfix_add_report(info, bulletin:bulletin, kb:kb);\n vuln = TRUE;\n }\n }\n}\n\n# Word Viewer\ninstalls = get_kb_list(\"SMB/Office/WordViewer/*/ProductPath\");\nif (!isnull(installs))\n{\n foreach install (keys(installs))\n {\n info = \"\";\n version = install - 'SMB/Office/WordViewer/' - '/ProductPath';\n path = installs[install];\n if (isnull(path)) path = \"n/a\";\n\n ver = split(version, sep:'.', keep:FALSE);\n for (i=0; i<max_index(ver); i++)\n ver[i] = int(ver[i]);\n\n if (ver[0] == 11 && ver[1] == 0 && ver[2] < 8409)\n {\n info =\n '\\n Product : Word Viewer' +\n '\\n File : ' + path +\n '\\n Installed version : ' + version +\n '\\n Fixed version : 11.0.8409.0' + '\\n';\n kb = \"2863867\";\n }\n\n if (info)\n {\n hotfix_add_report(info, bulletin:bulletin, kb:kb);\n vuln = TRUE;\n break;\n }\n }\n}\n\n# Ensure Office is installed\noffice_vers = hotfix_check_office_version();\nif (!isnull(office_vers))\n{\n # Ensure we can get common files directory\n commonfiles = hotfix_get_officecommonfilesdir(officever:\"14.0\");\n if (commonfiles)\n {\n # Ensure share is accessible\n share = ereg_replace(pattern:\"^([A-Za-z]):.*\", replace:\"\\1$\", string:commonfiles);\n if (is_accessible_share(share:share))\n {\n # Office 2010\n if (office_vers[\"14.0\"])\n {\n office_sp = get_kb_item(\"SMB/Office/2010/SP\");\n if (!isnull(office_sp) && (office_sp == 1 || office_sp == 2))\n {\n path = get_kb_item(\"SMB/Office/Word/14.0/Path\");\n if (path)\n {\n old_report = hotfix_get_report();\n check_file = \"Wwlib.dll\";\n\n if (hotfix_check_fversion(path:path, file:check_file, version:\"14.0.7113.5001\", min_version:\"14.0.0.0\") == HCF_OLDER)\n {\n file = ereg_replace(pattern:\"^[A-Za-z]:(.*)\", string:path, replace:\"\\1\\\" + check_file);\n kb_name = \"SMB/FileVersions/\"+tolower(share-'$')+tolower(str_replace(string:file, find:\"\\\", replace:\"/\"));\n version = get_kb_item(kb_name);\n\n info =\n '\\n Product : Microsoft Office 2010' +\n '\\n File : ' + path + '\\\\' + check_file +\n '\\n Installed version : ' + version +\n '\\n Fixed version : 14.0.7113.5001' + '\\n';\n\n hcf_report = '';\n hotfix_add_report(old_report + info, bulletin:bulletin, kb:\"2863901\");\n vuln = TRUE;\n }\n }\n }\n }\n }\n }\n}\n\nversion = '';\ninstalls = get_kb_list(\"SMB/Office/WordCnv/*/ProductPath\");\nif (!isnull(installs))\n{\n foreach install (keys(installs))\n {\n version = install - 'SMB/Office/WordCnv/' - '/ProductPath';\n path = installs[install];\n\n if (!isnull(path))\n {\n share = hotfix_path2share(path:path);\n if (!is_accessible_share(share:share))\n audit(AUDIT_SHARE_FAIL, share);\n\n path = path - '\\\\Wordconv.exe';\n\n old_report = hotfix_get_report();\n check_file = \"wordcnv.dll\";\n\n if (hotfix_check_fversion(path:path, file:check_file, version:\"12.0.6690.5000\", min_version:\"12.0.0.0\") == HCF_OLDER)\n {\n file = ereg_replace(pattern:\"^[A-Za-z]:(.*)\", string:path, replace:\"\\1\\\" + check_file);\n kb_name = \"SMB/FileVersions/\"+tolower(share-'$')+tolower(str_replace(string:file, find:\"\\\", replace:\"/\"));\n kb_name = ereg_replace(pattern:\"//\"+check_file, replace:\"/\"+check_file, string:kb_name);\n version = get_kb_item(kb_name);\n\n info =\n '\\n Product : Microsoft Office Compatibility Pack for Word, Excel, and PowerPoint 2007 File Formats' +\n '\\n File : ' + path + '\\\\' + check_file +\n '\\n Installed version : ' + version +\n '\\n Fixed version : 12.0.6690.5000' + '\\n';\n\n hcf_report = '';\n hotfix_add_report(old_report + info, bulletin:bulletin, kb:\"2837615\");\n