Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in

Microsoft Word - Local Machine Zone Code Execution (MS15-022)

🗓️ 20 Jul 2015 00:00:00Reported by Eduardo Braun PradoType 
exploitdb
 exploitdb🔗 www.exploit-db.com👁 54 Views

Microsoft Word vulnerable to Local Machine Zone Remote Code Execution (MS15-022

Related
Code
ReporterTitlePublishedViews
Family
0day.today		Microsoft Word Local Machine Zone Remote Code Execution Vulnerability
21 Jul 201500:00
zdt
Circl		CVE-2015-0097
18 Jun 201906:53
circl
CNVD		Microsoft Office Memory Corruption Vulnerability (CNVD-2015-01632)
12 Mar 201500:00
cnvd
Check Point Advisories		Microsoft Word Local Zone Remote Code Execution (MS15-022; CVE-2015-0097)
10 Mar 201500:00
checkpoint_advisories
CVE		CVE-2015-0097
11 Mar 201510:00
cve
Cvelist		CVE-2015-0097
11 Mar 201510:00
cvelist
exploitpack		Microsoft Word - Local Machine Zone Code Execution (MS15-022)
20 Jul 201500:00
exploitpack
Microsoft KB		MS15-022: Vulnerabilities in Office could allow remote code execution: March 10, 2015
10 Mar 201500:00
mskb
Kaspersky		KLA10469 Multiple vulnerabilities in Microsoft products
10 Mar 201500:00
kaspersky
myhack58		The macro perspective of the office vulnerability, 2010-2018-a vulnerability warning-the black bar safety net
13 Jun 201900:00
myhack58
Rows per page
Exploit Title: Microsoft Word Local Machine Zone Remote Code Execution Vulnerability
Date: July 15th, 2015
Exploit Author: Eduardo Braun Prado
Vendor Homepage : http://www.microsoft.com
Version: 2007
Tested on: Microsoft Windows  XP, 2003, Vista, 2008, 7, 8, 8.1
CVE: 	CVE-2015-0097

Original Advisory: https://technet.microsoft.com/library/security/ms15-022

Microsoft Word, Excel and Powerpoint 2007 contains a remote code execution vulnerability because it is possible 
to reference documents such as Works document (.wps) as HTML. It will process HTML and script code in the context 
of the local machine zone of Internet Explorer which leads to arbitrary code execution. 
By persuading users into opening eg. specially crafted .WPS, ".doc ", ".RTF " (with a space at the end) 
it is possible to triggerthe vulnerability and run arbitrary code in the context of the logged on Windows user.

Exploit code here :

https://onedrive.live.com/embed?cid=412A36B6D0A9436A&resid=412A36B6D0A9436A%21156&authkey=AA_JVoZcoM5kvOc
https://gitlab.com/exploit-database/exploitdb-bin-sploits/-/raw/main/bin-sploits/37657.zip

Data

Build on a solid foundation with Vulners data

We provide the essential building blocks for cybersecurity solutions with comprehensive, structured, and constantly updated vulnerability and exploits data

Api

Power your application with Vulners API

The Vulners REST API offers reliable, high-performance access to vulnerability intelligence, with 99.9% SLA uptime and CDN-backed data delivery for seamless global access

App

Assess and manage vulnerabilities with Vulners tools

Built on top of Vulners' database and SDK, end-user solutions give security professionals and developers lightweight and powerful tools for vulnerability remediation

Book a live demo
20 Jul 2015 00:00Current
6.8Medium risk
Vulners AI Score6.8
CVSS 29.3
EPSS0.7941
microsoft wordremote code executionms15-022cve-2015-0097windows xpwindows 2003windows vistawindows 2008windows 7windows 8windows 8.1htmlscript codearbitrary code executionexploit code
54