CVE-2014-2730
CVE-2014-2730 affects the XML parser in Microsoft Office products: Office 2007 SP3, 2010 SP1/SP2, 2013, and Office for Mac 2011. The vulnerability arises from the parser not properly detecting recursion during entity expansion, allowing a crafted XML document with deeply nested entity references ...