Microsoft PowerPoint 2007 SP3, Word 2007 SP3, PowerPoint 2010 SP2, Word 2010 SP2, PowerPoint 2013 SP1, Word 2013 SP1, and PowerPoint 2013 RT SP1 allow remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted Office document, aka "Microsoft Office Memory Corruption Vulnerability."
References
Link | Resource |
---|---|
http://www.securitytracker.com/id/1032899 | Broken Link Third Party Advisory VDB Entry |
https://docs.microsoft.com/en-us/security-updates/securitybulletins/2015/ms15-070 | Patch Vendor Advisory |
Configurations
Configuration 1 (hide)
|
History
16 Jul 2024, 17:42
Type | Values Removed | Values Added |
---|---|---|
CPE | cpe:2.3:a:microsoft:powerpoint:2013:sp1:*:*:rt:*:*:* cpe:2.3:a:microsoft:word:2010:sp2:*:*:*:*:x64:* cpe:2.3:a:microsoft:powerpoint:2013:sp1:*:*:*:*:*:* cpe:2.3:a:microsoft:word:2010:sp2:*:*:*:x86:*:* |
cpe:2.3:a:microsoft:office:2011:*:*:*:*:macos:*:* cpe:2.3:a:microsoft:office:2010:sp2:*:*:*:*:*:* cpe:2.3:a:microsoft:office:2007:sp3:*:*:*:*:*:* cpe:2.3:a:microsoft:office:2013:sp1:*:*:-:*:*:* cpe:2.3:a:microsoft:office_compatibility_pack:-:sp3:*:*:*:*:*:* cpe:2.3:a:microsoft:excel_viewer:2007:sp3:*:*:*:*:*:* cpe:2.3:a:microsoft:word_viewer:-:*:*:*:*:*:*:* cpe:2.3:a:microsoft:office:2013:sp1:*:*:rt:*:*:* |
CVSS |
v2 : v3 : |
v2 : 9.3
v3 : 8.8 |
CWE | CWE-787 | |
First Time |
Microsoft office Compatibility Pack
Microsoft excel Viewer Microsoft office Microsoft word Viewer |
|
References | () http://www.securitytracker.com/id/1032899 - Broken Link, Third Party Advisory, VDB Entry | |
References | () https://docs.microsoft.com/en-us/security-updates/securitybulletins/2015/ms15-070 - Patch, Vendor Advisory |
Information
Published : 2015-07-14 21:59
Updated : 2024-07-16 17:42
NVD link : CVE-2015-2424
Mitre link : CVE-2015-2424
CVE.ORG link : CVE-2015-2424
JSON object : View
Products Affected
microsoft
- office_compatibility_pack
- office
- word
- word_viewer
- excel_viewer
- powerpoint
CWE
CWE-787
Out-of-bounds Write