Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
openvasCopyright (C) 2015 Greenbone AGOPENVAS:1361412562310806120
HistoryOct 14, 2015 - 12:00 a.m.

Microsoft Office Excel Multiple Remote Code Execution Vulnerabilities (3096440)

2015-10-1400:00:00
Copyright (C) 2015 Greenbone AG
plugins.openvas.org
20

9.3 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:M/Au:N/C:C/I:C/A:C

6.2 Medium

AI Score

Confidence

Low

0.77 High

EPSS

Percentile

98.2%

JSON

This host is missing a critical security
update according to Microsoft Bulletin MS15-110.

# SPDX-FileCopyrightText: 2015 Greenbone AG
# Some text descriptions might be excerpted from (a) referenced
# source(s), and are Copyright (C) by the respective right holder(s).
#
# SPDX-License-Identifier: GPL-2.0-only

if(description)
{
  script_oid("1.3.6.1.4.1.25623.1.0.806120");
  script_version("2023-07-25T05:05:58+0000");
  script_cve_id("CVE-2015-2555", "CVE-2015-2557", "CVE-2015-2558");
  script_tag(name:"cvss_base", value:"9.3");
  script_tag(name:"cvss_base_vector", value:"AV:N/AC:M/Au:N/C:C/I:C/A:C");
  script_tag(name:"last_modification", value:"2023-07-25 05:05:58 +0000 (Tue, 25 Jul 2023)");
  script_tag(name:"creation_date", value:"2015-10-14 09:49:51 +0530 (Wed, 14 Oct 2015)");
  script_tag(name:"qod_type", value:"executable_version");
  script_name("Microsoft Office Excel Multiple Remote Code Execution Vulnerabilities (3096440)");

  script_tag(name:"summary", value:"This host is missing a critical security
  update according to Microsoft Bulletin MS15-110.");

  script_tag(name:"vuldetect", value:"Checks if a vulnerable version is present on the target host.");

  script_tag(name:"insight", value:"Multiple flaws exist when,

  - Microsoft Excel improperly handles the loading of dynamic link library
    (DLL) files.

  - Error when memory is released in an unintended manner.

  - Improper handling of files in the memory.");

  script_tag(name:"impact", value:"Successful exploitation will allow remote
  attackers to run arbitrary code in the context of the current user and
  to perform actions in the security context of the current user.");

  script_tag(name:"affected", value:"- Microsoft Excel 2007 Service Pack 3 and prior

  - Microsoft Excel 2010 Service Pack 2 and prior

  - Microsoft Excel 2013 Service Pack 1 and prior

  - Microsoft Excel 2016 Service Pack 1 and prior");

  script_tag(name:"solution", value:"The vendor has released updates. Please see the references for more information.");

  script_tag(name:"solution_type", value:"VendorFix");

  script_xref(name:"URL", value:"https://support.microsoft.com/en-us/kb/3096440");
  script_xref(name:"URL", value:"https://support.microsoft.com/en-us/kb/3085615");
  script_xref(name:"URL", value:"https://support.microsoft.com/en-us/kb/3085609");
  script_xref(name:"URL", value:"https://support.microsoft.com/en-us/kb/3085583");
  script_xref(name:"URL", value:"https://technet.microsoft.com/en-us/library/security/MS15-110");

  script_category(ACT_GATHER_INFO);
  script_copyright("Copyright (C) 2015 Greenbone AG");
  script_family("Windows : Microsoft Bulletins");
  script_dependencies("secpod_office_products_version_900032.nasl");
  script_mandatory_keys("SMB/Office/Excel/Version");
  script_xref(name:"URL", value:"https://technet.microsoft.com/en-us/security/bulletin/ms15-110");
  exit(0);
}

include("smb_nt.inc");
include("version_func.inc");

excelVer = get_kb_item("SMB/Office/Excel/Version");
if(!excelVer){
  exit(0);
}

excelPath = get_kb_item("SMB/Office/Excel/Install/Path");
if(!excelPath){
  excelPath = "Unable to fetch the install path";
}

if(excelVer =~ "^(12|14|15|16)\..*")
{
  if(excelVer =~ "^12"){
    Vulnerable_range  =  "12 - 12.0.6732.4999";
  }
  else if(excelVer =~ "^14"){
    Vulnerable_range  =  "14 - 14.0.7160.4999";
  }
  else if(excelVer =~ "^15"){
   Vulnerable_range  =  "15 - 15.0.4763.0999";
  }
  else if(excelVer =~ "^16"){
   Vulnerable_range  =  "16 - 16.0.4288.0999";
  }

