{"id": "SECURITYVULNS:VULN:13861", "bulletinFamily": "software", "title": "Microsoft Word memory corruption", "description": "Memory corruption on embedded fonts parsing.", "published": "2014-07-14T00:00:00", "modified": "2014-07-14T00:00:00", "cvss": {"score": 9.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}, "href": "https://vulners.com/securityvulns/SECURITYVULNS:VULN:13861", "reporter": "BUGTRAQ", "references": [], "cvelist": ["CVE-2014-2778"], "type": "securityvulns", "lastseen": "2018-08-31T11:09:56", "history": [], "edition": 1, "hashmap": [{"key": "affectedSoftware", "hash": "8175ab7c7dfdfa4be8d98f39b5b91df9"}, {"key": "bulletinFamily", "hash": "f9fa10ba956cacf91d7878861139efb9"}, {"key": "cvelist", "hash": "c971ac3e95f2fb6f247d2b502b0512b3"}, {"key": "cvss", "hash": "2076413bdcb42307d016f5286cbae795"}, {"key": "description", "hash": "aede50e2a64597aab8f19602be27e75a"}, {"key": "href", "hash": "3fcde69714d0c5000c80522ac4685741"}, {"key": "modified", "hash": "fe0c09986c42ee123db12e96d241d526"}, {"key": "published", "hash": "fe0c09986c42ee123db12e96d241d526"}, {"key": "references", "hash": "d41d8cd98f00b204e9800998ecf8427e"}, {"key": "reporter", "hash": "2c5cca82a8670da097919f6160833daf"}, {"key": "title", "hash": "c57479032fff3998a63090c8a1b8c121"}, {"key": "type", "hash": "d54751dd75af2ea0147b462b3e001cd0"}], "hash": "3094dc58ab1ba8aeed10125007f800bd70564f4b74470164e9244e63e8e552e4", "viewCount": 3, "enchantments": {"score": {"value": 7.2, "vector": "NONE", "modified": "2018-08-31T11:09:56"}, "dependencies": {"references": [{"type": "cve", "idList": ["CVE-2014-2778"]}, {"type": "symantec", "idList": ["SMNTC-67896"]}, {"type": "openvas", "idList": ["OPENVAS:1361412562310804458", "OPENVAS:1361412562310804457"]}, {"type": "nessus", "idList": ["SMB_NT_MS14-034.NASL"]}, {"type": "kaspersky", "idList": ["KLA10012", "KLA10616"]}], "modified": "2018-08-31T11:09:56"}, "vulnersScore": 7.2}, "objectVersion": "1.3", "affectedSoftware": [{"name": "Office", "operator": "eq", "version": "2007"}]}

{"cve": [{"lastseen": "2018-10-13T11:06:29", "bulletinFamily": "NVD", "description": "Microsoft Word 2007 SP3 and Office Compatibility Pack SP3 allow remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted embedded font in a (1) .doc or (2) .docx document, aka \"Embedded Font Vulnerability.\"", "modified": "2018-10-12T18:06:28", "published": "2014-06-11T00:56:20", "id": "CVE-2014-2778", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2014-2778", "title": "CVE-2014-2778", "type": "cve", "cvss": {"score": 9.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}], "symantec": [{"lastseen": "2018-03-13T10:05:51", "bulletinFamily": "software", "description": "### Description\n\nMicrosoft Office is prone to a remote code-execution vulnerability because it fails to properly handle objects in memory. An attacker can leverage this issue to execute arbitrary code in the context of the currently logged-in user. Failed exploit attempts will likely result in denial-of-service conditions.\n\n### Technologies Affected\n\n * Microsoft Office Compatibility Pack SP3 \n * Microsoft Word 2007 SP3 \n\n### Recommendations\n\n**Run all software as a nonprivileged user with minimal access rights.** \nTo reduce the impact of latent vulnerabilities, always run nonadministrative software as an unprivileged user with minimal access rights.\n\n**Deploy network intrusion detection systems to monitor network traffic for malicious activity.** \nDeploy NIDS to monitor network traffic for signs of suspicious or anomalous activity. This may help detect malicious actions that an attacker may take after successfully exploiting vulnerabilities in applications. Review all applicable logs regularly.\n\n**Do not accept or execute files from untrusted or unknown sources.** \nTo reduce the likelihood of successful exploits, never handle files that originate from unfamiliar or untrusted sources.\n\n**Do not follow links provided by unknown or untrusted sources.** \nWeb users should be cautious about following links to sites that are provided by unfamiliar or suspicious sources. Filtering HTML from emails may help remove a possible vector for transmitting malicious links to users.\n\n**Implement multiple redundant layers of security.