Lucene search
AnonymousZDI-20-1131HistorySep 10, 2020 - 12:00 a.m.
Microsoft Word DOCX File Parsing Heap-based Buffer Overflow Remote Code Execution Vulnerability
2020-09-1000:00:00
Anonymous
www.zerodayinitiative.com
37
microsoft word
docx file parsing
buffer overflow
remote code execution
vulnerability
user interaction
malicious page
current process
EPSS
0.029
Percentile
91.0%
This vulnerability allows remote attackers to execute arbitrary code on affected installations of Microsoft Word. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of DOCX files. Crafted data in a DOCX file can trigger an overflow of a heap-based buffer. An attacker can leverage this vulnerability to execute code in the context of the current process.
Related
mscve
mscve
Microsoft Word Remote Code Execution Vulnerability
2020-09-08 07:00:00
cve
cve
CVE-2020-1338
2020-09-11 17:15:20
nvd
nvd
CVE-2020-1338
2020-09-11 17:15:20
prion
prion
Remote code execution
2020-09-11 17:15:00
cvelist
cvelist
CVE-2020-1338 Microsoft Word Remote Code Execution Vulnerability
2020-09-11 17:09:15
nessus
nessus
Security Updates for Microsoft Office Web Apps (September 2020)
2020-09-08 00:00:00
Security Updates for Microsoft Office Products (September 2020)
2020-09-08 00:00:00
Security Updates for Microsoft Office Products C2R (September 2020)
2022-06-10 00:00:00
mskb
mskb
openvas
openvas
Microsoft Office Multiple Vulnerabilities (Sep 2020) - Mac OS X
2020-09-09 00:00:00
Microsoft Office 365 (2016 Click-to-Run) Multiple Vulnerabilities (Sep 2020)
2020-09-09 00:00:00
kaspersky
kaspersky
KLA11950 Multiple vulnerabilities in Microsoft Office
2020-09-08 00:00:00
avleonov
avleonov