Memory corruption

2015-03-1110:59:00

PRIOn knowledge base

www.prio-n.com

8.1 High

AI Score

Confidence

High

9.3 High

CVSS2

Access Vector

NETWORK

Access Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:M/Au:N/C:C/I:C/A:C

0.757 High

EPSS

Percentile

98.1%

JSON

Microsoft Word 2007 SP3, Office 2010 SP2, Word 2010 SP2, Word 2013 Gold and SP1, Word 2013 RT Gold and SP1, Word Viewer, Office Compatibility Pack SP3, Word Automation Services on SharePoint Server 2010 SP2, Word Automation Services on SharePoint Server 2013 Gold and SP1, Web Applications 2010 SP2, and Web Apps Server 2013 Gold and SP1 allow remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted RTF document, aka “Microsoft Office Memory Corruption Vulnerability.”

CPENameOperatorVersion
officeeq2010 sp2
officeeq2010 sp2
office_web_apps_servereq2013
office_web_apps_servereq2013 sp1
sharepoint_servereq2010 sp2
sharepoint_servereq2013
sharepoint_servereq2013 sp1
web_applicationseq2010 sp2
wordeq2013 sp1
wordeq2013

Name	Operator	Version
office	eq	2010 sp2
office	eq	2010 sp2
office_web_apps_server	eq	2013
office_web_apps_server	eq	2013 sp1
sharepoint_server	eq	2010 sp2
sharepoint_server	eq	2013
sharepoint_server	eq	2013 sp1
web_applications	eq	2010 sp2
word	eq	2013 sp1
word	eq	2013