** \nSince this issue may be leveraged to execute code, we recommend memory-protection schemes, such as nonexecutable stack/heap configurations and randomly mapped memory segments. This tactic may complicate exploits of memory-corruption vulnerabilities.\n\nUpdates are available. Please see the references or vendor advisory for more information.\n", "modified": "2014-06-10T00:00:00", "published": "2014-06-10T00:00:00", "id": "SMNTC-67896", "href": "https://www.symantec.com/content/symantec/english/en/security-center/vulnerabilities/writeup.html/67896", "type": "symantec", "title": "Microsoft Office Word File Processing CVE-2014-2778 Remote Code Execution Vulnerability", "cvss": {"score": 9.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}], "openvas": [{"lastseen": "2018-10-22T16:41:06", "bulletinFamily": "scanner", "description": "This host is missing an important security update according to\nMicrosoft Bulletin MS14-034.", "modified": "2018-10-12T00:00:00", "published": "2014-06-11T00:00:00", "id": "OPENVAS:1361412562310804458", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310804458", "title": "Microsoft Office Compatibility Pack Remote Code Execution Vulnerability (2969261)", "type": "openvas", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n# $Id: gb_ms_compat_pack_ms14-034.nasl 11878 2018-10-12 12:40:08Z cfischer $\n#\n# Microsoft Office Compatibility Pack Remote Code Execution Vulnerability (2969261)\n#\n# Authors:\n# Antu Sanadi <santu@secpod.com>\n#\n# Copyright:\n# Copyright (C) 2014 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.804458\");\n script_version(\"$Revision: 11878 $\");\n script_cve_id(\"CVE-2014-2778\");\n script_bugtraq_id(67896);\n script_tag(name:\"cvss_base\", value:\"9.3\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:C/I:C/A:C\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-10-12 14:40:08 +0200 (Fri, 12 Oct 2018) $\");\n script_tag(name:\"creation_date\", value:\"2014-06-11 08:46:24 +0530 (Wed, 11 Jun 2014)\");\n script_name(\"Microsoft Office Compatibility Pack Remote Code Execution Vulnerability (2969261)\");\n\n\n script_tag(name:\"summary\", value:\"This host is missing an important security update according to\nMicrosoft Bulletin MS14-034.\");\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable version is present on the target host.\");\n script_tag(name:\"insight\", value:\"The flaw is due to an unspecified error when processing embedded fonts,\nwhich can be exploited to execute arbitrary code.\");\n script_tag(name:\"impact\", value:\"Successful exploitation will allow remote attackers to execute the arbitrary\ncode, cause memory corruption and compromise the system.\");\n script_tag(name:\"affected\", value:\"Microsoft Office Compatibility Pack Service Pack 3 and prior\");\n script_tag(name:\"solution\", value:\"Run Windows Update and update the listed hotfixes or download and install\n the hotfixes from the referenced advisory.\");\n script_tag(name:\"qod_type\", value:\"registry\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n\n script_xref(name:\"URL\", value:\"http://secunia.com/advisories/58551\");\n script_xref(name:\"URL\", value:\"http://support.microsoft.com/kb/2880513\");\n script_xref(name:\"URL\", value:\"http://technet.microsoft.com/en-us/security/bulletin/ms14-034\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2014 Greenbone Networks GmbH\");\n script_family(\"Windows : Microsoft Bulletins\");\n script_dependencies(\"secpod_office_products_version_900032.nasl\");\n script_mandatory_keys(\"SMB/Office/WordCnv/Version\");\n script_require_ports(139, 445);\n script_xref(name:\"URL\", value:\"https://technet.microsoft.com/en-us/security/bulletin/ms14-034\");\n exit(0);\n}\n\n\ninclude(\"smb_nt.inc\");\ninclude(\"secpod_reg.inc\");\ninclude(\"version_func.inc\");\ninclude(\"secpod_smb_func.inc\");\n\nwordcnvVer = get_kb_item(\"SMB/Office/WordCnv/Version\");\nif(wordcnvVer && wordcnvVer =~ \"^12.*\")\n{\n # Office Word Converter\n path = registry_get_sz(key:\"SOFTWARE\\Microsoft\\Windows\\CurrentVersion\",\n item:\"ProgramFilesDir\");\n if(path)\n {\n sysVer = fetch_file_version(sysPath:path + \"\\Microsoft Office\\Office12\", file_name:\"Wordcnv.dll\");\n\n if(sysVer)\n {\n if(version_in_range(version:sysVer, test_version:\"12.0\", test_version2:\"12.0.6700.4999\"))\n {\n security_message( port: 0, data: \"The target host was found to be vulnerable\" );\n exit(0);\n }\n }\n }\n}\n", "cvss": {"score": 9.