CVE-2015-2424

Microsoft PowerPoint 2007 SP3, Word 2007 SP3, PowerPoint 2010 SP2, Word 2010 SP2, PowerPoint 2013 SP1, Word 2013 SP1, and PowerPoint 2013 RT SP1 allow remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted Office document, aka "Microsoft Office Memory Corruption Vulnerability."
References
Link Resource
http://www.securitytracker.com/id/1032899 Broken Link Third Party Advisory VDB Entry
https://docs.microsoft.com/en-us/security-updates/securitybulletins/2015/ms15-070 Patch Vendor Advisory
Configurations

Configuration 1 (hide)

OR cpe:2.3:a:microsoft:excel_viewer:2007:sp3:*:*:*:*:*:*
cpe:2.3:a:microsoft:office:2007:sp3:*:*:*:*:*:*
cpe:2.3:a:microsoft:office:2010:sp2:*:*:*:*:*:*
cpe:2.3:a:microsoft:office:2011:*:*:*:*:macos:*:*
cpe:2.3:a:microsoft:office:2013:sp1:*:*:-:*:*:*
cpe:2.3:a:microsoft:office:2013:sp1:*:*:rt:*:*:*
cpe:2.3:a:microsoft:office_compatibility_pack:-:sp3:*:*:*:*:*:*
cpe:2.3:a:microsoft:powerpoint:2007:sp3:*:*:*:*:*:*
cpe:2.3:a:microsoft:powerpoint:2010:sp2:*:*:*:*:*:*
cpe:2.3:a:microsoft:word:2013:sp1:*:*:*:*:*:*
cpe:2.3:a:microsoft:word_viewer:-:*:*:*:*:*:*:*

History

16 Jul 2024, 17:42

Type Values Removed Values Added
CPE cpe:2.3:a:microsoft:word:2007:sp3:*:*:*:*:*:*
cpe:2.3:a:microsoft:powerpoint:2013:sp1:*:*:rt:*:*:*
cpe:2.3:a:microsoft:word:2010:sp2:*:*:*:*:x64:*
cpe:2.3:a:microsoft:powerpoint:2013:sp1:*:*:*:*:*:*
cpe:2.3:a:microsoft:word:2010:sp2:*:*:*:x86:*:*
cpe:2.3:a:microsoft:office:2011:*:*:*:*:macos:*:*
cpe:2.3:a:microsoft:office:2010:sp2:*:*:*:*:*:*
cpe:2.3:a:microsoft:office:2007:sp3:*:*:*:*:*:*
cpe:2.3:a:microsoft:office:2013:sp1:*:*:-:*:*:*
cpe:2.3:a:microsoft:office_compatibility_pack:-:sp3:*:*:*:*:*:*
cpe:2.3:a:microsoft:excel_viewer:2007:sp3:*:*:*:*:*:*
cpe:2.3:a:microsoft:word_viewer:-:*:*:*:*:*:*:*
cpe:2.3:a:microsoft:office:2013:sp1:*:*:rt:*:*:*
CVSS v2 : 9.3
v3 : unknown
v2 : 9.3
v3 : 8.8
CWE CWE-119 CWE-787
First Time Microsoft office Compatibility Pack
Microsoft excel Viewer
Microsoft office
Microsoft word Viewer
References () http://www.securitytracker.com/id/1032899 - () http://www.securitytracker.com/id/1032899 - Broken Link, Third Party Advisory, VDB Entry
References () https://docs.microsoft.com/en-us/security-updates/securitybulletins/2015/ms15-070 - () https://docs.microsoft.com/en-us/security-updates/securitybulletins/2015/ms15-070 - Patch, Vendor Advisory

Information

Published : 2015-07-14 21:59

Updated : 2024-07-16 17:42


NVD link : CVE-2015-2424

Mitre link : CVE-2015-2424

CVE.ORG link : CVE-2015-2424


JSON object : View

Products Affected

microsoft

  • office_compatibility_pack
  • office
  • word
  • word_viewer
  • excel_viewer
  • powerpoint
CWE
CWE-787

Out-of-bounds Write