CVE-2014-6352

Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, and Windows RT Gold and 8.1 allow remote attackers to execute arbitrary code via a crafted OLE object, as exploited in the wild in October 2014 with a crafted PowerPoint document.
References
Link Resource
http://blogs.technet.com/b/srd/archive/2014/11/11/assessing-risk-for-the-november-2014-security-updates.aspx Broken Link Patch Vendor Advisory
http://secunia.com/advisories/61803 Broken Link
http://twitter.com/ohjeongwook/statuses/524795124270653440 Third Party Advisory
http://www.securityfocus.com/bid/70690 Broken Link Third Party Advisory VDB Entry
http://www.securitytracker.com/id/1031097 Broken Link Third Party Advisory VDB Entry
https://docs.microsoft.com/en-us/security-updates/securitybulletins/2014/ms14-064 Patch Vendor Advisory
https://exchange.xforce.ibmcloud.com/vulnerabilities/97714 Third Party Advisory VDB Entry
https://technet.microsoft.com/library/security/3010060 Patch Vendor Advisory
http://blogs.technet.com/b/srd/archive/2014/11/11/assessing-risk-for-the-november-2014-security-updates.aspx Broken Link Patch Vendor Advisory
http://secunia.com/advisories/61803 Broken Link
http://twitter.com/ohjeongwook/statuses/524795124270653440 Third Party Advisory
http://www.securityfocus.com/bid/70690 Broken Link Third Party Advisory VDB Entry
http://www.securitytracker.com/id/1031097 Broken Link Third Party Advisory VDB Entry
https://docs.microsoft.com/en-us/security-updates/securitybulletins/2014/ms14-064 Patch Vendor Advisory
https://exchange.xforce.ibmcloud.com/vulnerabilities/97714 Third Party Advisory VDB Entry
https://technet.microsoft.com/library/security/3010060 Patch Vendor Advisory
https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2014-6352
Configurations

Configuration 1 (hide)

OR cpe:2.3:o:microsoft:windows_7:-:sp1:*:*:*:*:*:*
cpe:2.3:o:microsoft:windows_8:-:*:*:*:*:*:*:*
cpe:2.3:o:microsoft:windows_8.1:-:*:*:*:*:*:*:*
cpe:2.3:o:microsoft:windows_rt:-:*:*:*:*:*:*:*
cpe:2.3:o:microsoft:windows_rt_8.1:-:*:*:*:*:*:*:*
cpe:2.3:o:microsoft:windows_server_2008:-:sp2:*:*:*:*:*:*
cpe:2.3:o:microsoft:windows_server_2008:r2:sp1:*:*:*:*:*:*
cpe:2.3:o:microsoft:windows_server_2012:-:*:*:*:*:*:*:*
cpe:2.3:o:microsoft:windows_server_2012:r2:*:*:*:*:*:*:*
cpe:2.3:o:microsoft:windows_vista:-:sp2:*:*:*:*:*:*

History

22 Oct 2025, 01:16

Type Values Removed Values Added
References
  • () https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2014-6352 -

21 Oct 2025, 20:16

Type Values Removed Values Added
References
  • {'url': 'https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2014-6352', 'source': '134c704f-9b21-4f2e-91b3-4a467353bcc0'}

21 Oct 2025, 19:16

Type Values Removed Values Added
References
  • () https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2014-6352 -

Information

Published : 2014-10-22 14:55

Updated : 2025-10-22 01:16


NVD link : CVE-2014-6352

Mitre link : CVE-2014-6352

CVE.ORG link : CVE-2014-6352


JSON object : View

Products Affected

microsoft

  • windows_rt_8.1
  • windows_8
  • windows_vista
  • windows_8.1
  • windows_server_2012
  • windows_7
  • windows_server_2008
  • windows_rt