Executive Summary
| Informations | |||
|---|---|---|---|
| Name | MS07-014 | First vendor Publication | 2007-02-13 |
| Vendor | Microsoft | Last vendor Modification | 2007-02-13 |
| Severity (Vendor) | Critical | Revision | N/A |
Security-Database Scoring CVSS v3
| Cvss vector : N/A | |||
|---|---|---|---|
| Overall CVSS Score | NA | ||
| Base Score | NA | Environmental Score | NA |
| impact SubScore | NA | Temporal Score | NA |
| Exploitabality Sub Score | NA | ||
| Calculate full CVSS 3.0 Vectors scores | |||
Security-Database Scoring CVSS v2
| Cvss vector : (AV:N/AC:M/Au:N/C:C/I:C/A:C) | |||
|---|---|---|---|
| Cvss Base Score | 9.3 | Attack Range | Network |
| Cvss Impact Score | 10 | Attack Complexity | Medium |
| Cvss Expoit Score | 8.6 | Authentication | None Required |
| Calculate full CVSS 2.0 Vectors scores | |||
Detail
| This update resolves several newly discovered, privately and publicly reported vulnerabilities. Each vulnerability is documented in its own subsection in the "Vulnerability Details" section of this bulletin. If a user is logged on with administrative user rights, an attacker who successfully exploited this vulnerability could take complete control of an affected system. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights. Users whose accounts are configured to have fewer user rights on the system could be less impacted than users who operate with administrative user rights. We recommend that customers apply the update immediately. |
Original Source
| Url : http://www.microsoft.com/technet/security/bulletin/ms07-014.mspx?pubDate=2 (...) |
CWE : Common Weakness Enumeration
| % | Id | Name |
|---|---|---|
| 50 % | CWE-94 | Failure to Control Generation of Code ('Code Injection') |
| 50 % | CWE-20 | Improper Input Validation |
OVAL Definitions
| Definition Id: oval:org.mitre.oval:def:187 | |||
| Oval ID: | oval:org.mitre.oval:def:187 | ||
| Title: | Word Malformed Drawing Object Vulnerability | ||
| Description: | Microsoft Word in Office 2000 SP3, XP SP3, Office 2003 SP2, Works Suite 2004 to 2006, and Office 2004 for Mac allows user-assisted remote attackers to execute arbitrary code via a Word file with a malformed drawing object, which leads to memory corruption. | ||
| Family: | windows | Class: | vulnerability |
| Reference(s): | CVE-2007-0209 | Version: | 3 |
| Platform(s): | Microsoft Windows 2000 Microsoft Windows XP Microsoft Windows Server 2003 | Product(s): | Microsoft Word |
| Definition Synopsis: | |||
| Definition Id: oval:org.mitre.oval:def:238 | |||
| Oval ID: | oval:org.mitre.oval:def:238 | ||
| Title: | Word Malformed String Vulnerability | ||
| Description: | Unspecified vulnerability in Microsoft Word 2000 and 2002, Office Word and Word Viewer 2003, Word 2004 and 2004 v. X for Mac, and Works 2004, 2005, and 2006 allows remote attackers to execute arbitrary code via a Word document with a malformed string that triggers memory corruption, a different vulnerability than CVE-2006-6456. | ||
| Family: | windows | Class: | vulnerability |
| Reference(s): | CVE-2006-5994 | Version: | 7 |
| Platform(s): | Microsoft Windows 2000 Microsoft Windows XP Microsoft Windows Server 2003 | Product(s): | Microsoft Word |
| Definition Synopsis: | |||
| |||
| Definition Id: oval:org.mitre.oval:def:528 | |||
| Oval ID: | oval:org.mitre.oval:def:528 | ||
| Title: | Word Malformed Function Vulnerability | ||
