Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
kasperskyKaspersky LabKLA10600
HistoryJun 09, 2015 - 12:00 a.m.

KLA10600 Code execution vulnerability in Microsoft Office

2015-06-0900:00:00
Kaspersky Lab
threats.kaspersky.com
51

9.3 High

CVSS2

Access Vector

NETWORK

Access Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:M/Au:N/C:C/I:C/A:C

0.468 Medium

EPSS

Percentile

97.4%

JSON

Detect date:

06/09/2015

Severity:

Critical

Description:

Improper memory handling were found in Microsoft Office. By exploiting these vulnerabilities malicious users can execute arbitrary code. These vulnerabilities can be exploited remotely via a specially designed file.

Affected products:

Microsoft Office 2007 compatibility Pack Service Pack 3
Microsoft Office 2010 x86, x64 Service Pack 2
Microsoft Office 2013 x86, x64 Service Pack 1
Microsoft Office 2013 RT Service Pack 1

Solution:

Install necessary updates from the KB section, that are listed in your Windows Update (Windows Update usually can be accessed from the Control Panel)

Original advisories:

Microsoft Advisory
CVE-2015-1759
CVE-2015-1770
CVE-2015-1760

Impacts:

ACE

Related products:

Microsoft Office

CVE-IDS:

CVE-2015-17599.3Critical
CVE-2015-17709.3Critical
CVE-2015-17609.3Critical

Microsoft official advisories:

KB list:

2863817
3039782
2863812
3064949
3039749

Exploitation:

Malware exists for this vulnerability. Usually such malware is classified as Exploit. More details.

Related

openvas 1
mskb 1
nessus 1
securityvulns 1
cve 3
attackerkb 1
prion 3
symantec 3
cisa_kev 1
checkpoint_advisories 2
threatpost 2
openvas
openvas
Microsoft Office Suite Remote Code Execution Vulnerabilities (3064949)
2015-06-10 00:00:00
mskb
mskb
MS15-059: Vulnerabilities in Microsoft Office could allow remote code execution: June 9, 2015
2015-06-09 00:00:00
nessus
nessus
MS15-059: Vulnerabilities in Microsoft Office Could Allow Remote Code Execution (3064949)
2015-06-09 00:00:00
securityvulns
securityvulns
Microsoft Office multiple security vulnerabilities
2015-06-14 00:00:00
cve
cve
CVE-2015-1760
2015-06-10 01:59:00
CVE-2015-1759
2015-06-10 01:59:00
CVE-2015-1770
2015-06-10 01:59:00
attackerkb
attackerkb
CVE-2015-1770
2015-06-10 00:00:00
prion
prion
Memory corruption
2015-06-10 01:59:00
Memory corruption
2015-06-10 01:59:00
Memory corruption
2015-06-10 01:59:00
symantec
symantec
Microsoft Office CVE-2015-1759 Memory Corruption Vulnerability
2015-06-09 00:00:00
Microsoft Office CVE-2015-1760 Memory Corruption Vulnerability
2015-06-09 00:00:00
Microsoft Office CVE-2015-1770 Uninitialized Memory Use Remote Code Execution Vulnerability
2015-06-09 00:00:00
cisa_kev
cisa_kev
Microsoft Office Uninitialized Memory Use Vulnerability
2022-03-28 00:00:00
checkpoint_advisories
checkpoint_advisories
Microsoft Office Remote Code Execution (MS15-059: CVE-2015-1759)
2015-07-23 00:00:00
Microsoft Office Remote Code Execution (MS15-059: CVE-2015-1760)
2015-07-23 00:00:00
threatpost
threatpost
Researchers Outline New Italian RAT uWarrior
2015-08-26 07:59:01
APT Threat Targets Tibetans, Journalists and Human Rights Workers
2016-04-19 07:00:14

9.3 High

CVSS2

Access Vector

NETWORK

Access Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:M/Au:N/C:C/I:C/A:C

0.468 Medium

EPSS

Percentile

97.4%

JSON
Related for KLA10600
openvas1mskb1nessus1securityvulns1cve3attackerkb1prion3symantec3cisa_kev1checkpoint_advisories2threatpost2