vuln = TRUE;\n }\n }\n }\n}\n\nif (!version)\n{\n # Additional check if registry key is missing\n path = hotfix_get_officecommonfilesdir(officever:\"12.0\") + \"\\Microsoft Office\\Office12\";\n\n kb = \"2837615\";\n if (\n hotfix_is_vulnerable(file:\"wordcnv.dll\", version:\"12.0.6690.5000\", min_version:\"12.0.0.0\", path:path, bulletin:bulletin, kb:kb)\n ) vuln = TRUE;\n}\n\nif (vuln)\n{\n set_kb_item(name:'SMB/Missing/'+bulletin, value:TRUE);\n hotfix_security_hole();\n hotfix_check_fversion_end();\n exit(0);\n}\nelse\n{\n hotfix_check_fversion_end();\n audit(AUDIT_HOST_NOT, 'affected');\n}\n", "cvss": {"score": 9.3, "vector": "AV:N/AC:M/Au:N/C:C/I:C/A:C"}}], "symantec": [{"lastseen": "2018-03-13T00:16:06", "bulletinFamily": "software", "cvelist": ["CVE-2014-0258"], "description": "### Description\n\nMicrosoft Office is prone to a remote code-execution vulnerability because it fails to properly handle objects in memory. An attacker can leverage this issue to execute arbitrary code in the context of the currently logged-in user. Failed exploit attempts will likely result in denial-of-service conditions.\n\n### Technologies Affected\n\n * Microsoft Office Compatibility Pack Service Pack 3 \n * Microsoft Word 2003 SP3 \n * Microsoft Word 2007 SP3 \n * Microsoft Word Viewer \n\n### Recommendations\n\n**Run all software as a nonprivileged user with minimal access rights.** \nTo reduce the impact of latent vulnerabilities, always run nonadministrative software as an unprivileged user with minimal access rights.\n\n**Deploy network intrusion detection systems to monitor network traffic for malicious activity.** \nDeploy NIDS to monitor network traffic for signs of suspicious or anomalous activity. This may help detect malicious actions that an attacker may take after successfully exploiting vulnerabilities in applications. Review all applicable logs regularly.\n\n**Do not accept or execute files from untrusted or unknown sources.** \nTo reduce the likelihood of successful exploits, never handle files that originate from unfamiliar or untrusted sources.\n\n**Do not follow links provided by unknown or untrusted sources.** \nWeb users should be cautious about following links to sites that are provided by unfamiliar or suspicious sources. Filtering HTML from emails may help remove a possible vector for transmitting malicious links to users.\n\n**Implement multiple redundant layers of security.** \nSince this issue may be leveraged to execute code, we recommend memory-protection schemes, such as nonexecutable stack/heap configurations and randomly mapped memory segments. This tactic may complicate exploits of memory-corruption vulnerabilities.\n\nUpdates are available. Please see the references or vendor advisory for more information.\n", "modified": "2014-01-14T00:00:00", "published": "2014-01-14T00:00:00", "id": "SMNTC-64726", "href": "https://www.symantec.com/content/symantec/english/en/security-center/vulnerabilities/writeup.html/64726", "type": "symantec", "title": "Microsoft Office Word File Processing CVE-2014-0258 Remote Code Execution Vulnerability", "cvss": {"score": 9.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2018-03-12T00:30:33", "bulletinFamily": "software", "cvelist": ["CVE-2014-0259"], "description": "### Description\n\nMicrosoft Office is prone to a remote code-execution vulnerability because it fails to properly handle objects in memory. An attacker can leverage this issue to execute arbitrary code in the context of the currently logged-in user. Failed exploit attempts will likely result in denial-of-service conditions.