| Description: | Unspecified vulnerability in Microsoft Word allows user-assisted remote attackers to execute arbitrary code on Word 2000, and cause a denial of service on Word 2003, via unknown attack vectors that trigger memory corruption, as exploited by Trojan.Mdropper.W and later by Trojan.Mdropper.X, a different issue than CVE-2006-6456, CVE-2006-5994, and CVE-2006-6561. | ||
| Family: | windows | Class: | vulnerability |
| Reference(s): | CVE-2007-0515 | Version: | 3 |
| Platform(s): | Microsoft Windows 2000 Microsoft Windows XP Microsoft Windows Server 2003 | Product(s): | Microsoft Word |
| Definition Synopsis: | |||
| Definition Id: oval:org.mitre.oval:def:700 | |||
| Oval ID: | oval:org.mitre.oval:def:700 | ||
| Title: | Word Macro Vulnerability | ||
| Description: | Microsoft Word in Office 2000 SP3, XP SP3, Office 2003 SP2, Works Suite 2004 to 2006, and Office 2004 for Mac does not correctly check the properties of certain documents and warn the user of macro content, which allows user-assisted remote attackers to execute arbitrary code. | ||
| Family: | windows | Class: | vulnerability |
| Reference(s): | CVE-2007-0208 | Version: | 3 |
| Platform(s): | Microsoft Windows 2000 Microsoft Windows XP Microsoft Windows Server 2003 | Product(s): | Microsoft Word |
| Definition Synopsis: | |||
| |||
| Definition Id: oval:org.mitre.oval:def:746 | |||
| Oval ID: | oval:org.mitre.oval:def:746 | ||
| Title: | Word Malformed Data Structures Vulnerability | ||
| Description: | Unspecified vulnerability in Microsoft Word 2000, 2002, and 2003 and Word Viewer 2003 allows remote attackers to execute code via unspecified vectors related to malformed data structures that trigger memory corruption, a different vulnerability than CVE-2006-5994. | ||
| Family: | windows | Class: | vulnerability |
| Reference(s): | CVE-2006-6456 | Version: | 3 |
| Platform(s): | Microsoft Windows 2000 Microsoft Windows XP Microsoft Windows Server 2003 | Product(s): | Microsoft Word |
| Definition Synopsis: | |||
| |||
CPE : Common Platform Enumeration
| Type | Description | Count |
|---|---|---|
| Application | 4 | |
| Application | 3 | |
| Application | 1 | |
| Application | 3 |
Open Source Vulnerability Database (OSVDB)
| Id | Description |
|---|---|
| 34386 | Microsoft Word Malformed Drawing Object Arbitrary Code Execution |
| 34385 | Microsoft Word Macro Content Arbitrary Code Execution Word contains a flaw that may allow a context-dependent attacker to execute arbitrary code. The issue is triggered by Word incorrectly checking properties in a modified document, causing macro warnings to be bypassed. It is possible that the flaw may allow arbitrary code execution resulting in a loss of integrity. |
| 31900 | Microsoft Word Unspecified Memory Corruption Arbitrary Code Execution (929434) |
| 30825 | Microsoft Word Malformed Data Structure Handling Unspecified Code Execution |
| 30824 | Microsoft Word Malformed String Memory Corruption |
Snort® IPS/IDS
| Date | Description |
|---|---|
| 2014-11-16 | Microsoft Office Word Section Table Array Buffer Overflow attempt RuleID : 31434 - Revision : 2 - Type : FILE-OFFICE |
| 2014-01-10 | Microsoft Office Word Section Table Array Buffer Overflow attempt RuleID : 17578 - Revision : 16 - Type : FILE-OFFICE |
Nessus® Vulnerability Scanner
| Date | Description |
|---|---|
| 2007-02-13 | Name : An application installed on the remote Mac OS X host is affected by multiple ... File : macosx_ms_office_feb2006.nasl - Type : ACT_GATHER_INFO |
| 2007-02-13 | Name : Arbitrary code can be executed on the remote host through Microsoft Word. File : smb_nt_ms07-014.nasl - Type : ACT_GATHER_INFO |
Alert History
| Date | Informations |
|---|---|
| 2014-02-17 11:45:37 |
|
| 2013-05-11 00:49:15 |
|
