9.3

CVE-2015-2470

EPSS 64.27%
Published 15.08.2015 00:59:29
Last modified 12.04.2025 10:46:40
Source secure@microsoft.com
Teams watchlist Login
Open Login

Integer underflow in Microsoft Office 2007 SP3, Office 2010 SP2, Office 2013 SP1, Office 2013 RT SP1, Office for Mac 2011, and Word Viewer allows remote attackers to execute arbitrary code via a crafted document, aka "Microsoft Office Integer Underflow Vulnerability."

Affected products Warnungen 0 Metrics 2 CWE 0 References 6

Data is provided by the National Vulnerability Database (NVD)

Microsoft ≫ Office Version2010 Updatesp2 HwPlatformx64

Microsoft ≫ Office Version2010 Updatesp2 HwPlatformx86

Microsoft ≫ Office Version2011 SwEditionmac

Microsoft ≫ Office Version2013 Updatesp1

Microsoft ≫ Word Version2007 Updatesp3

Microsoft ≫ Word Viewer

Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.

EPSS Metriken
Type	Source	Score	Percentile
EPSS	FIRST.org	64.27%	0.984

CVSS Metriken
Source	Base Score	Exploit Score	Impact Score	Vector string
nvd@nist.gov	9.3	8.6	10	AV:N/AC:M/Au:N/C:C/I:C/A:C

http://www.securitytracker.com/id/1033239

https://docs.microsoft.com/en-us/security-updates/securitybulletins/2015/ms15-081

https://www.exploit-db.com/exploits/37924/

https://nvd.nist.gov/vuln/detail/CVE-2015-2470

CVE Source (NVD)

https://cveawg.mitre.org/api/cve/CVE-2015-2470

CVE Source (JSON)

https://euvd.enisa.europa.eu/vulnerability/CVE-2015-2470

EUVD