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2018-10-22T16:40:59", "bulletinFamily": "scanner", "description": "This host is missing an important security update according to\nMicrosoft Bulletin MS14-034.", "modified": "2018-10-12T00:00:00", "published": "2014-06-11T00:00:00", "id": "OPENVAS:1361412562310804457", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310804457", "title": "Microsoft Office Word Remote Code Execution Vulnerability (2969261)", "type": "openvas", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n# $Id: gb_ms_winword_ms14-034.nasl 11878 2018-10-12 12:40:08Z cfischer $\n#\n# Microsoft Office Word Remote Code Execution Vulnerability (2969261)\n#\n# Authors:\n# Antu Sanadi <santu@secpod.com>\n#\n# Copyright:\n# Copyright (C) 2014 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.804457\");\n script_version(\"$Revision: 11878 $\");\n script_cve_id(\"CVE-2014-2778\");\n script_bugtraq_id(67896);\n script_tag(name:\"cvss_base\", value:\"9.3\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:C/I:C/A:C\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-10-12 14:40:08 +0200 (Fri, 12 Oct 2018) $\");\n script_tag(name:\"creation_date\", value:\"2014-06-11 08:36:13 +0530 (Wed, 11 Jun 2014)\");\n script_name(\"Microsoft Office Word Remote Code Execution Vulnerability (2969261)\");\n\n\n script_tag(name:\"summary\", value:\"This host is missing an important security update according to\nMicrosoft Bulletin MS14-034.\");\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable version is present on the target host.\");\n script_tag(name:\"insight\", value:\"The flaw is due to an unspecified error when processing embedded fonts,\nwhich can be exploited to execute arbitrary code.\");\n script_tag(name:\"impact\", value:\"Successful exploitation will allow remote attackers to execute the arbitrary\ncode, cause memory corruption and compromise the system.\");\n script_tag(name:\"affected\", value:\"Microsoft Word 2007 Service Pack 3 and prior\");\n script_tag(name:\"solution\", value:\"Run Windows Update and update the listed hotfixes or download and install\n the hotfixes from the referenced advisory.\");\n script_tag(name:\"qod_type\", value:\"registry\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n\n script_xref(name:\"URL\", value:\"http://secunia.com/advisories/58551\");\n script_xref(name:\"URL\", value:\"http://support.microsoft.com/kb/2880515\");\n script_xref(name:\"URL\", value:\"http://technet.microsoft.com/en-us/security/bulletin/ms14-034\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2014 Greenbone Networks GmbH\");\n script_family(\"Windows : Microsoft Bulletins\");\n script_dependencies(\"secpod_office_products_version_900032.nasl\");\n script_mandatory_keys(\"SMB/Office/Word/Version\");\n script_xref(name:\"URL\", value:\"https://technet.microsoft.com/en-us/security/bulletin/ms14-034\");\n exit(0);\n}\n\n\ninclude(\"secpod_reg.inc\");\ninclude(\"version_func.inc\");\n\nwinwordVer = get_kb_item(\"SMB/Office/Word/Version\");\n\n## Microsoft Office Word 2003/2007/2010\nif(winwordVer && winwordVer =~ \"^12.*\")\n{\n if(version_in_range(version:winwordVer, test_version:\"12.0\", test_version2:\"12.0.6700.4999\"))\n {\n security_message( port: 0, data: \"The target host was found to be vulnerable\" );\n exit(0);\n }\n}\n", "cvss": {"score": 9.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}], "kaspersky": [{"lastseen": "2019-02-19T17:02:26", "bulletinFamily": "info", "description": "### *Detect date*:\n06/10/2014\n\n### *Severity*:\nCritical\n\n### *Description*:\nAn unspecified vulnerability was found in the Word 2007 and Office Compatibility Pack. By exploiting this vulnerability malicious users can execute arbitrary code or cause a denial of service. This vulnerability can be exploited from the network at point related to an unknown application via a specially designed embedded font.\n\n### *Affected products*:\nWord 2007 Service Pack 3, Office Compatibility Pack Service Pack 3.