This script is Copyright (C) 2003-2017 Tenable Network Security, Inc.
Arbitrary code can be executed on the remote host through VBA.
The remote host is running a version of Microsoft Word that contains a
flaw in its handling of macro command execution. An attacker could use
this to execute arbitrary code on this host.
To succeed, the attacker would have to send a rogue Word file to a user
of this computer and have him open it. Then the macros contained in the
Word file would bypass the security model of Word and be executed.
See also :
Microsoft has released a set of patches for Office.
Risk factor :
High / CVSS Base Score : 7.6
CVSS Temporal Score : 5.6
Public Exploit Available : false