FILE-OFFICE Microsoft Word 2010 use-after-free memory corruption vulnerability attempt
Microsoft Office 2010 SP2, Office Compatibility Pack SP3, Office Web Apps Server 2010 SP2, Word 2007 SP3, Word 2010 SP2, and Word Automation Services on SharePoint Server 2010 SP2 allow remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted document, aka "Microsoft Office Memory Corruption Vulnerability." This vulnerability is different from those described in CVE-2017-0006, CVE-2017-0019, CVE-2017-0020, CVE-2017-0031, CVE-2017-0052, and CVE-2017-0053.
CVSS base score 7.8
CVSS impact score 5.9
CVSS exploitability score 1.8
- microsoft office 2010
- microsoft officecompatibilitypack *
- microsoft officewebapps 2010
- microsoft sharepoint_server 2010
- microsoft word 2007
- microsoft word 2010
Ease of attack
Upgrade to the latest non-affected version of the software.
Apply the appropriate vendor supplied patches.
- Talos research team.
- This document was generated from data supplied by the national vulnerability database, a product of the national institute of standards and technology.
- For more information see nvd.