Описание
Microsoft Office 2003 SP1 and SP2, Office XP SP3, Office 2000 SP3, Office 2004 for Mac, and Office X for Mac do not properly parse record lengths, which allows remote attackers to execute arbitrary code via a malformed control in an Office document, aka "Microsoft Office Control Vulnerability."
Уязвимые конфигурации
Конфигурация 1
Одно из
cpe:2.3:a:microsoft:office:2000:sp1:*:*:*:*:*:*
cpe:2.3:a:microsoft:office:2000:sp2:*:*:*:*:*:*
cpe:2.3:a:microsoft:office:2004:*:mac:*:*:*:*:*
cpe:2.3:a:microsoft:office:x:*:mac:*:*:*:*:*
cpe:2.3:a:microsoft:office:xp:sp3:*:*:*:*:*:*
EPSS
Процентиль: 95%
0.18939
Средний
9.3 Critical
CVSS2
Дефекты
CWE-94
Связанные уязвимости
github
почти 4 года назад
Microsoft Office 2003 SP1 and SP2, Office XP SP3, Office 2000 SP3, Office 2004 for Mac, and Office X for Mac do not properly parse record lengths, which allows remote attackers to execute arbitrary code via a malformed control in an Office document, aka "Microsoft Office Control Vulnerability."
EPSS
Процентиль: 95%
0.18939
Средний
9.3 Critical
CVSS2
Дефекты
CWE-94