MS14-001: Vulnerabilities in Microsoft Word and Office Web Apps Could Allow Remote Code Execution (2916605)

This script is Copyright (C) 2014-2017 Tenable Network Security, Inc.

Synopsis :

The remote host is affected by multiple memory corruption

Description :

The remote Windows host has a version of Microsoft Office, Microsoft
Word, Office Compatibility Pack, Microsoft Word Viewer, SharePoint
Server, or Microsoft Office Web Apps that is affected by one or more
unspecified memory corruption vulnerabilities. By tricking a user into
opening a specially crafted file, it may be possible for a remote
attacker to take complete control of the system or execute arbitrary

See also :

Solution :

Microsoft has released a set of patches for Office 2003, 2007, 2010,
Office Compatibility Pack, Microsoft Word Viewer, SharePoint Server,
and Office Web Apps.

Risk factor :

High / CVSS Base Score : 9.3
CVSS Temporal Score : 6.9
Public Exploit Available : false

Family: Windows : Microsoft Bulletins

Nessus Plugin ID: 71941 ()

Bugtraq ID: 64726

CVE ID: CVE-2014-0258

Ready to Amp Up Your Nessus Experience?

Get Nessus Professional to scan unlimited IPs, run compliance checks & more

Buy Nessus Professional Now