9.3

CVE-2015-2555

EPSS 48.81%
Published 14.10.2015 01:59:10
Last modified 12.04.2025 10:46:40
Source secure@microsoft.com
Teams watchlist Login
Open Login

Use-after-free vulnerability in Microsoft Excel 2010 SP2, Excel 2013 SP1, Excel 2013 RT SP1, Excel 2016, Excel for Mac 2011, Excel 2016 for Mac, and Excel Services on SharePoint Server 2010 SP2 and 2013 SP1 allows remote attackers to execute arbitrary code via a crafted calculatedColumnFormula object in an Office document, aka "Microsoft Office Memory Corruption Vulnerability."

Affected products Warnungen 0 Metrics 2 CWE 0 References 6

Data is provided by the National Vulnerability Database (NVD)

Microsoft ≫ Excel Version2010 Updatesp2 HwPlatformx64

Microsoft ≫ Excel Version2010 Updatesp2 HwPlatformx86

Microsoft ≫ Excel Version2013 Updatesp1

Microsoft ≫ Excel Version2013 Updatesp1 SwEditionrt

Microsoft ≫ Excel For Mac Version2011

Microsoft ≫ Excel For Mac Version2016

Microsoft ≫ Sharepoint Server Version2010 Updatesp2

Microsoft ≫ Sharepoint Server Version2013 Updatesp1

Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.

EPSS Metriken
Type	Source	Score	Percentile
EPSS	FIRST.org	48.81%	0.977

CVSS Metriken
Source	Base Score	Exploit Score	Impact Score	Vector string
nvd@nist.gov	9.3	8.6	10	AV:N/AC:M/Au:N/C:C/I:C/A:C

http://www.securitytracker.com/id/1033803

Third Party Advisory

VDB Entry

http://www.zerodayinitiative.com/advisories/ZDI-15-517

Third Party Advisory

VDB Entry

https://docs.microsoft.com/en-us/security-updates/securitybulletins/2015/ms15-110

https://nvd.nist.gov/vuln/detail/CVE-2015-2555

CVE Source (NVD)

https://cveawg.mitre.org/api/cve/CVE-2015-2555

CVE Source (JSON)

https://euvd.enisa.europa.eu/vulnerability/CVE-2015-2555

EUVD