CVE-2014-1761

HIGH KEV

Microsoft Word <2013 - Memory Corruption

Title source: llm

Description

Microsoft Word 2003 SP3, 2007 SP3, 2010 SP1 and SP2, 2013, and 2013 RT; Word Viewer; Office Compatibility Pack SP3; Office for Mac 2011; Word Automation Services on SharePoint Server 2010 SP1 and SP2 and 2013; Office Web Apps 2010 SP1 and SP2; and Office Web Apps Server 2013 allow remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via crafted RTF data, as exploited in the wild in March 2014.

Exploits (2)

exploitdb WORKING POC VERIFIED

by Metasploit · rubylocalwindows

https://www.exploit-db.com/exploits/32793

View Code ZIP pw:eip

metasploit WORKING POC NORMAL

by Haifei Li, Spencer McIntyre, unknown · rubypocwin

https://github.com/rapid7/metasploit-framework/blob/master/modules/exploits/windows/fileformat/ms14_017_rtf.rb

View Code ZIP pw:eip

References (3)

[Patch, Vendor Advisory] http://technet.microsoft.com/security/advisory/2953095

[Patch, Vendor Advisory] https://docs.microsoft.com/en-us/security-updates/securitybulletins/2014/ms14-017

[Third Party Advisory, US Government Resource] https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2014-1761

Scores

CVSS v3 7.8

EPSS 0.9334

EPSS Percentile 99.8%

Attack Vector LOCAL

CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

Details

CISA KEV 2022-02-15

VulnCheck KEV 2014-03-24

InTheWild.io 2018-10-30

ENISA EUVD EUVD-2014-1835

CWE

CWE-787

Status published

Products (11)

microsoft/office 2011

microsoft/office_compatibility_pack

microsoft/office_web_apps 2010 sp1 (2 CPE variants)

microsoft/office_web_apps_server 2013

microsoft/sharepoint_server 2010 sp1 (2 CPE variants)

microsoft/sharepoint_server 2013

microsoft/word 2003 sp3

microsoft/word 2007 sp3

microsoft/word 2010 sp1 (2 CPE variants)

microsoft/word 2013 (4 CPE variants)

... and 1 more

Published Mar 25, 2014

KEV Added Feb 15, 2022

Tracked Since Feb 18, 2026