4.3

CVE-2015-2375

EPSS 19.99%
Veröffentlicht 14.07.2015 21:59:10
Zuletzt bearbeitet 12.04.2025 10:46:40
Quelle secure@microsoft.com
Teams Watchlist Login
Unerledigt Login

Microsoft Excel 2010 SP2, Excel 2013 SP1, Excel 2013 RT SP1, Excel Viewer 2007 SP3, Excel Services on SharePoint Server 2010 SP2, and Excel Services on SharePoint Server 2013 SP1 allow remote attackers to bypass the ASLR protection mechanism via a crafted spreadsheet, aka "Microsoft Excel ASLR Bypass Vulnerability."

Betroffene Produkte Warnungen 0 Metriken 2 CWE 1 Referenzen 5

Daten sind bereitgestellt durch National Vulnerability Database (NVD)

Microsoft ≫ Excel Version2010 Updatesp2 HwPlatformx64

Microsoft ≫ Excel Version2010 Updatesp2 HwPlatformx86

Microsoft ≫ Excel Version2013 Updatesp1

Microsoft ≫ Excel Version2013 Updatesp1 SwEditionrt

Microsoft ≫ Sharepoint Server Version2010 Updatesp2

Microsoft ≫ Sharepoint Server Version2013 Updatesp1

Microsoft ≫ Excel Viewer Version2007 Updatesp3

Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.

EPSS Metriken
Typ	Quelle	Score	Percentile
EPSS	FIRST.org	19.99%	0.952

CVSS Metriken
Quelle	Base Score	Exploit Score	Impact Score	Vector String
nvd@nist.gov	4.3	8.6	2.9	AV:N/AC:M/Au:N/C:P/I:N/A:N

CWE-200 Exposure of Sensitive Information to an Unauthorized Actor

The product exposes sensitive information to an actor that is not explicitly authorized to have access to that information.

http://www.securitytracker.com/id/1032899

https://docs.microsoft.com/en-us/security-updates/securitybulletins/2015/ms15-070

https://nvd.nist.gov/vuln/detail/CVE-2015-2375

CVE Source (NVD)

https://cveawg.mitre.org/api/cve/CVE-2015-2375

CVE Source (JSON)

https://euvd.enisa.europa.eu/vulnerability/CVE-2015-2375

EUVD