\n\n### Technologies Affected\n\n * Microsoft Office Compatibility Pack Service Pack 3 \n * Microsoft Word 2007 SP3 \n\n### Recommendations\n\n**Run all software as a nonprivileged user with minimal access rights.** \nTo reduce the impact of latent vulnerabilities, always run nonadministrative software as an unprivileged user with minimal access rights.\n\n**Deploy network intrusion detection systems to monitor network traffic for malicious activity.** \nDeploy NIDS to monitor network traffic for signs of suspicious or anomalous activity. This may help detect malicious actions that an attacker may take after successfully exploiting vulnerabilities in applications. Review all applicable logs regularly.\n\n**Do not accept or execute files from untrusted or unknown sources.** \nTo reduce the likelihood of successful exploits, never handle files that originate from unfamiliar or untrusted sources.\n\n**Do not follow links provided by unknown or untrusted sources.** \nWeb users should be cautious about following links to sites that are provided by unfamiliar or suspicious sources. Filtering HTML from emails may help remove a possible vector for transmitting malicious links to users.\n\n**Implement multiple redundant layers of security.** \nSince this issue may be leveraged to execute code, we recommend memory-protection schemes, such as nonexecutable stack/heap configurations and randomly mapped memory segments. This tactic may complicate exploits of memory-corruption vulnerabilities.\n\nUpdates are available. Please see the references or vendor advisory for more information.\n", "modified": "2014-01-14T00:00:00", "published": "2014-01-14T00:00:00", "id": "SMNTC-64727", "href": "https://www.symantec.com/content/symantec/english/en/security-center/vulnerabilities/writeup.html/64727", "type": "symantec", "title": "Microsoft Office Word File Processing CVE-2014-0259 Remote Code Execution Vulnerability", "cvss": {"score": 9.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2018-03-14T22:41:04", "bulletinFamily": "software", "cvelist": ["CVE-2014-0260"], "description": "### Description\n\nMicrosoft Office is prone to a remote code-execution vulnerability because it fails to properly handle objects in memory. An attacker can leverage this issue to execute arbitrary code in the context of the currently logged-in user. Failed exploit attempts will likely result in denial-of-service conditions.\n\n### Technologies Affected\n\n * Microsoft Office Compatibility Pack Service Pack 3 \n * Microsoft Office Web Apps 2010 SP1 \n * Microsoft Office Web Apps 2010 SP2 \n * Microsoft Office Web Apps Server 2013 \n * Microsoft Word 2003 SP3 \n * Microsoft Word 2007 SP3 \n * Microsoft Word 2010 Service Pack 1 32-bit editions \n * Microsoft Word 2010 Service Pack 1 64-bit editions \n * Microsoft Word 2010 Service Pack 2 (32-bit editions) \n * Microsoft Word 2010 Service Pack 2 (64-bit editions) \n * Microsoft Word 2013 (32-bit editions) \n * Microsoft Word 2013 (64-bit editions) \n * Microsoft Word 2013 RT \n * Microsoft Word Automation Services on Microsoft SharePoint Server 2010 SP1 \n * Microsoft Word Automation Services on Microsoft SharePoint Server 2010 SP2 \n * Microsoft Word Automation Services on Microsoft SharePoint Server 2013 \n * Microsoft Word Viewer \n\n### Recommendations\n\n**Run all software as a nonprivileged user with minimal access rights.