\n\n### *Solution*:\nInstall necessary updates from the KB section, that are listed in your Windows Update (Windows Update usually can be accessed from the Control Panel)\n\n### *Original advisories*:\n[MS bulletin](<https://technet.microsoft.com/en-us/library/security/ms14-034.aspx>) \n[CVE-2014-2778](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2014-2778>) \n\n\n### *Impacts*:\nACE \n\n### *Related products*:\n[Microsoft Office Compatibility Pack for Word, Excel, and PowerPoint 2007 File Formats](<https://threats.kaspersky.com/en/product/Microsoft-Office-Compatibility-Pack-for-Word,-Excel,-and-PowerPoint-2007-File-Formats/>)\n\n### *CVE-IDS*:\n[CVE-2014-2778](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-2778>)\n\n### *Microsoft official advisories*:\n\n\n### *KB list*:\n[2880513](<http://support.microsoft.com/kb/2880513>) \n[2969261](<http://support.microsoft.com/kb/2969261>) \n[2880515](<http://support.microsoft.com/kb/2880515>)", "modified": "2019-02-15T00:00:00", "published": "2014-06-10T00:00:00", "id": "KLA10012", "href": "https://threats.kaspersky.com/en/vulnerability/KLA10012", "title": "\r KLA10012Vulnerability in Microsoft Word 2007 & Office Compatibility Pack ", "type": "kaspersky", "cvss": {"score": 9.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2019-02-19T17:03:15", "bulletinFamily": "info", "description": "### *Detect date*:\n12/09/2014\n\n### *Severity*:\nCritical\n\n### *Description*:\nMultiple serious vulnerabilities have been found in Microsoft Office products. Malicious users can exploit these vulnerabilities to run arbitrary code, cause denial of service, loss of integrity, security bypass, privilege escalation and obtain sensitive information.\n\n### *Affected products*:\nMicrosoft Office 2003, \nMicrosoft Office 2007, \nMicrosoft Office 2010, \nMicrosoft Office 2013, \nMicrosoft Office 2013 RT, \nMicrosoft Office for Mac, \nMicrosoft Word Viewer, \nMicrosoft Office Web Apps, \nMicrosoft SharePoint Server, \nMicrosoft Office Compatibility Pack, \nMicrosoft OneNote.\n\n### *Solution*:\nInstall necessary updates from the KB section, that are listed in your Windows Update (Windows Update usually can be accessed from the Control Panel)\n\n### *Original advisories*:\n[CVE-2014-1818](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2014-1818>) \n[CVE-2014-1817](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2014-1817>) \n[CVE-2014-2778](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2014-2778>) \n[CVE-2014-4077](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2014-4077>) \n[CVE-2014-0260](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2014-0260>) \n[CVE-2014-0259](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2014-0259>) \n[CVE-2014-2815](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2014-2815>) \n[CVE-2014-6333](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2014-6333>) \n[CVE-2014-6361](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2014-6361>) \n[CVE-2014-6360](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2014-6360>) \n[CVE-2014-6364](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2014-6364>) \n[CVE-2014-6357](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2014-6357>) \n[CVE-2014-1761](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2014-1761>) \n[CVE-2014-0258](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2014-0258>) \n[CVE-2014-1808](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2014-1808>) \n[CVE-2014-1756](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2014-1756>) \n[CVE-2014-1757](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2014-1757>) \n[CVE-2014-1758](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2014-1758>) \n[CVE-2014-6334](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2014-6334>) \n[CVE-2014-6335](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2014-6335>) \n[CVE-2014-4117](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2014-4117>) \n[CVE-2014-1809](<https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2014-1809>) \n\n\n### *Impacts*:\nACE \n\n### *Related products*:\n[Microsoft