Microsoft Office Denial of Service Vulnerability

Last Update Date: 8 Apr 2014 12:34 Release Date: 8 Apr 2014 3393 Views

RISK: High Risk

High Risk

TYPE: Clients - Productivity Products

TYPE: Productivity Products

A vulnerability was identified in Microsoft Office. A remote user can cause denial of service conditions.

 

A remote user can send a specially crafted XML document that, when processed by the target application, will trigger an entity expansion flaw to consume excessive memory resources and cause the application to hang.

 

This can be exploited by sending email to the target user to cause the target user's Outlook to freeze when opening the email.

 

An XML Document Type Definition (DTD) containing several nested entities can trigger this flaw.

 

* NOTE : No patch is available.

Impact

  • Denial of Service

System / Technologies affected

  • Microsoft Office 2007-2013

Solutions

Before installation of the software, please visit the software manufacturer web-site for more details.

  • Currently no patch is available.

Vulnerability Identifier

Source

Related Link

Share with

Previous

Cisco IOS Multiple Vulnerabilities

7 Apr 2014 3222 Views

Next

Microsoft Word & Office Web Apps Multiple Vulnerabilities

9 Apr 2014 3257 Views

We use cookies to give you the best possible experience on our website. By continuing to browse this site, you give consent for cookies to be used. For more details please read our Cookie Policy.

PRIVACY POLICY