9.3

CVE-2015-0085

EPSS 34.1%
Veröffentlicht 11.03.2015 10:59:12
Zuletzt bearbeitet 12.04.2025 10:46:40
Quelle secure@microsoft.com
Teams Watchlist Login
Unerledigt Login

Use-after-free vulnerability in Microsoft Office 2007 SP3, Excel 2007 SP3, PowerPoint 2007 SP3, Word 2007 SP3, Office 2010 SP2, Excel 2010 SP2, PowerPoint 2010 SP2, Word 2010 SP2, Office 2013 Gold and SP1, Word 2013 Gold and SP1, Office 2013 RT Gold and SP1, Word 2013 RT Gold and SP1, Excel Viewer, Office Compatibility Pack SP3, Word Automation Services on SharePoint Server 2010 SP2, Excel Services on SharePoint Server 2013 Gold and SP1, Word Automation Services on SharePoint Server 2013 Gold and SP1, Web Applications 2010 SP2, Office Web Apps Server 2010 SP2, Web Apps Server 2013 Gold and SP1, SharePoint Server 2007 SP3, Windows SharePoint Services 3.0 SP3, SharePoint Foundation 2010 SP2, SharePoint Server 2010 SP2, SharePoint Foundation 2013 Gold and SP1, and SharePoint Server 2013 Gold and SP1 allows remote attackers to execute arbitrary code via a crafted Office document, aka "Microsoft Office Component Use After Free Vulnerability."

Betroffene Produkte Warnungen 0 Metriken 2 CWE 0 Referenzen 5

Daten sind bereitgestellt durch National Vulnerability Database (NVD)

Microsoft ≫ Excel Version2007 Updatesp3

Microsoft ≫ Excel Version2010 Updatesp2 HwPlatformx86

Microsoft ≫ Excel Version2010 Updatesp2 SwPlatformx86

Microsoft ≫ Excel Viewer

Microsoft ≫ Office Version2010 Updatesp2 HwPlatformx64

Microsoft ≫ Office Version2010 Updatesp2 HwPlatformx86

Microsoft ≫ Office Version2013 SwEditiongold

Microsoft ≫ Office Version2013 SwEditionrt_gold

Microsoft ≫ Office Version2013 Updatesp1

Microsoft ≫ Office Compatibility Pack Updatesp3

Microsoft ≫ Office Web Apps Server Version2010 Updatesp2

Microsoft ≫ Office Web Apps Server Version2013 SwEditiongold

Microsoft ≫ Office Web Apps Server Version2013 Updatesp1

Microsoft ≫ Powerpoint Version2007 Updatesp3

Microsoft ≫ Powerpoint Version2010 Updatesp2

Microsoft ≫ Sharepoint Foundation Version2010 Updatesp2

Microsoft ≫ Sharepoint Foundation Version2013 Update- Edition- SwEditiongold

Microsoft ≫ Sharepoint Foundation Version2013 Updatesp1

Microsoft ≫ Sharepoint Server Version2007 Updatesp3

Microsoft ≫ Sharepoint Server Version2010 Updatesp2

Microsoft ≫ Sharepoint Server Version2013 Update- Edition- SwEditiongold

Microsoft ≫ Sharepoint Server Version2013 Updatesp1

Microsoft ≫ Sharepoint Services Version3.0 Updatesp3

Microsoft ≫ Web Applications Version2010 Updatesp2

Microsoft ≫ Word Version2007 Updatesp3

Microsoft ≫ Word Version2010 Updatesp2

Microsoft ≫ Word Version2013 SwEditiongold

Microsoft ≫ Word Version2013 SwEditionrt_gold

Microsoft ≫ Word Version2013 Updatesp1

Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.

EPSS Metriken
Typ	Quelle	Score	Percentile
EPSS	FIRST.org	34.1%	0.967

CVSS Metriken
Quelle	Base Score	Exploit Score	Impact Score	Vector String
nvd@nist.gov	9.3	8.6	10	AV:N/AC:M/Au:N/C:C/I:C/A:C

http://www.securitytracker.com/id/1031896

https://docs.microsoft.com/en-us/security-updates/securitybulletins/2015/ms15-022

https://nvd.nist.gov/vuln/detail/CVE-2015-0085

CVE Source (NVD)

https://cveawg.mitre.org/api/cve/CVE-2015-0085

CVE Source (JSON)

https://euvd.enisa.europa.eu/vulnerability/CVE-2015-0085

EUVD