CVE-2015-1683Improper Restriction of Operations within the Bounds of a Memory Buffer in Microsoft Office

CWE-119Improper Restriction of Operations within the Bounds of a Memory Buffer4 documents3 sources
Severity
9.3CRITICALNVD
EPSS
37.5%
top 2.80%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
1
Microsoft Office
Timeline
PublishedMay 13
Latest updateMay 14

Description

Microsoft Office 2007 SP3 allows remote attackers to execute arbitrary code via a crafted document, aka "Microsoft Office Memory Corruption Vulnerability."

CVSS vector

AV:N/AC:M/C:C/I:C/A:CExploitability: 8.6 | Impact: 10.0

Affected Packages1 packages

🔴Vulnerability Details

1
GHSA
GHSA-2x5v-m9p6-767f: Microsoft Office 2007 SP3 allows remote attackers to execute arbitrary code via a crafted document, aka "Microsoft Office Memory Corruption Vulnerabil2022-05-14

🕵️Threat Intelligence

2
Talos
Microsoft Patch Tuesday - May 20152015-05-12
Talos
Microsoft Patch Tuesday - May 20152015-05-12
CVE-2015-1683 — Microsoft Office vulnerability | cvebase