Embedded Font Vulnerability in Microsoft Word 2007 SP3 and Office Compatibility Pack SP3

CVE-2014-2778 · HIGH Severity

AV:N/AC:M/AU:N/C:C/I:C/A:C

Microsoft Word 2007 SP3 and Office Compatibility Pack SP3 allow remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted embedded font in a (1) .doc or (2) .docx document, aka "Embedded Font Vulnerability."

Learn more about our Cis Benchmark Audit For Microsoft Office.