Lucene search
HistoryDec 09, 2015 - 11:59 a.m.
CVE-2015-6172
CVSS2
9.3
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:N/AC:M/Au:N/C:C/I:C/A:C
AI Score
7.4
Confidence
Low
EPSS
0.254
Percentile
96.7%
Microsoft Word 2007 SP3, Office 2010 SP2, Word 2010 SP2, Word 2013 SP1, Word 2016, Word 2013 RT SP1, and Office Compatibility Pack SP3 allow remote attackers to execute arbitrary code via a crafted email message processed by Outlook, aka “Microsoft Office RCE Vulnerability.”
Affected configurations
Node
microsoftofficeMatch2010sp2x64
ORmicrosoftofficeMatch2010sp2x86
ORmicrosoftoffice_compatibility_packsp3
ORmicrosoftwordMatch2007sp3
ORmicrosoftwordMatch2010sp2
ORmicrosoftwordMatch2013sp1
ORmicrosoftwordMatch2013sp1rt
Related
cvelist
cvelist
CVE-2015-6172
2015-12-09 11:00:00
cve
cve
CVE-2015-6172
2015-12-09 11:59:53
checkpoint_advisories
checkpoint_advisories
Microsoft Outlook Embedded OLE Object (MS15-131: CVE-2015-6172)
2015-12-08 00:00:00
prion
prion
Design/Logic Flaw
2015-12-09 11:59:00
symantec
symantec
Microsoft Office CVE-2015-6172 Remote Code Execution Vulnerability
2015-12-08 00:00:00
openvas
openvas
mskb
mskb
kaspersky
kaspersky
KLA10716 Code execution vulnerabilities in Microsoft Office
2015-12-08 00:00:00
nessus
nessus
CVSS2
9.3
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:N/AC:M/Au:N/C:C/I:C/A:C
AI Score
7.4
Confidence
Low
EPSS
0.254
Percentile
96.7%
Related for NVD:CVE-2015-6172