The vulnerabilities of Microsoft Excel editors, programs for viewing Xls and Xlsx files (Excel Viewer), the Microsoft SharePoint Server corporate application suite, and the Microsoft Office Compatibility Pack enable a hacker to execute arbitrary code.

🗓️ 29 Oct 2015 00:00:00Reported by FSTEC of Russia — Information Security Threat DatabaseType

bdu_fstec

bdu_fstec🔗 bdu.fstec.ru👁 2 Views

Memory after free flaw in Excel file viewers, SharePoint server, and Office tools enables remote arbitrary code execution via fileVersion.

Reporter	Title	Published	Views	Family All 19
CNVD	Microsoft Office Memory Corruption Vulnerability (CNVD-2015-06637)	15 Oct 201500:00	–	cnvd
Check Point Advisories	Microsoft Office Memory Corruption (MS15-110: CVE-2015-2558)	13 Oct 201500:00	–	checkpoint_advisories
CVE	CVE-2015-2558	14 Oct 201501:00	–	cve
Cvelist	CVE-2015-2558	14 Oct 201501:00	–	cvelist
Microsoft KB	MS15-110: Security Updates for Microsoft Office to address remote code execution: October 13, 2015	13 Oct 201500:00	–	mskb
Kaspersky	KLA10675 Multiple vulnerabilities in Microsoft Office	13 Oct 201500:00	–	kaspersky
Tenable Nessus	MS15-110: Security Updates for Microsoft Office to Address Remote Code Execution (3096440) (Mac OS X)	14 Oct 201500:00	–	nessus
Tenable Nessus	MS15-110: Security Updates for Microsoft Office to Address Remote Code Execution (3089440)	13 Oct 201500:00	–	nessus
NVD	CVE-2015-2558	14 Oct 201501:59	–	nvd
OpenVAS	Microsoft SharePoint Server Excel Services Multiple Vulnerabilities (3096440)	14 Oct 201500:00	–	openvas

Source	Link
technet	www.technet.microsoft.com/security/bulletin/MS15-110
zerodayinitiative	www.zerodayinitiative.com/advisories/ZDI-15-516
web	www.web.nvd.nist.gov/view/vuln/detail

23 Mar 2021 00:00Current

6Medium risk

Vulners AI Score6

CVSS 29.3

EPSS0.43025

Excel file viewers SharePoint server Office compatibility pack memory after free remote code execution fileVersion element