CVE-2015-2380

2015-07-1421:59:00

CWE-119

[email protected]

web.nvd.nist.gov

cve-2015-2380

microsoft word

office 2010

word 2013

memory corruption

nvd

7.9 High

AI Score

Confidence

High

9.3 High

CVSS2

Access Vector

NETWORK

Access Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:M/Au:N/C:C/I:C/A:C

0.34 Low

EPSS

Percentile

97.1%

JSON

Microsoft Word 2007 SP3, Office 2010 SP2, Word 2010 SP2, Word 2013 SP1, and Word 2013 RT SP1 allow remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted Office document, aka “Microsoft Office Memory Corruption Vulnerability.”

CPENameOperatorVersion
microsoft:wordmicrosoft wordeq2013
microsoft:officemicrosoft officeeq2010
microsoft:wordmicrosoft wordeq2010
microsoft:wordmicrosoft wordeq2007