Description
Microsoft Word 2003 SP3, 2007 SP3, 2010 SP1 and SP2, 2013, and 2013 RT; Word Viewer; Office Compatibility Pack SP3; Office for Mac 2011; Word Automation Services on SharePoint Server 2010 SP1 and SP2 and 2013; Office Web Apps 2010 SP1 and SP2; and Office Web Apps Server 2013 allow remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via crafted RTF data, as exploited in the wild in March 2014.
Remediation
References
Related Vulnerabilities
Jenkins Insufficient Session Expiration Vulnerability (CVE-2019-1003049)
phpMyAdmin 7PK - Security Features Vulnerability (CVE-2015-7873)
WordPress Plugin WP Activity Log Security Bypass (4.0.1)
WordPress Plugin Clever Addons for Elementor Multiple Cross-Site Scripting Vulnerabilities (2.0.15)
WordPress Plugin WP-Lister Lite for eBay Directory Traversal (2.0.20)