9.3

CVE-2015-0064

EPSS 66.31%
Published 11.02.2015 03:01:07
Last modified 12.04.2025 10:46:40
Source secure@microsoft.com
Teams watchlist Login
Open Login

Microsoft Word 2007 SP3, Office 2010 SP2, Word 2010 SP2, Word Automation Services in SharePoint Server 2010, Web Applications 2010 SP2, Word Viewer, and Office Compatibility Pack SP3 allow remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted Office document, aka "Office Remote Code Execution Vulnerability."

Affected products Warnungen 0 Metrics 2 CWE 0 References 8

Data is provided by the National Vulnerability Database (NVD)

Microsoft ≫ Web Applications Version2010 Updatesp2

Microsoft ≫ Office Compatibility Pack Updatesp3

Microsoft ≫ Word Automation Services Version-

Microsoft ≫ Word Version2007 Updatesp3

Microsoft ≫ Word Version2010 Updatesp2

Microsoft ≫ Word Viewer

Microsoft ≫ Office Version2010 Updatesp2 Editionx64

Microsoft ≫ Office Version2010 Updatesp2 Editionx86

Microsoft ≫ Sharepoint Server Version2010

Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.

EPSS Metriken
Type	Source	Score	Percentile
EPSS	FIRST.org	66.31%	0.983

CVSS Metriken
Source	Base Score	Exploit Score	Impact Score	Vector string
nvd@nist.gov	9.3	8.6	10	AV:N/AC:M/Au:N/C:C/I:C/A:C

http://secunia.com/advisories/62808

http://www.securitytracker.com/id/1031720

https://docs.microsoft.com/en-us/security-updates/securitybulletins/2015/ms15-012

http://www.securityfocus.com/bid/72463

https://www.exploit-db.com/exploits/37967/

https://nvd.nist.gov/vuln/detail/CVE-2015-0064

CVE Source (NVD)

https://cveawg.mitre.org/api/cve/CVE-2015-0064

CVE Source (JSON)

https://euvd.enisa.europa.eu/vulnerability/CVE-2015-0064

EUVD