CVE-2014-6357

Loading...

General

Score:9.3/10.0
Severity:High
Category:N/A

Impact Metrics

Confidentiality:Complete
Integrity:Complete
Availability:Complete

Exploitability Metrics

Access Vector:Network
Access Complexity:Medium
Authentication:None

Relative vulnerabilities

CVE-2014-6356

Published on 11/12/14 - Updated on 11/12/14

Description

Use-after-free vulnerability in Microsoft Office 2010 SP2, Office 2013 Gold and SP1, Office 2013 RT Gold and SP1, Office for Mac 2011, Word Viewer, Office Compatibility Pack SP3, Word Automation Services on SharePoint Server 2010 SP2 and 2013 Gold and SP1, and Office Web Apps 2010 SP2 and 2013 Gold and SP1 allows remote attackers to execute arbitrary code via a crafted Office document, aka "Use After Free Word Remote Code Execution Vulnerability."

Category:

There is insufficient information about the issue to classify it; details are unknown or unspecified.

Security Notices

US National Vulnerability DatabaseCVE-2014-6357
Agence Nationale de la Sécurité des Systèmes d'Information CERTFR-2014-AVI-519
Microsoft MS14-081
Renater 2014/VULN293

Exploits

No exploits available for this CVE in our database.

Relative technologies

VendorProduct
microsoftoffice
microsoftoffice_compatibility_pack
microsoftsharepoint_server
microsoftweb_applications
microsoftword_viewer

Share this vulnerability with:

Twitter Facebook LinkedIn Mail