Lucene search
Copyright (C) 2015 Greenbone AGOPENVAS:1361412562310805069HistoryJun 10, 2015 - 12:00 a.m.
Microsoft Office Suite Remote Code Execution Vulnerabilities (3064949)
2015-06-1000:00:00
Copyright (C) 2015 Greenbone AG
plugins.openvas.org
19
6.2 Medium
AI Score
Confidence
Low
9.3 High
CVSS2
Access Vector
NETWORK
Access Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:N/AC:M/Au:N/C:C/I:C/A:C
0.468 Medium
EPSS
Percentile
97.4%
This host is missing an important security
update according to Microsoft Bulletin MS15-059.
# SPDX-FileCopyrightText: 2015 Greenbone AG
# Some text descriptions might be excerpted from (a) referenced
# source(s), and are Copyright (C) by the respective right holder(s).
#
# SPDX-License-Identifier: GPL-2.0-only
if(description)
{
script_oid("1.3.6.1.4.1.25623.1.0.805069");
script_version("2023-07-25T05:05:58+0000");
script_xref(name:"CISA", value:"Known Exploited Vulnerability (KEV) catalog");
script_xref(name:"URL", value:"https://www.cisa.gov/known-exploited-vulnerabilities-catalog");
script_cve_id("CVE-2015-1759", "CVE-2015-1760", "CVE-2015-1770");
script_tag(name:"cvss_base", value:"9.3");
script_tag(name:"cvss_base_vector", value:"AV:N/AC:M/Au:N/C:C/I:C/A:C");
script_tag(name:"last_modification", value:"2023-07-25 05:05:58 +0000 (Tue, 25 Jul 2023)");
script_tag(name:"creation_date", value:"2015-06-10 09:23:47 +0530 (Wed, 10 Jun 2015)");
script_tag(name:"qod_type", value:"executable_version");
script_name("Microsoft Office Suite Remote Code Execution Vulnerabilities (3064949)");
script_tag(name:"summary", value:"This host is missing an important security
update according to Microsoft Bulletin MS15-059.");
script_tag(name:"vuldetect", value:"Checks if a vulnerable version is present on the target host.");
script_tag(name:"insight", value:"Flaw exists as user supplied input is
not properly validated.");
script_tag(name:"impact", value:"Successful exploitation will allow a
context-dependent attacker to corrupt memory and potentially
execute arbitrary code.");
script_tag(name:"affected", value:"- Microsoft Office 2010 Service Pack 2 and prior
- Microsoft Office 2013 Service Pack 1 and prior");
script_tag(name:"solution", value:"The vendor has released updates. Please see the references for more information.");
script_tag(name:"solution_type", value:"VendorFix");
script_xref(name:"URL", value:"https://support.microsoft.com/en-us/kb/3064949");
script_xref(name:"URL", value:"http://www.securityfocus.com/bid/75014");
script_xref(name:"URL", value:"http://www.securityfocus.com/bid/75015");
script_xref(name:"URL", value:"http://www.securityfocus.com/bid/75016");
script_xref(name:"URL", value:"https://technet.microsoft.com/library/security/MS15-059");
script_category(ACT_GATHER_INFO);
script_copyright("Copyright (C) 2015 Greenbone AG");
script_family("Windows : Microsoft Bulletins");
script_dependencies("secpod_ms_office_detection_900025.nasl");
script_require_ports(139, 445);
script_mandatory_keys("MS/Office/Ver");
exit(0);
}
include("smb_nt.inc");
include("secpod_reg.inc");
include("version_func.inc");
include("secpod_smb_func.inc");
## MS Office
offVer = get_kb_item("MS/Office/Ver");
if(!offVer){
exit(0);
}
path = registry_get_sz(key:"SOFTWARE\Microsoft\Windows\CurrentVersion",
item:"CommonFilesDir");
if(!path){
exit(0);
}
## Microsoft Office 2010
## Microsoft Office 2013
if(offVer =~ "^(14|15)\..*")
{
filePath = path + "\Microsoft Shared\TextConv";
fileVer = fetch_file_version(sysPath:filePath, file_name:"Wpft532.cnv");
if(fileVer)
{
## Microsoft Office 2013
## Microsoft Office 2010
if(version_in_range(version:fileVer, test_version:"2012", test_version2:"2012.1500.4727.0999")||
version_in_range(version:fileVer, test_version:"2010", test_version2:"2010.1400.4730.1009") ||
version_in_range(version:fileVer, test_version:"2006", test_version2:"2006.1200.6722.4999"))
{
security_message( port: 0, data: "The target host was found to be vulnerable" );
exit(0);
}
}
}
## https://support.microsoft.com/en-us/kb/3039782
path = registry_get_sz(key:"SOFTWARE\Microsoft\Windows\CurrentVersion",
item:"ProgramFilesDir");
if(path)
{
sysVer = fetch_file_version(sysPath:path + "\Microsoft Office\Office15", file_name:"osf.dll");
if(sysVer)
{
if(version_in_range(version:sysVer, test_version:"15.0", test_version2:"15.0.4725.0999"))
{
security_message( port: 0, data: "The target host was found to be vulnerable" );
exit(0);
}
}
}
Related
securityvulns
securityvulns
Microsoft Office multiple security vulnerabilities
2015-06-14 00:00:00
kaspersky
kaspersky
KLA10600 Code execution vulnerability in Microsoft Office
2015-06-09 00:00:00
nessus
nessus
mskb
mskb
prion
prion
Memory corruption
2015-06-10 01:59:00
Memory corruption
2015-06-10 01:59:00
Memory corruption
2015-06-10 01:59:00
cve
cve
symantec
symantec
Microsoft Office CVE-2015-1759 Memory Corruption Vulnerability
2015-06-09 00:00:00
Microsoft Office CVE-2015-1760 Memory Corruption Vulnerability
2015-06-09 00:00:00
checkpoint_advisories
checkpoint_advisories
Microsoft Office Remote Code Execution (MS15-059: CVE-2015-1759)
2015-07-23 00:00:00
Microsoft Office Remote Code Execution (MS15-059: CVE-2015-1760)
2015-07-23 00:00:00
attackerkb
attackerkb
CVE-2015-1770
2015-06-10 00:00:00
cisa_kev
cisa_kev
Microsoft Office Uninitialized Memory Use Vulnerability
2022-03-28 00:00:00
threatpost
threatpost
Researchers Outline New Italian RAT uWarrior
2015-08-26 07:59:01
APT Threat Targets Tibetans, Journalists and Human Rights Workers
2016-04-19 07:00:14
6.2 Medium
AI Score
Confidence
Low
9.3 High
CVSS2
Access Vector
NETWORK
Access Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:N/AC:M/Au:N/C:C/I:C/A:C
0.468 Medium
EPSS
Percentile
97.4%
Related for OPENVAS:1361412562310805069