Lucene search

PRIOn knowledge basePRION:CVE-2011-1982

HistorySep 15, 2011 - 12:26 p.m.

Null pointer dereference

2011-09-1512:26:00

PRIOn knowledge base

www.prio-n.com

8 High

AI Score

Confidence

Low

9.3 High

CVSS2

Access Vector

NETWORK

Access Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:M/Au:N/C:C/I:C/A:C

0.829 High

EPSS

Percentile

98.3%

JSON

Microsoft Office 2007 SP2, and 2010 Gold and SP1, does not initialize an unspecified object pointer during the opening of Word documents, which allows remote attackers to execute arbitrary code via a crafted document, aka “Office Uninitialized Object Pointer Vulnerability.”

CPENameOperatorVersion
officeeq2010 x32
officeeq2010 x64
officeeq2007 sp2
officeeq2010 sp1-x32
officeeq2010 sp1-x64

Name	Operator	Version
office	eq	2010 x32
office	eq	2010 x64
office	eq	2007 sp2
office	eq	2010 sp1-x32
office	eq	2010 sp1-x64

References

www.kb.cert.org/vuls/id/909022

www.us-cert.gov/cas/techalerts/TA11-256A.html

docs.microsoft.com/en-us/security-updates/securitybulletins/2011/ms11-073

oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A12243

8 High

AI Score

Confidence

Low

9.3 High

CVSS2

Access Vector

NETWORK

Access Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:M/Au:N/C:C/I:C/A:C

0.829 High

EPSS

Percentile

98.3%

JSON

Related for PRION:CVE-2011-1982