Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2014-1761

Overview

Vulnerability Score 9.3 9.3
CVE Id CVE-2014-1761
Last Modified 08 Dec 2014 01:48:22
Published 25 Mar 2014 09:24:01
Confidentiality Impact COMPLETE COMPLETE
Integrity Impact COMPLETE COMPLETE
Availability Impact COMPLETE COMPLETE
Access Vector NETWORK
Access Complexity MEDIUM
Authentication NONE

CVE-2014-1761

Summary

Microsoft Word 2003 SP3, 2007 SP3, 2010 SP1 and SP2, 2013, and 2013 RT; Word Viewer; Office Compatibility Pack SP3; Office for Mac 2011; Word Automation Services on SharePoint Server 2010 SP1 and SP2 and 2013; Office Web Apps 2010 SP1 and SP2; and Office Web Apps Server 2013 allow remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via crafted RTF data, as exploited in the wild in March 2014.

Vulnerable Systems

Application

  • Microsoft Office 2011

  • Microsoft Office Compatibility Pack

  • Microsoft Office Web Apps 2010

  • Microsoft Office Web Apps Server 2013

  • Microsoft Sharepoint Server 2010

  • Microsoft Sharepoint Server 2013

  • Microsoft Word 2003

  • Microsoft Word 2007

  • Microsoft Word 2010

  • Microsoft Word 2013

  • Microsoft Word Viewer


References

CONFIRM - http://technet.microsoft.com/security/advisory/2953095

MS - MS14-017

Related Patches

MS14-017 Security Update for Microsoft Office Word 2007 (KB2878237)

MS14-017 Security Update for Microsoft SharePoint Server 2010 (KB2878220)

MS14-017 Security Update for Microsoft Office 2007 suites (KB2878236)

MS14-017 Security Update for Microsoft Office 2010 32-Bit Edition (KB2863919)

MS14-017 Security Update for Word Viewer (KB2878304)

MS14-017 Security Update for Microsoft Word 2013 32-Bit Edition (KB2863910)

MS14-017 Security Update for Microsoft Word 2010 32-Bit Edition (KB2863926)

MS14-017 Security Update for Word 2003 (KB2878303)

MS14-017 Security Update for Microsoft Web Applications (KB2878221)

MS14-017 Security Update for Microsoft Office Web Apps Server 2013 (KB2878219)

MS14-017 Security Update for Microsoft SharePoint Enterprise Server 2013 (KB2863907)

MS14-017 Security Update for Microsoft Word 2010 64-Bit Edition (KB2863926)

MS14-017 Security Update for Microsoft Word 2013 64-Bit Edition (KB2863910)

MS14-017 Security Update for Microsoft Office 2010 64-Bit Edition (KB2863919)

MS14-017 2949660 2939132 Microsoft Office 2011 for Mac Update 14.4.1 (See Note)


Last Updated: 27 May 2016 11:07:10