CVE-2015-1642
CVE-2015-1642
In short
A flaw in Microsoft Office versions 2007, 2010, and 2013 allows attackers to run malicious code on a computer when a user opens a specially crafted document. This is dangerous because the attacker gains full control of the victim's system.
Technical detail
Memory corruption vulnerability in Microsoft Office 2007 SP3, 2010 SP2, and 2013 SP1 that allows remote code execution when processing malformed documents. The attack vector is user interaction (opening a crafted file); no authentication or special privileges are required. The vulnerability results in arbitrary code execution with the privileges of the user running Office.
Summary generated and translated by AI from the official description.
Microsoft Office 2007 SP3, 2010 SP2, and 2013 SP1 allows remote attackers to execute arbitrary code via a crafted document, aka "Microsoft Office Memory Corruption Vulnerability."
CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
Affected products
n/a · n/aWant to know if your infrastructure is exposed to this?
Talk to TrueHacking →References
https://docs.microsoft.com/en-us/security-updates/securitybulletins/2015/ms15-081https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2015-1642https://www.verisign.com/en_US/security-services/security-intelligence/vulnerability-reports/articles/index.xhtml?id=1203http://www.securitytracker.com/id/1033239