KLA10661 Multiple vulnerabillities in Microsoft Office

🗓️ 08 Sep 2015 00:00:00Reported by Kaspersky LabType

kaspersky🔗 threats.kaspersky.com👁 158 Views

Multiple vulnerabilities found in Microsoft Office can allow arbitrary code execution or XSS attacks. Vulnerabilities include improper memory handling, user content sanitization, and EPS file exploitation. Public exploits and malware exist for these critical threats. Install KB updates for a solution

Reporter	Title	Published	Views	Family All 61
ATTACKERKB	CVE-2015-2545	9 Sep 201500:00	–	attackerkb
Circl	CVE-2015-2520	16 Sep 201500:00	–	circl
Circl	CVE-2015-2521	16 Sep 201500:00	–	circl
Circl	CVE-2015-2523	16 Sep 201500:00	–	circl
Circl	CVE-2015-2545	26 Mar 201612:41	–	circl
CISA KEV Catalog	Microsoft Office Malformed EPS File Vulnerability	3 Mar 202200:00	–	cisa_kev
CNVD	Microsoft Office Malformed EPS File Vulnerability	10 Sep 201500:00	–	cnvd
CNVD	Microsoft Office Memory Corruption Vulnerability (CNVD-2015-05987)	10 Sep 201500:00	–	cnvd
CNVD	Microsoft SharePoint Foundation Cross-Site Scripting Vulnerability (CNVD-2015-05988)	10 Sep 201500:00	–	cnvd
CNVD	Microsoft Office Memory Corruption Vulnerability (CNVD-2015-05989)	10 Sep 201500:00	–	cnvd

Source	Link
portal	www.portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2015-2523
portal	www.portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2015-2522
portal	www.portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2015-2521
portal	www.portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2015-2545
portal	www.portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2015-2520
threats	www.threats.kaspersky.com/en/class/Exploit/
threats	www.threats.kaspersky.com/en/product/Microsoft-Office/
threats	www.threats.kaspersky.com/en/product/Microsoft-Excel/
support	www.support.microsoft.com/kb/3054813
support	www.support.microsoft.com/kb/3085487

02 Apr 2025 00:00Current

7.7High risk

Vulners AI Score7.7

CVSS 29.3

CVSS 3.17.8

EPSS0.93232