Microsoft Office 2007 SP3, 2010 SP2, and 2013 SP1 allows remote attackers to execute arbitrary code via a crafted document, aka "Microsoft Office Memory Corruption Vulnerability.". Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. Actively exploited in the wild (cisa kev) and EPSS exploitation probability 72.9%.
Buffer Overflow
Microsoft
RCE
Memory Corruption
NVD
VulDB
CVSS 3.1
7.8
EPSS
72.9%
Threat
5.2