Shodan
Vulnerabilities
Vulnerable Software
Microsoft:  >> Word  Security Vulnerabilities
CVE-2014-2778
Microsoft Word 2007 SP3 and Office Compatibility Pack SP3 allow remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted embedded font in a (1) .doc or (2) .docx document, aka "Embedded Font Vulnerability."
CVSS Score
9.3
EPSS Score
0.404
Published
2014-06-11
CVE-2014-1757
Microsoft Word 2007 SP3 and 2010 SP1 and SP2, and Office Compatibility Pack SP3, allocates memory incorrectly for file conversions from a binary (aka .doc) format to a newer format, which allows remote attackers to execute arbitrary code via a crafted document, aka "Microsoft Office File Format Converter Vulnerability."
CVSS Score
9.3
EPSS Score
0.342
Published
2014-04-08
CVE-2014-1758
Stack-based buffer overflow in Microsoft Word 2003 SP3 allows remote attackers to execute arbitrary code via a crafted document, aka "Microsoft Word Stack Overflow Vulnerability."
CVSS Score
9.3
EPSS Score
0.325
Published
2014-04-08
CVE-2014-1761
Known exploited
Microsoft Word 2003 SP3, 2007 SP3, 2010 SP1 and SP2, 2013, and 2013 RT; Word Viewer; Office Compatibility Pack SP3; Office for Mac 2011; Word Automation Services on SharePoint Server 2010 SP1 and SP2 and 2013; Office Web Apps 2010 SP1 and SP2; and Office Web Apps Server 2013 allow remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via crafted RTF data, as exploited in the wild in March 2014.
CVSS Score
7.8
EPSS Score
0.931
Published
2014-03-25
CVE-2014-0258
Microsoft Word 2003 SP3 and 2007 SP3, Office Compatibility Pack SP3, and Word Viewer allow remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted Office document, aka "Word Memory Corruption Vulnerability."
CVSS Score
9.3
EPSS Score
0.334
Published
2014-01-15
CVE-2014-0259
Microsoft Word 2007 SP3 and Office Compatibility Pack SP3 allow remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted Office document, aka "Word Memory Corruption Vulnerability."
CVSS Score
9.3
EPSS Score
0.303
Published
2014-01-15
CVE-2014-0260
Microsoft Word 2003 SP3, 2007 SP3, 2010 SP1 and SP2, 2013, and 2013 RT; Office Compatibility Pack SP3; Word Viewer; SharePoint Server 2010 SP1 and SP2 and 2013; Office Web Apps 2010 SP1 and SP2; and Office Web Apps Server 2013 allow remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted Office document, aka "Word Memory Corruption Vulnerability."
CVSS Score
9.3
EPSS Score
0.372
Published
2014-01-15
CVE-2013-6801
Microsoft Word 2003 SP2 and SP3 on Windows XP SP3 allows remote attackers to cause a denial of service (CPU consumption) via a malformed .doc file containing an embedded image, as demonstrated by word2003forkbomb.doc, related to a "fork bomb" issue.
CVSS Score
7.1
EPSS Score
0.211
Published
2013-11-18
CVE-2013-3891
Microsoft Word 2003 SP3 allows remote attackers to execute arbitrary code via a crafted Office document, aka "Memory Corruption Vulnerability."
CVSS Score
9.3
EPSS Score
0.532
Published
2013-10-09
CVE-2013-3892
Microsoft Word 2007 SP3 and Office Compatibility Pack SP3 allow remote attackers to execute arbitrary code via a crafted Office document, aka "Memory Corruption Vulnerability."
CVSS Score
9.3
EPSS Score
0.532
Published
2013-10-09


Products
Pricing
Contact Us

Shodan ® - All rights reserved