Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
kasperskyKaspersky LabKLA10583
HistoryMay 12, 2015 - 12:00 a.m.

KLA10583 Code execution vulnerability in Microsoft Office

2015-05-1200:00:00
Kaspersky Lab
threats.kaspersky.com
25

9.3 High

CVSS2

Access Vector

NETWORK

Access Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:M/Au:N/C:C/I:C/A:C

0.91 High

EPSS

Percentile

98.8%

JSON

Detect date:

05/12/2015

Severity:

Critical

Description:

An unspecified vulnerability was found in Microsoft products. By exploiting this vulnerability malicious users can execute arbitrary code. This vulnerability can be exploited remotely via a specially designed document.

Affected products:

Office 2007 Service Pack 3
Office 2010 x86, x64 Service Pack 2
Office 2013 x86, x64, RT Service Pack 1
Office for Mac 2011
PoerPoint Viewer
SharePoint Server 2010 Service Pack 2
SharePoint Server 2013 Service Pack 1
Office Web Apps 2010 Service Pack 2
Office Web Apps 2013 Service Pack 1

Solution:

Install necessary updates from the KB section, that are listed in your Windows Update (Windows Update usually can be accessed from the Control Panel)

Original advisories:

Microsoft bulletin
CVE-2015-1683
CVE-2015-1682

Impacts:

ACE

Related products:

Microsoft Office

CVE-IDS:

CVE-2015-16839.3Critical
CVE-2015-16829.3Critical

Microsoft official advisories:

KB list:

3017815
2956194
2999420
2965307
2965240
2975816
3039748
2956140
3057181
3039725
2965233
2956195
2965237
2999412
2956193
2965311
3023055
2975808
2965282
2965242
2986216
3062536
3039736

References

Related

openvas 9
nessus 2
securityvulns 1
symantec 2
cve 2
prion 2
checkpoint_advisories 2
cvelist 2
zdi 1
openvas
openvas
Microsoft Office Suite Remote Code Execution Vulnerability (3057181)
2015-05-13 00:00:00
Microsoft Office PowerPoint Remote Code Execution Vulnerability (3057181)
2015-05-13 00:00:00
Microsoft SharePoint Server RCE Vulnerability (3057181)
2015-05-13 00:00:00
nessus
nessus
MS15-046: Vulnerabilities in Microsoft Office Could Allow Remote Code Execution (3057181)
2015-05-13 00:00:00
MS15-046: Vulnerability in Microsoft Office Could Allow Remote Code Execution (3057181)
2015-05-13 00:00:00
securityvulns
securityvulns
Microsoft Office memory corruptions
2015-05-13 00:00:00
symantec
symantec
Microsoft Office CVE-2015-1683 Memory Corruption Vulnerability
2015-05-12 00:00:00
Microsoft Office CVE-2015-1682 Memory Corruption Vulnerability
2015-05-12 00:00:00
cve
cve
CVE-2015-1683
2015-05-13 10:59:00
CVE-2015-1682
2015-05-13 10:59:00
prion
prion
Memory corruption
2015-05-13 10:59:00
Memory corruption
2015-05-13 10:59:00
checkpoint_advisories
checkpoint_advisories
Microsoft Office File Modification Password Use After Free (MS15-046; CVE-2015-1683)
2015-10-27 00:00:00
Microsoft Office Memory Corruption (MS15-046: CVE-2015-1682)
2015-05-12 00:00:00
cvelist
cvelist
CVE-2015-1683
2015-05-13 10:00:00
CVE-2015-1682
2015-05-13 10:00:00
zdi
zdi
Microsoft Word ptCount Element Uninitialized Memory Read Remote Code Execution Vulnerability
2015-05-12 00:00:00

9.3 High

CVSS2

Access Vector

NETWORK

Access Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:M/Au:N/C:C/I:C/A:C

0.91 High

EPSS

Percentile

98.8%

JSON
Related for KLA10583
openvas9nessus2securityvulns1symantec2cve2prion2checkpoint_advisories2cvelist2zdi1