RTF Data Memory Corruption Vulnerability

RTF Data Memory Corruption Vulnerability

CVE-2014-1761 · HIGH Severity

AV:N/AC:M/AU:N/C:C/I:C/A:C

Microsoft Word 2003 SP3, 2007 SP3, 2010 SP1 and SP2, 2013, and 2013 RT; Word Viewer; Office Compatibility Pack SP3; Office for Mac 2011; Word Automation Services on SharePoint Server 2010 SP1 and SP2 and 2013; Office Web Apps 2010 SP1 and SP2; and Office Web Apps Server 2013 allow remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via crafted RTF data, as exploited in the wild in March 2014.

Learn more about our Cis Benchmark Audit For Microsoft Office.