hxds.dll in Microsoft Office 2007 SP3 and 2010 SP1 and SP2 does not implement the ASLR protection mechanism, which makes it easier for remote attackers to execute arbitrary code via a crafted COM component on a web site that is visited with Internet Explorer, as exploited in the wild in December 2013, aka "HXDS ASLR Vulnerability."
Max CVSS
4.3
EPSS Score
29.75%
Published
2013-12-11
Updated
2018-10-12
1 vulnerabilities found