CVE-2015-0085

3 documents3 sources

Severity

9.3CRITICAL

EPSS

46.3%

top 2.35%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Microsoft Excel Microsoft Office Microsoft Office WEB Apps Server +6 more

Timeline

PublishedMar 11

Latest updateMay 14

Description

Use-after-free vulnerability in Microsoft Office 2007 SP3, Excel 2007 SP3, PowerPoint 2007 SP3, Word 2007 SP3, Office 2010 SP2, Excel 2010 SP2, PowerPoint 2010 SP2, Word 2010 SP2, Office 2013 Gold and SP1, Word 2013 Gold and SP1, Office 2013 RT Gold and SP1, Word 2013 RT Gold and SP1, Excel Viewer, Office Compatibility Pack SP3, Word Automation Services on SharePoint Server 2010 SP2, Excel Services on SharePoint Server 2013 Gold and SP1, Word Automation Services on SharePoint Server 2013 Gold an…

CVSS vector

AV:N/AC:M/C:C/I:C/A:CExploitability: 8.6 | Impact: 10.0

Affected Packages9 packages

▶NVDmicrosoft/office_web_apps_server2010, 2013+1

▶NVDmicrosoft/sharepoint_server2007, 2010, 2013+2

▶NVDmicrosoft/sharepoint_services3.0

▶NVDmicrosoft/sharepoint_foundation2010, 2013+1

▶NVDmicrosoft/office2010, 2013+1

🔴Vulnerability Details

GHSA

GHSA-p6v9-v6m6-gqv6: Use-after-free vulnerability in Microsoft Office 2007 SP3, Excel 2007 SP3, PowerPoint 2007 SP3, Word 2007 SP3, Office 2010 SP2, Excel 2010 SP2, PowerP↗2022-05-14

▶

CVEList

CVE-2015-0085: Use-after-free vulnerability in Microsoft Office 2007 SP3, Excel 2007 SP3, PowerPoint 2007 SP3, Word 2007 SP3, Office 2010 SP2, Excel 2010 SP2, PowerP↗2015-03-11

▶