9.3

CVE-2015-2555

EPSS 48.81%
Veröffentlicht 14.10.2015 01:59:10
Zuletzt bearbeitet 12.04.2025 10:46:40
Quelle secure@microsoft.com
Teams Watchlist Login
Unerledigt Login

Use-after-free vulnerability in Microsoft Excel 2010 SP2, Excel 2013 SP1, Excel 2013 RT SP1, Excel 2016, Excel for Mac 2011, Excel 2016 for Mac, and Excel Services on SharePoint Server 2010 SP2 and 2013 SP1 allows remote attackers to execute arbitrary code via a crafted calculatedColumnFormula object in an Office document, aka "Microsoft Office Memory Corruption Vulnerability."

Betroffene Produkte Warnungen 0 Metriken 2 CWE 0 Referenzen 6

Daten sind bereitgestellt durch National Vulnerability Database (NVD)

Microsoft ≫ Excel Version2010 Updatesp2 HwPlatformx64

Microsoft ≫ Excel Version2010 Updatesp2 HwPlatformx86

Microsoft ≫ Excel Version2013 Updatesp1

Microsoft ≫ Excel Version2013 Updatesp1 SwEditionrt

Microsoft ≫ Excel For Mac Version2011

Microsoft ≫ Excel For Mac Version2016

Microsoft ≫ Sharepoint Server Version2010 Updatesp2

Microsoft ≫ Sharepoint Server Version2013 Updatesp1

Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.

EPSS Metriken
Typ	Quelle	Score	Percentile
EPSS	FIRST.org	48.81%	0.977

CVSS Metriken
Quelle	Base Score	Exploit Score	Impact Score	Vector String
nvd@nist.gov	9.3	8.6	10	AV:N/AC:M/Au:N/C:C/I:C/A:C

http://www.securitytracker.com/id/1033803

Third Party Advisory

VDB Entry

http://www.zerodayinitiative.com/advisories/ZDI-15-517

Third Party Advisory

VDB Entry

https://docs.microsoft.com/en-us/security-updates/securitybulletins/2015/ms15-110

https://nvd.nist.gov/vuln/detail/CVE-2015-2555

CVE Source (NVD)

https://cveawg.mitre.org/api/cve/CVE-2015-2555

CVE Source (JSON)

https://euvd.enisa.europa.eu/vulnerability/CVE-2015-2555

EUVD