Office](<https://threats.kaspersky.com/en/product/Microsoft-Office/>)\n\n### *CVE-IDS*:\n[CVE-2014-1818](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-1818>) \n[CVE-2014-1817](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-1817>) \n[CVE-2014-2778](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-2778>) \n[CVE-2014-4077](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-4077>) \n[CVE-2014-0260](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0260>) \n[CVE-2014-0259](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0259>) \n[CVE-2014-2815](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-2815>) \n[CVE-2014-6333](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-6333>) \n[CVE-2014-6361](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-6361>) \n[CVE-2014-6360](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-6360>) \n[CVE-2014-6364](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-6364>) \n[CVE-2014-6357](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-6357>) \n[CVE-2014-1761](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-1761>) \n[CVE-2014-0258](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0258>) \n[CVE-2014-1808](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-1808>) \n[CVE-2014-1756](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-1756>) \n[CVE-2014-1757](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-1757>) \n[CVE-2014-1758](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-1758>) \n[CVE-2014-6334](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-6334>) \n[CVE-2014-6335](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-6335>) \n[CVE-2014-4117](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-4117>) \n[CVE-2014-1809](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-1809>)\n\n### *Microsoft official advisories*:\n\n\n### *KB list*:\n[2967487](<http://support.microsoft.com/kb/2967487>) \n[2969261](<http://support.microsoft.com/kb/2969261>) \n[2992719](<http://support.microsoft.com/kb/2992719>) \n[3017301](<http://support.microsoft.com/kb/3017301>) \n[3017349](<http://support.microsoft.com/kb/3017349>) \n[3017347](<http://support.microsoft.com/kb/3017347>) \n[3009710](<http://support.microsoft.com/kb/3009710>) \n[3000434](<http://support.microsoft.com/kb/3000434>) \n[2961033](<http://support.microsoft.com/kb/2961033>) \n[2961037](<http://support.microsoft.com/kb/2961037>) \n[2950145](<http://support.microsoft.com/kb/2950145>) \n[2949660](<http://support.microsoft.com/kb/2949660>) \n[2916605](<http://support.microsoft.com/kb/2916605>) \n[2977201](<http://support.microsoft.com/kb/2977201>)", "modified": "2019-02-15T00:00:00", "published": "2014-12-09T00:00:00", "id": "KLA10616", "href": "https://threats.kaspersky.com/en/vulnerability/KLA10616", "title": "\r KLA10616Multiple vulnerabilities in Microsoft Office ", "type": "kaspersky", "cvss": {"score": 9.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}], "nessus": [{"lastseen": "2019-02-21T01:21:16", "bulletinFamily": "scanner", "description": "The remote Windows host has a version of Microsoft Word or Office Compatibility Pack that is affected by an unspecified memory corruption vulnerability. By tricking a user into opening a specially crafted file, it may be possible for a remote attacker to take complete control of the system or execute arbitrary code.", "modified": "2018-11-15T00:00:00", "id": "SMB_NT_MS14-034.NASL", "href": "https://www.tenable.com/plugins/index.php?view=single&id=74426", "published": "2014-06-11T00:00:00", "title": "MS14-034: Vulnerability in Microsoft Word Could Allow Remote Code Execution (2969261)", "type": "nessus", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(74426);\n script_version(\"1.9\");\n script_cvs_date(\"Date: 2018/11/15 20:50:31\");\n\n script_cve_id(\"CVE-2014-2778\");\n script_bugtraq_id(67896);\n script_xref(name:\"MSFT\", value:\"MS14-034\");\n script_xref(name:\"MSKB\", value:\"2880513\");\n script_xref(name:\"MSKB\", value:\"2880515\");\n\n script_name(english:\"MS14-034: Vulnerability in Microsoft Word Could Allow Remote Code Execution (2969261)\");\n script_summary(english:\"Checks Word 2007 version\");\n\n script_set_attribute(attribute:\"synopsis\", value:\"The remote host is affected by a memory corruption vulnerability.\");\n script_set_attribute(attribute:\"description\", value:\n\"The remote Windows host has a version of Microsoft Word or Office\nCompatibility Pack that is affected by an unspecified memory\ncorruption vulnerability. By tricking a user into opening a specially\ncrafted file, it may be possible for a remote attacker to take\ncomplete control of the system or execute arbitrary code.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://docs.microsoft.com/en-us/security-updates/SecurityBulletins/2014/ms14-034\");\n script_set_attribute(attribute:\"solution\", value:\n\"Microsoft has released a set of patches for Office 2007 and Office\nCompatibility Pack.