Home

CVE-2014-6362

Description

Use-after-free vulnerability in Microsoft Office 2007 SP3, 2010 SP2, and 2013 Gold and SP1 allows remote attackers to bypass the ASLR protection mechanism via a crafted document, aka Microsoft Office Component Use After Free Vulnerability.

Risk Information

Base Score
9.8
MODERATE
Vector
AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
EPSS Score
Exploitation Probability
32.345

Associated Vulnerability

VulnerabilityOS Platform
Security Update for Microsoft Office 2007 suites (KB2920795)Windows
Security Update for Microsoft Office 2010 (KB2920748) 32-Bit EditionWindows
Security Update for Microsoft Office 2010 (KB2920748) 64-Bit EditionWindows
Security Update for Microsoft Office 2013 (KB2910941) 32-Bit EditionWindows
Security Update for Microsoft Office 2013 (KB2910941) 64-Bit EditionWindows

Patch Details

Click to see the patches provided by ManageEngine for this CVE
Patch IDPatch Description
PATCH-17022Security Update for Microsoft Office 2007 suites (KB2920795)
PATCH-17023Security Update for Microsoft Office 2010 (KB2920748) 32-Bit Edition
PATCH-17024Security Update for Microsoft Office 2010 (KB2920748) 64-Bit Edition
PATCH-17025Security Update for Microsoft Office 2013 (KB2910941) 32-Bit Edition
PATCH-17026Security Update for Microsoft Office 2013 (KB2910941) 64-Bit Edition

References

https://nvd.nist.gov/vuln/detail/CVE-2023-1234
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-1234