Lucene search

K
nvd[email protected]NVD:CVE-2015-2376
HistoryJul 14, 2015 - 9:59 p.m.

CVE-2015-2376

2015-07-1421:59:11
CWE-119
web.nvd.nist.gov
1

CVSS2

9.3

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:M/Au:N/C:C/I:C/A:C

AI Score

7.6

Confidence

High

EPSS

0.772

Percentile

98.2%

Microsoft Excel 2007 SP3, Excel 2010 SP2, Excel 2013 SP1, Excel 2013 RT SP1, Office for Mac 2011, Excel Viewer 2007 SP3, Office Compatibility Pack SP3, Excel Services on SharePoint Server 2007 SP3, Excel Services on SharePoint Server 2010 SP2, and Excel Services on SharePoint Server 2013 SP1 allow remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted Office document, aka β€œMicrosoft Office Memory Corruption Vulnerability.”

Affected configurations

NVD
Node
microsoftexcelMatch2007sp3
OR
microsoftexcelMatch2010sp2x64
OR
microsoftexcelMatch2010sp2x86
OR
microsoftexcelMatch2013sp1
OR
microsoftexcelMatch2013sp1rt
OR
microsoftexcel_viewerMatch2007sp3
OR
microsoftofficeMatch2011mac
OR
microsoftoffice_compatibility_packsp3
OR
microsoftsharepoint_designerMatch2007sp3
OR
microsoftsharepoint_designerMatch2010sp2
OR
microsoftsharepoint_designerMatch2013sp1

CVSS2

9.3

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:M/Au:N/C:C/I:C/A:C

AI Score

7.6

Confidence

High

EPSS

0.772

Percentile

98.2%