** \nTo reduce the impact of latent vulnerabilities, always run nonadministrative software as an unprivileged user with minimal access rights.\n\n**Deploy network intrusion detection systems to monitor network traffic for malicious activity.** \nDeploy NIDS to monitor network traffic for signs of suspicious or anomalous activity. This may help detect malicious actions that an attacker may take after successfully exploiting vulnerabilities in applications. Review all applicable logs regularly.\n\n**Do not accept or execute files from untrusted or unknown sources.** \nTo reduce the likelihood of successful exploits, never handle files that originate from unfamiliar or untrusted sources.\n\n**Do not follow links provided by unknown or untrusted sources.** \nWeb users should be cautious about following links to sites that are provided by unfamiliar or suspicious sources. Filtering HTML from emails may help remove a possible vector for transmitting malicious links to users.\n\n**Implement multiple redundant layers of security.** \nSince this issue may be leveraged to execute code, we recommend memory-protection schemes, such as nonexecutable stack/heap configurations and randomly mapped memory segments. This tactic may complicate exploits of memory-corruption vulnerabilities.\n\nUpdates are available. Please see the references or vendor advisory for more information.\n", "modified": "2014-01-14T00:00:00", "published": "2014-01-14T00:00:00", "id": "SMNTC-64728", "href": "https://www.symantec.com/content/symantec/english/en/security-center/vulnerabilities/writeup.html/64728", "type": "symantec", "title": "Microsoft Office Word File Processing CVE-2014-0260 Remote Code Execution Vulnerability", "cvss": {"score": 9.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}], "seebug": [{"lastseen": "2017-11-19T17:35:55", "description": "BUGTRAQ ID: 64726\r\nCVE(CAN) ID: CVE-2014-0258\r\n\r\nMicrosoft Word \u5c5e\u4e8e\u529e\u516c\u8f6f\u4ef6\u662f\u5fae\u8f6f\u516c\u53f8\u7684\u4e00\u4e2a\u6587\u5b57\u5904\u7406\u5668\u5e94\u7528\u7a0b\u5e8f\u3002\r\n\r\n\u53d7\u5f71\u54cdMicrosoft Word \u8f6f\u4ef6\u89e3\u6790\u7279\u5236\u6587\u4ef6\u65f6\u5b58\u5728\u8fdc\u7a0b\u4ee3\u7801\u6267\u884c\u6f0f\u6d1e\uff0c\u6210\u529f\u5229\u7528\u8fd9\u4e9b\u6f0f\u6d1e\u540e\uff0c\u53ef\u5bfc\u81f4\u5b8c\u5168\u63a7\u5236\u53d7\u5f71\u54cd\u7cfb\u7edf\u3002\r\n0\r\nMicrosoft Word 2013\r\nMicrosoft Word 2010\r\nMicrosoft Word 2007\r\nMicrosoft Word 2003\r\n\u4e34\u65f6\u89e3\u51b3\u65b9\u6cd5\uff1a\r\n\r\n* \u5b89\u88c5\u914d\u7f6eMOICE\u4e3a.doc\u6587\u4ef6\u7684\u6ce8\u518c\u5904\u7406\u7a0b\u5e8f\uff1b\r\n * \u7528Office\u6587\u4ef6\u963b\u6b62\u7b56\u7565\u963b\u6b62\u6253\u5f00.doc\u548c.dot\u4e8c\u8fdb\u5236\u6587\u4ef6\uff1b\r\n * \u4e0d\u8981\u6253\u5f00\u6765\u81ea\u4e0d\u53d7\u4fe1\u4efb\u6e90\u6216\u4ece\u4fe1\u4efb\u6e90\u610f\u5916\u63a5\u6536\u5230\u7684Office\u6587\u4ef6\uff1b\r\n\r\n\u5382\u5546\u8865\u4e01\uff1a\r\n\r\nMicrosoft\r\n---------\r\nMicrosoft\u5df2\u7ecf\u4e3a\u6b64\u53d1\u5e03\u4e86\u4e00\u4e2a\u5b89\u5168\u516c\u544a\uff08MS14-001\uff09\u4ee5\u53ca\u76f8\u5e94\u8865\u4e01:\r\nMS14-001\uff1aVulnerabilities in Microsoft Word and Office Web Apps Could Allow Remote Code Execution (2916605)\r\n\u94fe\u63a5\uff1ahttp://technet.microsoft.com/security/bulletin/MS14-001", "published": "2014-01-15T00:00:00", "type": "seebug", "title": "Microsoft Word\u5185\u5b58\u7834\u574f\u6f0f\u6d1e", "bulletinFamily": "exploit", "cvelist": ["CVE-2014-0258"], "modified": "2014-01-15T00:00:00", "href": "https://www.seebug.org/vuldb/ssvid-61324", "id": "SSV:61324", "sourceData": "", "sourceHref": "", "cvss": {"score": 9.