CVE-2014-1761
Microsoft Word Memory Corruption Vulnerability
Severity Score
Exploit Likelihood
Affected Versions
Public Exploits
1Exploited in Wild
YesDecision
Descriptions
Microsoft Word 2003 SP3, 2007 SP3, 2010 SP1 and SP2, 2013, and 2013 RT; Word Viewer; Office Compatibility Pack SP3; Office for Mac 2011; Word Automation Services on SharePoint Server 2010 SP1 and SP2 and 2013; Office Web Apps 2010 SP1 and SP2; and Office Web Apps Server 2013 allow remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via crafted RTF data, as exploited in the wild in March 2014.
Microsoft Word 2003 SP3, 2007 SP3, 2010 SP1 y SP2, 2013 y 2013 RT; Word Viewer; Office Compatibility Pack SP3; Office para Mac 2011; Word Automation Services en SharePoint Server 2010 SP1 y SP2 y 2013; Office Web Apps 2010 SP1 y SP2 y Office Web Apps Server 2013 permiten a atacantes remotos ejecutar código arbitrario o causar una denegación de servicio (corrupción de memoria) a través de datos RTF manipulados, tal y como fue explotado en marzo 2014.
Microsoft Word contains a memory corruption vulnerability which when exploited could allow for remote code execution.
CVSS Scores
SSVC
- Decision:-
Timeline
- 2014-01-29 CVE Reserved
- 2014-03-24 CVE Published
- 2014-04-10 First Exploit
- 2022-02-15 Exploited in Wild
- 2022-08-15 KEV Due Date
- 2024-08-06 CVE Updated
- 2024-10-09 EPSS Updated
CWE
- CWE-787: Out-of-bounds Write
CAPEC
References (5)
URL | Date | SRC |
---|---|---|
https://www.exploit-db.com/exploits/32793 | 2014-04-10 |
URL | Date | SRC |
---|---|---|
http://technet.microsoft.com/security/advisory/2953095 | 2024-07-24 | |
https://docs.microsoft.com/en-us/security-updates/securitybulletins/2014/ms14-017 | 2024-07-24 |
URL | Date | SRC |
---|
Affected Vendors, Products, and Versions
Vendor | Product | Version | Other | Status | ||||||
---|---|---|---|---|---|---|---|---|---|---|
Vendor | Product | Version | Other | Status | <-- --> | Vendor | Product | Version | Other | Status |
Microsoft Search vendor "Microsoft" | Office Search vendor "Microsoft" for product "Office" | 2011 Search vendor "Microsoft" for product "Office" and version "2011" | macos |
Affected
| ||||||
Microsoft Search vendor "Microsoft" | Office Compatibility Pack Search vendor "Microsoft" for product "Office Compatibility Pack" | - | sp3 |
Affected
| ||||||
Microsoft Search vendor "Microsoft" | Office Web Apps Search vendor "Microsoft" for product "Office Web Apps" | 2010 Search vendor "Microsoft" for product "Office Web Apps" and version "2010" | sp1 |
Affected
| ||||||
Microsoft Search vendor "Microsoft" | Office Web Apps Search vendor "Microsoft" for product "Office Web Apps" | 2010 Search vendor "Microsoft" for product "Office Web Apps" and version "2010" | sp2 |
Affected
| ||||||
Microsoft Search vendor "Microsoft" | Office Web Apps Server Search vendor "Microsoft" for product "Office Web Apps Server" | 2013 Search vendor "Microsoft" for product "Office Web Apps Server" and version "2013" | - |
Affected
| ||||||
Microsoft Search vendor "Microsoft" | Sharepoint Server Search vendor "Microsoft" for product "Sharepoint Server" | 2010 Search vendor "Microsoft" for product "Sharepoint Server" and version "2010" | sp1 |
Affected
| ||||||
Microsoft Search vendor "Microsoft" | Sharepoint Server Search vendor "Microsoft" for product "Sharepoint Server" | 2010 Search vendor "Microsoft" for product "Sharepoint Server" and version "2010" | sp2 |
Affected
| ||||||
Microsoft Search vendor "Microsoft" | Sharepoint Server Search vendor "Microsoft" for product "Sharepoint Server" | 2013 Search vendor "Microsoft" for product "Sharepoint Server" and version "2013" | - |
Affected
| ||||||
Microsoft Search vendor "Microsoft" | Word Search vendor "Microsoft" for product "Word" | 2003 Search vendor "Microsoft" for product "Word" and version "2003" | sp3 |
Affected
| ||||||
Microsoft Search vendor "Microsoft" | Word Search vendor "Microsoft" for product "Word" | 2007 Search vendor "Microsoft" for product "Word" and version "2007" | sp3 |
Affected
| ||||||
Microsoft Search vendor "Microsoft" | Word Search vendor "Microsoft" for product "Word" | 2010 Search vendor "Microsoft" for product "Word" and version "2010" | sp1 |
Affected
| ||||||
Microsoft Search vendor "Microsoft" | Word Search vendor "Microsoft" for product "Word" | 2010 Search vendor "Microsoft" for product "Word" and version "2010" | sp2 |
Affected
| ||||||
Microsoft Search vendor "Microsoft" | Word Search vendor "Microsoft" for product "Word" | 2013 Search vendor "Microsoft" for product "Word" and version "2013" | - |
Affected
| ||||||
Microsoft Search vendor "Microsoft" | Word Search vendor "Microsoft" for product "Word" | 2013 Search vendor "Microsoft" for product "Word" and version "2013" | rt |
Affected
| ||||||
Microsoft Search vendor "Microsoft" | Word Search vendor "Microsoft" for product "Word" | 2013 Search vendor "Microsoft" for product "Word" and version "2013" | sp1 |
Affected
| ||||||
Microsoft Search vendor "Microsoft" | Word Search vendor "Microsoft" for product "Word" | 2013 Search vendor "Microsoft" for product "Word" and version "2013" | sp1, rt |
Affected
| ||||||
Microsoft Search vendor "Microsoft" | Word Viewer Search vendor "Microsoft" for product "Word Viewer" | - | - |
Affected
|