Lucene search
Steven Seeley of Source InciteZDI-15-546HistoryNov 10, 2015 - 12:00 a.m.
Microsoft Office Excel Binary Worksheet Use-After-Free Remote Code Execution Vulnerability
2015-11-1000:00:00
Steven Seeley of Source Incite
www.zerodayinitiative.com
27
0.789 High
EPSS
Percentile
98.3%
This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Microsoft Office Excel. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the handling of binary Excel files (.xlsb). By providing a malformed file, an attacker can cause a pointer to be re-used after it has been freed. An attacker could leverage this to execute arbitrary code under the context of the current user.
Related
symantec
symantec
Microsoft Office CVE-2015-6094 Memory Corruption Vulnerability
2015-11-10 00:00:00
checkpoint_advisories
checkpoint_advisories
Microsoft Office Memory Corruption (MS15-116: CVE-2015-6094)
2015-11-10 00:00:00
cvelist
cvelist
CVE-2015-6094
2015-11-11 11:00:00
cve
cve
CVE-2015-6094
2015-11-11 12:59:33
prion
prion
Memory corruption
2015-11-11 12:59:00
nvd
nvd
CVE-2015-6094
2015-11-11 12:59:33
openvas
openvas
Microsoft Office Multiple Vulnerabilities (3104540) - Mac OS X
2015-11-24 00:00:00
nessus
nessus
mskb
mskb
kaspersky
kaspersky
KLA10696 Multiple vulnerabilities in Microsoft Office
2015-11-10 00:00:00