CVE-2015-2557

CWE-119Buffer Overflow4 documents4 sources
Severity
9.3CRITICAL
EPSS
34.6%
top 3.00%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
1
Microsoft Visio
Timeline
PublishedOct 14
Latest updateMay 14

Description

Buffer overflow in Microsoft Visio 2007 SP3 and 2010 SP2 allows remote attackers to execute arbitrary code via crafted UML data in an Office document, aka "Microsoft Office Memory Corruption Vulnerability."

CVSS vector

AV:N/AC:M/C:C/I:C/A:CExploitability: 8.6 | Impact: 10.0

Affected Packages1 packages

NVDmicrosoft/visio2007, 2010+1

🔴Vulnerability Details

2
GHSA
GHSA-j37p-xwg5-xx45: Buffer overflow in Microsoft Visio 2007 SP3 and 2010 SP2 allows remote attackers to execute arbitrary code via crafted UML data in an Office document,2022-05-14
CVEList
CVE-2015-2557: Buffer overflow in Microsoft Visio 2007 SP3 and 2010 SP2 allows remote attackers to execute arbitrary code via crafted UML data in an Office document,2015-10-14

💬Community

1
Bugzilla
CVE-2015-5181 A-MQ Console: script injection into queue name2015-07-30
CVE-2015-2557 (CRITICAL CVSS 9.3) | Buffer overflow in Microsoft Visio | cvebase.io