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2017-11-19T17:36:04", "description": "BUGTRAQ ID: 64727\r\nCVE(CAN) ID: CVE-2014-0259\r\n\r\nMicrosoft Word \u5c5e\u4e8e\u529e\u516c\u8f6f\u4ef6\u662f\u5fae\u8f6f\u516c\u53f8\u7684\u4e00\u4e2a\u6587\u5b57\u5904\u7406\u5668\u5e94\u7528\u7a0b\u5e8f\u3002\r\n\r\n\u53d7\u5f71\u54cdMicrosoft Word \u8f6f\u4ef6\u89e3\u6790\u7279\u5236\u6587\u4ef6\u65f6\u5b58\u5728\u8fdc\u7a0b\u4ee3\u7801\u6267\u884c\u6f0f\u6d1e\uff0c\u6210\u529f\u5229\u7528\u8fd9\u4e9b\u6f0f\u6d1e\u540e\uff0c\u53ef\u5bfc\u81f4\u5b8c\u5168\u63a7\u5236\u53d7\u5f71\u54cd\u7cfb\u7edf\u3002\r\n0\r\nMicrosoft Word 2013\r\nMicrosoft Word 2010\r\nMicrosoft Word 2007\r\nMicrosoft Word 2003\r\n\u4e34\u65f6\u89e3\u51b3\u65b9\u6cd5\uff1a\r\n\r\n* \u5b89\u88c5\u914d\u7f6eMOICE\u4e3a.doc\u6587\u4ef6\u7684\u6ce8\u518c\u5904\u7406\u7a0b\u5e8f\uff1b\r\n * \u7528Office\u6587\u4ef6\u963b\u6b62\u7b56\u7565\u963b\u6b62\u6253\u5f00.doc\u548c.dot\u4e8c\u8fdb\u5236\u6587\u4ef6\uff1b\r\n * \u4e0d\u8981\u6253\u5f00\u6765\u81ea\u4e0d\u53d7\u4fe1\u4efb\u6e90\u6216\u4ece\u4fe1\u4efb\u6e90\u610f\u5916\u63a5\u6536\u5230\u7684Office\u6587\u4ef6\uff1b\r\n\r\n\u5382\u5546\u8865\u4e01\uff1a\r\n\r\nMicrosoft\r\n---------\r\nMicrosoft\u5df2\u7ecf\u4e3a\u6b64\u53d1\u5e03\u4e86\u4e00\u4e2a\u5b89\u5168\u516c\u544a\uff08MS14-001\uff09\u4ee5\u53ca\u76f8\u5e94\u8865\u4e01:\r\nMS14-001\uff1aVulnerabilities in Microsoft Word and Office Web Apps Could Allow Remote Code Execution (2916605)\r\n\u94fe\u63a5\uff1ahttp://technet.microsoft.com/security/bulletin/MS14-001", "published": "2014-01-15T00:00:00", "type": "seebug", "title": "Microsoft Word\u5185\u5b58\u7834\u574f\u6f0f\u6d1e", "bulletinFamily": "exploit", "cvelist": ["CVE-2014-0259"], "modified": "2014-01-15T00:00:00", "href": "https://www.seebug.org/vuldb/ssvid-61325", "id": "SSV:61325", "sourceData": "", "sourceHref": "", "cvss": {"score": 9.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2017-11-19T17:36:17", "description": "BUGTRAQ ID: 64728\r\nCVE(CAN) ID: CVE-2014-0260\r\n\r\nMicrosoft Word \u5c5e\u4e8e\u529e\u516c\u8f6f\u4ef6\u662f\u5fae\u8f6f\u516c\u53f8\u7684\u4e00\u4e2a\u6587\u5b57\u5904\u7406\u5668\u5e94\u7528\u7a0b\u5e8f\u3002\r\n\r\n\u53d7\u5f71\u54cdMicrosoft Word \u8f6f\u4ef6\u89e3\u6790\u7279\u5236\u6587\u4ef6\u65f6\u5b58\u5728\u8fdc\u7a0b\u4ee3\u7801\u6267\u884c\u6f0f\u6d1e\uff0c\u6210\u529f\u5229\u7528\u8fd9\u4e9b\u6f0f\u6d1e\u540e\uff0c\u53ef\u5bfc\u81f4\u5b8c\u5168\u63a7\u5236\u53d7\u5f71\u54cd\u7cfb\u7edf\u3002\r\n0\r\nMicrosoft Word 2013\r\nMicrosoft Word 2010\r\nMicrosoft Word 2007\r\nMicrosoft Word 2003\r\n\u4e34\u65f6\u89e3\u51b3\u65b9\u6cd5\uff1a\r\n\r\n* \u5b89\u88c5\u914d\u7f6eMOICE\u4e3a.doc\u6587\u4ef6\u7684\u6ce8\u518c\u5904\u7406\u7a0b\u5e8f\uff1b\r\n * \u7528Office\u6587\u4ef6\u963b\u6b62\u7b56\u7565\u963b\u6b62\u6253\u5f00.doc\u548c.dot\u4e8c\u8fdb\u5236\u6587\u4ef6\uff1b\r\n * \u4e0d\u8981\u6253\u5f00\u6765\u81ea\u4e0d\u53d7\u4fe1\u4efb\u6e90\u6216\u4ece\u4fe1\u4efb\u6e90\u610f\u5916\u63a5\u6536\u5230\u7684Office\u6587\u4ef6\uff1b\r\n\r\n\u5382\u5546\u8865\u4e01\uff1a\r\n\r\nMicrosoft\r\n---------\r\nMicrosoft\u5df2\u7ecf\u4e3a\u6b64\u53d1\u5e03\u4e86\u4e00\u4e2a\u5b89\u5168\u516c\u544a\uff08MS14-001\uff09\u4ee5\u53ca\u76f8\u5e94\u8865\u4e01:\r\nMS14-001\uff1aVulnerabilities in Microsoft Word and Office Web Apps Could Allow Remote Code Execution (2916605)\r\n\u94fe\u63a5\uff1ahttp://technet.microsoft.com/security/bulletin/MS14-001", "published": "2014-01-15T00:00:00", "type": "seebug", "title": "Microsoft Word\u5185\u5b58\u7834\u574f\u6f0f\u6d1e", "bulletinFamily": "exploit", "cvelist": ["CVE-2014-0260"], "modified": "2014-01-15T00:00:00", "href": "https://www.seebug.org/vuldb/ssvid-61326", "id": "SSV:61326", "sourceData": "", "sourceHref": "", "cvss": {"score": 9.