Microsoft » Office Compatibility Pack : Security Vulnerabilities, CVEs, Published In April 2014 (Overflow)
Microsoft Word 2007 SP3 and 2010 SP1 and SP2, and Office Compatibility Pack SP3, allocates memory incorrectly for file conversions from a binary (aka .doc) format to a newer format, which allows remote attackers to execute arbitrary code via a crafted document, aka "Microsoft Office File Format Converter Vulnerability."
Max CVSS
9.3
EPSS Score
89.97%
Published
2014-04-08
Updated
2018-10-12
1 vulnerabilities found