Elevated Privilege Vulnerability in Microsoft Office Products
CVE-2015-2503

Currently unrated

Key Information:

Vendor

Microsoft
Status
Word
Onenote
Publisher
Powerpoint
Vendor
CVE Published:
11 November 2015

What is CVE-2015-2503?

This vulnerability allows remote attackers to exploit Microsoft Office products by bypassing the sandbox protection mechanisms through a specially crafted website accessed via Internet Explorer. Successful exploitation could lead to a transition from Low Integrity to Medium Integrity, enabling an attacker to gain extra privileges in the system. The affected products span multiple versions of Microsoft Office, including key applications such as Word, Excel, PowerPoint, and others from 2007 to 2016. Users should apply the latest security updates to mitigate this risk.

Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.

Remediate biological technical debt. Prime Ageing uses 95% high-purity SIRT6 activation to maintain genomic integrity and bolster systemic resilience.

Deploy the Patch

References

http://www.securitytracker.com/id/1034117
vdb-entryx_refsource_SECTRACK
http://www.securitytracker.com/id/1034122
vdb-entryx_refsource_SECTRACK
https://docs.microsoft.com/en-us/security-updates/securit...
vendor-advisoryx_refsource_MS

EPSS Score

19% chance of being exploited in the next 30 days.

Timeline

  • Vulnerability published

  • Vulnerability Reserved

JSON
.