CVE-2014-6364

Published: Dec 11, 2014Modified: May 6, 2026

9.3

Vector

AV:N/AC:M/Au:N/C:C/I:C/A:C

Exploitability: 8.6 / Impact: 10.0

Source: NVD

Description

Use-after-free vulnerability in Microsoft Office 2007 SP3; 2010 SP2; 2013 Gold, SP1, and SP2; and 2013 RT Gold and SP1 allows remote attackers to execute arbitrary code via a crafted Office document, aka "Microsoft Office Component Use After Free Vulnerability."

Affected (8)

Products: Microsoft: Office

Microsoft

1 product

Office

Configuration A

8 vulnerable

Vulnerable Software	Affected Versions
Microsoft Office	Version 2007 sp3
Microsoft Office	Version 2010 sp2
Microsoft Office	Version 2010 sp2
Microsoft Office	Version 2013
Microsoft Office	Version 2013
Microsoft Office	Version 2013
Microsoft Office	Version 2013 sp1
Microsoft Office	Version 2013 sp2

References (2)

https://docs.microsoft.com/en-us/security-updates/securitybulletins/2014/ms14-082

Source: secure@microsoft.com

https://docs.microsoft.com/en-us/security-updates/securitybulletins/2014/ms14-082

Source: af854a3a-2127-422b-91ae-364da2661108

Timeline

No history available yet.