  if(version_in_range(version:excelVer, test_version:"12.0", test_version2:"12.0.6732.4999") ||
     version_in_range(version:excelVer, test_version:"14.0", test_version2:"14.0.7160.4999") ||
     version_in_range(version:excelVer, test_version:"15.0", test_version2:"15.0.4763.0999") ||
     version_in_range(version:excelVer, test_version:"16.0", test_version2:"16.0.4288.0999"))
  {
    report = 'File checked:     ' + excelPath + "Excel.exe" + '\n' +
             'File version:     ' + excelVer  + '\n' +
             'Vulnerable range: ' + Vulnerable_range + '\n' ;
    security_message(data:report);
    exit(0);
  }
}

Related

openvas 5
mskb 1
securityvulns 1
nessus 2
kaspersky 1
zdi 3
cve 3
prion 3
symantec 3
checkpoint_advisories 3
nvd 3
cvelist 3
openvas
openvas
Microsoft Visio Multiple Remote Code Execution Vulnerabilities (3096440)
2015-10-14 00:00:00
Microsoft Office Multiple Remote Code Execution Vulnerabilities (3096440) - Mac OS X
2015-10-14 00:00:00
MS SharePoint Server Excel Services Multiple Vulnerabilities (3096440)
2015-10-14 00:00:00
mskb
mskb
MS15-110: Security Updates for Microsoft Office to address remote code execution: October 13, 2015
2015-10-13 00:00:00
securityvulns
securityvulns
Microsoft Office multiple security vulnerabilities
2015-10-25 00:00:00
nessus
nessus
MS15-110: Security Updates for Microsoft Office to Address Remote Code Execution (3096440) (Mac OS X)
2015-10-14 00:00:00
MS15-110: Security Updates for Microsoft Office to Address Remote Code Execution (3089440)
2015-10-13 00:00:00
kaspersky
kaspersky
KLA10675 Multiple vulnerabilities in Microsoft Office
2015-10-13 00:00:00
zdi
zdi
Microsoft Office Visio UML Remote Code Execution Vulnerability
2015-10-13 00:00:00
Microsoft Office Excel fileVersion Use-After-Free Remote Code Execution Vulnerability
2015-10-13 00:00:00
Microsoft Office Excel calculatedColumnFormula Use-After-Free Information Disclosure Vulnerability
2015-10-13 00:00:00
cve
cve
CVE-2015-2557
2015-10-14 01:59:12
CVE-2015-2555
2015-10-14 01:59:10
CVE-2015-2558
2015-10-14 01:59:13
prion
prion
Memory corruption
2015-10-14 01:59:00
Memory corruption
2015-10-14 01:59:00
Memory corruption
2015-10-14 01:59:00
symantec
symantec
Microsoft Office CVE-2015-2557 Memory Corruption Vulnerability
2015-10-13 00:00:00
Microsoft Office CVE-2015-2558 Memory Corruption Vulnerability
2015-10-13 00:00:00
Microsoft Office CVE-2015-2555 Memory Corruption Vulnerability
2015-10-13 00:00:00
checkpoint_advisories
checkpoint_advisories
Microsoft Office Memory Corruption (MS15-110: CVE-2015-2558)
2015-10-13 00:00:00
Microsoft Office Memory Corruption (MS15-110: CVE-2015-2557)
2015-10-13 00:00:00
Microsoft Office Memory Corruption (MS15-110: CVE-2015-2555)
2015-10-13 00:00:00
nvd
nvd
CVE-2015-2558
2015-10-14 01:59:13
CVE-2015-2557
2015-10-14 01:59:12
CVE-2015-2555
2015-10-14 01:59:10
cvelist
cvelist
CVE-2015-2557
2015-10-14 01:00:00
CVE-2015-2558
2015-10-14 01:00:00
CVE-2015-2555
2015-10-14 01:00:00

9.3 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:M/Au:N/C:C/I:C/A:C

6.2 Medium

AI Score

Confidence

Low

0.77 High

EPSS

Percentile

98.2%

JSON
Related for OPENVAS:1361412562310806120
openvas5mskb1securityvulns1nessus2kaspersky1zdi3cve3prion3symantec3checkpoint_advisories3nvd3cvelist3