You are using an out of date browser. It may not display this or other websites correctly. You should upgrade or use an alternative browser.
cve terminology
About this tag
The cve terminology tag on WindowsForum.com covers discussions about how Microsoft and the security community define and use terms within CVE entries. A recurring theme is the distinction between a vulnerability's impact and its attack vector, particularly in Microsoft advisories where 'Remote Code Execution' in a CVE title refers to the impact rather than the network-based attack vector. Examples include Office-related bugs where local file processing triggers code execution. The tag helps users understand the precise meaning of CVE language, such as CVSS AV:L, and how to interpret Microsoft's terminology for accurate vulnerability assessment.
In Microsoft’s terminology, the phrase “Remote Code Execution” in the CVE title describes the impact of the bug, not necessarily the CVSS attack vector. In other words, if the vulnerability is successfully triggered, the attacker can cause code to run on the victim’s machine, but the exploit...