Memory Corruption Vulnerability in Microsoft Office Suite
CVE-2015-1682

Currently unrated

Key Information:

Vendor: Microsoft
Status: Word; Excel Web App; Powerpoint; Sharepoint Foundation
Vendor: CVE Published:; 13 May 2015

What is CVE-2015-1682?

A memory corruption vulnerability exists in the Microsoft Office Suite that affects various versions of Office applications including Word, Excel, and PowerPoint. This vulnerability can be exploited by remote attackers who create specially crafted documents designed to execute arbitrary code on the affected systems when opened. The flaw impacts multiple editions for both Windows and Mac, including Office 2010, Office 2013, as well as associated components like SharePoint Server and Office Web Apps. Proper software update and patch management are essential to mitigate the risks associated with this vulnerability.

References

http://www.securityfocus.com/bid/74481

vdb-entryx_refsource_BID

http://www.securitytracker.com/id/1032295

vdb-entryx_refsource_SECTRACK

https://docs.microsoft.com/en-us/security-updates/securit...

vendor-advisoryx_refsource_MS

EPSS Score

28% chance of being exploited in the next 30 days.

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
May 13, 2015
Vulnerability Reserved
Feb 17, 2015