This script is Copyright (C) 2014-2015 Tenable Network Security, Inc.
The remote Windows host is affected by multiple vulnerabilities.
The remote Windows host is affected by multiple vulnerabilities :
- A vulnerability exists in the way that Windows loads
.dll files that could allow remote code execution if
a crafted .dll file is in the same directory as an
Office file being opened. When exploiting this
vulnerability, an attacker could gain the same user
permissions as the current user. (Proofing tools in
Office 2007 SP3, Office 2010 SP1/SP2 for Simplified
Chinese, Proofing tools in Office 2013 SP0/SP1)
- The remote Windows host is potentially affected by a
vulnerability in the way Office handles responses to
opening remote network Office files. When exploiting
this vulnerability, an attacker could gain the access
token used to authenticate the user on a Microsoft
online service. (Office 2013 SP0/SP1)
See also :
Microsoft has released a set of patches for Office 2007, 2010, 2013,
and 2013 RT.
Risk factor :
High / CVSS Base Score : 9.3
CVSS Temporal Score : 8.1
Public Exploit Available : false
Family: Windows : Microsoft Bulletins
Nessus Plugin ID: 73982 ()
Bugtraq ID: 6727467279
CVE ID: CVE-2014-1756CVE-2014-1808
The cookie settings on this website are set to 'allow all cookies' to give you the very best website experience. If you continue without changing these settings, you consent to this - but if you want, you can opt out of all cookies by clicking below.