Public exploit available
Public proof-of-concept or exploit code exists (ExploitDB / Metasploit / Nuclei).

CVE-2015-0065Out-of-bounds Write in Microsoft Word

CWE-3995 documents5 sources
Severity
9.3CRITICALNVD
EPSS
68.6%
top 1.38%
CISA KEV
Not in KEV
Exploit
PoC available
Public exploit / PoC exists
Affected products
1
Microsoft Word
Timeline
PublishedFeb 11
Latest updateMay 14

Description

Microsoft Word 2007 SP3 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted Office document, aka "OneTableDocumentStream Remote Code Execution Vulnerability."

CVSS vector

AV:N/AC:M/C:C/I:C/A:CExploitability: 8.6 | Impact: 10.0

Affected Packages1 packages

NVDmicrosoft/word2007

🔴Vulnerability Details

2
GHSA
GHSA-rgqv-rf3c-v65h: Microsoft Word 2007 SP3 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted Office docume2022-05-14
CVEList
CVE-2015-0065: Microsoft Word 2007 SP3 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted Office docume2015-02-11

💥Exploits & PoCs

1
Exploit-DB
Microsoft Office 2007 - OneTableDocumentStream Invalid Object2015-08-25

💬Community

1
Bugzilla
CVE-2015-7854 ntp: password length memory corruption vulnerability2015-10-22
CVE-2015-0065 — Out-of-bounds Write in Microsoft Word | cvebase