CVE-2015-6122

Microsoft Excel 2007 SP3, Excel 2010 SP2, Excel for Mac 2011, Office Compatibility Pack SP3, and Excel Viewer allow remote attackers to execute arbitrary code via a crafted Office document, aka "Microsoft Office Memory Corruption Vulnerability."

CVSS v2.0 9.3 HIGH

9.3^/10

CVSS v2.0 : HIGH

V2 Legend

Vector : AV:N/AC:M/Au:N/C:C/I:C/A:C

Exploitability : 8.6 / Impact : 10.0

Access Vector NETWORK

Access Complexity MEDIUM

Authentication NONE

Confidentiality Impact COMPLETE

Integrity Impact COMPLETE

Availability Impact COMPLETE

References

Link	Resource
http://www.securitytracker.com/id/1034324
https://docs.microsoft.com/en-us/security-updates/securitybulletins/2015/ms15-131

Configurations

Configuration 1 (hide)

OR	cpe:2.3:a:microsoft:excel_for_mac:2011:::::::*
	cpe:2.3:a:microsoft:excel:2010:sp2:::::x64:*
	cpe:2.3:a:microsoft:excel:2010:sp1::::x86::*
	cpe:2.3:a:microsoft:excel:2007:sp3::::::
	cpe:2.3:a:microsoft:excel_viewer::::::::
	cpe:2.3:a:microsoft:office_compatibility_pack::sp3::::::*

Information

Published : 2015-12-09 03:59

Updated : 2018-10-12 15:10

NVD link : CVE-2015-6122

Mitre link : CVE-2015-6122

JSON object : View

CWE

CWE-119

Improper Restriction of Operations within the Bounds of a Memory Buffer

Products Affected

microsoft

excel
excel_for_mac
office_compatibility_pack
excel_viewer

9.3 /10