Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
kasperskyKaspersky LabKLA10469
HistoryMar 10, 2015 - 12:00 a.m.

KLA10469 Multiple vulnerabilities in Microsoft products

2015-03-1000:00:00
Kaspersky Lab
threats.kaspersky.com
26

9.3 High

CVSS2

Access Vector

NETWORK

Access Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:M/Au:N/C:C/I:C/A:C

0.91 High

EPSS

Percentile

98.8%

JSON

Detect date:

03/10/2015

Severity:

Critical

Description:

Multiple serious vulnerabilities have been found in Microsoft products. Malicious users can exploit these vulnerabilities to cause denial of service, execute arbitrary code or conduct code injection.

Affected products:

Microsoft Office 2007 Service Pack 3
Microsoft Office 2010 x86, x64 Service Pack 2
Microsoft Office 2013 x86, x64
Microsoft Office 2013 x86, x64 Service Pack 1
Microsoft SharePoint Server 2010 Service Pack 2
Microsoft SharePoint Server 2013 Service Pack 1
Microsoft SharePoint Server 2013
Microsoft Office Web Apps 2010 Service Pack 2
Microsoft Office Web Apps 2013
Microsoft Office Web Apps 2013 Service Pack 1

Solution:

Install necessary updates from the KB section, that are listed in your Windows Update (Windows Update usually can be accessed from the Control Panel)

Original advisories:

MS advisory
CVE-2015-1636
CVE-2015-0085
CVE-2015-0086
CVE-2015-1633
CVE-2015-0097

Impacts:

ACE

Related products:

Microsoft Office

CVE-IDS:

CVE-2015-16363.5Warning
CVE-2015-00859.3Critical
CVE-2015-00869.3Critical
CVE-2015-16333.5Warning
CVE-2015-00979.3Critical

Microsoft official advisories:

KB list:

2956183
2956181
2956180
2880473
2956189
2956188
2881078
2956069
2920812
2889839
2956109
2956103
2956175
2956107
2956106
2956208
2956163
3038999
2956143
2956142
2956076
2881068
2760361
2899580
2760554
2956136
2956151
2956153
2984939
2956158
2956138
2956139
2760508
2920731
2737989
2883100

Exploitation:

Public exploits exist for this vulnerability.

References

Related

mskb 1
nessus 1
openvas 11
securityvulns 1
prion 5
cve 5
checkpoint_advisories 5
symantec 5
exploitpack 1
zdt 1
zdi 1
exploitdb 1
myhack58 1
mskb
mskb
MS15-022: Vulnerabilities in Office could allow remote code execution: March 10, 2015
2015-03-10 00:00:00
nessus
nessus
MS15-022: Vulnerabilities in Microsoft Office Could Allow Remote Code Execution (3038999)
2015-03-11 00:00:00
openvas
openvas
Microsoft Office PowerPoint Remote Code Execution Vulnerabilities (3038999)
2015-03-11 00:00:00
Microsoft Office Excel Viewer Remote Code Execution Vulnerabilities (3038999)
2015-03-11 00:00:00
Microsoft Office Excel Remote Code Execution Vulnerabilities (3038999)
2015-03-11 00:00:00
securityvulns
securityvulns
Microsoft Office and Sharepoint multiple security vulnerabilities
2015-04-16 00:00:00
prion
prion
Memory corruption
2015-03-11 10:59:00
Cross site scripting
2015-03-11 10:59:00
Cross site scripting
2015-03-11 10:59:00
cve
cve
CVE-2015-1636
2015-03-11 10:59:00
CVE-2015-0086
2015-03-11 10:59:00
CVE-2015-1633
2015-03-11 10:59:00
checkpoint_advisories
checkpoint_advisories
Microsoft Office Memory Corruption (MS15-022; CVE-2015-0086)
2015-03-10 00:00:00
Microsoft SharePoint User Name XSS (MS15-022; CVE-2015-1633)
2015-03-10 00:00:00
Microsoft Word Local Zone Remote Code Execution (MS15-022; CVE-2015-0097)
2015-03-10 00:00:00
symantec
symantec
Microsoft Office CVE-2015-0086 Memory Corruption Vulnerability
2015-03-10 00:00:00
Microsoft SharePoint CVE-2015-1636 Cross Site Scripting Vulnerability
2015-03-10 00:00:00
Microsoft SharePoint CVE-2015-1633 Cross Site Scripting Vulnerability
2015-03-10 00:00:00
exploitpack
exploitpack
Microsoft Word - Local Machine Zone Code Execution (MS15-022)
2015-07-20 00:00:00
zdt
zdt
Microsoft Word Local Machine Zone Remote Code Execution Vulnerability
2015-07-21 00:00:00
zdi
zdi
Microsoft Word Format Tag Transposition Use-After-Free Remote Code Execution Vulnerability
2015-03-12 00:00:00
exploitdb
exploitdb
Microsoft Word - Local Machine Zone Code Execution (MS15-022)
2015-07-20 00:00:00
myhack58
myhack58
The macro perspective of the office vulnerability, 2010-2018-a vulnerability warning-the black bar safety net
2019-06-13 00:00:00

9.3 High

CVSS2

Access Vector

NETWORK

Access Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:M/Au:N/C:C/I:C/A:C

0.91 High

EPSS

Percentile

98.8%

JSON
Related for KLA10469
mskb1nessus1openvas11securityvulns1prion5cve5checkpoint_advisories5symantec5exploitpack1zdt1zdi1exploitdb1myhack581