KLA10456
SB vulnerability in MS Office

Updated: 06/03/2020
Detect date
?
02/10/2015
Severity
?
Warning
Description

An use-after-free vulnerability was found in Microsoft Office. By exploiting this vulnerability malicious users can bypass ASLR protection. This vulnerability can be exploited remotely via a specially designed document.

Affected products

Microsoft Office 2007 Service Pack 3 
Microsoft Office 2010 Service Pack 2
Microsoft Office 2013
Microsoft Office 2013 Service Pack 1

Solution

Install necessary updates from the KB section, that are listed in your Windows Update (Windows Update usually can be accessed from the Control Panel)

Original advisories

MS bulletin
CVE-2014-6362

Impacts
?
SB 
[?]
Related products
Microsoft Office
CVE-IDS
?
CVE-2014-63624.3Warning
Microsoft official advisories
Microsoft Security Update Guide
KB list

2920795
2920748
2910941
3033857

Find out the statistics of the vulnerabilities spreading in your region