CVEDB API

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2014-1761

Microsoft Word 2003 SP3, 2007 SP3, 2010 SP1 and SP2, 2013, and 2013 RT; Word Viewer; Office Compatibility Pack SP3; Office for Mac 2011; Word Automation Services on SharePoint Server 2010 SP1 and SP2 and 2013; Office Web Apps 2010 SP1 and SP2; and Office Web Apps Server 2013 allow remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via crafted RTF data, as exploited in the wild in March 2014.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.929

EPSS Ranking 99.8%

CVSS Severity

CVSS v3 Score 7.8

CVSS v2 Score 9.3

Proposed Action

Microsoft Word contains a memory corruption vulnerability which when exploited could allow for remote code execution.

Ransomware Campaign

Unknown

References

Products affected by CVE-2014-1761

Microsoft » Office » Version: 2011

cpe:2.3:a:microsoft:office:2011
Microsoft » Office Compatibility Pack » Version: N/A

cpe:2.3:a:microsoft:office_compatibility_pack:-
Microsoft » Office Web Apps » Version: 2010

cpe:2.3:a:microsoft:office_web_apps:2010
Microsoft » Office Web Apps Server » Version: 2013

cpe:2.3:a:microsoft:office_web_apps_server:2013
Microsoft » Sharepoint Server » Version: 2010

cpe:2.3:a:microsoft:sharepoint_server:2010
Microsoft » Sharepoint Server » Version: 2013

cpe:2.3:a:microsoft:sharepoint_server:2013
Microsoft » Word » Version: 2003

cpe:2.3:a:microsoft:word:2003
Microsoft » Word » Version: 2007

cpe:2.3:a:microsoft:word:2007
Microsoft » Word » Version: 2010

cpe:2.3:a:microsoft:word:2010
Microsoft » Word » Version: 2013

cpe:2.3:a:microsoft:word:2013
Microsoft » Word Viewer » Version: N/A

cpe:2.3:a:microsoft:word_viewer:-

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2014-1761

Products

Pricing

Contact Us