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}], "kaspersky": [{"lastseen": "2020-09-02T11:57:45", "bulletinFamily": "info", "cvelist": ["CVE-2014-0258", "CVE-2014-4077", "CVE-2014-6357", "CVE-2014-6361", "CVE-2014-1809", "CVE-2014-1817", "CVE-2014-6334", "CVE-2014-6335", "CVE-2014-1758", "CVE-2014-1818", "CVE-2014-0259", "CVE-2014-1757", "CVE-2014-2778", "CVE-2014-6364", "CVE-2014-1808", "CVE-2014-0260", "CVE-2014-1761", "CVE-2014-2815", "CVE-2014-4117", "CVE-2014-1756", "CVE-2014-6360", "CVE-2014-6333"], "description": "### *Detect date*:\n12/09/2014\n\n### *Severity*:\nCritical\n\n### *Description*:\nMultiple serious vulnerabilities have been found in Microsoft Office products. Malicious users can exploit these vulnerabilities to run arbitrary code, cause denial of service, loss of integrity, security bypass, privilege escalation and obtain sensitive information.\n\n### *Affected products*:\nMicrosoft Office 2003, \nMicrosoft Office 2007, \nMicrosoft Office 2010, \nMicrosoft Office 2013, \nMicrosoft Office 2013 RT, \nMicrosoft Office for Mac, \nMicrosoft Word Viewer, \nMicrosoft Office Web Apps, \nMicrosoft SharePoint Server, \nMicrosoft Office Compatibility Pack, \nMicrosoft OneNote.\n\n### *Solution*:\nInstall necessary updates from the KB section, that are listed in your Windows Update (Windows Update usually can be accessed from the Control Panel)\n\n### *Original advisories*:\n[CVE-2014-1818](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2014-1818>) \n[CVE-2014-1817](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2014-1817>) \n[CVE-2014-2778](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2014-2778>) \n[CVE-2014-4077](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2014-4077>) \n[CVE-2014-0260](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2014-0260>) \n[CVE-2014-0259](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2014-0259>) \n[CVE-2014-2815](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2014-2815>) \n[CVE-2014-6333](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2014-6333>) \n[CVE-2014-6361](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2014-6361>) \n[CVE-2014-6360](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2014-6360>) \n[CVE-2014-6364](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2014-6364>) \n[CVE-2014-6357](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2014-6357>) \n[CVE-2014-1761](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2014-1761>) \n[CVE-2014-0258](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2014-0258>) \n[CVE-2014-1808](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2014-1808>) \n[CVE-2014-1756](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2014-1756>) \n[CVE-2014-1757](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2014-1757>) \n[CVE-2014-1758](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2014-1758>) \n[CVE-2014-6334](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2014-6334>) \n[CVE-2014-6335](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2014-6335>) \n[CVE-2014-4117](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2014-4117>) \n[CVE-2014-1809](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2014-1809>) \n\n\n### *Impacts*:\nACE \n\n### *Related products*:\n[Microsoft Office](<https://threats.kaspersky.com/en/product/Microsoft-Office/>)\n\n### *CVE-IDS*:\n[CVE-2014-1818](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-1818>)9.3Critical \n[CVE-2014-1817](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-1817>)9.3Critical \n[CVE-2014-2778](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-2778>)9.3Critical \n[CVE-2014-4077](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-4077>)9.3Critical \n[CVE-2014-0260](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0260>)9.3Critical \n[CVE-2014-0259](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0259>)9.3Critical \n[CVE-2014-2815](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-2815>)9.3Critical \n[CVE-2014-6333](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-6333>)9.3Critical \n[CVE-2014-6361](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-6361>)9.3Critical \n[CVE-2014-6360](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-6360>)9.3Critical \n[CVE-2014-6364](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-6364>)9.3Critical \n[CVE-2014-6357](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-6357>)9.3Critical \n[CVE-2014-1761](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-1761>)9.3Critical \n[CVE-2014-0258](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0258>)9.3Critical \n[CVE-2014-1808](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-1808>)4.3Warning \n[CVE-2014-1756](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-1756>)9.3Critical \n[CVE-2014-1757](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-1757>)9.3Critical \n[CVE-2014-1758](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-1758>)9.3Critical \n[CVE-2014-6334](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-6334>)9.3Critical \n[CVE-2014-6335](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-6335>)9.3Critical \n[CVE-2014-4117](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-4117>)9.3Critical \n[CVE-2014-1809](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-1809>)6.8High\n\n### *Microsoft official advisories*:\n\n\n### *KB list*:\n[2967487](<http://support.microsoft.com/kb/2967487>) \n[2969261](<http://support.microsoft.com/kb/2969261>) \n[2992719](<http://support.microsoft.com/kb/2992719>) \n[3017301](<http://support.microsoft.com/kb/3017301>) \n[3017349](<http://support.microsoft.com/kb/3017349>) \n[3017347](<http://support.microsoft.com/kb/3017347>) \n[3009710](<http://support.microsoft.com/kb/3009710>) \n[3000434](<http://support.microsoft.com/kb/3000434>) \n[2961033](<http://support.microsoft.com/kb/2961033>) \n[2961037](<http://support.microsoft.com/kb/2961037>) \n[2950145](<http://support.microsoft.com/kb/2950145>) \n[2949660](<http://support.microsoft.com/kb/2949660>) \n[2916605](<http://support.microsoft.com/kb/2916605>) \n[2977201](<http://support.microsoft.com/kb/2977201>)\n\n### *Exploitation*:\nMalware exists for this vulnerability. Usually such malware is classified as Exploit. [More details](<https://threats.kaspersky.com/en/class/Exploit/>).", "edition": 41, "modified": "2020-06-18T00:00:00", "published": "2014-12-09T00:00:00", "id": "KLA10616", "href": "https://threats.kaspersky.com/en/vulnerability/KLA10616", "title": "\r KLA10616Multiple vulnerabilities in Microsoft Office ", "type": "kaspersky", "cvss": {"score": 9.3, "vector": "AV:N/AC:M/Au:N/C:C/I:C/A:C"}}]}