CVE-2021-1715

Name of the Vulnerable Software and Affected Versions Microsoft Word (affected versions not specified) Microsoft Office (affected versions not specified) Microsoft Office Online Server (affected versions not specified) Microsoft Office Web Apps (affected versions not specified) Microsoft 365 Apps (affected versions not specified) Microsoft SharePoint Server (affected versions not specified) Microsoft SharePoint Enterprise Server (affected versions not specified)

Description The issue is related to a buffer overflow in Microsoft Word, allowing remote attackers to execute arbitrary code. This can be exploited by parsing a specially crafted Microsoft Word DOC file, leading to an out-of-bounds write and potentially enabling the execution of malicious code.

Recommendations For Microsoft Word, update to a version that includes a fix for the buffer overflow issue. For Microsoft Office, consider disabling the affected component until a patch is available. For Microsoft Office Online Server, restrict access to the server to minimize the risk of exploitation. For Microsoft Office Web Apps, avoid using the affected web apps until the issue is resolved. For Microsoft 365 Apps, apply configuration changes to prevent the exploitation of the vulnerability. For Microsoft SharePoint Server, restrict access to the server to minimize the risk of exploitation. For Microsoft SharePoint Enterprise Server, consider disabling the affected component until a patch is available. At the moment, there is no information about a newer version that contains a fix for this vulnerability.