CVE-2015-2431

Currently unrated

Key Information:

Vendor: Microsoft
Status: Live Meeting; Lync Basic; Office; Lync
Vendor: CVE Published:; 15 August 2015

Summary

Microsoft Office 2007 SP3 and 2010 SP2, Live Meeting 2007 Console, Lync 2010, Lync 2010 Attendee, Lync 2013 SP1, and Lync Basic 2013 SP1 allow remote attackers to execute arbitrary code via a crafted Office Graphics Library (OGL) font, aka "Microsoft Office Graphics Component Remote Code Execution Vulnerability."

References

https://docs.microsoft.com/en-us/security-updates/securit...

vendor-advisoryx_refsource_MS

http://www.securitytracker.com/id/1033238

vdb-entryx_refsource_SECTRACK

https://www.exploit-db.com/exploits/37911/

exploitx_refsource_EXPLOIT-DB

EPSS Score

62% chance of being exploited in the next 30 days.

Timeline

Vulnerability published
Aug 15, 2015
Vulnerability Reserved
Mar 19, 2015

Collectors

NVD DatabaseMitre Database