CVE-2014-2778

Description

Microsoft Word 2007 SP3 and Office Compatibility Pack SP3 allow remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted embedded font in a (1) .doc or (2) .docx document, aka Embedded Font Vulnerability.

Risk Information

Base Score

7.8

MODERATE

Vector

AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

EPSS Score

Exploitation Probability

40.401

Associated Vulnerability

Vulnerability	OS Platform
Security Update for Microsoft Office Word 2007 (KB2880515)	Windows
Security Update for Microsoft Office 2007 suites (KB2880513)	Windows

Patch Details

Click to see the patches provided by ManageEngine for this CVE

Patch ID	Patch Description
PATCH-15738	Security Update for Microsoft Office Word 2007 (KB2880515)
PATCH-15739	Security Update for Microsoft Office 2007 suites (KB2880513)

References

https://nvd.nist.gov/vuln/detail/CVE-2023-1234
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-1234