We're sorry Aspose doesn't work properply without JavaScript enabled.

Free Support Forum - aspose.com

Impact of CVE-2014-4114 AKA Sandworm

Hi,

Would an attacker with payload for the above vulnerability in a supported file type be able to exploit a service using .NET libraries on a Windows platform?

Hi Dan,

Thanks for your inquiry. Could you please elaborate your query what exact you want to achieve using Aspose.Words?

Aspose.Words for .NET is a class library that enables your applications to perform a great range of document processing tasks. Aspose.Words supports DOC, DOCX, RTF, HTML, OpenDocument, PDF, XPS, EPUB and other formats. With Aspose.Words you can generate, modify, convert, render and print documents without utilizing Microsoft Word®.

Hi,


This is a security question, not a product usage question.

If I’m using Aspose.Words with a file that contains a malicious payload that takes advantage of the Sandworm vulnerability, could the host be compromised?

Hi Dan,


Thanks
for sharing the detail. We are in communication with our development team and will get back to you soon.

Hi Dan,

Thanks for your patience. Aspose APIs are not affected by this vulnerability. Aspose APIs neither use MS Office nor execute any code or OLE streams.

Please feel free to contact us in case you have further comments or questions.