E17-3dvu1
CVSS:
7.8 CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
False Positive:
f
Variants:
4
Year:
2017
Description
This strike exploits a buffer overflow vulnerability in EQNEDT component of Microsoft Office.
The vulnerability is due to an invalidation of font name field length in an OLE object.
An attacker could execute arbitrary code by enticing a user to open a maliciously crafted document using the vulnerable software.