CVE-2015-2469

2015-08-1500:59:00

CWE-119

[email protected]

web.nvd.nist.gov

cve-2015-2469

microsoft word

office 2010

word 2010

office for mac 2011

remote code execution

memory corruption

7.4 High

AI Score

Confidence

Low

9.3 High

CVSS2

Access Vector

NETWORK

Access Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:M/Au:N/C:C/I:C/A:C

0.893 High

EPSS

Percentile

98.7%

JSON

Microsoft Word 2007 SP3, Office 2010 SP2, Word 2010 SP2, and Office for Mac 2011 allow remote attackers to execute arbitrary code via a crafted document, aka “Microsoft Office Memory Corruption Vulnerability.”

CPENameOperatorVersion
microsoft:officemicrosoft officeeq2011
microsoft:officemicrosoft officeeq2010
microsoft:wordmicrosoft wordeq2010
microsoft:wordmicrosoft wordeq2007