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2014/06/10\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2014/06/10\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2014/06/11\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:microsoft:office\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:microsoft:word\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:microsoft:office_compatibility_pack\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Windows : Microsoft Bulletins\");\n\n script_copyright(english:\"This script is Copyright (C) 2014-2018 Tenable Network Security, Inc.\");\n\n script_dependencies(\"office_installed.nasl\", \"smb_hotfixes.nasl\", \"ms_bulletin_checks_possible.nasl\");\n script_require_keys(\"SMB/MS_Bulletin_Checks/Possible\");\n script_require_ports(139, 445, \"Host/patch_management_checks\");\n\n exit(0);\n}\n\ninclude(\"audit.inc\");\ninclude(\"smb_func.inc\");\ninclude(\"smb_hotfixes.inc\");\ninclude(\"smb_hotfixes_fcheck.inc\");\ninclude(\"smb_reg_query.inc\");\ninclude(\"misc_func.inc\");\n\nget_kb_item_or_exit(\"SMB/MS_Bulletin_Checks/Possible\");\n\nbulletin = 'MS14-034';\nkbs = make_list(\n 2880513, # Office 2007 Compatibility Pack\n 2880515 # Word 2007\n);\nif (get_kb_item(\"Host/patch_management_checks\")) hotfix_check_3rd_party(bulletin:bulletin, kbs:kbs, severity:SECURITY_HOLE);\n\nvuln = FALSE;\n\n# Word\nkb = \"\";\ninstalls = get_kb_list(\"SMB/Office/Word/*/ProductPath\");\nif (!isnull(installs))\n{\n foreach install (keys(installs))\n {\n version = install - 'SMB/Office/Word/' - '/ProductPath';\n path = installs[install];\n info = \"\";\n\n ver = split(version, sep:'.', keep:FALSE);\n for (i=0; i<max_index(ver); i++)\n ver[i] = int(ver[i]);\n\n # Word 2007\n if (\n ver[0] == 12 && ver[1] == 0 &&\n (\n ver[2] < 6700 ||\n (ver[2] == 6700 && ver[3] < 5000)\n )\n )\n {\n office_sp = get_kb_item(\"SMB/Office/2007/SP\");\n if (!isnull(office_sp) && office_sp == 3)\n {\n info =\n '\\n Product : Word 2007 SP3' +\n '\\n File : ' + path +\n '\\n Installed version : ' + version +\n '\\n Fixed version : 12.0.6700.5000' + '\\n';\n kb = \"2880515\";\n }\n }\n\n if (info)\n {\n hotfix_add_report(info, bulletin:bulletin, kb:kb);\n vuln = TRUE;\n }\n }\n}\n\n# Office Compatibility Pack\nversion = '';\ninstalls = get_kb_list(\"SMB/Office/WordCnv/*/ProductPath\");\nif (!isnull(installs))\n{\n foreach install (keys(installs))\n {\n version = install - 'SMB/Office/WordCnv/' - '/ProductPath';\n path = installs[install];\n\n if (!isnull(path))\n {\n share = hotfix_path2share(path:path);\n if (!is_accessible_share(share:share))\n audit(AUDIT_SHARE_FAIL, share);\n\n path = path - '\\\\Wordconv.exe';\n\n old_report = hotfix_get_report();\n check_file = \"wordcnv.dll\";\n\n if (hotfix_check_fversion(path:path, file:check_file, version:\"12.0.6700.5000\", min_version:\"12.0.6500.5000\") == HCF_OLDER)\n {\n file = ereg_replace(pattern:\"^[A-Za-z]:(.*)\", string:path, replace:\"\\1\\\" + check_file);\n kb_name = \"SMB/FileVersions/\"+tolower(share-'$')+tolower(str_replace(string:file, find:\"\\\", replace:\"/\"));\n kb_name = ereg_replace(pattern:\"//\"+check_file, replace:\"/\"+check_file, string:kb_name);\n version = get_kb_item(kb_name);\n\n info =\n '\\n Product : Microsoft Office Compatibility Pack for Word, Excel, and PowerPoint 2007 File Formats' +\n '\\n File : ' + path + '\\\\' + check_file +\n '\\n Installed version : ' + version +\n '\\n Fixed version : 12.0.6700.5000' + '\\n';\n\n hcf_report = '';\n hotfix_add_report(old_report + info, bulletin:bulletin, kb:\"2880513\");\n vuln = TRUE;\n }\n }\n }\n}\nif (!version)\n{\n # Additional check if registry key is missing\n path = hotfix_get_officecommonfilesdir(officever:\"12.0\") + \"\\Microsoft Office\\Office12\";\n\n kb = \"2880513\";\n if (hotfix_is_vulnerable(file:\"wordcnv.dll\", version:\"12.0.6700.5000\", min_version:\"12.0.6609.1000\", path:path, bulletin:bulletin, kb:kb)) vuln = TRUE;\n}\n\nif (vuln)\n{\n set_kb_item(name:'SMB/Missing/'+bulletin, value:TRUE);\n hotfix_security_hole();\n hotfix_check_fversion_end();\n exit(0);\n}\nelse\n{\n hotfix_check_fversion_end();\n audit(AUDIT_HOST_NOT, 'affected');\n}\n", "cvss": {"score": 9.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}]}